arbret/backend/routes/invites.py

"""Invite routes for public check, user invites, and admin management."""

from datetime import UTC, datetime

from fastapi import APIRouter, Depends, HTTPException, Query, status
from sqlalchemy import desc, func, select
from sqlalchemy.exc import IntegrityError
from sqlalchemy.ext.asyncio import AsyncSession

from auth import require_permission
from database import get_db
from invite_utils import (
    generate_invite_identifier,
    is_valid_identifier_format,
    normalize_identifier,
)
from models import Invite, InviteStatus, Permission, User
from pagination import calculate_offset, create_paginated_response
from schemas import (
    AdminUserResponse,
    InviteCheckResponse,
    InviteCreate,
    InviteResponse,
    PaginatedInviteRecords,
    UserInviteResponse,
)

router = APIRouter(prefix="/api/invites", tags=["invites"])
admin_router = APIRouter(prefix="/api/admin", tags=["admin"])

MAX_INVITE_COLLISION_RETRIES = 3


def _to_invite_response(invite: Invite) -> InviteResponse:
    """Build an InviteResponse from an Invite with loaded relationships."""
    return InviteResponse(
        id=invite.id,
        identifier=invite.identifier,
        godfather_id=invite.godfather_id,
        godfather_email=invite.godfather.email,
        status=invite.status.value,
        used_by_id=invite.used_by_id,
        used_by_email=invite.used_by.email if invite.used_by else None,
        created_at=invite.created_at,
        spent_at=invite.spent_at,
        revoked_at=invite.revoked_at,
    )


@router.get("/{identifier}/check", response_model=InviteCheckResponse)
async def check_invite(
    identifier: str,
    db: AsyncSession = Depends(get_db),
) -> InviteCheckResponse:
    """Check if an invite is valid and can be used for signup."""
    normalized = normalize_identifier(identifier)

    # Validate format before querying database
    if not is_valid_identifier_format(normalized):
        return InviteCheckResponse(valid=False, error="Invalid invite code format")

    result = await db.execute(select(Invite).where(Invite.identifier == normalized))
    invite = result.scalar_one_or_none()

    # Return same error for not found, spent, and revoked to avoid information leakage
    if not invite or invite.status in (InviteStatus.SPENT, InviteStatus.REVOKED):
        return InviteCheckResponse(valid=False, error="Invite not found")

    return InviteCheckResponse(valid=True, status=invite.status.value)


@router.get("", response_model=list[UserInviteResponse])
async def get_my_invites(
    db: AsyncSession = Depends(get_db),
    current_user: User = Depends(require_permission(Permission.VIEW_OWN_INVITES)),
) -> list[UserInviteResponse]:
    """Get all invites owned by the current user."""
    result = await db.execute(
        select(Invite)
        .where(Invite.godfather_id == current_user.id)
        .order_by(desc(Invite.created_at))
    )
    invites = result.scalars().all()

    # Use preloaded used_by relationship (selectin loading)
    return [
        UserInviteResponse(
            id=invite.id,
            identifier=invite.identifier,
            status=invite.status.value,
            used_by_email=invite.used_by.email if invite.used_by else None,
            created_at=invite.created_at,
            spent_at=invite.spent_at,
        )
        for invite in invites
    ]


@admin_router.get("/users", response_model=list[AdminUserResponse])
async def list_users_for_admin(
    db: AsyncSession = Depends(get_db),
    _current_user: User = Depends(require_permission(Permission.MANAGE_INVITES)),
) -> list[AdminUserResponse]:
    """List all users for admin dropdowns (invite creation, etc.)."""
    result = await db.execute(select(User.id, User.email).order_by(User.email))
    users = result.all()
    return [AdminUserResponse(id=u.id, email=u.email) for u in users]


@admin_router.post("/invites", response_model=InviteResponse)
async def create_invite(
    data: InviteCreate,
    db: AsyncSession = Depends(get_db),
    _current_user: User = Depends(require_permission(Permission.MANAGE_INVITES)),
) -> InviteResponse:
    """Create a new invite for a specified godfather user."""
    # Validate godfather exists
    result = await db.execute(select(User.id).where(User.id == data.godfather_id))
    godfather_id = result.scalar_one_or_none()
    if not godfather_id:
        raise HTTPException(
            status_code=status.HTTP_400_BAD_REQUEST,
            detail="Godfather user not found",
        )

