Epic 3: Economy & Billing Engine (Pénzügyi Motor)

backend/app/services/security_service.py

@@ -59,10 +59,34 @@ class SecurityService:
         if action.requester_id == approver_id:
             raise Exception("Saját kérést nem hagyhatsz jóvá!")
 
-        # Üzleti logika (pl. Role változtatás)
+        # Üzleti logika a művelettípus alapján
         if action.action_type == "CHANGE_ROLE":
             target_user = (await db.execute(select(User).where(User.id == action.payload.get("user_id")))).scalar_one_or_none()
             if target_user: target_user.role = action.payload.get("new_role")
+        
+        elif action.action_type == "SET_VIP":
+            target_user = (await db.execute(select(User).where(User.id == action.payload.get("user_id")))).scalar_one_or_none()
+            if target_user: target_user.is_vip = action.payload.get("is_vip", True)
+        
+        elif action.action_type == "WALLET_ADJUST":
+            from app.models.identity import Wallet
+            wallet = (await db.execute(select(Wallet).where(Wallet.user_id == action.payload.get("user_id")))).scalar_one_or_none()
+            if wallet:
+                amount = action.payload.get("amount", 0)
+                wallet.balance += amount
+        
+        elif action.action_type == "SOFT_DELETE_USER":
+            target_user = (await db.execute(select(User).where(User.id == action.payload.get("user_id")))).scalar_one_or_none()
+            if target_user:
+                target_user.is_deleted = True
+                target_user.is_active = False
+        
+        # Audit log
+        await self.log_event(
+            db, user_id=approver_id, action=f"APPROVE_{action.action_type}",
+            severity=LogSeverity.info, target_type="PendingAction", target_id=str(action_id),
+            new_data={"action_id": action_id, "action_type": action.action_type}
+        )
 
         action.status = ActionStatus.approved
         action.approver_id = approver_id
@@ -84,6 +108,40 @@ class SecurityService:
             return False
         return True
 
+    async def reject_action(self, db: AsyncSession, approver_id: int, action_id: int, reason: str = None):
+        """ Művelet elutasítása. """
+        stmt = select(PendingAction).where(PendingAction.id == action_id)
+        action = (await db.execute(stmt)).scalar_one_or_none()
+        
+        if not action or action.status != ActionStatus.pending:
+            raise Exception("Művelet nem található.")
+        if action.requester_id == approver_id:
+            raise Exception("Saját kérést nem utasíthatod el!")
+
+        action.status = ActionStatus.rejected
+        action.approver_id = approver_id
+        action.processed_at = datetime.now(timezone.utc)
+        if reason:
+            action.reason = f"Elutasítva: {reason}"
+
+        await self.log_event(
+            db, user_id=approver_id, action=f"REJECT_{action.action_type}",
+            severity=LogSeverity.warning, target_type="PendingAction", target_id=str(action_id),
+            new_data={"action_id": action_id, "reason": reason}
+        )
+        await db.commit()
+
+    async def get_pending_actions(self, db: AsyncSession, user_id: int = None, action_type: str = None):
+        """ Függőben lévő műveletek lekérdezése. """
+        stmt = select(PendingAction).where(PendingAction.status == ActionStatus.pending)
+        if user_id:
+            stmt = stmt.where(PendingAction.requester_id == user_id)
+        if action_type:
+            stmt = stmt.where(PendingAction.action_type == action_type)
+        stmt = stmt.order_by(PendingAction.created_at.desc())
+        result = await db.execute(stmt)
+        return result.scalars().all()
+
     async def _execute_emergency_lock(self, db: AsyncSession, user_id: int, reason: str):
         if not user_id: return
         user = (await db.execute(select(User).where(User.id == user_id))).scalar_one_or_none()