From 8e644c5a6c3d7077e45b522e8ff0fd399bb739f5 Mon Sep 17 00:00:00 2001 From: RezenkovD Date: Fri, 9 Feb 2024 20:11:14 +0200 Subject: [PATCH 1/3] feat: add HiddenUserModel schema --- src/schemas/__init__.py | 1 + src/schemas/user.py | 7 +++++++ 2 files changed, 8 insertions(+) diff --git a/src/schemas/__init__.py b/src/schemas/__init__.py index 83f8ce1..a3851cb 100644 --- a/src/schemas/__init__.py +++ b/src/schemas/__init__.py @@ -1,6 +1,7 @@ from .user import ( BaseUser, UserModel, + HiddenUserModel, UserTotalExpenses, UserTotalReplenishments, UserHistory, diff --git a/src/schemas/user.py b/src/schemas/user.py index cd7360e..631627b 100644 --- a/src/schemas/user.py +++ b/src/schemas/user.py @@ -15,6 +15,13 @@ class UserModel(BaseUser): picture: Optional[str] +class HiddenUserModel(BaseModel): + id: int + first_name: str + last_name: str + picture: Optional[str] + + class UserTotalExpenses(BaseModel): amount: float percentage_increase: float From 2e8698febab75e925720d92cdd48d92404c73679 Mon Sep 17 00:00:00 2001 From: RezenkovD Date: Fri, 9 Feb 2024 20:11:47 +0200 Subject: [PATCH 2/3] feat: hidden login from user list and only for auth persons --- src/routers/user.py | 8 ++++++-- tests/test_endpoints/test_user_e.py | 2 -- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/src/routers/user.py b/src/routers/user.py index 699e24c..36e6498 100644 --- a/src/routers/user.py +++ b/src/routers/user.py @@ -20,6 +20,7 @@ from schemas import ( UserBalance, UserModel, + HiddenUserModel, UserTotalExpenses, UserTotalReplenishments, UserHistory, @@ -39,8 +40,11 @@ def check_authentication(authenticated: bool = Depends(is_user_authenticated)): return authenticated -@router.get("/", response_model=Page[UserModel]) -def read_users(db: Session = Depends(get_db)) -> Page[UserModel]: +@router.get("/", response_model=Page[HiddenUserModel]) +def read_users( + db: Session = Depends(get_db), + current_user: User = Depends(get_current_user), +) -> Page[HiddenUserModel]: return paginate(db, select(User)) diff --git a/tests/test_endpoints/test_user_e.py b/tests/test_endpoints/test_user_e.py index 2bb1cee..26ef77c 100644 --- a/tests/test_endpoints/test_user_e.py +++ b/tests/test_endpoints/test_user_e.py @@ -21,14 +21,12 @@ def setUp(self) -> None: self.users_data = [ { "id": self.first_user.id, - "login": self.first_user.login, "first_name": self.first_user.first_name, "last_name": self.first_user.last_name, "picture": self.first_user.picture, }, { "id": self.second_user.id, - "login": self.second_user.login, "first_name": self.second_user.first_name, "last_name": self.second_user.last_name, "picture": self.second_user.picture, From b2c2244b9a1b8649ab30a78b5689fccdf8444ac5 Mon Sep 17 00:00:00 2001 From: RezenkovD Date: Fri, 9 Feb 2024 20:31:05 +0200 Subject: [PATCH 3/3] feat: add block updating to inactive group --- src/services/expense.py | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/src/services/expense.py b/src/services/expense.py index 716894c..f76fe19 100644 --- a/src/services/expense.py +++ b/src/services/expense.py @@ -68,11 +68,10 @@ def validate_expense_update( detail="You are not a user of the group specified to update expenses!", ) if db_user_group.status == GroupStatusEnum.INACTIVE: - if group_id != expense.group_id: - raise HTTPException( - status_code=status.HTTP_405_METHOD_NOT_ALLOWED, - detail="The user is not active in group specified to update expenses!", - ) + raise HTTPException( + status_code=status.HTTP_405_METHOD_NOT_ALLOWED, + detail="The user is not active in group specified to update expenses!", + ) try: db.query(CategoryGroup).filter_by( category_id=expense.category_id,