arbret/backend/routes/invites.py

"""Invite routes for public check, user invites, and admin management."""

from fastapi import APIRouter, Depends, Query
from sqlalchemy import select
from sqlalchemy.ext.asyncio import AsyncSession

from auth import require_permission
from database import get_db
from mappers import InviteMapper
from models import Permission, User
from schemas import (
    AdminUserResponse,
    InviteCheckResponse,
    InviteCreate,
    InviteResponse,
    PaginatedInviteRecords,
    UserInviteResponse,
)
from services.invite import InviteService

router = APIRouter(prefix="/api/invites", tags=["invites"])
admin_router = APIRouter(prefix="/api/admin", tags=["admin"])


@router.get("/{identifier}/check", response_model=InviteCheckResponse)
async def check_invite(
    identifier: str,
    db: AsyncSession = Depends(get_db),
) -> InviteCheckResponse:
    """Check if an invite is valid and can be used for signup."""
    service = InviteService(db)
    return await service.check_invite_validity(identifier)


@router.get("", response_model=list[UserInviteResponse])
async def get_my_invites(
    db: AsyncSession = Depends(get_db),
    current_user: User = Depends(require_permission(Permission.VIEW_OWN_INVITES)),
) -> list[UserInviteResponse]:
    """Get all invites owned by the current user."""
    service = InviteService(db)
    invites = await service.get_user_invites(current_user.id)

    return [
        UserInviteResponse(
            id=invite.id,
            identifier=invite.identifier,
            status=invite.status.value,
            used_by_email=invite.used_by.email if invite.used_by else None,
            created_at=invite.created_at,
            spent_at=invite.spent_at,
        )
        for invite in invites
    ]


@admin_router.get("/users", response_model=list[AdminUserResponse])
async def list_users_for_admin(
    db: AsyncSession = Depends(get_db),
    _current_user: User = Depends(require_permission(Permission.MANAGE_INVITES)),
) -> list[AdminUserResponse]:
    """List all users for admin dropdowns (invite creation, etc.)."""
    # Note: UserRepository doesn't have list_all yet
    # For now, keeping direct query for this specific use case
    result = await db.execute(select(User.id, User.email).order_by(User.email))
    users = result.all()
    return [AdminUserResponse(id=u.id, email=u.email) for u in users]


@admin_router.post("/invites", response_model=InviteResponse)
async def create_invite(
    data: InviteCreate,
    db: AsyncSession = Depends(get_db),
    _current_user: User = Depends(require_permission(Permission.MANAGE_INVITES)),
) -> InviteResponse:
    """Create a new invite for a specified godfather user."""
    service = InviteService(db)
    invite = await service.create_invite(data.godfather_id)
    return InviteMapper.to_response(invite)


@admin_router.get("/invites", response_model=PaginatedInviteRecords)
async def list_all_invites(
    page: int = Query(1, ge=1),
    per_page: int = Query(10, ge=1, le=100),
    status_filter: str | None = Query(
        None, alias="status", description="Filter by status: ready, spent, revoked"
    ),
    godfather_id: int | None = Query(None, description="Filter by godfather user ID"),
    db: AsyncSession = Depends(get_db),
    _current_user: User = Depends(require_permission(Permission.MANAGE_INVITES)),
) -> PaginatedInviteRecords:
    """List all invites with optional filtering and pagination."""
    service = InviteService(db)
    return await service.list_invites(
        page=page,
        per_page=per_page,
        status_filter=status_filter,
        godfather_id=godfather_id,
    )


@admin_router.post("/invites/{invite_id}/revoke", response_model=InviteResponse)
async def revoke_invite(
    invite_id: int,
    db: AsyncSession = Depends(get_db),
    _current_user: User = Depends(require_permission(Permission.MANAGE_INVITES)),
) -> InviteResponse:
    """Revoke an invite. Only READY invites can be revoked."""
    service = InviteService(db)
    invite = await service.revoke_invite(invite_id)
    return InviteMapper.to_response(invite)


# All routers from this module for easy registration
routers = [router, admin_router]
first implementation 2025-12-20 22:18:14 +01:00			`"""Invite routes for public check, user invites, and admin management."""`

