hxf/backend/th_agenter/api/endpoints/users.py

"""User management endpoints."""

from typing import List, Optional
from fastapi import APIRouter, Depends, HTTPException, status, Query
from sqlalchemy.orm import Session

from ...db.database import get_session
from ...core.simple_permissions import require_super_admin
from ...services.auth import AuthService
from ...services.user import UserService
from ...schemas.user import UserResponse, UserUpdate, UserCreate, ChangePasswordRequest, ResetPasswordRequest

router = APIRouter()

@router.get("/profile", response_model=UserResponse, summary="获取当前用户的个人信息")
async def get_user_profile(
    current_user = Depends(AuthService.get_current_user)
):
    """获取当前用户的个人信息."""
    return UserResponse.model_validate(current_user)

@router.put("/profile", response_model=UserResponse, summary="更新当前用户的个人信息")
async def update_user_profile(
    user_update: UserUpdate,
    current_user = Depends(AuthService.get_current_user),
    session: Session = Depends(get_session)
):
    """更新当前用户的个人信息."""
    user_service = UserService(session)
    
    # Check if email is being changed and is already taken
    if user_update.email and user_update.email != current_user.email:
        existing_user = await user_service.get_user_by_email(user_update.email)
        if existing_user:
            raise HTTPException(
                status_code=status.HTTP_400_BAD_REQUEST,
                detail="Email already registered"
            )
    
    # Update user
    updated_user = await user_service.update_user(current_user.id, user_update)
    return UserResponse.model_validate(updated_user)

@router.delete("/profile", summary="删除当前用户的账户")
async def delete_user_account(
    current_user = Depends(AuthService.get_current_user),
    session: Session = Depends(get_session)
):
    """删除当前用户的账户."""
    username = current_user.username
    user_service = UserService(session)
    await user_service.delete_user(current_user.id)
    session.desc = f"删除用户 [{username}] 成功"
    return {"message": f"删除用户 {username} 成功"}

# Admin endpoints
@router.post("/", response_model=UserResponse, summary="创建新用户 (需要有管理员权限)")
async def create_user(                
    user_create: UserCreate,
    current_user = Depends(require_super_admin),
    session: Session = Depends(get_session)
):
    """创建一个新用户 (需要有管理员权限)."""
    user_service = UserService(session)
    
    # Check if username already exists
    existing_user = await user_service.get_user_by_username(user_create.username)
    if existing_user:
        session.desc = f"创建用户 [{user_create.username}] 失败 - 用户名已存在"
        raise HTTPException(
            status_code=status.HTTP_400_BAD_REQUEST,
            detail="Username already registered"
        )
    
    # Check if email already exists
    existing_user = await user_service.get_user_by_email(user_create.email)
    if existing_user:
        session.desc = f"创建用户 [{user_create.username}] 失败 - 邮箱已存在"
        raise HTTPException(
            status_code=status.HTTP_400_BAD_REQUEST,
            detail="Email already registered"
        )
    
    # Create user
    new_user = await user_service.create_user(user_create)
    return UserResponse.model_validate(new_user)

@router.get("/", summary="列出所有用户，支持分页和筛选 (仅管理员权限)")
async def list_users(
    page: int = Query(1, ge=1),
    size: int = Query(20, ge=1, le=100),
    search: Optional[str] = Query(None),
    role_id: Optional[int] = Query(None),
    is_active: Optional[bool] = Query(None),
    session: Session = Depends(get_session)
):
    """列出所有用户，支持分页和筛选 (仅管理员权限)."""
    session.desc = f"START: 列出所有用户，分页={page}, 每页大小={size}, 搜索={search}, 角色ID={role_id}, 激活状态={is_active}"
    user_service = UserService(session)
    skip = (page - 1) * size
    users, total = await user_service.get_users_with_filters(
        skip=skip, 
        limit=size, 
        search=search,
        role_id=role_id,
        is_active=is_active
    )
    result = {
        "users": [UserResponse.model_validate(user) for user in users],
        "total": total,
        "page": page,
        "page_size": size
    }
    return result


