sysops
1fedd683e0
Stand: agent-06 (Audit-Log), agent-05 (Krankmeldung), agent-07 Phase 1 (Personalnummer), Busylight-Pull-Integration, TOTP/2FA, Abwesenheiten, Zeiterfassung, Kiosk-Grundgerüst. Migrations 0001–0023 deployed auf 192.168.1.137 + .164. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
113 lines
3.2 KiB
Python
113 lines
3.2 KiB
Python
import uuid
|
|
from datetime import datetime
|
|
|
|
from pydantic import BaseModel, EmailStr, Field, model_validator
|
|
|
|
from app.models.user import AuthProvider, UserRole
|
|
|
|
|
|
PERSONNEL_NUMBER_PATTERN = r"^[0-9]+$"
|
|
|
|
|
|
class UserOut(BaseModel):
|
|
model_config = {"from_attributes": True}
|
|
|
|
id: uuid.UUID
|
|
company_id: uuid.UUID | None
|
|
department_id: uuid.UUID | None
|
|
email: str
|
|
first_name: str
|
|
last_name: str
|
|
full_name: str
|
|
role: UserRole
|
|
auth_provider: AuthProvider
|
|
is_active: bool
|
|
last_login: datetime | None
|
|
created_at: datetime
|
|
kuerzel: str | None = None
|
|
personnel_number: str | None = None
|
|
can_manual_time_entry: bool = False
|
|
|
|
|
|
class UserUpdate(BaseModel):
|
|
first_name: str | None = Field(None, min_length=1, max_length=100)
|
|
last_name: str | None = Field(None, min_length=1, max_length=100)
|
|
department_id: uuid.UUID | None = None
|
|
role: UserRole | None = None
|
|
work_schedule_id: uuid.UUID | None = None
|
|
kuerzel: str | None = Field(None, max_length=20)
|
|
personnel_number: str | None = Field(None, max_length=50, pattern=PERSONNEL_NUMBER_PATTERN)
|
|
can_manual_time_entry: bool | None = None
|
|
is_active: bool | None = None
|
|
|
|
|
|
class InviteRequest(BaseModel):
|
|
email: EmailStr
|
|
first_name: str = Field(min_length=1, max_length=100)
|
|
last_name: str = Field(min_length=1, max_length=100)
|
|
role: UserRole = UserRole.EMPLOYEE
|
|
department_id: uuid.UUID | None = None
|
|
personnel_number: str | None = Field(None, max_length=50, pattern=PERSONNEL_NUMBER_PATTERN)
|
|
# Wenn gesetzt → User wird sofort aktiv (kein Invite-E-Mail nötig)
|
|
initial_password: str | None = Field(None, min_length=8, max_length=128)
|
|
|
|
@model_validator(mode="after")
|
|
def password_strength(self):
|
|
pw = self.initial_password
|
|
if pw is None:
|
|
return self
|
|
if not any(c.isupper() for c in pw):
|
|
raise ValueError("initial_password must contain at least one uppercase letter")
|
|
if not any(c.isdigit() for c in pw):
|
|
raise ValueError("initial_password must contain at least one digit")
|
|
return self
|
|
|
|
|
|
class InviteAccept(BaseModel):
|
|
token: str
|
|
password: str = Field(min_length=8, max_length=128)
|
|
|
|
@model_validator(mode="after")
|
|
def password_strength(self):
|
|
pw = self.password
|
|
if not any(c.isupper() for c in pw):
|
|
raise ValueError("Password must contain at least one uppercase letter")
|
|
if not any(c.isdigit() for c in pw):
|
|
raise ValueError("Password must contain at least one digit")
|
|
return self
|
|
|
|
|
|
class UserListResponse(BaseModel):
|
|
total: int
|
|
items: list[UserOut]
|
|
|
|
|
|
class SetKioskPinRequest(BaseModel):
|
|
pin: str = Field(min_length=4, max_length=6, pattern=r"^\d+$")
|
|
|
|
|
|
class NextPersonnelNumberResponse(BaseModel):
|
|
next: str
|
|
|
|
|
|
class UserImportRowError(BaseModel):
|
|
row: int
|
|
email: str | None = None
|
|
message: str
|
|
|
|
|
|
class UserImportRowResult(BaseModel):
|
|
row: int
|
|
email: str
|
|
personnel_number: str | None = None
|
|
action: str # "created" | "reactivated" | "skipped" | "error"
|
|
message: str | None = None
|
|
|
|
|
|
class UserImportResult(BaseModel):
|
|
total_rows: int
|
|
created: int
|
|
reactivated: int
|
|
errors: int
|
|
items: list[UserImportRowResult]
|