Initial commit

2025-12-04 22:24:47 +01:00
commit 453ce10494
106 changed files with 17145 additions and 0 deletions
--- a/backend/app/crud/user.py
+++ b/backend/app/crud/user.py
@@ -0,0 +1,78 @@
+"""CRUD operations for User model."""
+
+from typing import Optional
+from sqlalchemy.orm import Session
+
+from app.crud.base import CRUDBase
+from app.models.user import User
+from app.schemas.user import UserCreate, UserUpdate
+from app.core.security import get_password_hash, verify_password
+
+
+class CRUDUser(CRUDBase[User, UserCreate, UserUpdate]):
+    """CRUD operations for User model."""
+
+    def get_by_email(self, db: Session, *, email: str) -> Optional[User]:
+        """Get user by email."""
+        return db.query(User).filter(User.email == email).first()
+
+    def get_by_username(self, db: Session, *, username: str) -> Optional[User]:
+        """Get user by username."""
+        return db.query(User).filter(User.username == username).first()
+
+    def create(self, db: Session, *, obj_in: UserCreate) -> User:
+        """Create a new user with hashed password."""
+        db_obj = User(
+            username=obj_in.username,
+            email=obj_in.email,
+            hashed_password=get_password_hash(obj_in.password),
+            is_active=obj_in.is_active,
+            is_superuser=obj_in.is_superuser,
+        )
+        # Set permissions if provided
+        if obj_in.permissions is not None:
+            db_obj.permissions = obj_in.permissions
+        db.add(db_obj)
+        db.commit()
+        db.refresh(db_obj)
+        return db_obj
+
+    def update(
+        self, db: Session, *, db_obj: User, obj_in: UserUpdate
+    ) -> User:
+        """Update user, hashing password if provided."""
+        update_data = obj_in.model_dump(exclude_unset=True)
+
+        if "password" in update_data and update_data["password"]:
+            hashed_password = get_password_hash(update_data["password"])
+            del update_data["password"]
+            update_data["hashed_password"] = hashed_password
+
+        # Handle permissions separately since it uses a property setter
+        if "permissions" in update_data:
+            db_obj.permissions = update_data.pop("permissions")
+
+        return super().update(db, db_obj=db_obj, obj_in=update_data)
+
+    def authenticate(
+        self, db: Session, *, username: str, password: str
+    ) -> Optional[User]:
+        """Authenticate a user by username and password."""
+        user = self.get_by_username(db, username=username)
+        if not user:
+            return None
+        if not verify_password(password, user.hashed_password):
+            return None
+        return user
+
+    def is_active(self, user: User) -> bool:
+        """Check if user is active."""
+        return user.is_active
+
+    def is_superuser(self, user: User) -> bool:
+        """Check if user is superuser."""
+        return user.is_superuser
+
+
+# Create instance
+user = CRUDUser(User)