added functional groups api + started pictures

2025-07-30 19:10:10 +03:00
parent c203a890dc
commit 3341d68c7e
20 changed files with 1103 additions and 120 deletions
--- a/src/api/groups.py
+++ b/src/api/groups.py
@ -1,24 +1,24 @@
+import secrets
 from typing import Annotated

 from fastapi import APIRouter, Depends, HTTPException, status
 from psycopg2._psycopg import connection

-import db.users as db
+import db.groups as db
 import settings.settings as settings
-from api.models import User
-from api.utils import get_current_user
+import settings.startup_settings as startup_settings
+from api.models import Group, User
+from api.utils import get_current_user, get_group_by_name
 from db.internal import get_db_connection
+from db.memberships import check_membership_exists
+from settings.consts import JOIN_CODE_SYMBOLS

 groups_router = APIRouter(prefix="/api/groups", tags=["groups"])


-@groups_router.get("/my")
-async def read_users_groups(current_user: Annotated[User, Depends(get_current_user)]):
-    return current_user
-
-@groups_router.post("/user")
-async def read_users_any_groups(
-    username: str,
+@groups_router.post("/group")
+async def read_any_group(
+    groupname: str,
    conn: Annotated[connection, Depends(get_db_connection)],
    current_user: Annotated[User, Depends(get_current_user)]
 ):
@ -27,46 +27,186 @@ async def read_users_any_groups(
            status_code=status.HTTP_403_FORBIDDEN,
            detail="Not allowed",
        )
-    user = User()
-    user_data = db.get_user(conn, username)
-    if user_data is None:
+    group = Group()
+    group_data = db.get_group(conn, groupname)
+    if group_data is None:
        return HTTPException(
            status_code=status.HTTP_404_NOT_FOUND,
-            detail="No such user",
+            detail="No such group",
        )
-    user.fill(user_data)
-    return user
+    group.fill(group_data)
+    return group
+
+@groups_router.post("/invite_code")
+async def read_group_invite_code(
+    groupname: str,
+    conn: Annotated[connection, Depends(get_db_connection)],
+    current_user: Annotated[User, Depends(get_current_user)]
+):
+    if not check_membership_exists(conn, current_user.username, groupname) and current_user.role not in settings.settings.admin_roles:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Not allowed",
+        )
+    invite_code = db.get_group_invite_code(conn, groupname)
+    if invite_code is None:
+        return HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="No such group",
+        )
+    return invite_code


@groups_router.post("/add")
 async def add_group(
-    groupname: str,
    conn: Annotated[connection, Depends(get_db_connection)],
-    current_user: Annotated[User, Depends(get_current_user)]
+    current_user: Annotated[User, Depends(get_current_user)],
+    groupname: str,
+    allow_skips: bool = True,
+    feed_interval_minutes: int = 1440,
 ):
-    # TODO
-    pass
-    # if not settings.settings.allow_create_admins_by_admins:
-    #     if current_user.role not in settings.settings.admin_roles:
-    #         raise HTTPException(
-    #             status_code=status.HTTP_403_FORBIDDEN,
-    #             detail="Not allowed",
-    #         )
-    # return db.create_user(conn, username, hashed_password, "admin")
+    if not settings.settings.allow_create_groups and current_user.role not in settings.settings.admin_roles:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Not allowed",
+        )

+    if db.check_group_existence(conn, groupname):
+        raise HTTPException(
+            status_code=status.HTTP_409_CONFLICT,
+            detail="Group already exists",
+        )
+
+    invite_code = "".join(secrets.choice(JOIN_CODE_SYMBOLS) for _ in range(startup_settings.join_code_length))
+    while db.check_invite_code(conn, invite_code):
+        invite_code = "".join(secrets.choice(JOIN_CODE_SYMBOLS) for _ in range(startup_settings.join_code_length))
+    return {
+        "result": db.create_group(conn, groupname, invite_code, current_user.username, allow_skips, feed_interval_minutes),
+        "invite code": invite_code
+    }

