"feat: Implement admin guest request feature"

2025-05-29 12:17:28 +02:00
parent 8f3851290e
commit 1dc335709b
5 changed files with 322 additions and 616 deletions
--- a/backend/app/blueprints/guest.py
+++ b/backend/app/blueprints/guest.py
@@ -237,6 +237,10 @@ def api_get_guest_request(request_id):
 def api_approve_request(request_id):
    """Gastanfrage genehmigen."""
    try:
+        data = request.get_json() or {}
+        approval_notes = data.get('notes', '')
+        printer_id = data.get('printer_id')  # Optional: Drucker zuweisen/ändern
+        
        with get_cached_session() as db_session:
            guest_request = db_session.query(GuestRequest).filter_by(id=request_id).first()
            if not guest_request:
@@ -245,8 +249,22 @@ def api_approve_request(request_id):
            if guest_request.status != "pending":
                return jsonify({"error": "Anfrage wurde bereits bearbeitet"}), 400
            
+            # Drucker validieren, falls angegeben
+            if printer_id:
+                printer = db_session.query(Printer).filter_by(id=printer_id, active=True).first()
+                if not printer:
+                    return jsonify({"error": "Ungültiger Drucker ausgewählt"}), 400
+                guest_request.printer_id = printer_id
+            
+            # Sicherstellen, dass ein Drucker zugewiesen ist
+            if not guest_request.printer_id:
+                return jsonify({"error": "Kein Drucker zugewiesen. Bitte wählen Sie einen Drucker aus."}), 400
+            
            # Anfrage genehmigen
            guest_request.status = "approved"
+            guest_request.processed_by = current_user.id
+            guest_request.processed_at = datetime.now()
+            guest_request.approval_notes = approval_notes
            
            # OTP generieren
            otp_plain = guest_request.generate_otp()
@@ -278,13 +296,16 @@ def api_approve_request(request_id):
            
            db_session.commit()
            
-            logger.info(f"Gastanfrage {request_id} genehmigt von Benutzer {current_user.id}")
+            logger.info(f"Gastanfrage {request_id} genehmigt von Admin {current_user.id} ({current_user.name})")
            
            return jsonify({
                "success": True,
                "status": "approved",
                "job_id": job.id,
-                "otp": otp_plain  # Nur in dieser Antwort wird der OTP-Klartext zurückgegeben
+                "otp": otp_plain,  # Nur in dieser Antwort wird der OTP-Klartext zurückgegeben
+                "approved_by": current_user.name,
+                "approved_at": guest_request.processed_at.isoformat(),
+                "notes": approval_notes
            })
            
    except Exception as e:
@@ -297,7 +318,10 @@ def api_deny_request(request_id):
    """Gastanfrage ablehnen."""
    try:
        data = request.get_json() or {}
-        reason = data.get('reason', '')
+        rejection_reason = data.get('reason', '')
+        
+        if not rejection_reason.strip():
+            return jsonify({"error": "Ablehnungsgrund ist erforderlich"}), 400
        
        with get_cached_session() as db_session:
            guest_request = db_session.query(GuestRequest).filter_by(id=request_id).first()
@@ -309,13 +333,20 @@ def api_deny_request(request_id):
            
            # Anfrage ablehnen
            guest_request.status = "denied"
+            guest_request.processed_by = current_user.id
+            guest_request.processed_at = datetime.now()
+            guest_request.rejection_reason = rejection_reason
+            
            db_session.commit()
            
-            logger.info(f"Gastanfrage {request_id} abgelehnt von Benutzer {current_user.id}")
+            logger.info(f"Gastanfrage {request_id} abgelehnt von Admin {current_user.id} ({current_user.name}): {rejection_reason}")
            
            return jsonify({
                "success": True,
-                "status": "denied"
+                "status": "denied",
+                "rejected_by": current_user.name,
+                "rejected_at": guest_request.processed_at.isoformat(),
+                "reason": rejection_reason
            })
            
    except Exception as e:
@@ -444,4 +475,169 @@ def api_mark_notification_read(notification_id):
            