    # Try to create invite with retry on collision
    invite: Invite | None = None
    for attempt in range(MAX_INVITE_COLLISION_RETRIES):
        identifier = generate_invite_identifier()
        invite = Invite(
            identifier=identifier,
            godfather_id=godfather_id,
            status=InviteStatus.READY,
        )
        db.add(invite)
        try:
            await db.commit()
            await db.refresh(invite, ["godfather"])
            break
        except IntegrityError:
            await db.rollback()
            if attempt == MAX_INVITE_COLLISION_RETRIES - 1:
                raise HTTPException(
                    status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
                    detail="Failed to generate unique invite code. Try again.",
                ) from None

    if invite is None:
        raise HTTPException(
            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
            detail="Failed to create invite",
        )
    return _to_invite_response(invite)


@admin_router.get("/invites", response_model=PaginatedInviteRecords)
async def list_all_invites(
    page: int = Query(1, ge=1),
    per_page: int = Query(10, ge=1, le=100),
    status_filter: str | None = Query(
        None, alias="status", description="Filter by status: ready, spent, revoked"
    ),
    godfather_id: int | None = Query(None, description="Filter by godfather user ID"),
    db: AsyncSession = Depends(get_db),
    _current_user: User = Depends(require_permission(Permission.MANAGE_INVITES)),
) -> PaginatedInviteRecords:
    """List all invites with optional filtering and pagination."""
    # Build query
    query = select(Invite)
    count_query = select(func.count(Invite.id))

    # Apply filters
    if status_filter:
        try:
            status_enum = InviteStatus(status_filter)
            query = query.where(Invite.status == status_enum)
            count_query = count_query.where(Invite.status == status_enum)
        except ValueError:
            raise HTTPException(
                status_code=400,
                detail=f"Invalid status: {status_filter}. "
                "Must be ready, spent, or revoked",
            ) from None

    if godfather_id:
        query = query.where(Invite.godfather_id == godfather_id)
        count_query = count_query.where(Invite.godfather_id == godfather_id)

    # Get total count
    count_result = await db.execute(count_query)
    total = count_result.scalar() or 0

    # Get paginated invites (relationships loaded via selectin)
    offset = calculate_offset(page, per_page)
    query = query.order_by(desc(Invite.created_at)).offset(offset).limit(per_page)
    result = await db.execute(query)
    invites = result.scalars().all()

    # Build responses using preloaded relationships
    records = [_to_invite_response(invite) for invite in invites]

    return create_paginated_response(records, total, page, per_page)


@admin_router.post("/invites/{invite_id}/revoke", response_model=InviteResponse)
async def revoke_invite(
    invite_id: int,
    db: AsyncSession = Depends(get_db),
    _current_user: User = Depends(require_permission(Permission.MANAGE_INVITES)),
) -> InviteResponse:
    """Revoke an invite. Only READY invites can be revoked."""
    result = await db.execute(select(Invite).where(Invite.id == invite_id))
    invite = result.scalar_one_or_none()

    if not invite:
        raise HTTPException(
            status_code=status.HTTP_404_NOT_FOUND,
            detail="Invite not found",
        )

    if invite.status != InviteStatus.READY:
        raise HTTPException(
            status_code=status.HTTP_400_BAD_REQUEST,
            detail=f"Cannot revoke invite with status '{invite.status.value}'. "
            "Only READY invites can be revoked.",
        )

    invite.status = InviteStatus.REVOKED
    invite.revoked_at = datetime.now(UTC)
    await db.commit()
    await db.refresh(invite)

    return _to_invite_response(invite)


# All routers from this module for easy registration
routers = [router, admin_router]
first implementation 2025-12-20 22:18:14 +01:00			`"""Invite routes for public check, user invites, and admin management."""`

Add ruff linter/formatter for Python - Add ruff as dev dependency - Configure ruff in pyproject.toml with strict 88-char line limit - Ignore B008 (FastAPI Depends pattern is standard) - Allow longer lines in tests for readability - Fix all lint issues in source files - Add Makefile targets: lint-backend, format-backend, fix-backend 2025-12-21 21:54:26 +01:00			`from datetime import UTC, datetime`

			`from fastapi import APIRouter, Depends, HTTPException, Query, status`
			`from sqlalchemy import desc, func, select`
first implementation 2025-12-20 22:18:14 +01:00			`from sqlalchemy.exc import IntegrityError`
			`from sqlalchemy.ext.asyncio import AsyncSession`

