from fastapi import APIRouter, Depends, HTTPException, status from typing import List, Optional from schemas.auth import TokenData from schemas.user import UserCreate, UserUpdate, UserResponse from routes.depends import get_current_user from services.user_services import get_user_by_id router = APIRouter(tags=["users"]) @router.get("/", response_model=List[UserResponse]) async def get_users( page: int = 1, limit: int = 10, role: Optional[str] = None, current_user_token: TokenData = Depends(get_current_user) ): current_user = await get_user_by_id(current_user_token.id) if current_user is None: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="User not found" ) if current_user.role not in ["system_admin", "admin"]: raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Only admin can access user list" ) # 实现获取用户列表逻辑 pass @router.post("/", response_model=UserResponse, status_code=status.HTTP_201_CREATED) async def create_user( user_data: UserCreate, current_user_token: TokenData = Depends(get_current_user) ): current_user = await get_user_by_id(current_user_token.id) if current_user is None: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="User not found" ) if current_user.role not in ["system_admin", "admin"]: raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Only admin can create users" ) # 实现创建用户逻辑 pass @router.put("/{user_id}", response_model=UserResponse) async def update_user( user_id: int, user_data: UserUpdate, current_user_token: TokenData = Depends(get_current_user) ): current_user = await get_user_by_id(current_user_token.id) if current_user is None: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="User not found" ) if current_user.role not in ["system_admin", "admin"]: raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Only admin can update users" ) # 实现更新用户逻辑 pass @router.delete("/{user_id}", status_code=status.HTTP_204_NO_CONTENT) async def delete_user( user_id: int, current_user_token: TokenData = Depends(get_current_user) ): current_user = await get_user_by_id(current_user_token.id) if current_user is None: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="User not found" ) if current_user.role not in ["system_admin", "admin"]: raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Only admin can delete users" ) # 实现删除用户逻辑 pass