async def get_technologies_handler() -> TechnologiesPagination: technologies = execute_query_with_connection(get_technologies) return TechnologiesPagination(page=1, page_size=len(technologies), items_count=len(technologies), items=technologies)
async def get_access_token_handler( response: Response, form_data: OAuth2PasswordRequestForm = Depends(), ) -> Token: user = execute_query_with_connection( lambda db_connection: get_user_with_permissions_and_role_by_username( db_connection, form_data.username, )) if user is None: raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail={ "username": "******" }) if form_data.password != user["password"]: raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail={"password": "******"}) refresh_token = create_refresh_token(user) response.set_cookie( key="refresh_token", value=refresh_token, httponly=True, ) access_token = create_access_token(user) return Token( access_token=access_token, token_type="Bearer", )
async def get_cities_handler() -> CitiesPagination: cities = execute_query_with_connection(get_cities) return CitiesPagination(page=1, page_size=len(cities), items_count=len(cities), items=cities)
async def get_positions_handler() -> PositionsPagination: positions = execute_query_with_connection(get_positions) return PositionsPagination(page=1, page_size=len(positions), items_count=len(positions), items=positions)
async def update_article_by_id_handler( id: int, article_input: ArticleInput, access_token_payload=Depends(get_access_token_payload) ) -> Article: current_user_id = access_token_payload.get("sub") initial_article = execute_query_with_connection( lambda db_connection: get_article_by_id( db_connection=db_connection, id=id, are_draft_allowed=True, are_draft_allowed_for_current_user_id=True, current_user_id=current_user_id, are_published_allowed=True, are_published_allowed_for_current_user_id=True, are_archived_allowed=True, are_archived_allowed_for_current_user_id=True, ) ) if initial_article is None: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="Article not found", ) check_permissions_to_update_article( current_user_id=current_user_id, article=initial_article, access_token_payload=access_token_payload, ) updated_article = execute_query_with_connection( lambda db_connection: update_article( db_connection=db_connection, id=id, article_input=article_input, ) ) return updated_article
async def get_access_token_for_visitor_handler() -> Token: visitor_permissions_and_role = execute_query_with_connection( lambda db_connection: get_visitor_permissions_and_role( db_connection, )) access_token = create_access_token(visitor_permissions_and_role) return Token( access_token=access_token, token_type="Bearer", )
async def get_comments_handler( page: int = 1, page_size: int = 20, article_id: Optional[int] = None, access_token_payload=Depends(get_access_token_payload) ) -> CommentsPagination: check_permissions(access_token_payload, ["COMMENT_VIEW_ALL"]) comments_count = execute_query_with_connection( lambda db_connection: get_comments_count(db_connection, article_id)) comments = execute_query_with_connection( lambda db_connection: get_comments( db_connection=db_connection, page=page, page_size=page_size, article_id=article_id, )) return CommentsPagination(page=page, page_size=page_size, items_count=comments_count, items=comments)
async def get_user_by_id_handler(id: int) -> User: user = execute_query_with_connection(lambda db_connection: get_user_by_id( db_connection, id, )) if user is None: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="User not found.", ) return user
async def post_comment_handler( new_comment: NewComment, access_token_payload=Depends(get_access_token_payload) ) -> Comment: check_permissions(access_token_payload, ["COMMENT_CREATE"]) created_comment = execute_query_with_connection( lambda db_connection: create_comment( db_connection=db_connection, author_id=access_token_payload['sub'], new_comment=new_comment, created_date=datetime.now(), )) return created_comment
async def post_article_handler( article_input: ArticleInput, access_token_payload=Depends(get_access_token_payload) ) -> Article: check_permissions(access_token_payload, ["ARTICLE_CREATE"]) created_article = execute_query_with_connection( lambda db_connection: create_article( db_connection=db_connection, author_id=access_token_payload["sub"], article_input=article_input, created_date=datetime.now(), ) ) return created_article
