Fix tests

2025-08-14 00:25:46 +02:00 · 2025-01-06 23:40:39 +06:00
parent 161361609d
commit fec52c777b
17 changed files with 249 additions and 368 deletions
--- a/backend/app/utils/auth.py
+++ b/backend/app/utils/auth.py
@@ -7,7 +7,7 @@ import re

 from .jwt import verify_token
 from ..database import get_db
-from ..models.employee import Employee
+from ..crud import employees

 pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
 security = HTTPBearer(auto_error=False)
@@ -23,7 +23,7 @@ def verify_password(plain_password: str, hashed_password: str) -> bool:
 def get_current_admin(
    credentials: HTTPAuthorizationCredentials = Depends(security),
    db: Session = Depends(get_db)
-) -> Employee:
+) -> dict:
    """Get current admin from token"""
    if not credentials:
        raise HTTPException(
@@ -37,28 +37,27 @@ def get_current_admin(
        payload = verify_token(token, db)
        employee_id = int(payload.get("sub"))
        
-        # Получаем сотрудника из БД
-        from ..crud.employees import get_employee
-        employee = get_employee(db, employee_id)
+        # Проверяем, что это админ
+        employee = employees.get_employee(db, employee_id)
        if not employee or not employee.is_admin:
            raise HTTPException(
-                status_code=status.HTTP_401_UNAUTHORIZED,
-                detail="Could not validate credentials",
+                status_code=status.HTTP_403_FORBIDDEN,
+                detail="Not enough permissions",
                headers={"WWW-Authenticate": "Bearer"},
            )
            
        return employee
-    except Exception:
+    except Exception as e:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
-            detail="Could not validate credentials",
+            detail="Invalid authentication credentials",
            headers={"WWW-Authenticate": "Bearer"},
        )

 def get_current_employee(
    credentials: HTTPAuthorizationCredentials = Depends(security),
    db: Session = Depends(get_db)
-) -> Employee:
+) -> dict:
    """Get current employee from token"""
    if not credentials:
        raise HTTPException(
@@ -72,13 +71,12 @@ def get_current_employee(
        payload = verify_token(token, db)
        employee_id = int(payload.get("sub"))
        
-        # Получаем сотрудника из БД
-        from ..crud.employees import get_employee
-        employee = get_employee(db, employee_id)
+        # Проверяем существование сотрудника
+        employee = employees.get_employee(db, employee_id)
        if not employee:
            raise HTTPException(
                status_code=status.HTTP_401_UNAUTHORIZED,
-                detail="Could not validate credentials",
+                detail="Employee not found",
                headers={"WWW-Authenticate": "Bearer"},
            )
            
@@ -86,6 +84,6 @@ def get_current_employee(
    except Exception:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
-            detail="Could not validate credentials",
+            detail="Invalid authentication credentials",
            headers={"WWW-Authenticate": "Bearer"},
        )