@router.get("/{user_id}", response_model=UserResponse, summary="通过ID获取用户信息 (仅管理员权限)")
async def get_user(
    user_id: int,
    current_user = Depends(AuthService.get_current_active_user),
    session: Session = Depends(get_session)
):
    """通过ID获取用户信息 (仅管理员权限)."""
    user_service = UserService(session)
    user = await user_service.get_user_by_id(user_id)
    if not user:
        raise HTTPException(
            status_code=status.HTTP_404_NOT_FOUND,
            detail="User not found"
        )
    return UserResponse.model_validate(user)

@router.put("/change-password", summary="修改当前用户的密码")
async def change_password(
    request: ChangePasswordRequest,
    current_user = Depends(AuthService.get_current_active_user),
    session: Session = Depends(get_session)
):
    """修改当前用户的密码."""
    user_service = UserService(session)
    
    try:
        await user_service.change_password(
            user_id=current_user.id,
            current_password=request.current_password,
            new_password=request.new_password
        )
        return {"message": "Password changed successfully"}
    except Exception as e:
        if "Current password is incorrect" in str(e):
            raise HTTPException(
                status_code=status.HTTP_400_BAD_REQUEST,
                detail="Current password is incorrect"
            )
        elif "must be at least 6 characters" in str(e):
            raise HTTPException(
                status_code=status.HTTP_400_BAD_REQUEST,
                detail="New password must be at least 6 characters long"
            )
        else:
            raise HTTPException(
                status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
                detail="Failed to change password"
            )

@router.put("/{user_id}/reset-password", summary="重置用户密码 (仅管理员权限)")
async def reset_user_password(
    user_id: int,
    request: ResetPasswordRequest,
    current_user = Depends(require_super_admin),
    session: Session = Depends(get_session)
):
    """重置用户密码 (仅管理员权限)."""
    user_service = UserService(session) 
    
    try:
        await user_service.reset_password(
            user_id=user_id,
            new_password=request.new_password
        )
        return {"message": "Password reset successfully"}
    except Exception as e:
        if "User not found" in str(e):
            raise HTTPException(
                status_code=status.HTTP_404_NOT_FOUND,
                detail="User not found"
            )
        elif "must be at least 6 characters" in str(e):
            raise HTTPException(
                status_code=status.HTTP_400_BAD_REQUEST,
                detail="New password must be at least 6 characters long"
            )
        else:
            raise HTTPException(
                status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
                detail="Failed to reset password"
            )


@router.put("/{user_id}", response_model=UserResponse, summary="更新用户信息 (仅管理员权限)")
async def update_user(
    user_id: int,
    user_update: UserUpdate,
    current_user = Depends(AuthService.get_current_active_user),
    session: Session = Depends(get_session)
):
    """更新用户信息 (仅管理员权限)."""
    user_service = UserService(session)
    
    user = await user_service.get_user_by_id(user_id)
    if not user:
        raise HTTPException(
            status_code=status.HTTP_404_NOT_FOUND,
            detail="User not found"
        )
    
    updated_user = await user_service.update_user(user_id, user_update)
    return UserResponse.model_validate(updated_user)

@router.delete("/{user_id}", summary="删除用户 (仅管理员权限)")
async def delete_user(
    user_id: int,
    current_user = Depends(AuthService.get_current_active_user),
    session: Session = Depends(get_session)
):
    """删除用户 (仅管理员权限)."""
    user_service = UserService(session)
    
    user = await user_service.get_user_by_id(user_id)
    if not user:
        raise HTTPException(
            status_code=status.HTTP_404_NOT_FOUND,
            detail="User not found"
        )
    
    await user_service.delete_user(user_id)
    return {"message": "User deleted successfully"}
first commit 2025-12-04 14:48:38 +08:00			`"""User management endpoints."""`

