feature1

2026-01-25 21:02:45 +01:00
parent 5b868a6cde
commit 01863c1df0
10 changed files with 399 additions and 7 deletions
--- a/backend/routers/apps.py
+++ b/backend/routers/apps.py
@@ -6,11 +6,10 @@ from .. import database, models, schemas, auth_utils

 router = APIRouter(
    prefix="/apps",
-    tags=["Applications"],
-    dependencies=[Depends(auth_utils.get_current_admin_user)]
+    tags=["Applications"]
 )

-@router.post("/", response_model=schemas.ApplicationOut)
+@router.post("/", response_model=schemas.ApplicationOut, dependencies=[Depends(auth_utils.get_current_admin_user)])
 async def create_application(app: schemas.ApplicationCreate, db: Session = Depends(database.get_db)):
    db_app = db.query(models.Application).filter(models.Application.name == app.name).first()
    if db_app:
@@ -27,7 +26,12 @@ async def create_application(app: schemas.ApplicationCreate, db: Session = Depen
    db.refresh(db_app)
    return db_app

-@router.get("/", response_model=List[schemas.ApplicationOut])
+@router.get("/", response_model=List[schemas.ApplicationOut], dependencies=[Depends(auth_utils.get_current_admin_user)])
 async def read_applications(skip: int = 0, limit: int = 100, db: Session = Depends(database.get_db)):
    apps = db.query(models.Application).offset(skip).limit(limit).all()
    return apps
+
+@router.get("/public", response_model=List[schemas.ApplicationOut])
+async def read_public_applications(db: Session = Depends(database.get_db)):
+    apps = db.query(models.Application).all()
+    return apps
--- a/backend/routers/requests.py
+++ b/backend/routers/requests.py
@@ -0,0 +1,98 @@
+from fastapi import APIRouter, Depends, HTTPException, status, BackgroundTasks
+from sqlalchemy.orm import Session
+from typing import List
+from .. import database, models, schemas, auth_utils
+from ..services import email
+
+router = APIRouter(
+    prefix="/requests",
+    tags=["Access Requests"]
+)
+
+@router.post("/", response_model=schemas.AccessRequestOut)
+async def create_request(request: schemas.AccessRequestCreate, background_tasks: BackgroundTasks, db: Session = Depends(database.get_db)):
+    # Check if user already exists
+    existing_user = db.query(models.User).filter(models.User.username == request.username).first()
+    if existing_user:
+        raise HTTPException(status_code=400, detail="Username already taken")
+    
+    # Check if request already exists
+    existing_req = db.query(models.AccessRequest).filter(models.AccessRequest.username == request.username, models.AccessRequest.status == "pending").first()
+    if existing_req:
+        raise HTTPException(status_code=400, detail="Pending request already exists for this username")
+
+    hashed_password = auth_utils.get_password_hash(request.password)
+    
+    db_request = models.AccessRequest(
+        username=request.username,
+        email=request.email,
+        hashed_password=hashed_password,
+        status="pending"
+    )
+    
+    # Add requested apps
+    for app_id in request.app_ids:
+        app = db.query(models.Application).filter(models.Application.id == app_id).first()
+        if app:
+            db_request.requested_apps.append(app)
+            
+    db.add(db_request)
+    db.commit()
+    db.refresh(db_request)
+    
+    # Send email to user (Received)
+    background_tasks.add_task(email.send_request_received_email, request.email, request.username)
+    # Send email to admin (New Request)
+    background_tasks.add_task(email.send_admin_notification_email, request.username)
+    
+    return db_request
+
+@router.get("/", response_model=List[schemas.AccessRequestOut], dependencies=[Depends(auth_utils.get_current_admin_user)])
+async def read_requests(skip: int = 0, limit: int = 100, db: Session = Depends(database.get_db)):
+    requests = db.query(models.AccessRequest).filter(models.AccessRequest.status == "pending").offset(skip).limit(limit).all()
+    return requests
+
+@router.post("/{request_id}/approve", dependencies=[Depends(auth_utils.get_current_admin_user)])
+async def approve_request(request_id: int, background_tasks: BackgroundTasks, db: Session = Depends(database.get_db)):
+    req = db.query(models.AccessRequest).filter(models.AccessRequest.id == request_id).first()
+    if not req:
+        raise HTTPException(status_code=404, detail="Request not found")
+    
+    if req.status != "pending":
+        raise HTTPException(status_code=400, detail="Request already processed")
+        
+    # Create User
+    new_user = models.User(
+        username=req.username,
+        email=req.email,
+        hashed_password=req.hashed_password,
+        is_active=True,
+        is_admin=False
+    )
+    db.add(new_user)
+    db.commit()
+    db.refresh(new_user)
+    
+    # Assign Apps
+    for app in req.requested_apps:
+        assignment = models.UserApplication(user_id=new_user.id, application_id=app.id)
+        db.add(assignment)
+        
+    req.status = "approved"
+    db.commit()
+    
+    # Send email to user (Approved)
+    background_tasks.add_task(email.send_welcome_email, req.email, req.username, "********") # Don't send password again, they know it
+    
+    return {"message": "Request approved and user created"}
+
+@router.post("/{request_id}/reject", dependencies=[Depends(auth_utils.get_current_admin_user)])
+async def reject_request(request_id: int, db: Session = Depends(database.get_db)):
+    req = db.query(models.AccessRequest).filter(models.AccessRequest.id == request_id).first()
+    if not req:
+        raise HTTPException(status_code=404, detail="Request not found")
+        
+    req.status = "rejected"
+    db.commit()
+    
+    return {"message": "Request rejected"}