async def get_article_by_id_handler( id: int, access_token_payload=Depends(get_access_token_payload) ) -> Article: check_permissions( access_token_payload, [ "ARTICLE_VIEW_ALL_DRAFT", "ARTICLE_VIEW_OWN_DRAFT", "ARTICLE_VIEW_ALL_PUBLISHED", "ARTICLE_VIEW_OWN_PUBLISHED", "ARTICLE_VIEW_ALL_ARCHIVED", "ARTICLE_VIEW_OWN_ARCHIVED", ] ) permissions = access_token_payload.get("permissions", []) are_draft_allowed = "ARTICLE_VIEW_ALL_DRAFT" in permissions or "ARTICLE_VIEW_OWN_DRAFT" in permissions, are_draft_allowed_for_current_user_id = "ARTICLE_VIEW_ALL_DRAFT" not in permissions current_user_id = access_token_payload.get("sub") are_published_allowed = "ARTICLE_VIEW_ALL_PUBLISHED" in permissions or "ARTICLE_VIEW_OWN_PUBLISHED" in permissions are_published_allowed_for_current_user_id = "ARTICLE_VIEW_ALL_PUBLISHED" not in permissions are_archived_allowed = "ARTICLE_VIEW_ALL_ARCHIVED" in permissions or "ARTICLE_VIEW_OWN_ARCHIVED" in permissions are_archived_allowed_for_current_user_id = "ARTICLE_VIEW_ALL_ARCHIVED" not in permissions article = execute_query_with_connection( lambda db_connection: get_article_by_id( db_connection=db_connection, id=id, are_draft_allowed=are_draft_allowed, are_draft_allowed_for_current_user_id=are_draft_allowed_for_current_user_id, current_user_id=current_user_id, are_published_allowed=are_published_allowed, are_published_allowed_for_current_user_id=are_published_allowed_for_current_user_id, are_archived_allowed=are_archived_allowed, are_archived_allowed_for_current_user_id=are_archived_allowed_for_current_user_id, ) ) if article is None: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="Article not found", ) return article
async def refresh_access_token_handler( request: Request, response: Response, ) -> Token: old_refresh_token = request.cookies.get("refresh_token") try: refresh_token_payload = decode_refresh_token(old_refresh_token) except (Exception, ): raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Refresh token is invalid.") user = execute_query_with_connection( lambda db_connection: get_user_with_permissions_and_role_by_id( db_connection, refresh_token_payload["sub"], )) if user is None: raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="The user does not exist.") new_refresh_token = create_refresh_token(user) response.set_cookie( key="refresh_token", value=new_refresh_token, httponly=True, ) new_access_token = create_access_token(user) return Token( access_token=new_access_token, token_type="Bearer", )
async def get_articles_handler( page: int = 1, page_size: int = 20, status: Optional[str] = None, access_token_payload=Depends(get_access_token_payload) ) -> ArticlesPagination: check_permissions( access_token_payload, [ "ARTICLE_VIEW_ALL_DRAFT", "ARTICLE_VIEW_OWN_DRAFT", "ARTICLE_VIEW_ALL_PUBLISHED", "ARTICLE_VIEW_OWN_PUBLISHED", "ARTICLE_VIEW_ALL_ARCHIVED", "ARTICLE_VIEW_OWN_ARCHIVED", ] ) permissions = access_token_payload.get("permissions", []) are_draft_allowed = "ARTICLE_VIEW_ALL_DRAFT" in permissions or "ARTICLE_VIEW_OWN_DRAFT" in permissions, are_draft_allowed_for_current_user_id = "ARTICLE_VIEW_ALL_DRAFT" not in permissions current_user_id = access_token_payload.get("sub") are_published_allowed = "ARTICLE_VIEW_ALL_PUBLISHED" in permissions or "ARTICLE_VIEW_OWN_PUBLISHED" in permissions are_published_allowed_for_current_user_id = "ARTICLE_VIEW_ALL_PUBLISHED" not in permissions are_archived_allowed = "ARTICLE_VIEW_ALL_ARCHIVED" in permissions or "ARTICLE_VIEW_OWN_ARCHIVED" in permissions are_archived_allowed_for_current_user_id = "ARTICLE_VIEW_ALL_ARCHIVED" not in permissions articles_count = execute_query_with_connection( lambda db_connection: get_articles_count( db_connection=db_connection, are_draft_allowed=are_draft_allowed, are_draft_allowed_for_current_user_id=are_draft_allowed_for_current_user_id, current_user_id=current_user_id, are_published_allowed=are_published_allowed, are_published_allowed_for_current_user_id=are_published_allowed_for_current_user_id, are_archived_allowed=are_archived_allowed, are_archived_allowed_for_current_user_id=are_archived_allowed_for_current_user_id, status=status, ) ) articles = execute_query_with_connection( lambda db_connection: get_articles( db_connection=db_connection, are_draft_allowed=are_draft_allowed, are_draft_allowed_for_current_user_id=are_draft_allowed_for_current_user_id, current_user_id=current_user_id, are_published_allowed=are_published_allowed, are_published_allowed_for_current_user_id=are_published_allowed_for_current_user_id, are_archived_allowed=are_archived_allowed, are_archived_allowed_for_current_user_id=are_archived_allowed_for_current_user_id, page=page, page_size=page_size, status=status, ) ) return ArticlesPagination( page=page, page_size=page_size, items_count=articles_count, items=articles )
async def get_salary_group_report_handler( group_by: GroupByEnum) -> List[SalaryReportData]: group_report = execute_query_with_connection( lambda db_connection: get_group_report(db_connection, group_by)) return group_report
async def post_salary_handler(salary_report: PostSalaryReportData) -> None: execute_query_with_connection(lambda db_connection: insert_salary( db_connection, salary_report, datetime.now(), ))