papa/klg-asutk-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
aa052763f6
klg-asutk-app/backend/app/api/routes/stats.py
Yuriy aa052763f6 Безопасность и качество: 8 исправлений + обновления 
- .env.example: полный шаблон, защита секретов
- .gitignore: явное исключение .env.* и секретов
- layout.tsx: XSS — заменён dangerouslySetInnerHTML на next/script для SW
- ESLint: no-console error (allow warn/error), ignore scripts/
- scripts/remove-console-logs.js: очистка console.log без glob
- backend/routes/modules: README с планом рефакторинга крупных файлов
- SECURITY.md: гид по секретам, XSS, CORS, auth, линту
- .husky/pre-commit: запуск npm run lint

+ прочие правки приложения и бэкенда

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-14 21:29:16 +03:00

45 lines
2.0 KiB
Python
Raw Blame History

"""Dashboard stats API — tenant-aware aggregation."""
from fastapi import APIRouter, Depends
from sqlalchemy.orm import Session
from sqlalchemy import func
from app.api.deps import get_current_user
from app.api.helpers import is_operator, is_authority
from app.db.session import get_db
from app.models import Aircraft, RiskAlert, Organization, Audit
router = APIRouter(tags=["stats"])
@router.get("/stats")
def get_stats(db: Session = Depends(get_db), user=Depends(get_current_user)):
org_filter = user.organization_id if is_operator(user) else None
# Aircraft
ac_q = db.query(Aircraft)
if org_filter: ac_q = ac_q.filter(Aircraft.operator_id == org_filter)
ac_total = ac_q.count()
sm = dict(ac_q.with_entities(Aircraft.current_status, func.count(Aircraft.id)).group_by(Aircraft.current_status).all())
active = sm.get("in_service", 0) + sm.get("active", 0)
# Risks (unresolved)
rq = db.query(RiskAlert).filter(RiskAlert.is_resolved == False)
if org_filter: rq = rq.join(Aircraft).filter(Aircraft.operator_id == org_filter)
risk_total = rq.count()
rm = dict(rq.with_entities(RiskAlert.severity, func.count(RiskAlert.id)).group_by(RiskAlert.severity).all())
# Audits
aq = db.query(Audit)
if org_filter: aq = aq.join(Aircraft, Audit.aircraft_id == Aircraft.id).filter(Aircraft.operator_id == org_filter)
# Orgs
oq = db.query(Organization)
if not is_authority(user) and org_filter: oq = oq.filter(Organization.id == org_filter)
return {
"aircraft": {"total": ac_total, "active": active, "maintenance": sm.get("maintenance", 0), "storage": sm.get("storage", 0)},
"risks": {"total": risk_total, "critical": rm.get("critical", 0), "high": rm.get("high", 0), "medium": rm.get("medium", 0), "low": rm.get("low", 0)},
"audits": {"current": aq.filter(Audit.status == "in_progress").count(), "upcoming": aq.filter(Audit.status == "draft").count(), "completed": aq.filter(Audit.status == "completed").count()},
"organizations": {"total": oq.count()},
}
Reference in New Issue View Git Blame Copy Permalink