			`from typing import List, Optional`
			`from fastapi import APIRouter, Depends, HTTPException, status, Query`
			`from sqlalchemy.orm import Session`

backend-陈博更新 2025-12-16 13:55:16 +08:00			`from ...db.database import get_session`
first commit 2025-12-04 14:48:38 +08:00			`from ...core.simple_permissions import require_super_admin`
			`from ...services.auth import AuthService`
			`from ...services.user import UserService`
			`from ...schemas.user import UserResponse, UserUpdate, UserCreate, ChangePasswordRequest, ResetPasswordRequest`

			`router = APIRouter()`

backend-陈博更新 2025-12-16 13:55:16 +08:00			`@router.get("/profile", response_model=UserResponse, summary="获取当前用户的个人信息")`
first commit 2025-12-04 14:48:38 +08:00			`async def get_user_profile(`
			`current_user = Depends(AuthService.get_current_user)`
			`):`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`"""获取当前用户的个人信息."""`
			`return UserResponse.model_validate(current_user)`
first commit 2025-12-04 14:48:38 +08:00
backend-陈博更新 2025-12-16 13:55:16 +08:00			`@router.put("/profile", response_model=UserResponse, summary="更新当前用户的个人信息")`
first commit 2025-12-04 14:48:38 +08:00			`async def update_user_profile(`
			`user_update: UserUpdate,`
			`current_user = Depends(AuthService.get_current_user),`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`session: Session = Depends(get_session)`
first commit 2025-12-04 14:48:38 +08:00			`):`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`"""更新当前用户的个人信息."""`
			`user_service = UserService(session)`
first commit 2025-12-04 14:48:38 +08:00
			`# Check if email is being changed and is already taken`
			`if user_update.email and user_update.email != current_user.email:`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`existing_user = await user_service.get_user_by_email(user_update.email)`
first commit 2025-12-04 14:48:38 +08:00			`if existing_user:`
			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
			`detail="Email already registered"`
			`)`

			`# Update user`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`updated_user = await user_service.update_user(current_user.id, user_update)`
			`return UserResponse.model_validate(updated_user)`
first commit 2025-12-04 14:48:38 +08:00
backend-陈博更新 2025-12-16 13:55:16 +08:00			`@router.delete("/profile", summary="删除当前用户的账户")`
first commit 2025-12-04 14:48:38 +08:00			`async def delete_user_account(`
			`current_user = Depends(AuthService.get_current_user),`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`session: Session = Depends(get_session)`
first commit 2025-12-04 14:48:38 +08:00			`):`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`"""删除当前用户的账户."""`
			`username = current_user.username`
			`user_service = UserService(session)`
			`await user_service.delete_user(current_user.id)`
			`session.desc = f"删除用户 [{username}] 成功"`
			`return {"message": f"删除用户 {username} 成功"}`
first commit 2025-12-04 14:48:38 +08:00
			`# Admin endpoints`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`@router.post("/", response_model=UserResponse, summary="创建新用户 (需要有管理员权限)")`
			`async def create_user(`
first commit 2025-12-04 14:48:38 +08:00			`user_create: UserCreate,`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`current_user = Depends(require_super_admin),`
			`session: Session = Depends(get_session)`
first commit 2025-12-04 14:48:38 +08:00			`):`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`"""创建一个新用户 (需要有管理员权限)."""`
			`user_service = UserService(session)`
first commit 2025-12-04 14:48:38 +08:00
			`# Check if username already exists`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`existing_user = await user_service.get_user_by_username(user_create.username)`
first commit 2025-12-04 14:48:38 +08:00			`if existing_user:`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`session.desc = f"创建用户 [{user_create.username}] 失败 - 用户名已存在"`
first commit 2025-12-04 14:48:38 +08:00			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
			`detail="Username already registered"`
			`)`

