linmihigo
c086f64363
- Add 7 core API endpoints: users, transactions, partners, products, inventory, payments, credit - Implement role-based authentication (admin/write/read-only access) - Add comprehensive database models with proper relationships - Include full test coverage for all endpoints and business logic - Set up Alembic migrations and Docker configuration - Configure FastAPI app with CORS and database integration
89 lines
3.2 KiB
Python
89 lines
3.2 KiB
Python
from fastapi import APIRouter, Depends, HTTPException, status
|
|
from sqlmodel import Session, select
|
|
from app.core.db import get_session
|
|
from app.core.auth import require_any_access, require_write_access, get_current_active_user
|
|
from app.schemas.models import Transaction
|
|
from app.schemas.schemas import TransactionCreate, TransactionUpdate, TransactionResponse, UserResponse
|
|
|
|
from typing import List, Optional
|
|
|
|
router = APIRouter(prefix="/transactions", tags=["transactions"])
|
|
|
|
# Create Transaction
|
|
@router.post("/", response_model=TransactionResponse, status_code=status.HTTP_201_CREATED)
|
|
def create_transaction(
|
|
transaction: TransactionCreate,
|
|
session: Session = Depends(get_session),
|
|
current_user: UserResponse = Depends(require_write_access)
|
|
):
|
|
# Set created_by and updated_by to current user
|
|
transaction_data = transaction.model_dump(exclude_unset=True)
|
|
transaction_data["created_by"] = current_user.id
|
|
transaction_data["updated_by"] = current_user.id
|
|
|
|
db_transaction = Transaction(**transaction_data)
|
|
session.add(db_transaction)
|
|
session.commit()
|
|
session.refresh(db_transaction)
|
|
return db_transaction
|
|
|
|
# Read all Transactions
|
|
@router.get("/", response_model=List[TransactionResponse])
|
|
def read_transactions(
|
|
skip: int = 0,
|
|
limit: int = 100,
|
|
session: Session = Depends(get_session),
|
|
current_user: UserResponse = Depends(require_any_access)
|
|
):
|
|
transactions = session.exec(select(Transaction).offset(skip).limit(limit)).all()
|
|
return transactions
|
|
|
|
# Read single Transaction by ID
|
|
@router.get("/{transaction_id}", response_model=TransactionResponse)
|
|
def read_transaction(
|
|
transaction_id: int,
|
|
session: Session = Depends(get_session),
|
|
current_user: UserResponse = Depends(require_any_access)
|
|
):
|
|
transaction = session.get(Transaction, transaction_id)
|
|
if not transaction:
|
|
raise HTTPException(status_code=404, detail="Transaction not found")
|
|
return transaction
|
|
|
|
# Update Transaction
|
|
@router.put("/{transaction_id}", response_model=TransactionResponse)
|
|
def update_transaction(
|
|
transaction_id: int,
|
|
transaction: TransactionUpdate,
|
|
session: Session = Depends(get_session),
|
|
current_user: UserResponse = Depends(require_write_access)
|
|
):
|
|
db_transaction = session.get(Transaction, transaction_id)
|
|
if not db_transaction:
|
|
raise HTTPException(status_code=404, detail="Transaction not found")
|
|
|
|
update_data = transaction.model_dump(exclude_unset=True)
|
|
update_data["updated_by"] = current_user.id # Track who updated
|
|
|
|
for key, value in update_data.items():
|
|
setattr(db_transaction, key, value)
|
|
|
|
session.add(db_transaction)
|
|
session.commit()
|
|
session.refresh(db_transaction)
|
|
return db_transaction
|
|
|
|
# Delete Transaction
|
|
@router.delete("/{transaction_id}", status_code=status.HTTP_204_NO_CONTENT)
|
|
def delete_transaction(
|
|
transaction_id: int,
|
|
session: Session = Depends(get_session),
|
|
current_user: UserResponse = Depends(require_write_access)
|
|
):
|
|
transaction = session.get(Transaction, transaction_id)
|
|
if not transaction:
|
|
raise HTTPException(status_code=404, detail="Transaction not found")
|
|
session.delete(transaction)
|
|
session.commit()
|
|
return None
|