single endpoint check

2025-01-01 13:21:04 +03:00
parent 05c8af2310
commit 73645ce3ca
6 changed files with 65 additions and 2 deletions
--- a/service_app/routers/rules/router.py
+++ b/service_app/routers/rules/router.py
@@ -4,7 +4,7 @@ from fastapi.requests import Request
 from api_objects import OccupantTokenObject, EmployeeTokenObject
 from api_validations.validations_request import (
    UpdateEndpointAccessList,
-    InsertEndpointAccess,
+    InsertEndpointAccess, CheckEndpointAccess,
 )

 from api_services.redis.auth_actions.token import parse_token_object_to_dict
@@ -14,6 +14,7 @@ from databases import (
    Event2Employee,
    Events,
 )
+from databases.sql_models.event.event import Services, Service2Events

 endpoint_restriction_route = APIRouter(prefix="/access", tags=["Endpoint Access"])
 endpoint_restriction_route.include_router(
@@ -66,6 +67,60 @@ def endpoint_restriction_list(request: Request):
    )


+@endpoint_restriction_route.post(
+    path="/endpoint/available", summary="List extra restriction to endpoints list"
+)
+def endpoint_restriction_available(request: Request, data: CheckEndpointAccess):
+    token_dict, records = parse_token_object_to_dict(request=request), []
+    endpoint = EndpointRestriction.filter_one(
+        EndpointRestriction.endpoint_name.ilike(f"%{str(data.endpoint)}%")
+    ).data
+    if not endpoint:
+        EndpointRestriction.raise_http_exception(
+            status_code="HTTP_404_NOT_FOUND",
+            error_case="UNAUTHORIZED",
+            message="Only Occupant can see this data",
+            data={},
+        )
+    event = Events.filter_one(Events.id == endpoint.id).data
+    service = Service2Events.filter_one(
+        Service2Events.event_id == event.id,
+    ).data
+    if isinstance(token_dict, OccupantTokenObject):
+        event_occupant = Event2Occupant.filter_one(
+            Event2Occupant.event_service_id == service.id,
+            Event2Occupant.build_living_space_id
+            == token_dict.selected_occupant.living_space_id,
+        ).data
+        if not event_occupant:
+            EndpointRestriction.raise_http_exception(
+                status_code="HTTP_404_NOT_FOUND",
+                error_case="UNAUTHORIZED",
+                message="Only Occupant can see this data",
+                data={},
+            )
+        return dict(
+            completed=True,
+            message="Endpoint is available for this occupant",
+        )
+    elif isinstance(token_dict, EmployeeTokenObject):
+        event_employee = Event2Employee.filter_one(
+            Event2Employee.event_service_id == service.id,
+            Event2Employee.employee_id == token_dict.selected_company.employee_id,
+        ).data
+        if not event_employee:
+            EndpointRestriction.raise_http_exception(
+                status_code="HTTP_404_NOT_FOUND",
+                error_case="UNAUTHORIZED",
+                message="Only Occupant can see this data",
+                data={},
+            )
+        return dict(
+            completed=True,
+            message="Endpoint is available for this occupant",
+        )
+
+
@endpoint_restriction_route.patch(
    path="/endpoint/bind/patch", summary="Patch extra restriction to endpoints list"
 )