Move slot expansion logic to ExchangeService - Add get_available_slots() and _expand_availability_to_slots() to ExchangeService - Update routes/exchange.py to use ExchangeService.get_available_slots() - Remove all business logic from get_available_slots endpoint - Add AvailabilityRepository to ExchangeService dependencies - Add Availability and BookableSlot imports to ExchangeService - Fix import path for validate_date_in_range (use date_validation module) - Remove unused user_repo variable and import from routes/invites.py - Fix mypy error in ValidationError by adding proper type annotation 2025-12-25 18:42:46 +01:00			`from fastapi import APIRouter, Depends, Query`
			`from sqlalchemy import select`
first implementation 2025-12-20 22:18:14 +01:00			`from sqlalchemy.ext.asyncio import AsyncSession`

			`from auth import require_permission`
			`from database import get_db`
refactors 2025-12-25 00:59:57 +01:00			`from mappers import InviteMapper`
Move slot expansion logic to ExchangeService - Add get_available_slots() and _expand_availability_to_slots() to ExchangeService - Update routes/exchange.py to use ExchangeService.get_available_slots() - Remove all business logic from get_available_slots endpoint - Add AvailabilityRepository to ExchangeService dependencies - Add Availability and BookableSlot imports to ExchangeService - Fix import path for validate_date_in_range (use date_validation module) - Remove unused user_repo variable and import from routes/invites.py - Fix mypy error in ValidationError by adding proper type annotation 2025-12-25 18:42:46 +01:00			`from models import Permission, User`
first implementation 2025-12-20 22:18:14 +01:00			`from schemas import (`
Add ruff linter/formatter for Python - Add ruff as dev dependency - Configure ruff in pyproject.toml with strict 88-char line limit - Ignore B008 (FastAPI Depends pattern is standard) - Allow longer lines in tests for readability - Fix all lint issues in source files - Add Makefile targets: lint-backend, format-backend, fix-backend 2025-12-21 21:54:26 +01:00			`AdminUserResponse,`
first implementation 2025-12-20 22:18:14 +01:00			`InviteCheckResponse,`
			`InviteCreate,`
			`InviteResponse,`
			`PaginatedInviteRecords,`
Add ruff linter/formatter for Python - Add ruff as dev dependency - Configure ruff in pyproject.toml with strict 88-char line limit - Ignore B008 (FastAPI Depends pattern is standard) - Allow longer lines in tests for readability - Fix all lint issues in source files - Add Makefile targets: lint-backend, format-backend, fix-backend 2025-12-21 21:54:26 +01:00			`UserInviteResponse,`
first implementation 2025-12-20 22:18:14 +01:00			`)`
Move slot expansion logic to ExchangeService - Add get_available_slots() and _expand_availability_to_slots() to ExchangeService - Update routes/exchange.py to use ExchangeService.get_available_slots() - Remove all business logic from get_available_slots endpoint - Add AvailabilityRepository to ExchangeService dependencies - Add Availability and BookableSlot imports to ExchangeService - Fix import path for validate_date_in_range (use date_validation module) - Remove unused user_repo variable and import from routes/invites.py - Fix mypy error in ValidationError by adding proper type annotation 2025-12-25 18:42:46 +01:00			`from services.invite import InviteService`
first implementation 2025-12-20 22:18:14 +01:00
reviewed 2025-12-20 22:38:39 +01:00			`router = APIRouter(prefix="/api/invites", tags=["invites"])`
			`admin_router = APIRouter(prefix="/api/admin", tags=["admin"])`
first implementation 2025-12-20 22:18:14 +01:00

reviewed 2025-12-20 22:38:39 +01:00			`@router.get("/{identifier}/check", response_model=InviteCheckResponse)`
first implementation 2025-12-20 22:18:14 +01:00			`async def check_invite(`
			`identifier: str,`
			`db: AsyncSession = Depends(get_db),`
			`) -> InviteCheckResponse:`
			`"""Check if an invite is valid and can be used for signup."""`
Move slot expansion logic to ExchangeService - Add get_available_slots() and _expand_availability_to_slots() to ExchangeService - Update routes/exchange.py to use ExchangeService.get_available_slots() - Remove all business logic from get_available_slots endpoint - Add AvailabilityRepository to ExchangeService dependencies - Add Availability and BookableSlot imports to ExchangeService - Fix import path for validate_date_in_range (use date_validation module) - Remove unused user_repo variable and import from routes/invites.py - Fix mypy error in ValidationError by adding proper type annotation 2025-12-25 18:42:46 +01:00			`service = InviteService(db)`
			`return await service.check_invite_validity(identifier)`
first implementation 2025-12-20 22:18:14 +01:00