			`from auth import require_permission`
			`from database import get_db`
Add ruff linter/formatter for Python - Add ruff as dev dependency - Configure ruff in pyproject.toml with strict 88-char line limit - Ignore B008 (FastAPI Depends pattern is standard) - Allow longer lines in tests for readability - Fix all lint issues in source files - Add Makefile targets: lint-backend, format-backend, fix-backend 2025-12-21 21:54:26 +01:00			`from invite_utils import (`
			`generate_invite_identifier,`
			`is_valid_identifier_format,`
			`normalize_identifier,`
			`)`
			`from models import Invite, InviteStatus, Permission, User`
refactor(backend): extract pagination utilities Issue #4: Pagination logic was repeated across multiple routes. Changes: - Add pagination.py with reusable utilities: - calculate_total_pages: computes page count from total/per_page - calculate_offset: computes offset for given page - create_paginated_response: builds PaginatedResponse with metadata - Update routes/audit.py to use pagination utilities - Update routes/booking.py to use pagination utilities - Update routes/invites.py to use pagination utilities The utilities handle the common pagination math while routes still manage their own query logic (filters, joins, ordering). 2025-12-22 00:00:24 +01:00			`from pagination import calculate_offset, create_paginated_response`
first implementation 2025-12-20 22:18:14 +01:00			`from schemas import (`
Add ruff linter/formatter for Python - Add ruff as dev dependency - Configure ruff in pyproject.toml with strict 88-char line limit - Ignore B008 (FastAPI Depends pattern is standard) - Allow longer lines in tests for readability - Fix all lint issues in source files - Add Makefile targets: lint-backend, format-backend, fix-backend 2025-12-21 21:54:26 +01:00			`AdminUserResponse,`
first implementation 2025-12-20 22:18:14 +01:00			`InviteCheckResponse,`
			`InviteCreate,`
			`InviteResponse,`
			`PaginatedInviteRecords,`
Add ruff linter/formatter for Python - Add ruff as dev dependency - Configure ruff in pyproject.toml with strict 88-char line limit - Ignore B008 (FastAPI Depends pattern is standard) - Allow longer lines in tests for readability - Fix all lint issues in source files - Add Makefile targets: lint-backend, format-backend, fix-backend 2025-12-21 21:54:26 +01:00			`UserInviteResponse,`
first implementation 2025-12-20 22:18:14 +01:00			`)`

reviewed 2025-12-20 22:38:39 +01:00			`router = APIRouter(prefix="/api/invites", tags=["invites"])`
			`admin_router = APIRouter(prefix="/api/admin", tags=["admin"])`
first implementation 2025-12-20 22:18:14 +01:00
			`MAX_INVITE_COLLISION_RETRIES = 3`


refactor(backend): standardize model-to-response conversion naming Issue #8: Inconsistent naming for model-to-response conversion functions. Changes: - Rename build_invite_response to _to_invite_response (invites.py) - Rename _map_counter_record to _to_counter_record_response (audit.py) - Rename _map_sum_record to _to_sum_record_response (audit.py) All conversion functions now follow the _to_X_response pattern, using underscore prefix for module-private functions. 2025-12-22 09:16:05 +01:00			`def _to_invite_response(invite: Invite) -> InviteResponse:`
first implementation 2025-12-20 22:18:14 +01:00			`"""Build an InviteResponse from an Invite with loaded relationships."""`
			`return InviteResponse(`
			`id=invite.id,`
			`identifier=invite.identifier,`
			`godfather_id=invite.godfather_id,`
			`godfather_email=invite.godfather.email,`
			`status=invite.status.value,`
			`used_by_id=invite.used_by_id,`
			`used_by_email=invite.used_by.email if invite.used_by else None,`
			`created_at=invite.created_at,`
			`spent_at=invite.spent_at,`
			`revoked_at=invite.revoked_at,`
			`)`


reviewed 2025-12-20 22:38:39 +01:00			`@router.get("/{identifier}/check", response_model=InviteCheckResponse)`
first implementation 2025-12-20 22:18:14 +01:00			`async def check_invite(`
			`identifier: str,`
			`db: AsyncSession = Depends(get_db),`
			`) -> InviteCheckResponse:`
			`"""Check if an invite is valid and can be used for signup."""`
			`normalized = normalize_identifier(identifier)`

			`# Validate format before querying database`
			`if not is_valid_identifier_format(normalized):`
			`return InviteCheckResponse(valid=False, error="Invalid invite code format")`

