cloud-api/src/user/router.py

"""
Router endpoints for user module

Endpoints:
 - [get]/self/claims - Retrieves user's OIDC claims
 - [get]/self/db - Retrieves the user data from the db that corresponds to the current OIDC user
 - [get]/self/orgs - Retrieves all organisations associated with the current user
 - [get]/self/orgs/admin - Retrieves only admin organisations for the current user
 - [get]/{user_id} - Retrieves a specific user by their ID
 - [get]/{user_id}/orgs - Retrieves all organisations associated with a specific user
 - [get]/{user_id}/orgs/admin - Retrieves only admin organisations for a specific user
 - [delete]/{user_id} - Deletes a user from the db by their db ID
"""
from fastapi import APIRouter
from starlette import status

from src.user.schemas import UserResponse, OIDCClaims, UserDeleteUserRequest
from src.user.dependencies import user_model_claims_dependency, user_model_query_dependency, user_model_body_dependency

from src.auth.dependencies import super_admin_dependency
from src.auth.service import claims_dependency
from src.database import db_dependency

router = APIRouter(
	prefix="/user",
	tags=["User"],
)


@router.get("/self/claims", response_model=OIDCClaims, status_code=status.HTTP_200_OK, responses={
	status.HTTP_200_OK: {"description": "Successful retrieval from database"},
})
async def current_user_claims(user: claims_dependency):
	"""
	Returns the full OIDC claims associated with the currently logged-in user.
	"""
	user["allowed_origins"] = user.get("allowed-origins", [])
	return user


@router.get("/self/db", response_model=UserResponse, status_code=status.HTTP_200_OK, responses={
	status.HTTP_404_NOT_FOUND: {"description": "User not found"},
	status.HTTP_200_OK: {"description": "Successful retrieval from database"},
})
async def current_user(user_model: user_model_claims_dependency):
	"""
	Returns the database details associated with the currently logged-in user.
	"""
	return user_model


@router.get("/", response_model=UserResponse, status_code=status.HTTP_200_OK, responses={
	status.HTTP_404_NOT_FOUND: {"description": "User not found"},
	status.HTTP_200_OK: {"description": "Successful retrieval from database"},
})
async def get_user_by_id(user_model: user_model_query_dependency, su: super_admin_dependency):
	"""
	Returns the database details associated with the provided user ID.
	"""
	return user_model


@router.delete("/", status_code=status.HTTP_204_NO_CONTENT, responses={
		status.HTTP_204_NO_CONTENT: {"description": "User deleted"},
		status.HTTP_404_NOT_FOUND: {"description": "User not found"},
	})
async def delete_user_by_id(db: db_dependency, user_model: user_model_body_dependency, su: super_admin_dependency, request_model: UserDeleteUserRequest):
	"""
	Deletes the user with the provided ID from the database. This will not remove them from OIDC, and they will be automatically readded on next login.
	"""
	db.delete(user_model)
	db.commit()
Initial commit 2026-04-06 12:41:49 +01:00			`"""`
			`Router endpoints for user module`

			`Endpoints:`
docs: user module In-line and Swagger docs improvements on the User module and endpoints 2026-05-20 15:23:40 +01:00			`- [get]/self/claims - Retrieves user's OIDC claims`
			`- [get]/self/db - Retrieves the user data from the db that corresponds to the current OIDC user`
			`- [get]/self/orgs - Retrieves all organisations associated with the current user`
			`- [get]/self/orgs/admin - Retrieves only admin organisations for the current user`
Initial commit 2026-04-06 12:41:49 +01:00			`- [get]/{user_id} - Retrieves a specific user by their ID`
			`- [get]/{user_id}/orgs - Retrieves all organisations associated with a specific user`
			`- [get]/{user_id}/orgs/admin - Retrieves only admin organisations for a specific user`
			`- [delete]/{user_id} - Deletes a user from the db by their db ID`
			`"""`
docs: user module In-line and Swagger docs improvements on the User module and endpoints 2026-05-20 15:23:40 +01:00			`from fastapi import APIRouter`
			`from starlette import status`
Initial commit 2026-04-06 12:41:49 +01:00
feat: user dependencies In addition to the by-query and by-body db fetch dependencies. Users also have a by-claim dependency. Issue #6 2026-05-27 13:27:24 +01:00			`from src.user.schemas import UserResponse, OIDCClaims, UserDeleteUserRequest`
			`from src.user.dependencies import user_model_claims_dependency, user_model_query_dependency, user_model_body_dependency`
Initial commit 2026-04-06 12:41:49 +01:00
feat: auth requirements to user endpoints 2026-05-27 15:36:21 +01:00			`from src.auth.dependencies import super_admin_dependency`
Initial commit 2026-04-06 12:41:49 +01:00			`from src.auth.service import claims_dependency`
			`from src.database import db_dependency`