@groups_router.post("/delete")
-async def delete_user(
+async def delete_group(
    groupname: str,
    conn: Annotated[connection, Depends(get_db_connection)],
    current_user: Annotated[User, Depends(get_current_user)]
 ):
-    # TODO
-    pass
-    # if current_user.username == username or current_user.role in settings.settings.admin_roles:
-    #     return db.delete_user(conn, groupname)
-    # else:
-    #     raise HTTPException(
-    #         status_code=status.HTTP_403_FORBIDDEN,
-    #         detail="Not allowed",
-    #     )
+    group = get_group_by_name(conn, groupname)
+    if current_user.role in settings.settings.admin_roles:
+        return db.delete_group(conn, groupname)
+    if current_user.username == group.author:
+        return db.delete_group(conn, groupname)
+    else:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Not allowed",
+        )
+
+
+@groups_router.post("/update/groupname")
+async def update_groupname(
+    groupname: str,
+    new_groupname: str,
+    conn: Annotated[connection, Depends(get_db_connection)],
+    current_user: Annotated[User, Depends(get_current_user)]
+):
+    if db.check_group_existence(conn, new_groupname):
+        raise HTTPException(
+            status_code=status.HTTP_409_CONFLICT,
+            detail="Groupname is already taken",
+        )
+    group = get_group_by_name(conn, groupname)
+
+    if current_user.role in settings.settings.admin_roles:
+        return db.update_group_groupname(conn, groupname, new_groupname)
+    if current_user.username == group.author:
+        return db.update_group_groupname(conn, groupname, new_groupname)
+    else:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Not allowed",
+        )
+
+@groups_router.post("/update/author")
+async def update_author(
+    groupname: str,
+    new_author: str,
+    conn: Annotated[connection, Depends(get_db_connection)],
+    current_user: Annotated[User, Depends(get_current_user)]
+):
+    group = get_group_by_name(conn, groupname)
+    if current_user.role in settings.settings.admin_roles:
+        return db.update_group_author(conn, groupname, new_author)
+    if current_user.username == group.author:
+        return db.update_group_author(conn, groupname, new_author)
+    else:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Not allowed",
+        )
+
+@groups_router.get("/update/invite_code")
+async def update_invite_code(
+    groupname: str,
+    conn: Annotated[connection, Depends(get_db_connection)],
+    current_user: Annotated[User, Depends(get_current_user)]
+):
+    group = get_group_by_name(conn, groupname)
+
+    invite_code = "".join(secrets.choice(JOIN_CODE_SYMBOLS) for _ in range(startup_settings.join_code_length))
+    while db.check_invite_code(conn, invite_code):
+        invite_code = "".join(secrets.choice(JOIN_CODE_SYMBOLS) for _ in range(startup_settings.join_code_length))
+
+    if current_user.role in settings.settings.admin_roles:
+        return {
+            "result": db.update_group_invite_code(conn, groupname, invite_code),
+            "invite code": invite_code
+        }
+    if current_user.username == group.author:
+        return {
+            "result": db.update_group_invite_code(conn, groupname, invite_code),
+            "invite code": invite_code
+        }
+    else:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Not allowed",
+        )
+
+
+@groups_router.get("/update/allow_skips")
+async def update_allow_skips(
+    groupname: str,
+    allow_skips: bool,
+    conn: Annotated[connection, Depends(get_db_connection)],
+    current_user: Annotated[User, Depends(get_current_user)]
+):
+    group = get_group_by_name(conn, groupname)
+    if current_user.role in settings.settings.admin_roles:
+        return db.update_group_allow_skips(conn, groupname, allow_skips)
+    if current_user.username == group.author:
+        return db.update_group_allow_skips(conn, groupname, allow_skips)
+    else:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Not allowed",
+        )
+
+
+@groups_router.get("/update/feed_interval")
+async def update_feed_interval(
+    groupname: str,
+    feed_interval: int,
+    conn: Annotated[connection, Depends(get_db_connection)],
+    current_user: Annotated[User, Depends(get_current_user)]
+):
+    group = get_group_by_name(conn, groupname)
+    if current_user.role in settings.settings.admin_roles:
+        return db.update_group_feed_interval(conn, groupname, feed_interval)
+    if current_user.username == group.author:
+        return db.update_group_feed_interval(conn, groupname, feed_interval)
+    else:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Not allowed",
+        )