77 lines
2.1 KiB
Python
77 lines
2.1 KiB
Python
"""
|
|
/device endpoints.
|
|
"""
|
|
|
|
from fastapi import APIRouter, Depends, HTTPException, status
|
|
|
|
from ..db import Device, DeviceCreate, DeviceRead, User
|
|
from ._common import (Responses, get_current_user, get_device_by_id,
|
|
get_user_by_name)
|
|
|
|
router = APIRouter(prefix="/device", tags=["device"])
|
|
|
|
|
|
@router.post(
|
|
"/{user_name}",
|
|
responses={
|
|
status.HTTP_200_OK: Responses.OK,
|
|
status.HTTP_400_BAD_REQUEST: Responses.NOT_INSTALLED,
|
|
status.HTTP_401_UNAUTHORIZED: Responses.NEEDS_USER,
|
|
status.HTTP_403_FORBIDDEN: Responses.PERMISSION_ERROR,
|
|
status.HTTP_404_NOT_FOUND: Responses.ENTRY_DOESNT_EXIST,
|
|
status.HTTP_409_CONFLICT: Responses.ENTRY_EXISTS,
|
|
},
|
|
response_model=DeviceRead,
|
|
)
|
|
async def add_device(
|
|
device: DeviceCreate,
|
|
current_user: User = Depends(get_current_user),
|
|
owner: User = Depends(get_user_by_name),
|
|
) -> Device:
|
|
"""
|
|
POST ./: Create a new device in the database.
|
|
"""
|
|
|
|
# check permission
|
|
if not current_user.can_create(Device, owner):
|
|
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN)
|
|
|
|
# create the new device
|
|
new_device = Device.create(
|
|
owner=current_user,
|
|
device=device,
|
|
)
|
|
|
|
# fail if creation was unsuccessful
|
|
if new_device is None:
|
|
raise HTTPException(status_code=status.HTTP_409_CONFLICT)
|
|
|
|
# return the created device on success
|
|
return new_device
|
|
|
|
|
|
@router.delete(
|
|
"/{device_id}",
|
|
responses={
|
|
status.HTTP_200_OK: Responses.OK,
|
|
status.HTTP_400_BAD_REQUEST: Responses.NOT_INSTALLED,
|
|
status.HTTP_401_UNAUTHORIZED: Responses.NEEDS_USER,
|
|
status.HTTP_403_FORBIDDEN: Responses.NEEDS_ADMIN,
|
|
status.HTTP_404_NOT_FOUND: Responses.ENTRY_DOESNT_EXIST,
|
|
},
|
|
response_model=User,
|
|
)
|
|
async def remove_device(
|
|
current_user: User = Depends(get_current_user),
|
|
device: Device = Depends(get_device_by_id),
|
|
):
|
|
"""
|
|
DELETE ./{device_id}: Remove a device from the database.
|
|
"""
|
|
|
|
# check permission
|
|
if not current_user.can_edit(device):
|
|
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN)
|
|
|
|
# delete device
|
|
device.delete()
|