from __future__ import annotations from fastapi import APIRouter, Depends from sqlalchemy.orm import Session from iti.auth import require_permission from iti.db import get_db from iti.responses import ok from iti_system.models import User from iti_system.schemas import AttributeBatch, AttributeItem, AttributeSet from iti_system.services import current_user, get_or_404, upsert_attribute router = APIRouter(prefix="/sys/user-attributes", tags=["system.user_attributes"]) @router.get("/current") def get_current_attributes(group: str | None = None, user: User = Depends(current_user)): data = user.attribute_map return ok({"attributes": data.get(group, {}) if group else data}) @router.put("/current") def set_current_attributes(payload: AttributeSet, user: User = Depends(current_user), db: Session = Depends(get_db)): _set_attributes(user, payload.attributes) db.commit() return ok({"attributes": user.attribute_map}) @router.get("/{user_id}", dependencies=[Depends(require_permission("system:user:edit"))]) def get_attributes(user_id: str, group: str | None = None, db: Session = Depends(get_db)): user = get_or_404(db, User, user_id, "用户不存在") data = user.attribute_map return ok({"attributes": data.get(group, {}) if group else data}) @router.put("/{user_id}", dependencies=[Depends(require_permission("system:user:edit"))]) def set_attributes(user_id: str, payload: AttributeSet, db: Session = Depends(get_db)): user = get_or_404(db, User, user_id, "用户不存在") _set_attributes(user, payload.attributes) db.commit() return ok({"attributes": user.attribute_map}) @router.delete("/{user_id}/{group}", dependencies=[Depends(require_permission("system:user:edit"))]) def delete_attribute_group(user_id: str, group: str, db: Session = Depends(get_db)): user = get_or_404(db, User, user_id, "用户不存在") for item in list(user.attributes): if item.attr_group == group: db.delete(item) db.commit() return ok() @router.get("/{user_id}/{group}/{key}", dependencies=[Depends(require_permission("system:user:edit"))]) def get_attribute_item(user_id: str, group: str, key: str, db: Session = Depends(get_db)): user = get_or_404(db, User, user_id, "用户不存在") return ok({"value": user.attribute_map.get(group, {}).get(key)}) @router.put("/{user_id}/{group}/{key}", dependencies=[Depends(require_permission("system:user:edit"))]) def set_attribute_item(user_id: str, group: str, key: str, payload: AttributeItem, db: Session = Depends(get_db)): user = get_or_404(db, User, user_id, "用户不存在") upsert_attribute(user, group, key, payload.value, payload.attr_type, payload.description, payload.sort) db.commit() return ok() @router.delete("/{user_id}/{group}/{key}", dependencies=[Depends(require_permission("system:user:edit"))]) def delete_attribute_item(user_id: str, group: str, key: str, db: Session = Depends(get_db)): user = get_or_404(db, User, user_id, "用户不存在") for item in list(user.attributes): if item.attr_group == group and item.attr_key == key: db.delete(item) db.commit() return ok() @router.post("/{user_id}/batch", dependencies=[Depends(require_permission("system:user:edit"))]) def batch_set_attributes(user_id: str, payload: AttributeBatch, db: Session = Depends(get_db)): user = get_or_404(db, User, user_id, "用户不存在") _set_attributes(user, payload.items) db.commit() return ok({"attributes": user.attribute_map}) def _set_attributes(user: User, attributes: dict): for group, values in attributes.items(): for key, value in values.items(): if isinstance(value, dict) and "value" in value: upsert_attribute( user, group, key, value.get("value"), value.get("attrType") or value.get("attr_type") or "string", value.get("description"), int(value.get("sort", 0)), ) else: upsert_attribute(user, group, key, value)