genericrestapiservice-oszx3e/app/api/v1/endpoints/items.py

from typing import Annotated, Any, List

from fastapi import APIRouter, Depends, HTTPException, status
from sqlalchemy.orm import Session

from app.api.dependencies import get_current_active_user, get_db
from app.crud import item
from app.models.user import User
from app.schemas.item import Item as ItemSchema
from app.schemas.item import ItemCreate, ItemUpdate

router = APIRouter()


@router.get("/", response_model=List[ItemSchema])
def read_items(
    db: Annotated[Session, Depends(get_db)],
    current_user: Annotated[User, Depends(get_current_active_user)],
    skip: int = 0,
    limit: int = 100,
) -> Any:
    """
    Retrieve items.
    """
    if current_user.is_superuser:
        items = item.get_multi(db, skip=skip, limit=limit)
    else:
        items = item.get_multi_by_owner(
            db=db, owner_id=current_user.id, skip=skip, limit=limit
        )
    return items


@router.post("/", response_model=ItemSchema, status_code=status.HTTP_201_CREATED)
def create_item(
    *,
    db: Annotated[Session, Depends(get_db)],
    item_in: ItemCreate,
    current_user: Annotated[User, Depends(get_current_active_user)],
) -> Any:
    """
    Create new item.
    """
    return item.create_with_owner(db=db, obj_in=item_in, owner_id=current_user.id)


@router.get("/{id}", response_model=ItemSchema)
def read_item(
    *,
    db: Annotated[Session, Depends(get_db)],
    id: int,
    current_user: Annotated[User, Depends(get_current_active_user)],
) -> Any:
    """
    Get item by ID.
    """
    db_item = item.get(db=db, id=id)
    if db_item is None:
        raise HTTPException(status_code=404, detail="Item not found")
    if not current_user.is_superuser and (db_item.owner_id != current_user.id):
        raise HTTPException(status_code=403, detail="Not enough permissions")
    return db_item


@router.put("/{id}", response_model=ItemSchema)
def update_item(
    *,
    db: Annotated[Session, Depends(get_db)],
    id: int,
    item_in: ItemUpdate,
    current_user: Annotated[User, Depends(get_current_active_user)],
) -> Any:
    """
    Update an item.
    """
    db_item = item.get(db=db, id=id)
    if db_item is None:
        raise HTTPException(status_code=404, detail="Item not found")
    if not current_user.is_superuser and (db_item.owner_id != current_user.id):
        raise HTTPException(status_code=403, detail="Not enough permissions")
    return item.update(db=db, db_obj=db_item, obj_in=item_in)


@router.delete("/{id}", response_model=ItemSchema)
def delete_item(
    *,
    db: Annotated[Session, Depends(get_db)],
    id: int,
    current_user: Annotated[User, Depends(get_current_active_user)],
) -> Any:
    """
    Delete an item.
    """
    db_item = item.get(db=db, id=id)
    if db_item is None:
        raise HTTPException(status_code=404, detail="Item not found")
    if not current_user.is_superuser and (db_item.owner_id != current_user.id):
        raise HTTPException(status_code=403, detail="Not enough permissions")
    return item.remove(db=db, id=id)