Add authentification

backend/src/contracts/contracts.py

@@ -3,12 +3,13 @@ from fastapi.responses import StreamingResponse
 from src.database import get_session
 from sqlmodel import Session
 from src.contracts.generate_contract import generate_html_contract
+from src.auth.auth import get_current_user
 import src.models as models
-from src.messages import PDFerrorOccured
+import src.messages as messages
 import src.contracts.service as service
-
+import src.forms.service as form_service
 import io
-
+import zipfile
 router = APIRouter(prefix='/contracts')
 
 def compute_recurrent_prices(products_quantities: list[dict], nb_shipment: int):
@@ -71,7 +72,8 @@ def create_occasional_dict(contract_products: list[models.ContractProduct]):
 @router.post('/')
 async def create_contract(
     contract: models.ContractCreate,
-    session: Session = Depends(get_session)
+    session: Session = Depends(get_session),
+    user: models.User = Depends(get_current_user)
 ):
     new_contract = service.create_one(session, contract)
     occasional_contract_products = list(filter(lambda contract_product: contract_product.product.type == models.ProductType.OCCASIONAL, new_contract.products))
@@ -93,50 +95,77 @@ async def create_contract(
         )
         pdf_file = io.BytesIO(pdf_bytes)
         contract_id = f'{new_contract.firstname}_{new_contract.lastname}_{new_contract.form.productor.type}_{new_contract.form.season}'
-        service.add_contract_file(session, id, pdf_bytes)
-    except:
-        raise HTTPException(status_code=400, detail=PDFerrorOccured)
+        service.add_contract_file(session, new_contract.id, pdf_bytes)
+    except Exception as e:
+        print(e)
+        raise HTTPException(status_code=400, detail=messages.pdferror)
     return StreamingResponse(
         pdf_file,
         media_type='application/pdf',
         headers={
-            'Content-Disposition': f'attachement; filename=contract_{contract_id}.pdf'
+            'Content-Disposition': f'attachment; filename=contract_{contract_id}.pdf'
         }
     )
 
 @router.get('/', response_model=list[models.ContractPublic])
 def get_contracts(
     forms: list[str] = Query([]),
-    session: Session = Depends(get_session)
+    session: Session = Depends(get_session),
+    user: models.User = Depends(get_current_user)
 ):
     return service.get_all(session, forms)
 
 @router.get('/{id}/file')
 def get_contract_file(
     id: int, 
-    session: Session = Depends(get_session)
+    session: Session = Depends(get_session),
+    user: models.User = Depends(get_current_user)
 ):
     contract = service.get_one(session, id)
-    print(contract.file)
     if contract is None:
         raise HTTPException(status_code=404, detail=messages.notfound)
+    filename = f'{contract.form.name.replace(' ', '_')}_{contract.form.season}_{contract.firstname}-{contract.lastname}'
     return StreamingResponse(
-        contract.file,
+        io.BytesIO(contract.file),
         media_type='application/pdf',
         headers={
-            'Content-Disposition': f'attachement; filename=contract_{contract.id}.pdf'
+            'Content-Disposition': f'attachment; filename={filename}.pdf'
         }
     ) 
 
+@router.get('/{form_id}/files')
+def get_contract_files(
+    form_id: int,
+    session: Session = Depends(get_session),
+    user: models.User = Depends(get_current_user)
+):
+    form = form_service.get_one(session, form_id=form_id)
+    contracts = service.get_all(session, [form.name])
+    zipped_contracts = io.BytesIO()
+    with zipfile.ZipFile(zipped_contracts, "a", zipfile.ZIP_DEFLATED, False) as zip_file:
+        for contract in contracts:
+            contract_filename = f'{contract.form.name.replace(' ', '_')}_{contract.form.season}_{contract.firstname}-{contract.lastname}.pdf'
+            zip_file.writestr(contract_filename, contract.file)
+    
+    filename = f'{form.name.replace(" ", "_")}_{form.season}'
+    return StreamingResponse(
+        io.BytesIO(zipped_contracts.getvalue()),
+        media_type='application/zip',
+        headers={
+            'Content-Disposition': f'attachment; filename={filename}.zip'
+        }
+    )
+
+
 @router.get('/{id}', response_model=models.ContractPublic)
-def get_contract(id: int, session: Session = Depends(get_session)):
+def get_contract(id: int, session: Session = Depends(get_session), user: models.User = Depends(get_current_user)):
     result = service.get_one(session, id)
     if result is None:
         raise HTTPException(status_code=404, detail=messages.notfound)
     return result
 
 @router.delete('/{id}', response_model=models.ContractPublic)
-def delete_contract(id: int, session: Session = Depends(get_session)):
+def delete_contract(id: int, session: Session = Depends(get_session), user: models.User = Depends(get_current_user)):
     result = service.delete_one(session, id)
     if result is None:
         raise HTTPException(status_code=404, detail=messages.notfound)

backend/src/contracts/service.py

@@ -3,9 +3,12 @@ import src.models as models
 
 def get_all(
     session: Session,
-    forms: list[str]
+    forms: list[str] = [],
+    form_id: int | None = None, 
 ) -> list[models.ContractPublic]:
     statement = select(models.Contract)
+    if form_id:
+        statement = statement.join(models.Form).where(models.Form.id == form_id)
     if len(forms) > 0:
         statement = statement.join(models.Form).where(models.Form.name.in_(forms))
     return session.exec(statement.order_by(models.Contract.id)).all()