			`# Check if email already exists`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`existing_user = await user_service.get_user_by_email(user_create.email)`
first commit 2025-12-04 14:48:38 +08:00			`if existing_user:`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`session.desc = f"创建用户 [{user_create.username}] 失败 - 邮箱已存在"`
first commit 2025-12-04 14:48:38 +08:00			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
			`detail="Email already registered"`
			`)`

			`# Create user`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`new_user = await user_service.create_user(user_create)`
			`return UserResponse.model_validate(new_user)`
first commit 2025-12-04 14:48:38 +08:00
backend-陈博更新 2025-12-16 13:55:16 +08:00			`@router.get("/", summary="列出所有用户，支持分页和筛选 (仅管理员权限)")`
first commit 2025-12-04 14:48:38 +08:00			`async def list_users(`
			`page: int = Query(1, ge=1),`
			`size: int = Query(20, ge=1, le=100),`
			`search: Optional[str] = Query(None),`
			`role_id: Optional[int] = Query(None),`
			`is_active: Optional[bool] = Query(None),`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`session: Session = Depends(get_session)`
first commit 2025-12-04 14:48:38 +08:00			`):`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`"""列出所有用户，支持分页和筛选 (仅管理员权限)."""`
			`session.desc = f"START: 列出所有用户，分页={page}, 每页大小={size}, 搜索={search}, 角色ID={role_id}, 激活状态={is_active}"`
			`user_service = UserService(session)`
first commit 2025-12-04 14:48:38 +08:00			`skip = (page - 1) * size`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`users, total = await user_service.get_users_with_filters(`
first commit 2025-12-04 14:48:38 +08:00			`skip=skip,`
			`limit=size,`
			`search=search,`
			`role_id=role_id,`
			`is_active=is_active`
			`)`
			`result = {`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`"users": [UserResponse.model_validate(user) for user in users],`
first commit 2025-12-04 14:48:38 +08:00			`"total": total,`
			`"page": page,`
			`"page_size": size`
			`}`
			`return result`


backend-陈博更新 2025-12-16 13:55:16 +08:00			`@router.get("/{user_id}", response_model=UserResponse, summary="通过ID获取用户信息 (仅管理员权限)")`
first commit 2025-12-04 14:48:38 +08:00			`async def get_user(`
			`user_id: int,`
			`current_user = Depends(AuthService.get_current_active_user),`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`session: Session = Depends(get_session)`
first commit 2025-12-04 14:48:38 +08:00			`):`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`"""通过ID获取用户信息 (仅管理员权限)."""`
			`user_service = UserService(session)`
			`user = await user_service.get_user_by_id(user_id)`
first commit 2025-12-04 14:48:38 +08:00			`if not user:`
			`raise HTTPException(`
			`status_code=status.HTTP_404_NOT_FOUND,`
			`detail="User not found"`
			`)`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`return UserResponse.model_validate(user)`
first commit 2025-12-04 14:48:38 +08:00
backend-陈博更新 2025-12-16 13:55:16 +08:00			`@router.put("/change-password", summary="修改当前用户的密码")`
first commit 2025-12-04 14:48:38 +08:00			`async def change_password(`
			`request: ChangePasswordRequest,`
			`current_user = Depends(AuthService.get_current_active_user),`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`session: Session = Depends(get_session)`
first commit 2025-12-04 14:48:38 +08:00			`):`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`"""修改当前用户的密码."""`
			`user_service = UserService(session)`
first commit 2025-12-04 14:48:38 +08:00
			`try:`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`await user_service.change_password(`
first commit 2025-12-04 14:48:38 +08:00			`user_id=current_user.id,`
			`current_password=request.current_password,`
			`new_password=request.new_password`
			`)`
			`return {"message": "Password changed successfully"}`
			`except Exception as e:`
			`if "Current password is incorrect" in str(e):`
			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
			`detail="Current password is incorrect"`
			`)`
			`elif "must be at least 6 characters" in str(e):`
			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
			`detail="New password must be at least 6 characters long"`
			`)`
			`else:`
			`raise HTTPException(`
			`status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,`
			`detail="Failed to change password"`
			`)`

