Improve the frontend 2
This commit is contained in:
Urtzi Alfaro
@@ -14,11 +14,13 @@ from shared.routing import RouteBuilder
|
||||
from shared.security import create_audit_logger, AuditSeverity, AuditAction
|
||||
from app.core.database import get_db
|
||||
from app.services.production_service import ProductionService
|
||||
from app.models import AuditLog
|
||||
from app.schemas.equipment import (
|
||||
EquipmentCreate,
|
||||
EquipmentUpdate,
|
||||
EquipmentResponse,
|
||||
EquipmentListResponse
|
||||
EquipmentListResponse,
|
||||
EquipmentDeletionSummary
|
||||
)
|
||||
from app.models.production import EquipmentStatus, EquipmentType
|
||||
from app.core.config import settings
|
||||
@@ -27,8 +29,8 @@ logger = structlog.get_logger()
|
||||
route_builder = RouteBuilder('production')
|
||||
router = APIRouter(tags=["production-equipment"])
|
||||
|
||||
# Initialize audit logger
|
||||
audit_logger = create_audit_logger("production-service")
|
||||
# Initialize audit logger with the production service's AuditLog model
|
||||
audit_logger = create_audit_logger("production-service", AuditLog)
|
||||
|
||||
|
||||
def get_production_service() -> ProductionService:
|
||||
@@ -80,7 +82,8 @@ async def create_equipment(
|
||||
equipment_data: EquipmentCreate,
|
||||
tenant_id: UUID = Path(...),
|
||||
current_user: dict = Depends(get_current_user_dep),
|
||||
production_service: ProductionService = Depends(get_production_service)
|
||||
production_service: ProductionService = Depends(get_production_service),
|
||||
db = Depends(get_db)
|
||||
):
|
||||
"""Create a new equipment item"""
|
||||
try:
|
||||
@@ -89,15 +92,16 @@ async def create_equipment(
|
||||
logger.info("Created equipment",
|
||||
equipment_id=str(equipment.id), tenant_id=str(tenant_id))
|
||||
|
||||
# Audit log
|
||||
await audit_logger.log(
|
||||
action=AuditAction.CREATE,
|
||||
# Audit log the equipment creation
|
||||
await audit_logger.log_event(
|
||||
db_session=db,
|
||||
tenant_id=str(tenant_id),
|
||||
user_id=current_user.get('user_id'),
|
||||
action=AuditAction.CREATE.value,
|
||||
resource_type="equipment",
|
||||
resource_id=str(equipment.id),
|
||||
user_id=current_user.get('user_id'),
|
||||
tenant_id=str(tenant_id),
|
||||
severity=AuditSeverity.INFO,
|
||||
details={"equipment_name": equipment.name, "equipment_type": equipment.type.value}
|
||||
severity=AuditSeverity.INFO.value,
|
||||
audit_metadata={"equipment_name": equipment.name, "equipment_type": equipment.type.value}
|
||||
)
|
||||
|
||||
return EquipmentResponse.model_validate(equipment)
|
||||
@@ -152,7 +156,8 @@ async def update_equipment(
|
||||
tenant_id: UUID = Path(...),
|
||||
equipment_id: UUID = Path(...),
|
||||
current_user: dict = Depends(get_current_user_dep),
|
||||
production_service: ProductionService = Depends(get_production_service)
|
||||
production_service: ProductionService = Depends(get_production_service),
|
||||
db = Depends(get_db)
|
||||
):
|
||||
"""Update an equipment item"""
|
||||
try:
|
||||
@@ -164,15 +169,16 @@ async def update_equipment(
|
||||
logger.info("Updated equipment",
|
||||
equipment_id=str(equipment_id), tenant_id=str(tenant_id))
|
||||
|
||||
# Audit log
|
||||
await audit_logger.log(
|
||||
action=AuditAction.UPDATE,
|
||||
# Audit log the equipment update
|
||||
await audit_logger.log_event(
|
||||
db_session=db,
|
||||
tenant_id=str(tenant_id),
|
||||
user_id=current_user.get('user_id'),
|
||||
action=AuditAction.UPDATE.value,
|
||||
resource_type="equipment",
|
||||
resource_id=str(equipment_id),
|
||||
user_id=current_user.get('user_id'),
|
||||
tenant_id=str(tenant_id),
|
||||
severity=AuditSeverity.INFO,
|
||||
details={"updates": equipment_data.model_dump(exclude_unset=True)}
|
||||
severity=AuditSeverity.INFO.value,
|
||||
audit_metadata={"updates": equipment_data.model_dump(exclude_unset=True)}
|
||||
)
|
||||
|
||||
