átlagos kiegészítséek jó sok

backend/app/api/v1/endpoints/admin.py

@@ -1,5 +1,5 @@
 # /opt/docker/dev/service_finder/backend/app/api/v1/endpoints/admin.py
-from fastapi import APIRouter, Depends, HTTPException, status
+from fastapi import APIRouter, Depends, HTTPException, status, Body
 from sqlalchemy.ext.asyncio import AsyncSession
 from sqlalchemy import select, func, text, delete
 from typing import List, Any, Dict, Optional
@@ -10,9 +10,9 @@ from app.models.identity import User, UserRole # JAVÍTVA: Központi import
 from app.models.system import SystemParameter, ParameterScope
 from app.services.system_service import system_service
 # JAVÍTVA: Security audit modellek
-from app.models.audit import SecurityAuditLog, OperationalLog
+from app.models import SecurityAuditLog, OperationalLog
 # JAVÍTVA: Ezek a modellek a security.py-ból jönnek (ha ott vannak)
-from app.models.security import PendingAction, ActionStatus
+from app.models import PendingAction, ActionStatus
 
 from app.services.security_service import security_service
 from app.services.translation_service import TranslationService
@@ -235,4 +235,127 @@ async def set_odometer_manual_override(
         "message": f"Manuális átlag {action}: {request.daily_avg} km/nap",
         "vehicle_id": vehicle_id,
         "manual_override_avg": odometer_state.manual_override_avg
+    }
+
+@router.get("/ping", tags=["Admin Test"])
+async def admin_ping(
+    current_user: User = Depends(deps.get_current_admin)
+):
+    """
+    Egyszerű ping végpont admin jogosultság ellenőrzéséhez.
+    """
+    return {
+        "message": "Admin felület aktív",
+        "role": current_user.role.value if hasattr(current_user.role, "value") else current_user.role
+    }
+
+
+@router.post("/users/{user_id}/ban", tags=["Admin Security"])
+async def ban_user(
+    user_id: int,
+    reason: str = Body(..., embed=True),
+    current_admin: User = Depends(deps.get_current_admin),
+    db: AsyncSession = Depends(deps.get_db)
+):
+    """
+    Felhasználó tiltása (Ban Hammer).
+    
+    - Megkeresi a usert (identity.users táblában).
+    - Ha nincs -> 404
+    - Ha a user.role == superadmin -> 403 (Saját magát/másik admint ne tiltson le).
+    - Állítja be a tiltást (is_active = False).
+    - Audit logba rögzíti a reason-t.
+    """
+    from sqlalchemy import select
+    
+    # 1. Keresd meg a usert
+    stmt = select(User).where(User.id == user_id)
+    result = await db.execute(stmt)
+    user = result.scalar_one_or_none()
+    
+    if not user:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail=f"User not found with ID: {user_id}"
+        )
+    
+    # 2. Ellenőrizd, hogy nem superadmin-e
+    if user.role == UserRole.superadmin:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Cannot ban a superadmin user"
+        )
+    
+    # 3. Tiltás beállítása
+    user.is_active = False
+    # Opcionálisan: banned_until mező kitöltése, ha létezik a modellben
+    # user.banned_until = datetime.now() + timedelta(days=30)
+    
+    # 4. Audit log létrehozása
+    audit_log = SecurityAuditLog(
+        user_id=current_admin.id,
+        action="ban_user",
+        target_user_id=user_id,
+        details=f"User banned. Reason: {reason}",
+        is_critical=True,
+        ip_address="admin_api"
+    )
+    db.add(audit_log)
+    
+    await db.commit()
+    
+    return {
+        "status": "success",
+        "message": f"User {user_id} banned successfully.",
+        "reason": reason
+    }
+
+
+@router.post("/marketplace/services/{staging_id}/approve", tags=["Marketplace Moderation"])
+async def approve_staged_service(
+    staging_id: int,
+    current_admin: User = Depends(deps.get_current_admin),
+    db: AsyncSession = Depends(deps.get_db)
+):
+    """
+    Szerviz jóváhagyása a Piactéren (Kék Pipa).
+    
+    - Megkeresi a marketplace.service_staging rekordot.
+    - Ha nincs -> 404
+    - Állítja a validation_level-t 100-ra, a status-t 'approved'-ra.
+    """
+    from sqlalchemy import select
+    from app.models.staged_data import ServiceStaging
+    
+    stmt = select(ServiceStaging).where(ServiceStaging.id == staging_id)
+    result = await db.execute(stmt)
+    staging = result.scalar_one_or_none()
+    
+    if not staging:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail=f"Service staging record not found with ID: {staging_id}"
+        )
+    
+    # Jóváhagyás
+    staging.validation_level = 100
+    staging.status = "approved"
+    
+    # Audit log
+    audit_log = SecurityAuditLog(
+        user_id=current_admin.id,
+        action="approve_service",
+        target_staging_id=staging_id,
+        details=f"Service staging approved: {staging.service_name}",
+        is_critical=False,
+        ip_address="admin_api"
+    )
+    db.add(audit_log)
+    
+    await db.commit()
+    
+    return {
+        "status": "success",
+        "message": f"Service staging {staging_id} approved.",
+        "service_name": staging.service_name
     }