22
33from fastapi import APIRouter , Depends , HTTPException , status
44
5+ from core .authorization .dependencies import require_permission
56from src .core .authorization .infrastructure .services .casbin_authorization_service import (
67 CasbinAuthorizationService ,
78)
8- from src .core .authorization .permissions import permission_key
9+ from src .core .authorization .permissions import (
10+ CREATE_ACTION ,
11+ DELETE_ACTION ,
12+ PERMISSION_RESOURCE ,
13+ READ_ACTION ,
14+ UPDATE_ACTION ,
15+ permission_key ,
16+ )
917from src .core .database .postgres .session import get_unit_of_work
18+ from src .core .schemas .response import PaginatedResponse , SuccessResponse
1019from src .modules .authorization .domain .entities .permission import Permission
1120from src .modules .authorization .presenter .dependency import (
1221 get_casbin_authorization_service ,
1524 CreatePermissionRequest ,
1625 UpdatePermissionRequest ,
1726)
27+ from src .modules .authorization .presenter .schema .response import PermissionResponse
1828from src .shared .unit_of_work import UnitOfWork
1929
2030router = APIRouter (prefix = "/permissions" , tags = ["Permission" ])
2131
2232
23- @router .post ("/" , status_code = status .HTTP_201_CREATED )
33+ @router .post (
34+ "/" ,
35+ status_code = status .HTTP_201_CREATED ,
36+ response_model = SuccessResponse [PermissionResponse ],
37+ dependencies = [Depends (require_permission (PERMISSION_RESOURCE , CREATE_ACTION ))],
38+ )
2439async def create_permission (
2540 request : CreatePermissionRequest ,
2641 service : CasbinAuthorizationService = Depends (get_casbin_authorization_service ),
@@ -35,31 +50,56 @@ async def create_permission(
3550 async with unit_of_work :
3651 created = await service .create_permission (permission )
3752 await unit_of_work .commit ()
38- return _permission_response (created )
53+
54+ return SuccessResponse (
55+ success = True ,
56+ message = "create permission success" ,
57+ data = _permission_response (created ),
58+ )
3959
4060
41- @router .get ("/" )
61+ @router .get (
62+ "/" ,
63+ response_model = PaginatedResponse [PermissionResponse ],
64+ dependencies = [Depends (require_permission (PERMISSION_RESOURCE , READ_ACTION ))],
65+ )
4266async def list_permissions (
4367 service : CasbinAuthorizationService = Depends (get_casbin_authorization_service ),
4468):
45- return [
46- _permission_response (permission )
47- for permission in await service .list_permissions ()
48- ]
69+ return PaginatedResponse (
70+ success = True ,
71+ message = "fetch permission success" ,
72+ data = [
73+ _permission_response (permission )
74+ for permission in await service .list_permissions ()
75+ ],
76+ )
4977
5078
51- @router .get ("/{permission_id}" )
79+ @router .get (
80+ "/{permission_id}" ,
81+ response_model = SuccessResponse [PermissionResponse ],
82+ dependencies = [Depends (require_permission (PERMISSION_RESOURCE , READ_ACTION ))],
83+ )
5284async def get_permission (
5385 permission_id : UUID ,
5486 service : CasbinAuthorizationService = Depends (get_casbin_authorization_service ),
5587):
5688 permission = await service .get_permission (permission_id )
5789 if permission is None :
5890 raise HTTPException (status_code = 404 , detail = "Permission not found" )
59- return _permission_response (permission )
91+ return SuccessResponse (
92+ success = True ,
93+ message = "fetch permission success" ,
94+ data = _permission_response (permission ),
95+ )
6096
6197
62- @router .patch ("/{permission_id}" )
98+ @router .patch (
99+ "/{permission_id}" ,
100+ response_model = SuccessResponse [PermissionResponse ],
101+ dependencies = [Depends (require_permission (PERMISSION_RESOURCE , UPDATE_ACTION ))],
102+ )
63103async def update_permission (
64104 permission_id : UUID ,
65105 request : UpdatePermissionRequest ,
@@ -86,10 +126,19 @@ async def update_permission(
86126 async with unit_of_work :
87127 updated = await service .update_permission (permission )
88128 await unit_of_work .commit ()
89- return _permission_response (updated )
129+
130+ return SuccessResponse (
131+ success = True ,
132+ message = "update permission success" ,
133+ data = _permission_response (updated ),
134+ )
90135
91136
92- @router .delete ("/{permission_id}" , status_code = status .HTTP_204_NO_CONTENT )
137+ @router .delete (
138+ "/{permission_id}" ,
139+ status_code = status .HTTP_204_NO_CONTENT ,
140+ dependencies = [Depends (require_permission (PERMISSION_RESOURCE , DELETE_ACTION ))],
141+ )
93142async def delete_permission (
94143 permission_id : UUID ,
95144 service : CasbinAuthorizationService = Depends (get_casbin_authorization_service ),
@@ -100,13 +149,13 @@ async def delete_permission(
100149 await unit_of_work .commit ()
101150
102151
103- def _permission_response (permission : Permission | None ) -> dict :
152+ def _permission_response (permission : Permission | None ) -> PermissionResponse :
104153 if permission is None :
105154 raise HTTPException (status_code = 404 , detail = "Permission not found" )
106- return {
107- "id" : str (permission .id ),
108- " key" : permission .key ,
109- " resource" : permission .resource ,
110- " action" : permission .action ,
111- " description" : permission .description ,
112- }
155+ return PermissionResponse (
156+ id = str (permission .id ),
157+ key = permission .key ,
158+ resource = permission .resource ,
159+ action = permission .action ,
160+ description = permission .description ,
161+ )
0 commit comments