sysops
1fedd683e0
Stand: agent-06 (Audit-Log), agent-05 (Krankmeldung), agent-07 Phase 1 (Personalnummer), Busylight-Pull-Integration, TOTP/2FA, Abwesenheiten, Zeiterfassung, Kiosk-Grundgerüst. Migrations 0001–0023 deployed auf 192.168.1.137 + .164. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
144 lines
5.3 KiB
Python
144 lines
5.3 KiB
Python
"""
|
|
CalDAV-Konfiguration und manueller Sync-Trigger.
|
|
|
|
Firmenkalender: nur COMPANY_ADMIN / SUPER_ADMIN
|
|
Persönlicher Kalender: jeder eingeloggte Nutzer für sich selbst
|
|
"""
|
|
import uuid
|
|
|
|
from fastapi import APIRouter, Depends, HTTPException
|
|
from sqlalchemy import select
|
|
from sqlalchemy.ext.asyncio import AsyncSession
|
|
|
|
from app.core.database import get_db
|
|
from app.core.dependencies import CurrentUser, require_role
|
|
from app.models.caldav_config import CaldavCompanyConfig, CaldavUserConfig
|
|
from app.models.user import User, UserRole
|
|
from app.schemas.caldav import (
|
|
CaldavCompanyConfigOut,
|
|
CaldavCompanyConfigSave,
|
|
CaldavUserConfigOut,
|
|
CaldavUserConfigSave,
|
|
ResyncResult,
|
|
)
|
|
from app.services.caldav_service import caldav_service, encrypt_password
|
|
|
|
router = APIRouter(prefix="/caldav", tags=["CalDAV"])
|
|
|
|
_admin_roles = (UserRole.COMPANY_ADMIN, UserRole.SUPER_ADMIN)
|
|
|
|
|
|
# ── Firmenkalender ─────────────────────────────────────────────────────────────
|
|
|
|
@router.get("/company/config", response_model=CaldavCompanyConfigOut | None)
|
|
async def get_company_config(
|
|
current_user: User = require_role(*_admin_roles),
|
|
db: AsyncSession = Depends(get_db),
|
|
):
|
|
cfg = await caldav_service.get_company_config(current_user.company_id, db)
|
|
return CaldavCompanyConfigOut.model_validate(cfg) if cfg else None
|
|
|
|
|
|
@router.post("/company/config", response_model=CaldavCompanyConfigOut)
|
|
async def save_company_config(
|
|
data: CaldavCompanyConfigSave,
|
|
current_user: User = require_role(*_admin_roles),
|
|
db: AsyncSession = Depends(get_db),
|
|
):
|
|
cfg = await caldav_service.get_company_config(current_user.company_id, db)
|
|
if cfg is None:
|
|
cfg = CaldavCompanyConfig(company_id=current_user.company_id, id=uuid.uuid4())
|
|
db.add(cfg)
|
|
|
|
cfg.enabled = data.enabled
|
|
cfg.principal_url = data.principal_url
|
|
cfg.calendar_url = data.calendar_url
|
|
cfg.username = data.username
|
|
cfg.calendar_display_name = data.calendar_display_name
|
|
cfg.verify_ssl = data.verify_ssl
|
|
if data.password:
|
|
cfg.password_encrypted = encrypt_password(data.password)
|
|
elif not cfg.password_encrypted:
|
|
raise HTTPException(status_code=400, detail="Passwort wird beim ersten Speichern benötigt.")
|
|
|
|
await db.commit()
|
|
await db.refresh(cfg)
|
|
return CaldavCompanyConfigOut.model_validate(cfg)
|
|
|
|
|
|
@router.post("/company/test")
|
|
async def test_company_config(
|
|
current_user: User = require_role(*_admin_roles),
|
|
db: AsyncSession = Depends(get_db),
|
|
):
|
|
cfg = await caldav_service.get_company_config(current_user.company_id, db)
|
|
if not cfg:
|
|
raise HTTPException(status_code=404, detail="Keine Firmen-CalDAV-Konfiguration vorhanden.")
|
|
result = await caldav_service.test_config(cfg)
|
|
if not result["ok"]:
|
|
raise HTTPException(status_code=502, detail=result["error"])
|
|
return {"message": "Verbindung erfolgreich.", "http_status": result.get("status")}
|
|
|
|
|
|
@router.post("/company/resync", response_model=ResyncResult)
|
|
async def resync_all(
|
|
current_user: User = require_role(*_admin_roles),
|
|
db: AsyncSession = Depends(get_db),
|
|
):
|
|
"""Alle genehmigten Abwesenheiten neu in den Firmenkalender synchronisieren."""
|
|
result = await caldav_service.resync_all_approved(current_user.company_id, db)
|
|
await db.commit()
|
|
return ResyncResult(**result)
|
|
|
|
|
|
# ── Persönlicher Kalender ──────────────────────────────────────────────────────
|
|
|
|
@router.get("/user/config", response_model=CaldavUserConfigOut | None)
|
|
async def get_user_config(
|
|
current_user: CurrentUser,
|
|
db: AsyncSession = Depends(get_db),
|
|
):
|
|
cfg = await caldav_service.get_user_config(current_user.id, db)
|
|
return CaldavUserConfigOut.model_validate(cfg) if cfg else None
|
|
|
|
|
|
@router.post("/user/config", response_model=CaldavUserConfigOut)
|
|
async def save_user_config(
|
|
data: CaldavUserConfigSave,
|
|
current_user: CurrentUser,
|
|
db: AsyncSession = Depends(get_db),
|
|
):
|
|
cfg = await caldav_service.get_user_config(current_user.id, db)
|
|
if cfg is None:
|
|
cfg = CaldavUserConfig(user_id=current_user.id, id=uuid.uuid4())
|
|
db.add(cfg)
|
|
|
|
cfg.enabled = data.enabled
|
|
cfg.principal_url = data.principal_url
|
|
cfg.calendar_url = data.calendar_url
|
|
cfg.username = data.username
|
|
cfg.calendar_display_name = data.calendar_display_name
|
|
cfg.verify_ssl = data.verify_ssl
|
|
if data.password:
|
|
cfg.password_encrypted = encrypt_password(data.password)
|
|
elif not cfg.password_encrypted:
|
|
raise HTTPException(status_code=400, detail="Passwort wird beim ersten Speichern benötigt.")
|
|
|
|
await db.commit()
|
|
await db.refresh(cfg)
|
|
return CaldavUserConfigOut.model_validate(cfg)
|
|
|
|
|
|
@router.post("/user/test")
|
|
async def test_user_config(
|
|
current_user: CurrentUser,
|
|
db: AsyncSession = Depends(get_db),
|
|
):
|
|
cfg = await caldav_service.get_user_config(current_user.id, db)
|
|
if not cfg:
|
|
raise HTTPException(status_code=404, detail="Keine persönliche CalDAV-Konfiguration vorhanden.")
|
|
result = await caldav_service.test_config(cfg)
|
|
if not result["ok"]:
|
|
raise HTTPException(status_code=502, detail=result["error"])
|
|
return {"message": "Verbindung erfolgreich.", "http_status": result.get("status")}
|