simple-rbac/routes/users.py

from fastapi import APIRouter, Depends, HTTPException, status
from typing import List, Optional
from schemas.auth import TokenData
from schemas.user import UserCreate, UserUpdate, UserResponse
from routes.depends import get_current_user
from services.user_services import get_user_by_id

router = APIRouter(tags=["users"])

@router.get("/", response_model=List[UserResponse])
async def get_users(
    page: int = 1,
    limit: int = 10,
    role: Optional[str] = None,
    current_user_token: TokenData = Depends(get_current_user)
):
    current_user = await get_user_by_id(current_user_token.id)
    if current_user is None:
        raise HTTPException(
            status_code=status.HTTP_404_NOT_FOUND,
            detail="User not found"
        )
    if current_user.role not in ["system_admin", "admin"]:
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN,
            detail="Only admin can access user list"
        )
    # 实现获取用户列表逻辑
    pass

@router.post("/", response_model=UserResponse, status_code=status.HTTP_201_CREATED)
async def create_user(
    user_data: UserCreate,
    current_user_token: TokenData = Depends(get_current_user)
):
    current_user = await get_user_by_id(current_user_token.id)
    if current_user is None:
        raise HTTPException(
            status_code=status.HTTP_404_NOT_FOUND,
            detail="User not found"
        )
    if current_user.role not in ["system_admin", "admin"]:
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN,
            detail="Only admin can create users"
        )
    # 实现创建用户逻辑
    pass

@router.put("/{user_id}", response_model=UserResponse)
async def update_user(
    user_id: int,
    user_data: UserUpdate,
    current_user_token: TokenData = Depends(get_current_user)
):
    current_user = await get_user_by_id(current_user_token.id)
    if current_user is None:
        raise HTTPException(
            status_code=status.HTTP_404_NOT_FOUND,
            detail="User not found"
        )
    if current_user.role not in ["system_admin", "admin"]:
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN,
            detail="Only admin can update users"
        )
    # 实现更新用户逻辑
    pass

@router.delete("/{user_id}", status_code=status.HTTP_204_NO_CONTENT)
async def delete_user(
    user_id: int,
    current_user_token: TokenData = Depends(get_current_user)
):
    current_user = await get_user_by_id(current_user_token.id)
    if current_user is None:
        raise HTTPException(
            status_code=status.HTTP_404_NOT_FOUND,
            detail="User not found"
        )
    if current_user.role not in ["system_admin", "admin"]:
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN,
            detail="Only admin can delete users"
        )
    # 实现删除用户逻辑
    pass