reviewed 2025-12-20 22:38:39 +01:00			`@router.get("", response_model=list[UserInviteResponse])`
first implementation 2025-12-20 22:18:14 +01:00			`async def get_my_invites(`
			`db: AsyncSession = Depends(get_db),`
			`current_user: User = Depends(require_permission(Permission.VIEW_OWN_INVITES)),`
			`) -> list[UserInviteResponse]:`
			`"""Get all invites owned by the current user."""`
Move slot expansion logic to ExchangeService - Add get_available_slots() and _expand_availability_to_slots() to ExchangeService - Update routes/exchange.py to use ExchangeService.get_available_slots() - Remove all business logic from get_available_slots endpoint - Add AvailabilityRepository to ExchangeService dependencies - Add Availability and BookableSlot imports to ExchangeService - Fix import path for validate_date_in_range (use date_validation module) - Remove unused user_repo variable and import from routes/invites.py - Fix mypy error in ValidationError by adding proper type annotation 2025-12-25 18:42:46 +01:00			`service = InviteService(db)`
			`invites = await service.get_user_invites(current_user.id)`
first implementation 2025-12-20 22:18:14 +01:00
			`return [`
			`UserInviteResponse(`
			`id=invite.id,`
			`identifier=invite.identifier,`
			`status=invite.status.value,`
			`used_by_email=invite.used_by.email if invite.used_by else None,`
			`created_at=invite.created_at,`
			`spent_at=invite.spent_at,`
			`)`
			`for invite in invites`
			`]`


reviewed 2025-12-20 22:38:39 +01:00			`@admin_router.get("/users", response_model=list[AdminUserResponse])`
first implementation 2025-12-20 22:18:14 +01:00			`async def list_users_for_admin(`
			`db: AsyncSession = Depends(get_db),`
			`_current_user: User = Depends(require_permission(Permission.MANAGE_INVITES)),`
			`) -> list[AdminUserResponse]:`
			`"""List all users for admin dropdowns (invite creation, etc.)."""`
Move slot expansion logic to ExchangeService - Add get_available_slots() and _expand_availability_to_slots() to ExchangeService - Update routes/exchange.py to use ExchangeService.get_available_slots() - Remove all business logic from get_available_slots endpoint - Add AvailabilityRepository to ExchangeService dependencies - Add Availability and BookableSlot imports to ExchangeService - Fix import path for validate_date_in_range (use date_validation module) - Remove unused user_repo variable and import from routes/invites.py - Fix mypy error in ValidationError by adding proper type annotation 2025-12-25 18:42:46 +01:00			`# Note: UserRepository doesn't have list_all yet`
			`# For now, keeping direct query for this specific use case`
first implementation 2025-12-20 22:18:14 +01:00			`result = await db.execute(select(User.id, User.email).order_by(User.email))`
			`users = result.all()`
			`return [AdminUserResponse(id=u.id, email=u.email) for u in users]`


reviewed 2025-12-20 22:38:39 +01:00			`@admin_router.post("/invites", response_model=InviteResponse)`
first implementation 2025-12-20 22:18:14 +01:00			`async def create_invite(`
			`data: InviteCreate,`
			`db: AsyncSession = Depends(get_db),`
			`_current_user: User = Depends(require_permission(Permission.MANAGE_INVITES)),`
			`) -> InviteResponse:`
			`"""Create a new invite for a specified godfather user."""`
Move slot expansion logic to ExchangeService - Add get_available_slots() and _expand_availability_to_slots() to ExchangeService - Update routes/exchange.py to use ExchangeService.get_available_slots() - Remove all business logic from get_available_slots endpoint - Add AvailabilityRepository to ExchangeService dependencies - Add Availability and BookableSlot imports to ExchangeService - Fix import path for validate_date_in_range (use date_validation module) - Remove unused user_repo variable and import from routes/invites.py - Fix mypy error in ValidationError by adding proper type annotation 2025-12-25 18:42:46 +01:00			`service = InviteService(db)`
			`invite = await service.create_invite(data.godfather_id)`
refactors 2025-12-25 00:59:57 +01:00			`return InviteMapper.to_response(invite)`
first implementation 2025-12-20 22:18:14 +01:00

