from typing import Any, List from fastapi import APIRouter, Depends, HTTPException, status from sqlalchemy.orm import Session from app.api.deps import get_current_user from app.core.logging import app_logger from app.crud.crud_client import ( create_client, delete_client, get_client, get_clients_by_user, update_client, ) from app.db.session import get_db from app.models.user import User from app.schemas.client import Client, ClientCreate, ClientUpdate, ClientWithInvoices from app.utils.activity import log_activity router = APIRouter() @router.get("/", response_model=List[Client]) def read_clients( db: Session = Depends(get_db), skip: int = 0, limit: int = 100, current_user: User = Depends(get_current_user), ) -> Any: """ Retrieve all clients for the current user """ clients = get_clients_by_user( db=db, user_id=current_user.id, skip=skip, limit=limit ) return clients @router.post("/", response_model=Client, status_code=status.HTTP_201_CREATED) def create_client_route( *, db: Session = Depends(get_db), client_in: ClientCreate, current_user: User = Depends(get_current_user), ) -> Any: """ Create new client for the current user """ client = create_client(db=db, obj_in=client_in, user_id=current_user.id) # Log activity log_activity( db=db, user_id=current_user.id, action="create", entity_type="client", entity_id=client.id, details=f"Created new client: {client.name}" ) app_logger.info(f"User {current_user.email} created new client: {client.name}") return client @router.get("/{client_id}", response_model=ClientWithInvoices) def read_client( *, db: Session = Depends(get_db), client_id: int, current_user: User = Depends(get_current_user), ) -> Any: """ Get client by ID """ client = get_client(db=db, client_id=client_id) if not client: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="Client not found" ) # Check if the client belongs to the current user if client.user_id != current_user.id: raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Not enough permissions to access this client" ) # Log activity log_activity( db=db, user_id=current_user.id, action="view", entity_type="client", entity_id=client.id, details=f"Viewed client: {client.name}" ) return client @router.put("/{client_id}", response_model=Client) def update_client_route( *, db: Session = Depends(get_db), client_id: int, client_in: ClientUpdate, current_user: User = Depends(get_current_user), ) -> Any: """ Update a client """ client = get_client(db=db, client_id=client_id) if not client: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="Client not found" ) # Check if the client belongs to the current user if client.user_id != current_user.id: raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Not enough permissions to update this client" ) client = update_client(db=db, db_obj=client, obj_in=client_in) # Log activity log_activity( db=db, user_id=current_user.id, action="update", entity_type="client", entity_id=client.id, details=f"Updated client: {client.name}" ) app_logger.info(f"User {current_user.email} updated client: {client.name}") return client @router.delete("/{client_id}", response_model=None, status_code=status.HTTP_204_NO_CONTENT) def delete_client_route( *, db: Session = Depends(get_db), client_id: int, current_user: User = Depends(get_current_user), ) -> Any: """ Delete a client """ client = get_client(db=db, client_id=client_id) if not client: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="Client not found" ) # Check if the client belongs to the current user if client.user_id != current_user.id: raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Not enough permissions to delete this client" ) client_name = client.name delete_client(db=db, client_id=client_id) # Log activity log_activity( db=db, user_id=current_user.id, action="delete", entity_type="client", details=f"Deleted client: {client_name}" ) app_logger.info(f"User {current_user.email} deleted client: {client_name}") return None