refactor(backend): ♻️ rename UserInDb -> PrivateUser

mealie/services/backups/imports.py

@@ -22,7 +22,7 @@ from mealie.schema.admin import (
 )
 from mealie.schema.events import EventNotificationIn
 from mealie.schema.recipe import CommentOut, Recipe
-from mealie.schema.user import UpdateGroup, UserInDB
+from mealie.schema.user import UpdateGroup, PrivateUser
 from mealie.services.image import minify
 
 
@@ -215,7 +215,7 @@ class ImportDatabase:
 
     def import_users(self):
         users_file = self.import_dir.joinpath("users", "users.json")
-        users = ImportDatabase.read_models_file(users_file, UserInDB)
+        users = ImportDatabase.read_models_file(users_file, PrivateUser)
         user_imports = []
         for user in users:
             if user.id == 1:  # Update Default User

mealie/services/recipe/recipe_service.py

@@ -13,7 +13,7 @@ from mealie.core.root_logger import get_logger
 from mealie.db.database import get_database
 from mealie.db.db_setup import SessionLocal
 from mealie.schema.recipe.recipe import CreateRecipe, Recipe
-from mealie.schema.user.user import UserInDB
+from mealie.schema.user.user import PrivateUser
 from mealie.services.events import create_recipe_event
 
 logger = get_logger(module=__name__)
@@ -29,7 +29,7 @@ class RecipeService:
 
     recipe: Recipe  # Required for proper type hints
 
-    def __init__(self, session: Session, user: UserInDB, background_tasks: BackgroundTasks = None) -> None:
+    def __init__(self, session: Session, user: PrivateUser, background_tasks: BackgroundTasks = None) -> None:
         self.session = session or SessionLocal()
         self.user = user
         self.background_tasks = background_tasks
@@ -58,7 +58,7 @@ class RecipeService:
         Returns:
             RecipeService: The Recipe Service class with a populated recipe attribute
         """
-        new_class = cls(deps.session, deps.user, deps.background_tasks)
+        new_class = cls(deps.session, deps.user, deps.bg_tasks)
         new_class.assert_existing(slug)
         return new_class
 
@@ -80,7 +80,7 @@ class RecipeService:
         Returns:
             RecipeService: The Recipe Service class with a populated recipe attribute
         """
-        new_class = cls(deps.session, deps.user, deps.background_tasks)
+        new_class = cls(deps.session, deps.user, deps.bg_task)
         new_class.assert_existing(slug)
         return new_class
 
@@ -92,7 +92,7 @@ class RecipeService:
             HTTPException: 400 Bad Request
 
         """
-        return cls(deps.session, deps.user, deps.background_tasks)
+        return cls(deps.session, deps.user, deps.bg_task)
 
     def pupulate_recipe(self, slug: str) -> Recipe:
         """Populates the recipe attribute with the recipe from the database.

mealie/services/user/user_service.py

@@ -0,0 +1,61 @@
+from fastapi import BackgroundTasks, Depends, HTTPException, status
+from sqlalchemy.orm.session import Session
+
+from mealie.core.config import get_app_dirs, get_settings
+from mealie.core.dependencies import WriteDeps
+from mealie.core.root_logger import get_logger
+from mealie.core.security import hash_password, verify_password
+from mealie.db.database import get_database
+from mealie.db.db_setup import SessionLocal
+from mealie.schema.recipe.recipe import Recipe
+from mealie.schema.user.user import ChangePassword, PrivateUser
+from mealie.services.events import create_user_event
+
+logger = get_logger(module=__name__)
+
+
+class UserService:
+    """"""
+
+    def __init__(self, session: Session, acting_user: PrivateUser, background_tasks: BackgroundTasks = None) -> None:
+        self.session = session or SessionLocal()
+        self.acting_user = acting_user
+        self.background_tasks = background_tasks
+        self.recipe: Recipe = None
+
+        # Global Singleton Dependency Injection
+        self.db = get_database()
+        self.app_dirs = get_app_dirs()
+        self.settings = get_settings()
+
+    @classmethod
+    def write_existing(cls, id: int, deps: WriteDeps = Depends()):
+        new_instance = cls(session=deps.session, acting_user=deps.user, background_tasks=deps.bg_task)
+        new_instance._populate_target_user(id)
+        new_instance._assert_user_change_allowed()
+        return new_instance
+
+    def _assert_user_change_allowed(self) -> None:
+        if self.acting_user.id != self.target_user.id and not self.acting_user.admin:
+            # only admins can edit other users
+            raise HTTPException(status.HTTP_403_FORBIDDEN, detail="NOT_AN_ADMIN")
+
+    def _populate_target_user(self, id: int = None):
+        if id:
+            self.target_user = self.db.users.get(self.session, id)
+            if not self.target_user:
+                raise HTTPException(status.HTTP_404_NOT_FOUND)
+        else:
+            self.target_user = self.acting_user
+
+    def _create_event(self, title: str, message: str) -> None:
+        self.background_tasks.add_task(create_user_event, title, message, self.session)
+
+    def change_password(self, password_change: ChangePassword) -> PrivateUser:
+        """"""
+        if not verify_password(password_change.current_password, self.target_user.password):
+            raise HTTPException(status.HTTP_400_BAD_REQUEST)
+
+        self.target_user.password = hash_password(password_change.new_password)
+
+        return self.db.users.update_password(self.session, self.target_user.id, self.target_user.password)