mish/evo-sync
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects 1 Releases 5 Wiki Activity

feat: remove register, add evo webhooks, admin view-as user

Browse Source 
- Remove /register route and nav links (users created via Evotor webhook)
- Fix evotor_webhooks.py: use phone=None instead of phone="" to avoid unique constraint
- Add admin "view as user" feature: POST /admin/users/{id}/view-as sets viewed_user_id
  in session; POST /admin/view-as/stop clears it
- catalog, vk_catalog, sync, connections GET routes use get_viewed_user() so admins
  see another user's data while browsing
- Orange banner shown at top when admin is viewing as another user

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
mguschin
2026-05-13 20:44:25 +03:00
parent 1729ff9b7b
commit 5e7be16755
11 changed files with 113 additions and 96 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
web/routes/catalog.py
View File

@@ -5,7 +5,7 @@ from fastapi.responses import HTMLResponse, RedirectResponse
from sqlalchemy import func
from sqlalchemy.orm import Session
from web.auth.session import get_current_user
from web.auth.session import get_current_user, get_viewed_user
from web.config import settings
from web.database import get_db
from web.models.connections import CachedGroup, CachedProduct, CachedStore, SyncConfig, SyncFilter
@@ -55,21 +55,22 @@ def _render(request: Request, template: str, ctx: dict) -> HTMLResponse:
@router.get("/catalog/stores")
async def catalog_stores(request: Request, db: Session = Depends(get_db)):
try:
user = get_current_user(request, db)
real_user, viewed_user = get_viewed_user(request, db)
except Exception:
return RedirectResponse("/login", 303)
stores = (
db.query(CachedStore)
.filter(CachedStore.user_id == user.id)
.filter(CachedStore.user_id == viewed_user.id)
.order_by(CachedStore.name)
.all()
)
enabled_ids = _enabled_store_ids(db, user.id)
enabled_ids = _enabled_store_ids(db, viewed_user.id)
return _render(request, "catalog/stores.html", {
"user": user,
"user": real_user,
"viewed_user": viewed_user if viewed_user.id != real_user.id else None,
"stores": stores,
"enabled_ids": enabled_ids, # None = all enabled, set = explicit list
"enabled_ids": enabled_ids,
"refresh_interval": settings.CATALOG_REFRESH_INTERVAL_SECONDS,
})
@@ -77,13 +78,13 @@ async def catalog_stores(request: Request, db: Session = Depends(get_db)):
@router.get("/catalog/stores/{store_evotor_id}/groups")
async def catalog_groups(store_evotor_id: str, request: Request, db: Session = Depends(get_db)):
try:
user = get_current_user(request, db)
real_user, viewed_user = get_viewed_user(request, db)
except Exception:
return RedirectResponse("/login", 303)
store = (
db.query(CachedStore)
.filter(CachedStore.user_id == user.id, CachedStore.evotor_id == store_evotor_id)
.filter(CachedStore.user_id == viewed_user.id, CachedStore.evotor_id == store_evotor_id)
.first()
)
if not store:
@@ -91,22 +92,24 @@ async def catalog_groups(store_evotor_id: str, request: Request, db: Session = D
groups = (
db.query(CachedGroup)
.filter(CachedGroup.user_id == user.id, CachedGroup.store_evotor_id == store_evotor_id)
.filter(CachedGroup.user_id == viewed_user.id, CachedGroup.store_evotor_id == store_evotor_id)
.order_by(CachedGroup.name)
.all()
)
enabled_ids = _enabled_group_ids(db, user.id, store_evotor_id)
enabled_ids = _enabled_group_ids(db, viewed_user.id, store_evotor_id)
counts_q = (
db.query(CachedProduct.group_evotor_id, func.count().label("cnt"))
.filter(CachedProduct.user_id == user.id, CachedProduct.store_evotor_id == store_evotor_id)
.filter(CachedProduct.user_id == viewed_user.id, CachedProduct.store_evotor_id == store_evotor_id)
.group_by(CachedProduct.group_evotor_id)
.all()
)
product_counts = {row.group_evotor_id: row.cnt for row in counts_q}
return _render(request, "catalog/groups.html", {
"user": user, "store": store, "groups": groups,
"user": real_user,
"viewed_user": viewed_user if viewed_user.id != real_user.id else None,
"store": store, "groups": groups,
"enabled_ids": enabled_ids,
"product_counts": product_counts,
})
@@ -115,13 +118,13 @@ async def catalog_groups(store_evotor_id: str, request: Request, db: Session = D
@router.get("/catalog/stores/{store_evotor_id}/products")
async def catalog_products(store_evotor_id: str, request: Request, db: Session = Depends(get_db)):
try:
user = get_current_user(request, db)
real_user, viewed_user = get_viewed_user(request, db)
except Exception:
return RedirectResponse("/login", 303)
store = (
db.query(CachedStore)
.filter(CachedStore.user_id == user.id, CachedStore.evotor_id == store_evotor_id)
.filter(CachedStore.user_id == viewed_user.id, CachedStore.evotor_id == store_evotor_id)
.first()
)
if not store:
@@ -129,7 +132,7 @@ async def catalog_products(store_evotor_id: str, request: Request, db: Session =
group_id = request.query_params.get("group")
q = db.query(CachedProduct).filter(
CachedProduct.user_id == user.id,
CachedProduct.user_id == viewed_user.id,
CachedProduct.store_evotor_id == store_evotor_id,
)
if group_id:
@@ -138,13 +141,14 @@ async def catalog_products(store_evotor_id: str, request: Request, db: Session =
products = q.order_by(CachedProduct.name).all()
groups = (
db.query(CachedGroup)
.filter(CachedGroup.user_id == user.id, CachedGroup.store_evotor_id == store_evotor_id)
.filter(CachedGroup.user_id == viewed_user.id, CachedGroup.store_evotor_id == store_evotor_id)
.order_by(CachedGroup.name)
.all()
)
group_map = {g.evotor_id: g.name for g in groups}
return _render(request, "catalog/products.html", {
"user": user,
"user": real_user,
"viewed_user": viewed_user if viewed_user.id != real_user.id else None,
"store": store,
"products": products,
"groups": groups,