Spaces:
Runtime error
Runtime error
File size: 2,788 Bytes
b7ed26f 96b013c 394841d b7ed26f 96b013c b7ed26f 394841d 96b013c b7ed26f 394841d 96b013c b7ed26f 96b013c b7ed26f 96b013c b7ed26f 96b013c b7ed26f 96b013c b7ed26f 394841d 96b013c b7ed26f 96b013c b7ed26f 96b013c b7ed26f |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 |
"""
Router for staff and admin clearance operations.
"""
from fastapi import APIRouter, Depends, HTTPException, status
from sqlalchemy.orm import Session
from fastapi.concurrency import run_in_threadpool
from src import crud, models
from src.database import get_db
from src.auth import get_current_active_user, get_current_active_staff_user_from_token
from src.utils import format_student_clearance_details
router = APIRouter(
prefix="/api/clearance",
tags=["Clearance"],
dependencies=[Depends(get_current_active_staff_user_from_token)]
)
class ClearanceUpdatePayload(models.BaseModel):
status: models.ClearanceStatusEnum
remarks: str | None = None
@router.put("/{student_id_str}", response_model=models.ClearanceDetail)
async def update_student_clearance(
student_id_str: str,
payload: ClearanceUpdatePayload,
db: Session = Depends(get_db),
current_user: models.User = Depends(get_current_active_staff_user_from_token)
):
"""
Staff/Admin: Update a student's clearance status for their department.
"""
if not current_user.department:
raise HTTPException(status_code=403, detail="Your user account is not assigned to a clearable department.")
await run_in_threadpool(
crud.update_clearance_status, db, student_id_str, current_user.department, payload.status, payload.remarks, current_user.id
)
student_orm = await run_in_threadpool(crud.get_student_by_student_id, db, student_id_str)
return await format_student_clearance_details(db, student_orm)
@router.delete("/{student_id_str}/{department_str}", response_model=models.ClearanceDetail)
async def reset_student_clearance(
student_id_str: str,
department_str: str,
db: Session = Depends(get_db),
current_user: models.User = Depends(get_current_active_staff_user_from_token)
):
"""
Staff/Admin: Reset a student's clearance status for a department.
Admins can reset for any department; staff only for their own.
"""
try:
target_department = models.ClearanceDepartment(department_str.upper())
except ValueError:
raise HTTPException(status_code=400, detail=f"'{department_str}' is not a valid department.")
if current_user.role != models.UserRole.ADMIN and current_user.department != target_department:
raise HTTPException(status_code=403, detail=f"You can only reset clearance for your own department.")
await run_in_threadpool(crud.delete_clearance_status, db, student_id_str, target_department)
student_orm = await run_in_threadpool(crud.get_student_by_student_id, db, student_id_str)
if not student_orm:
raise HTTPException(status_code=404, detail="Student not found.")
return await format_student_clearance_details(db, student_orm)
|