reviewed 2025-12-20 22:38:39 +01:00			`@admin_router.get("/invites", response_model=PaginatedInviteRecords)`
first implementation 2025-12-20 22:18:14 +01:00			`async def list_all_invites(`
			`page: int = Query(1, ge=1),`
			`per_page: int = Query(10, ge=1, le=100),`
Add ruff linter/formatter for Python - Add ruff as dev dependency - Configure ruff in pyproject.toml with strict 88-char line limit - Ignore B008 (FastAPI Depends pattern is standard) - Allow longer lines in tests for readability - Fix all lint issues in source files - Add Makefile targets: lint-backend, format-backend, fix-backend 2025-12-21 21:54:26 +01:00			`status_filter: str \| None = Query(`
			`None, alias="status", description="Filter by status: ready, spent, revoked"`
			`),`
first implementation 2025-12-20 22:18:14 +01:00			`godfather_id: int \| None = Query(None, description="Filter by godfather user ID"),`
			`db: AsyncSession = Depends(get_db),`
			`_current_user: User = Depends(require_permission(Permission.MANAGE_INVITES)),`
			`) -> PaginatedInviteRecords:`
			`"""List all invites with optional filtering and pagination."""`
Move slot expansion logic to ExchangeService - Add get_available_slots() and _expand_availability_to_slots() to ExchangeService - Update routes/exchange.py to use ExchangeService.get_available_slots() - Remove all business logic from get_available_slots endpoint - Add AvailabilityRepository to ExchangeService dependencies - Add Availability and BookableSlot imports to ExchangeService - Fix import path for validate_date_in_range (use date_validation module) - Remove unused user_repo variable and import from routes/invites.py - Fix mypy error in ValidationError by adding proper type annotation 2025-12-25 18:42:46 +01:00			`service = InviteService(db)`
			`return await service.list_invites(`
			`page=page,`
			`per_page=per_page,`
			`status_filter=status_filter,`
			`godfather_id=godfather_id,`
			`)`
first implementation 2025-12-20 22:18:14 +01:00

reviewed 2025-12-20 22:38:39 +01:00			`@admin_router.post("/invites/{invite_id}/revoke", response_model=InviteResponse)`
first implementation 2025-12-20 22:18:14 +01:00			`async def revoke_invite(`
			`invite_id: int,`
			`db: AsyncSession = Depends(get_db),`
			`_current_user: User = Depends(require_permission(Permission.MANAGE_INVITES)),`
			`) -> InviteResponse:`
			`"""Revoke an invite. Only READY invites can be revoked."""`
Move slot expansion logic to ExchangeService - Add get_available_slots() and _expand_availability_to_slots() to ExchangeService - Update routes/exchange.py to use ExchangeService.get_available_slots() - Remove all business logic from get_available_slots endpoint - Add AvailabilityRepository to ExchangeService dependencies - Add Availability and BookableSlot imports to ExchangeService - Fix import path for validate_date_in_range (use date_validation module) - Remove unused user_repo variable and import from routes/invites.py - Fix mypy error in ValidationError by adding proper type annotation 2025-12-25 18:42:46 +01:00			`service = InviteService(db)`
			`invite = await service.revoke_invite(invite_id)`
refactors 2025-12-25 00:59:57 +01:00			`return InviteMapper.to_response(invite)`
refactor(backend): clean up router registration pattern Issue #6: Multiple routers per file made main.py verbose. Changes: - Add 'routers' list export to booking.py and invites.py - Update main.py to iterate over router lists for multi-router modules - Keep explicit registration for single-router modules - Cleaner separation between simple and complex route modules 2025-12-22 09:10:26 +01:00

			`# All routers from this module for easy registration`
			`routers = [router, admin_router]`