Add ruff linter/formatter for Python - Add ruff as dev dependency - Configure ruff in pyproject.toml with strict 88-char line limit - Ignore B008 (FastAPI Depends pattern is standard) - Allow longer lines in tests for readability - Fix all lint issues in source files - Add Makefile targets: lint-backend, format-backend, fix-backend 2025-12-21 21:54:26 +01:00			`result = await db.execute(select(Invite).where(Invite.identifier == normalized))`
first implementation 2025-12-20 22:18:14 +01:00			`invite = result.scalar_one_or_none()`

			`# Return same error for not found, spent, and revoked to avoid information leakage`
			`if not invite or invite.status in (InviteStatus.SPENT, InviteStatus.REVOKED):`
			`return InviteCheckResponse(valid=False, error="Invite not found")`

			`return InviteCheckResponse(valid=True, status=invite.status.value)`


reviewed 2025-12-20 22:38:39 +01:00			`@router.get("", response_model=list[UserInviteResponse])`
first implementation 2025-12-20 22:18:14 +01:00			`async def get_my_invites(`
			`db: AsyncSession = Depends(get_db),`
			`current_user: User = Depends(require_permission(Permission.VIEW_OWN_INVITES)),`
			`) -> list[UserInviteResponse]:`
			`"""Get all invites owned by the current user."""`
			`result = await db.execute(`
			`select(Invite)`
			`.where(Invite.godfather_id == current_user.id)`
			`.order_by(desc(Invite.created_at))`
			`)`
			`invites = result.scalars().all()`

			`# Use preloaded used_by relationship (selectin loading)`
			`return [`
			`UserInviteResponse(`
			`id=invite.id,`
			`identifier=invite.identifier,`
			`status=invite.status.value,`
			`used_by_email=invite.used_by.email if invite.used_by else None,`
			`created_at=invite.created_at,`
			`spent_at=invite.spent_at,`
			`)`
			`for invite in invites`
			`]`


reviewed 2025-12-20 22:38:39 +01:00			`@admin_router.get("/users", response_model=list[AdminUserResponse])`
first implementation 2025-12-20 22:18:14 +01:00			`async def list_users_for_admin(`
			`db: AsyncSession = Depends(get_db),`
			`_current_user: User = Depends(require_permission(Permission.MANAGE_INVITES)),`
			`) -> list[AdminUserResponse]:`
			`"""List all users for admin dropdowns (invite creation, etc.)."""`
			`result = await db.execute(select(User.id, User.email).order_by(User.email))`
			`users = result.all()`
			`return [AdminUserResponse(id=u.id, email=u.email) for u in users]`


reviewed 2025-12-20 22:38:39 +01:00			`@admin_router.post("/invites", response_model=InviteResponse)`
first implementation 2025-12-20 22:18:14 +01:00			`async def create_invite(`
			`data: InviteCreate,`
			`db: AsyncSession = Depends(get_db),`
			`_current_user: User = Depends(require_permission(Permission.MANAGE_INVITES)),`
			`) -> InviteResponse:`
			`"""Create a new invite for a specified godfather user."""`
			`# Validate godfather exists`
Add ruff linter/formatter for Python - Add ruff as dev dependency - Configure ruff in pyproject.toml with strict 88-char line limit - Ignore B008 (FastAPI Depends pattern is standard) - Allow longer lines in tests for readability - Fix all lint issues in source files - Add Makefile targets: lint-backend, format-backend, fix-backend 2025-12-21 21:54:26 +01:00			`result = await db.execute(select(User.id).where(User.id == data.godfather_id))`
first implementation 2025-12-20 22:18:14 +01:00			`godfather_id = result.scalar_one_or_none()`
			`if not godfather_id:`
			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
			`detail="Godfather user not found",`
			`)`

