60 lines
2.1 KiB
Python
60 lines
2.1 KiB
Python
from flask import Blueprint, request, jsonify
|
|
from app.database import db
|
|
from app.models.user import Role
|
|
from app.middlewares.auth_middleware import token_required, has_permission
|
|
|
|
roles_bp = Blueprint('roles', __name__)
|
|
|
|
# INDEX: Listar todos los roles
|
|
@roles_bp.route('/roles', methods=['GET'])
|
|
@token_required
|
|
@has_permission('read:users') # Permiso administrativo general
|
|
def index(current_user):
|
|
roles = Role.query.all()
|
|
return jsonify([{'id': r.id, 'name': r.name, 'permissions': r.permissions} for r in roles]), 200
|
|
|
|
# STORE: Crear un nuevo rol
|
|
@roles_bp.route('/roles', methods=['POST'])
|
|
@token_required
|
|
@has_permission('write:users')
|
|
def store(current_user):
|
|
data = request.get_json()
|
|
if not data or not data.get('name') or not data.get('permissions'):
|
|
return jsonify({'message': 'Datos incompletos'}), 400
|
|
|
|
if Role.query.filter_by(name=data['name']).first():
|
|
return jsonify({'message': 'El rol ya existe'}), 400
|
|
|
|
new_role = Role(name=data['name'], permissions=data['permissions']) # Recibe lista de strings
|
|
db.session.add(new_role)
|
|
db.session.commit()
|
|
return jsonify({'message': 'Rol creado con éxito', 'id': new_role.id}), 201
|
|
|
|
# UPDATE: Modificar un rol existente
|
|
@roles_bp.route('/roles/<int:id>', methods=['PUT'])
|
|
@token_required
|
|
@has_permission('write:users')
|
|
def update(current_user, id):
|
|
role = Role.query.get_or_404(id)
|
|
data = request.get_json()
|
|
|
|
role.name = data.get('name', role.name)
|
|
role.permissions = data.get('permissions', role.permissions)
|
|
|
|
db.session.commit()
|
|
return jsonify({'message': 'Rol actualizado con éxito'}), 200
|
|
|
|
# DESTROY: Eliminar un rol
|
|
@roles_bp.route('/roles/<int:id>', methods=['DELETE'])
|
|
@token_required
|
|
@has_permission('write:users')
|
|
def destroy(current_user, id):
|
|
role = Role.query.get_or_404(id)
|
|
|
|
# Evitar romper restricciones de clave foránea si hay usuarios usándolo
|
|
if len(role.users) > 0:
|
|
return jsonify({'message': 'No se puede eliminar un rol asignado a usuarios activos'}), 400
|
|
|
|
db.session.delete(role)
|
|
db.session.commit()
|
|
return jsonify({'message': 'Rol eliminado con éxito'}), 200 |