    except Exception as e:
        logger.error(f"Fehler beim Markieren der Benachrichtigung als gelesen: {str(e)}")
-        return jsonify({"error": "Fehler beim Verarbeiten der Anfrage"}), 500 
+        return jsonify({"error": "Fehler beim Verarbeiten der Anfrage"}), 500
+
+@guest_blueprint.route('/api/admin/requests', methods=['GET'])
+@approver_required
+def api_get_all_requests():
+    """Alle Gastanfragen für Admins abrufen."""
+    try:
+        # Filter-Parameter
+        status_filter = request.args.get('status', 'all')  # all, pending, approved, denied
+        limit = int(request.args.get('limit', 50))
+        offset = int(request.args.get('offset', 0))
+        
+        with get_cached_session() as db_session:
+            # Query mit eager loading
+            query = db_session.query(GuestRequest).options(
+                joinedload(GuestRequest.printer),
+                joinedload(GuestRequest.job),
+                joinedload(GuestRequest.processed_by_user)
+            )
+            
+            # Status-Filter anwenden
+            if status_filter != 'all':
+                query = query.filter(GuestRequest.status == status_filter)
+            
+            # Sortierung: Pending zuerst, dann nach Erstellungsdatum
+            query = query.order_by(
+                desc(GuestRequest.status == 'pending'),
+                desc(GuestRequest.created_at)
+            )
+            
+            # Pagination
+            total_count = query.count()
+            requests = query.offset(offset).limit(limit).all()
+            
+            # Daten für Admin aufbereiten
+            admin_requests = []
+            for req in requests:
+                request_data = req.to_dict()
+                
+                # Zusätzliche Admin-Informationen
+                request_data.update({
+                    "can_be_processed": req.status == "pending",
+                    "is_overdue": (
+                        req.status == "approved" and 
+                        req.job and 
+                        req.job.end_at < datetime.now()
+                    ) if req.job else False,
+                    "time_since_creation": (datetime.now() - req.created_at).total_seconds() / 3600 if req.created_at else 0  # Stunden
+                })
+                
+                admin_requests.append(request_data)
+            
+            return jsonify({
+                "success": True,
+                "requests": admin_requests,
+                "pagination": {
+                    "total": total_count,
+                    "limit": limit,
+                    "offset": offset,
+                    "has_more": (offset + limit) < total_count
+                },
+                "stats": {
+                    "total": total_count,
+                    "pending": db_session.query(GuestRequest).filter_by(status='pending').count(),
+                    "approved": db_session.query(GuestRequest).filter_by(status='approved').count(),
+                    "denied": db_session.query(GuestRequest).filter_by(status='denied').count()
+                }
+            })
+            
+    except Exception as e:
+        logger.error(f"Fehler beim Abrufen der Admin-Gastanfragen: {str(e)}")
+        return jsonify({"error": "Fehler beim Verarbeiten der Anfrage"}), 500
+
+@guest_blueprint.route('/api/admin/requests/<int:request_id>', methods=['GET'])
+@approver_required
+def api_get_request_details(request_id):
+    """Detaillierte Informationen zu einer Gastanfrage für Admins abrufen."""
+    try:
+        with get_cached_session() as db_session:
+            guest_request = db_session.query(GuestRequest).options(
+                joinedload(GuestRequest.printer),
+                joinedload(GuestRequest.job),
+                joinedload(GuestRequest.processed_by_user)
+            ).filter_by(id=request_id).first()
+            
+            if not guest_request:
+                return jsonify({"error": "Anfrage nicht gefunden"}), 404
+            
+            # Vollständige Admin-Informationen
+            request_data = guest_request.to_dict()
+            
+            # Verfügbare Drucker für Zuweisung
+            available_printers = db_session.query(Printer).filter_by(active=True).all()
+            request_data["available_printers"] = [p.to_dict() for p in available_printers]
+            
+            # Job-Historie falls vorhanden
+            if guest_request.job:
+                job_data = guest_request.job.to_dict()
+                job_data["is_active"] = guest_request.job.status in ["scheduled", "running"]
+                job_data["is_overdue"] = guest_request.job.end_at < datetime.now() if guest_request.job.end_at else False
+                request_data["job_details"] = job_data
+            
+            return jsonify({
+                "success": True,
+                "request": request_data
+            })
+            
+    except Exception as e:
+        logger.error(f"Fehler beim Abrufen der Gastanfrage-Details: {str(e)}")
+        return jsonify({"error": "Fehler beim Verarbeiten der Anfrage"}), 500
+
+@guest_blueprint.route('/api/admin/requests/<int:request_id>/update', methods=['PUT'])
+@approver_required
+def api_update_request(request_id):
+    """Gastanfrage aktualisieren (nur für Admins)."""
+    try:
+        data = request.get_json()
+        if not data:
+            return jsonify({"error": "Keine Daten erhalten"}), 400
+        
+        with get_cached_session() as db_session:
+            guest_request = db_session.query(GuestRequest).filter_by(id=request_id).first()
+            if not guest_request:
+                return jsonify({"error": "Anfrage nicht gefunden"}), 404
+            
+            # Erlaubte Felder für Updates
+            allowed_fields = ['printer_id', 'duration_min', 'approval_notes', 'rejection_reason']
+            changes_made = False
+            
+            for field in allowed_fields:
+                if field in data:
+                    if field == 'printer_id' and data[field]:
+                        # Drucker validieren
+                        printer = db_session.query(Printer).filter_by(id=data[field], active=True).first()
+                        if not printer:
+                            return jsonify({"error": "Ungültiger Drucker ausgewählt"}), 400
+                    
+                    setattr(guest_request, field, data[field])
+                    changes_made = True
+            
+            if changes_made:
+                guest_request.processed_by = current_user.id
+                guest_request.processed_at = datetime.now()
+                db_session.commit()
+                
+                logger.info(f"Gastanfrage {request_id} aktualisiert von Admin {current_user.id}")
+                
+                return jsonify({
+                    "success": True,
+                    "message": "Anfrage erfolgreich aktualisiert",
+                    "updated_by": current_user.name,
+                    "updated_at": guest_request.processed_at.isoformat()
+                })
+            else:
+                return jsonify({"error": "Keine Änderungen vorgenommen"}), 400
+            
+    except Exception as e:
+        logger.error(f"Fehler beim Aktualisieren der Gastanfrage: {str(e)}")
+        return jsonify({"error": "Fehler beim Verarbeiten der Anfrage"}), 500
+
+# Admin-Routen
+@guest_blueprint.route('/admin/requests', methods=['GET'])
+@approver_required
+def admin_requests_management():
+    """Admin-Oberfläche für die Verwaltung von Gastanfragen."""
+    return render_template('admin_guest_requests.html')