			`# Try to create invite with retry on collision`
			`invite: Invite \| None = None`
			`for attempt in range(MAX_INVITE_COLLISION_RETRIES):`
			`identifier = generate_invite_identifier()`
			`invite = Invite(`
			`identifier=identifier,`
			`godfather_id=godfather_id,`
			`status=InviteStatus.READY,`
			`)`
			`db.add(invite)`
			`try:`
			`await db.commit()`
			`await db.refresh(invite, ["godfather"])`
			`break`
			`except IntegrityError:`
			`await db.rollback()`
			`if attempt == MAX_INVITE_COLLISION_RETRIES - 1:`
			`raise HTTPException(`
			`status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,`
Add ruff linter/formatter for Python - Add ruff as dev dependency - Configure ruff in pyproject.toml with strict 88-char line limit - Ignore B008 (FastAPI Depends pattern is standard) - Allow longer lines in tests for readability - Fix all lint issues in source files - Add Makefile targets: lint-backend, format-backend, fix-backend 2025-12-21 21:54:26 +01:00			`detail="Failed to generate unique invite code. Try again.",`
			`) from None`
first implementation 2025-12-20 22:18:14 +01:00
			`if invite is None:`
			`raise HTTPException(`
			`status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,`
			`detail="Failed to create invite",`
			`)`
refactor(backend): standardize model-to-response conversion naming Issue #8: Inconsistent naming for model-to-response conversion functions. Changes: - Rename build_invite_response to _to_invite_response (invites.py) - Rename _map_counter_record to _to_counter_record_response (audit.py) - Rename _map_sum_record to _to_sum_record_response (audit.py) All conversion functions now follow the _to_X_response pattern, using underscore prefix for module-private functions. 2025-12-22 09:16:05 +01:00			`return _to_invite_response(invite)`
first implementation 2025-12-20 22:18:14 +01:00

reviewed 2025-12-20 22:38:39 +01:00			`@admin_router.get("/invites", response_model=PaginatedInviteRecords)`
first implementation 2025-12-20 22:18:14 +01:00			`async def list_all_invites(`
			`page: int = Query(1, ge=1),`
			`per_page: int = Query(10, ge=1, le=100),`
Add ruff linter/formatter for Python - Add ruff as dev dependency - Configure ruff in pyproject.toml with strict 88-char line limit - Ignore B008 (FastAPI Depends pattern is standard) - Allow longer lines in tests for readability - Fix all lint issues in source files - Add Makefile targets: lint-backend, format-backend, fix-backend 2025-12-21 21:54:26 +01:00			`status_filter: str \| None = Query(`
			`None, alias="status", description="Filter by status: ready, spent, revoked"`
			`),`
first implementation 2025-12-20 22:18:14 +01:00			`godfather_id: int \| None = Query(None, description="Filter by godfather user ID"),`
			`db: AsyncSession = Depends(get_db),`
			`_current_user: User = Depends(require_permission(Permission.MANAGE_INVITES)),`
			`) -> PaginatedInviteRecords:`
			`"""List all invites with optional filtering and pagination."""`
			`# Build query`
			`query = select(Invite)`
			`count_query = select(func.count(Invite.id))`

			`# Apply filters`
			`if status_filter:`
			`try:`
			`status_enum = InviteStatus(status_filter)`
			`query = query.where(Invite.status == status_enum)`
			`count_query = count_query.where(Invite.status == status_enum)`
			`except ValueError:`
			`raise HTTPException(`
			`status_code=400,`
Add ruff linter/formatter for Python - Add ruff as dev dependency - Configure ruff in pyproject.toml with strict 88-char line limit - Ignore B008 (FastAPI Depends pattern is standard) - Allow longer lines in tests for readability - Fix all lint issues in source files - Add Makefile targets: lint-backend, format-backend, fix-backend 2025-12-21 21:54:26 +01:00			`detail=f"Invalid status: {status_filter}. "`
			`"Must be ready, spent, or revoked",`
			`) from None`
first implementation 2025-12-20 22:18:14 +01:00
			`if godfather_id:`
			`query = query.where(Invite.godfather_id == godfather_id)`
			`count_query = count_query.where(Invite.godfather_id == godfather_id)`

			`# Get total count`
			`count_result = await db.execute(count_query)`
			`total = count_result.scalar() or 0`

			`# Get paginated invites (relationships loaded via selectin)`
refactor(backend): extract pagination utilities Issue #4: Pagination logic was repeated across multiple routes. Changes: - Add pagination.py with reusable utilities: - calculate_total_pages: computes page count from total/per_page - calculate_offset: computes offset for given page - create_paginated_response: builds PaginatedResponse with metadata - Update routes/audit.py to use pagination utilities - Update routes/booking.py to use pagination utilities - Update routes/invites.py to use pagination utilities The utilities handle the common pagination math while routes still manage their own query logic (filters, joins, ordering). 2025-12-22 00:00:24 +01:00			`offset = calculate_offset(page, per_page)`
first implementation 2025-12-20 22:18:14 +01:00			`query = query.order_by(desc(Invite.created_at)).offset(offset).limit(per_page)`
			`result = await db.execute(query)`
			`invites = result.scalars().all()`

