Phase 4 Complete by Claude Code

2026-02-17 21:06:00 +02:00
parent f38057361d
commit fc2d04b8bb
9 changed files with 1446 additions and 9 deletions
--- a/backend/users/router.py
+++ b/backend/users/router.py
@@ -1 +1,95 @@
-# TODO: CRUD endpoints for users
+from fastapi import APIRouter, Depends, Query
+from typing import Optional, List
+from auth.models import TokenPayload
+from auth.dependencies import require_user_access, require_viewer
+from users.models import (
+    UserCreate, UserUpdate, UserInDB, UserListResponse,
+)
+from users import service
+
+router = APIRouter(prefix="/api/users", tags=["users"])
+
+
+@router.get("", response_model=UserListResponse)
+async def list_users(
+    search: Optional[str] = Query(None),
+    status: Optional[str] = Query(None),
+    _user: TokenPayload = Depends(require_viewer),
+):
+    users = service.list_users(search=search, status=status)
+    return UserListResponse(users=users, total=len(users))
+
+
+@router.get("/{user_id}", response_model=UserInDB)
+async def get_user(
+    user_id: str,
+    _user: TokenPayload = Depends(require_viewer),
+):
+    return service.get_user(user_id)
+
+
+@router.post("", response_model=UserInDB, status_code=201)
+async def create_user(
+    body: UserCreate,
+    _user: TokenPayload = Depends(require_user_access),
+):
+    return service.create_user(body)
+
+
+@router.put("/{user_id}", response_model=UserInDB)
+async def update_user(
+    user_id: str,
+    body: UserUpdate,
+    _user: TokenPayload = Depends(require_user_access),
+):
+    return service.update_user(user_id, body)
+
+
+@router.delete("/{user_id}", status_code=204)
+async def delete_user(
+    user_id: str,
+    _user: TokenPayload = Depends(require_user_access),
+):
+    service.delete_user(user_id)
+
+
+@router.post("/{user_id}/block", response_model=UserInDB)
+async def block_user(
+    user_id: str,
+    _user: TokenPayload = Depends(require_user_access),
+):
+    return service.block_user(user_id)
+
+
+@router.post("/{user_id}/unblock", response_model=UserInDB)
+async def unblock_user(
+    user_id: str,
+    _user: TokenPayload = Depends(require_user_access),
+):
+    return service.unblock_user(user_id)
+
+
+@router.get("/{user_id}/devices", response_model=List[dict])
+async def get_user_devices(
+    user_id: str,
+    _user: TokenPayload = Depends(require_viewer),
+):
+    return service.get_user_devices(user_id)
+
+
+@router.post("/{user_id}/devices/{device_id}", response_model=UserInDB)
+async def assign_device(
+    user_id: str,
+    device_id: str,
+    _user: TokenPayload = Depends(require_user_access),
+):
+    return service.assign_device(user_id, device_id)
+
+
+@router.delete("/{user_id}/devices/{device_id}", response_model=UserInDB)
+async def unassign_device(
+    user_id: str,
+    device_id: str,
+    _user: TokenPayload = Depends(require_user_access),
+):
+    return service.unassign_device(user_id, device_id)