let admin disable players

2025-12-19 12:48:23 +01:00
parent 685c877ffa
commit fb207dc7c7
1 changed files with 23 additions and 2 deletions
--- a/cutt/player.py
+++ b/cutt/player.py
@@ -110,7 +110,7 @@ class DisablePlayerRequest(BaseModel):
    player_id: int


-def disable_player(
+def disable_player_team(
    r: DisablePlayerRequest,
    request: Annotated[TeamScopedRequest, Depends(verify_team_scope)],
 ):
@@ -135,6 +135,21 @@ def disable_player(
            )


+def disable_player(r: DisablePlayerRequest):
+    with Session(engine) as session:
+        player = session.exec(select(P).where(P.id == r.player_id)).one_or_none()
+        if player:
+            player.disabled = True
+            session.add(player)
+            session.commit()
+            return PlainTextResponse(f"disabled {player.display_name}")
+        else:
+            raise HTTPException(
+                status_code=status.HTTP_404_NOT_FOUND,
+                detail="no such player found in your team",
+            )
+
+
 def add_player_to_team(player_id: int, team_id: int):
    with Session(engine) as session:
        player = session.exec(select(P).where(P.id == player_id)).one()
@@ -226,7 +241,7 @@ player_router.add_api_route(
 )
 player_router.add_api_route(
    "/{team_id}",
-    endpoint=disable_player,
+    endpoint=disable_player_team,
    methods=["DELETE"],
 )
 player_router.add_api_route(
@@ -246,6 +261,12 @@ player_router.add_api_route(
    methods=["GET"],
    dependencies=[Security(get_current_active_user, scopes=["admin"])],
 )
+player_router.add_api_route(
+    "/disable/{player_id}",
+    endpoint=disable_player,
+    methods=["GET"],
+    dependencies=[Security(get_current_active_user, scopes=["admin"])],
+)
 player_router.add_api_route("/me", endpoint=read_player_me, methods=["GET"])
 player_router.add_api_route("/me/teams", endpoint=read_teams_me, methods=["GET"])
 player_router.add_api_route(