feat: implement backend core with repricing logic, case management, and multi-service architecture
This commit is contained in:
56
backend/routes/team.py
Normal file
56
backend/routes/team.py
Normal file
@@ -0,0 +1,56 @@
|
||||
from flask import Blueprint, request, jsonify
|
||||
from ..db import get_db_connection, release_db_connection
|
||||
from ..middleware import token_required
|
||||
import bcrypt
|
||||
|
||||
team_blueprint = Blueprint('team', __name__)
|
||||
|
||||
@team_blueprint.route('/team/members', methods=['GET'])
|
||||
@token_required
|
||||
def list_team_members(user_info):
|
||||
if user_info['role'] != 'admin':
|
||||
return jsonify({"error": "Admin access required"}), 403
|
||||
|
||||
conn = get_db_connection()
|
||||
cur = conn.cursor()
|
||||
cur.execute("SELECT id, username, role, created_at FROM users WHERE parent_id = %s", (user_info['user_id'],))
|
||||
rows = cur.fetchall()
|
||||
release_db_connection(conn)
|
||||
|
||||
return jsonify([{
|
||||
"id": r[0],
|
||||
"username": r[1],
|
||||
"role": r[2],
|
||||
"created_at": r[3].isoformat()
|
||||
} for r in rows])
|
||||
|
||||
@team_blueprint.route('/team/members', methods=['POST'])
|
||||
@token_required
|
||||
def add_team_member(user_info):
|
||||
if user_info['role'] != 'admin':
|
||||
return jsonify({"error": "Admin access required"}), 403
|
||||
|
||||
data = request.json
|
||||
username = data.get('username')
|
||||
password = data.get('password')
|
||||
role = data.get('role', 'manager') # manager, viewer
|
||||
|
||||
if not username or not password:
|
||||
return jsonify({"error": "Username and password required"}), 400
|
||||
|
||||
hashed_password = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt()).decode('utf-8')
|
||||
|
||||
conn = get_db_connection()
|
||||
cur = conn.cursor()
|
||||
try:
|
||||
cur.execute(
|
||||
"INSERT INTO users (username, password_hash, role, parent_id) VALUES (%s, %s, %s, %s) RETURNING id",
|
||||
(username, hashed_password, role, user_info['user_id'])
|
||||
)
|
||||
new_id = cur.fetchone()[0]
|
||||
conn.commit()
|
||||
return jsonify({"id": new_id, "message": "Team member added"}), 201
|
||||
except Exception as e:
|
||||
return jsonify({"error": "User already exists"}), 400
|
||||
finally:
|
||||
release_db_connection(conn)
|
||||
Reference in New Issue
Block a user