			`router = APIRouter(`
			`prefix="/user",`
docs: user module In-line and Swagger docs improvements on the User module and endpoints 2026-05-20 15:23:40 +01:00			`tags=["User"],`
Initial commit 2026-04-06 12:41:49 +01:00			`)`


docs: user module In-line and Swagger docs improvements on the User module and endpoints 2026-05-20 15:23:40 +01:00			`@router.get("/self/claims", response_model=OIDCClaims, status_code=status.HTTP_200_OK, responses={`
			`status.HTTP_200_OK: {"description": "Successful retrieval from database"},`
			`})`
Initial commit 2026-04-06 12:41:49 +01:00			`async def current_user_claims(user: claims_dependency):`
docs: user module In-line and Swagger docs improvements on the User module and endpoints 2026-05-20 15:23:40 +01:00			`"""`
			`Returns the full OIDC claims associated with the currently logged-in user.`
			`"""`
			`user["allowed_origins"] = user.get("allowed-origins", [])`
Initial commit 2026-04-06 12:41:49 +01:00			`return user`


docs: user module In-line and Swagger docs improvements on the User module and endpoints 2026-05-20 15:23:40 +01:00			`@router.get("/self/db", response_model=UserResponse, status_code=status.HTTP_200_OK, responses={`
			`status.HTTP_404_NOT_FOUND: {"description": "User not found"},`
			`status.HTTP_200_OK: {"description": "Successful retrieval from database"},`
			`})`
feat: user dependencies In addition to the by-query and by-body db fetch dependencies. Users also have a by-claim dependency. Issue #6 2026-05-27 13:27:24 +01:00			`async def current_user(user_model: user_model_claims_dependency):`
docs: user module In-line and Swagger docs improvements on the User module and endpoints 2026-05-20 15:23:40 +01:00			`"""`
			`Returns the database details associated with the currently logged-in user.`
			`"""`
Initial commit 2026-04-06 12:41:49 +01:00			`return user_model`


feat: user dependencies In addition to the by-query and by-body db fetch dependencies. Users also have a by-claim dependency. Issue #6 2026-05-27 13:27:24 +01:00			`@router.get("/", response_model=UserResponse, status_code=status.HTTP_200_OK, responses={`
docs: user module In-line and Swagger docs improvements on the User module and endpoints 2026-05-20 15:23:40 +01:00			`status.HTTP_404_NOT_FOUND: {"description": "User not found"},`
			`status.HTTP_200_OK: {"description": "Successful retrieval from database"},`
			`})`
feat: auth requirements to user endpoints 2026-05-27 15:36:21 +01:00			`async def get_user_by_id(user_model: user_model_query_dependency, su: super_admin_dependency):`
docs: user module In-line and Swagger docs improvements on the User module and endpoints 2026-05-20 15:23:40 +01:00			`"""`
			`Returns the database details associated with the provided user ID.`
			`"""`
Initial commit 2026-04-06 12:41:49 +01:00			`return user_model`


feat: user dependencies In addition to the by-query and by-body db fetch dependencies. Users also have a by-claim dependency. Issue #6 2026-05-27 13:27:24 +01:00			`@router.delete("/", status_code=status.HTTP_204_NO_CONTENT, responses={`
docs: user module In-line and Swagger docs improvements on the User module and endpoints 2026-05-20 15:23:40 +01:00			`status.HTTP_204_NO_CONTENT: {"description": "User deleted"},`
			`status.HTTP_404_NOT_FOUND: {"description": "User not found"},`
			`})`
feat: auth requirements to user endpoints 2026-05-27 15:36:21 +01:00			`async def delete_user_by_id(db: db_dependency, user_model: user_model_body_dependency, su: super_admin_dependency, request_model: UserDeleteUserRequest):`
docs: user module In-line and Swagger docs improvements on the User module and endpoints 2026-05-20 15:23:40 +01:00			`"""`
			`Deletes the user with the provided ID from the database. This will not remove them from OIDC, and they will be automatically readded on next login.`
			`"""`
Initial commit 2026-04-06 12:41:49 +01:00			`db.delete(user_model)`
			`db.commit()`