			`# Build responses using preloaded relationships`
refactor(backend): standardize model-to-response conversion naming Issue #8: Inconsistent naming for model-to-response conversion functions. Changes: - Rename build_invite_response to _to_invite_response (invites.py) - Rename _map_counter_record to _to_counter_record_response (audit.py) - Rename _map_sum_record to _to_sum_record_response (audit.py) All conversion functions now follow the _to_X_response pattern, using underscore prefix for module-private functions. 2025-12-22 09:16:05 +01:00			`records = [_to_invite_response(invite) for invite in invites]`
first implementation 2025-12-20 22:18:14 +01:00
refactor(backend): extract pagination utilities Issue #4: Pagination logic was repeated across multiple routes. Changes: - Add pagination.py with reusable utilities: - calculate_total_pages: computes page count from total/per_page - calculate_offset: computes offset for given page - create_paginated_response: builds PaginatedResponse with metadata - Update routes/audit.py to use pagination utilities - Update routes/booking.py to use pagination utilities - Update routes/invites.py to use pagination utilities The utilities handle the common pagination math while routes still manage their own query logic (filters, joins, ordering). 2025-12-22 00:00:24 +01:00			`return create_paginated_response(records, total, page, per_page)`
first implementation 2025-12-20 22:18:14 +01:00

reviewed 2025-12-20 22:38:39 +01:00			`@admin_router.post("/invites/{invite_id}/revoke", response_model=InviteResponse)`
first implementation 2025-12-20 22:18:14 +01:00			`async def revoke_invite(`
			`invite_id: int,`
			`db: AsyncSession = Depends(get_db),`
			`_current_user: User = Depends(require_permission(Permission.MANAGE_INVITES)),`
			`) -> InviteResponse:`
			`"""Revoke an invite. Only READY invites can be revoked."""`
			`result = await db.execute(select(Invite).where(Invite.id == invite_id))`
			`invite = result.scalar_one_or_none()`

			`if not invite:`
			`raise HTTPException(`
			`status_code=status.HTTP_404_NOT_FOUND,`
			`detail="Invite not found",`
			`)`

			`if invite.status != InviteStatus.READY:`
			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
Add ruff linter/formatter for Python - Add ruff as dev dependency - Configure ruff in pyproject.toml with strict 88-char line limit - Ignore B008 (FastAPI Depends pattern is standard) - Allow longer lines in tests for readability - Fix all lint issues in source files - Add Makefile targets: lint-backend, format-backend, fix-backend 2025-12-21 21:54:26 +01:00			`detail=f"Cannot revoke invite with status '{invite.status.value}'. "`
			`"Only READY invites can be revoked.",`
first implementation 2025-12-20 22:18:14 +01:00			`)`

			`invite.status = InviteStatus.REVOKED`
Add ruff linter/formatter for Python - Add ruff as dev dependency - Configure ruff in pyproject.toml with strict 88-char line limit - Ignore B008 (FastAPI Depends pattern is standard) - Allow longer lines in tests for readability - Fix all lint issues in source files - Add Makefile targets: lint-backend, format-backend, fix-backend 2025-12-21 21:54:26 +01:00			`invite.revoked_at = datetime.now(UTC)`
first implementation 2025-12-20 22:18:14 +01:00			`await db.commit()`
			`await db.refresh(invite)`

refactor(backend): standardize model-to-response conversion naming Issue #8: Inconsistent naming for model-to-response conversion functions. Changes: - Rename build_invite_response to _to_invite_response (invites.py) - Rename _map_counter_record to _to_counter_record_response (audit.py) - Rename _map_sum_record to _to_sum_record_response (audit.py) All conversion functions now follow the _to_X_response pattern, using underscore prefix for module-private functions. 2025-12-22 09:16:05 +01:00			`return _to_invite_response(invite)`
refactor(backend): clean up router registration pattern Issue #6: Multiple routers per file made main.py verbose. Changes: - Add 'routers' list export to booking.py and invites.py - Update main.py to iterate over router lists for multi-router modules - Keep explicit registration for single-router modules - Cleaner separation between simple and complex route modules 2025-12-22 09:10:26 +01:00

			`# All routers from this module for easy registration`
			`routers = [router, admin_router]`