165 lines
4.6 KiB
Python
165 lines
4.6 KiB
Python
"""
|
|
Food items endpoints
|
|
"""
|
|
from typing import Any, List, Optional
|
|
|
|
from fastapi import APIRouter, Depends, HTTPException, status
|
|
from sqlalchemy.orm import Session
|
|
|
|
from app import models, schemas, services
|
|
from app.core.deps import get_current_active_superuser, get_current_active_user
|
|
from app.db.session import get_db
|
|
|
|
router = APIRouter()
|
|
|
|
|
|
@router.get("/", response_model=List[schemas.Food])
|
|
def read_foods(
|
|
db: Session = Depends(get_db),
|
|
skip: int = 0,
|
|
limit: int = 100,
|
|
name: Optional[str] = None,
|
|
current_user: models.User = Depends(get_current_active_user),
|
|
) -> Any:
|
|
"""
|
|
Retrieve food items. Supports filtering by name.
|
|
"""
|
|
foods = services.food.get_multi(db, skip=skip, limit=limit, name_filter=name)
|
|
return foods
|
|
|
|
|
|
@router.post("/", response_model=schemas.Food)
|
|
def create_food(
|
|
*,
|
|
db: Session = Depends(get_db),
|
|
food_in: schemas.FoodCreate,
|
|
current_user: models.User = Depends(get_current_active_user),
|
|
) -> Any:
|
|
"""
|
|
Create new food item.
|
|
"""
|
|
# Set is_verified to False for user-created foods, unless user is superuser
|
|
if not current_user.is_superuser:
|
|
food_in.is_verified = False
|
|
|
|
food = services.food.create(
|
|
db=db, obj_in=food_in, created_by_id=current_user.id
|
|
)
|
|
return food
|
|
|
|
|
|
@router.get("/my-foods", response_model=List[schemas.Food])
|
|
def read_user_foods(
|
|
db: Session = Depends(get_db),
|
|
skip: int = 0,
|
|
limit: int = 100,
|
|
current_user: models.User = Depends(get_current_active_user),
|
|
) -> Any:
|
|
"""
|
|
Retrieve food items created by the current user.
|
|
"""
|
|
foods = services.food.get_multi_by_user(
|
|
db=db, user_id=current_user.id, skip=skip, limit=limit
|
|
)
|
|
return foods
|
|
|
|
|
|
@router.get("/{food_id}", response_model=schemas.Food)
|
|
def read_food(
|
|
*,
|
|
db: Session = Depends(get_db),
|
|
food_id: int,
|
|
current_user: models.User = Depends(get_current_active_user),
|
|
) -> Any:
|
|
"""
|
|
Get food item by ID.
|
|
"""
|
|
food = services.food.get(db=db, food_id=food_id)
|
|
if not food:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_404_NOT_FOUND,
|
|
detail="Food item not found",
|
|
)
|
|
return food
|
|
|
|
|
|
@router.put("/{food_id}", response_model=schemas.Food)
|
|
def update_food(
|
|
*,
|
|
db: Session = Depends(get_db),
|
|
food_id: int,
|
|
food_in: schemas.FoodUpdate,
|
|
current_user: models.User = Depends(get_current_active_user),
|
|
) -> Any:
|
|
"""
|
|
Update a food item.
|
|
"""
|
|
food = services.food.get(db=db, food_id=food_id)
|
|
if not food:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_404_NOT_FOUND,
|
|
detail="Food item not found",
|
|
)
|
|
|
|
# Only allow update if user is superuser or the creator of the food item
|
|
if not current_user.is_superuser and food.created_by_id != current_user.id:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_403_FORBIDDEN,
|
|
detail="Not enough permissions",
|
|
)
|
|
|
|
# Regular users cannot mark items as verified
|
|
if not current_user.is_superuser and food_in.is_verified:
|
|
food_in.is_verified = False
|
|
|
|
food = services.food.update(db=db, db_obj=food, obj_in=food_in)
|
|
return food
|
|
|
|
|
|
@router.delete("/{food_id}", response_model=schemas.Food)
|
|
def delete_food(
|
|
*,
|
|
db: Session = Depends(get_db),
|
|
food_id: int,
|
|
current_user: models.User = Depends(get_current_active_user),
|
|
) -> Any:
|
|
"""
|
|
Delete a food item.
|
|
"""
|
|
food = services.food.get(db=db, food_id=food_id)
|
|
if not food:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_404_NOT_FOUND,
|
|
detail="Food item not found",
|
|
)
|
|
|
|
# Only allow deletion if user is superuser or the creator of the food item
|
|
if not current_user.is_superuser and food.created_by_id != current_user.id:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_403_FORBIDDEN,
|
|
detail="Not enough permissions",
|
|
)
|
|
|
|
food = services.food.delete(db=db, food_id=food_id)
|
|
return food
|
|
|
|
|
|
@router.post("/verify/{food_id}", response_model=schemas.Food)
|
|
def verify_food(
|
|
*,
|
|
db: Session = Depends(get_db),
|
|
food_id: int,
|
|
current_user: models.User = Depends(get_current_active_superuser),
|
|
) -> Any:
|
|
"""
|
|
Verify a food item. Only superusers can verify food items.
|
|
"""
|
|
food = services.food.get(db=db, food_id=food_id)
|
|
if not food:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_404_NOT_FOUND,
|
|
detail="Food item not found",
|
|
)
|
|
|
|
food = services.food.update(db=db, db_obj=food, obj_in={"is_verified": True})
|
|
return food |