backend-陈博更新 2025-12-16 13:55:16 +08:00			`@router.put("/{user_id}/reset-password", summary="重置用户密码 (仅管理员权限)")`
first commit 2025-12-04 14:48:38 +08:00			`async def reset_user_password(`
			`user_id: int,`
			`request: ResetPasswordRequest,`
			`current_user = Depends(require_super_admin),`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`session: Session = Depends(get_session)`
first commit 2025-12-04 14:48:38 +08:00			`):`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`"""重置用户密码 (仅管理员权限)."""`
			`user_service = UserService(session)`
first commit 2025-12-04 14:48:38 +08:00
			`try:`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`await user_service.reset_password(`
first commit 2025-12-04 14:48:38 +08:00			`user_id=user_id,`
			`new_password=request.new_password`
			`)`
			`return {"message": "Password reset successfully"}`
			`except Exception as e:`
			`if "User not found" in str(e):`
			`raise HTTPException(`
			`status_code=status.HTTP_404_NOT_FOUND,`
			`detail="User not found"`
			`)`
			`elif "must be at least 6 characters" in str(e):`
			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
			`detail="New password must be at least 6 characters long"`
			`)`
			`else:`
			`raise HTTPException(`
			`status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,`
			`detail="Failed to reset password"`
			`)`


backend-陈博更新 2025-12-16 13:55:16 +08:00			`@router.put("/{user_id}", response_model=UserResponse, summary="更新用户信息 (仅管理员权限)")`
first commit 2025-12-04 14:48:38 +08:00			`async def update_user(`
			`user_id: int,`
			`user_update: UserUpdate,`
			`current_user = Depends(AuthService.get_current_active_user),`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`session: Session = Depends(get_session)`
first commit 2025-12-04 14:48:38 +08:00			`):`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`"""更新用户信息 (仅管理员权限)."""`
			`user_service = UserService(session)`
first commit 2025-12-04 14:48:38 +08:00
backend-陈博更新 2025-12-16 13:55:16 +08:00			`user = await user_service.get_user_by_id(user_id)`
first commit 2025-12-04 14:48:38 +08:00			`if not user:`
			`raise HTTPException(`
			`status_code=status.HTTP_404_NOT_FOUND,`
			`detail="User not found"`
			`)`

backend-陈博更新 2025-12-16 13:55:16 +08:00			`updated_user = await user_service.update_user(user_id, user_update)`
			`return UserResponse.model_validate(updated_user)`
first commit 2025-12-04 14:48:38 +08:00
backend-陈博更新 2025-12-16 13:55:16 +08:00			`@router.delete("/{user_id}", summary="删除用户 (仅管理员权限)")`
first commit 2025-12-04 14:48:38 +08:00			`async def delete_user(`
			`user_id: int,`
			`current_user = Depends(AuthService.get_current_active_user),`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`session: Session = Depends(get_session)`
first commit 2025-12-04 14:48:38 +08:00			`):`
backend-陈博更新 2025-12-16 13:55:16 +08:00			`"""删除用户 (仅管理员权限)."""`
			`user_service = UserService(session)`
first commit 2025-12-04 14:48:38 +08:00
backend-陈博更新 2025-12-16 13:55:16 +08:00			`user = await user_service.get_user_by_id(user_id)`
first commit 2025-12-04 14:48:38 +08:00			`if not user:`
			`raise HTTPException(`
			`status_code=status.HTTP_404_NOT_FOUND,`
			`detail="User not found"`
			`)`

backend-陈博更新 2025-12-16 13:55:16 +08:00			`await user_service.delete_user(user_id)`
first commit 2025-12-04 14:48:38 +08:00			`return {"message": "User deleted successfully"}`