return EquipmentResponse.model_validate(equipment)
|
||||
@@ -189,37 +195,80 @@ async def update_equipment(
|
||||
raise HTTPException(status_code=500, detail="Failed to update equipment")
|
||||
|
||||
|
||||
@router.get(
|
||||
route_builder.build_base_route("equipment/{equipment_id}/deletion-summary"),
|
||||
response_model=EquipmentDeletionSummary
|
||||
)
|
||||
async def get_equipment_deletion_summary(
|
||||
tenant_id: UUID = Path(...),
|
||||
equipment_id: UUID = Path(...),
|
||||
current_user: dict = Depends(get_current_user_dep),
|
||||
production_service: ProductionService = Depends(get_production_service)
|
||||
):
|
||||
"""Get deletion summary for equipment (dependency check)"""
|
||||
try:
|
||||
summary = await production_service.get_equipment_deletion_summary(tenant_id, equipment_id)
|
||||
|
||||
logger.info("Retrieved equipment deletion summary",
|
||||
equipment_id=str(equipment_id), tenant_id=str(tenant_id))
|
||||
|
||||
return EquipmentDeletionSummary(**summary)
|
||||
|
||||
except Exception as e:
|
||||
logger.error("Error getting equipment deletion summary",
|
||||
error=str(e), equipment_id=str(equipment_id), tenant_id=str(tenant_id))
|
||||
raise HTTPException(status_code=500, detail="Failed to get deletion summary")
|
||||
|
||||
|
||||
@router.delete(
|
||||
route_builder.build_base_route("equipment/{equipment_id}")
|
||||
)
|
||||
async def delete_equipment(
|
||||
tenant_id: UUID = Path(...),
|
||||
equipment_id: UUID = Path(...),
|
||||
permanent: bool = Query(False, description="Permanent delete (hard delete) if true"),
|
||||
current_user: dict = Depends(get_current_user_dep),
|
||||
production_service: ProductionService = Depends(get_production_service)
|
||||
production_service: ProductionService = Depends(get_production_service),
|
||||
db = Depends(get_db)
|
||||
):
|
||||
"""Delete (soft delete) an equipment item"""
|
||||
"""Delete an equipment item. Use permanent=true for hard delete (requires admin role)"""
|
||||
try:
|
||||
success = await production_service.delete_equipment(tenant_id, equipment_id)
|
||||
# Hard delete requires admin role
|
||||
if permanent:
|
||||
user_role = current_user.get('role', '').lower()
|
||||
if user_role not in ['admin', 'owner']:
|
||||
raise HTTPException(
|
||||
status_code=403,
|
||||
detail="Hard delete requires admin or owner role"
|
||||
)
|
||||
|
||||
success = await production_service.hard_delete_equipment(tenant_id, equipment_id)
|
||||
delete_type = "hard_delete"
|
||||
severity = AuditSeverity.CRITICAL.value
|
||||
else:
|
||||
success = await production_service.delete_equipment(tenant_id, equipment_id)
|
||||
delete_type = "soft_delete"
|
||||
severity = AuditSeverity.WARNING.value
|
||||
|
||||
if not success:
|
||||
raise HTTPException(status_code=404, detail="Equipment not found")
|
||||
|
||||
logger.info("Deleted equipment",
|
||||
logger.info(f"{'Hard' if permanent else 'Soft'} deleted equipment",
|
||||
equipment_id=str(equipment_id), tenant_id=str(tenant_id))
|
||||
|
||||
# Audit log
|
||||
await audit_logger.log(
|
||||
action=AuditAction.DELETE,
|
||||
# Audit log the equipment deletion
|
||||
await audit_logger.log_event(
|
||||
db_session=db,
|
||||
tenant_id=str(tenant_id),
|
||||
user_id=current_user.get('user_id'),
|
||||
action=AuditAction.DELETE.value,
|
||||
resource_type="equipment",
|
||||
resource_id=str(equipment_id),
|
||||
user_id=current_user.get('user_id'),
|
||||
tenant_id=str(tenant_id),
|
||||
severity=AuditSeverity.WARNING,
|
||||
details={"action": "soft_delete"}
|
||||
severity=severity,
|
||||
audit_metadata={"action": delete_type, "permanent": permanent}
|
||||
)
|
||||
|
||||
return {"message": "Equipment deleted successfully"}
|
||||
return {"message": f"Equipment {'permanently deleted' if permanent else 'deleted'} successfully"}
|
||||
|
||||
except HTTPException:
|
||||
raise
|
||||
|
||||
Reference in New Issue
Block a user