nt_web_template/full-stack-fastapi-template
2
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Upgrade items router with new SQLModel models, simplified logic, and new FastAPI Annotated dependencies (#560)

Browse Source
This commit is contained in:
Sebastián Ramírez
2023-11-25 00:11:02 +01:00
committed by GitHub
parent 9befa33a9f
commit 870d45fa36
1 changed files with 66 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

135
src/backend/app/app/api/api_v1/endpoints/items.py
View File

@@ -1,99 +1,96 @@
from typing import Any, List from typing import Annotated
from fastapi import APIRouter, Depends, HTTPException from fastapi import APIRouter, Depends, HTTPException
from sqlalchemy.orm import Session from sqlmodel import Session, select
from app import crud, models, schemas
from app.api import deps from app.api import deps
from app.models import Item, ItemCreate, ItemOut, ItemUpdate, User
router = APIRouter() router = APIRouter()
SessionDep = Annotated[Session, Depends(deps.get_db)]
CurrentUser = Annotated[User, Depends(deps.get_current_active_user)]
@router.get("/", response_model=List[schemas.Item])
@router.get("/")
def read_items( def read_items(
db: Session = Depends(deps.get_db), session: SessionDep, current_user: CurrentUser, skip: int = 0, limit: int = 100
skip: int = 0, ) -> list[ItemOut]:
limit: int = 100,
current_user: models.User = Depends(deps.get_current_active_user),
) -> Any:
""" """
Retrieve items. Retrieve items.
""" """
if crud.user.is_superuser(current_user):
items = crud.item.get_multi(db, skip=skip, limit=limit) if current_user.is_superuser:
statement = select(Item).offset(skip).limit(limit)
return session.exec(statement).all() # type: ignore
else: else:
items = crud.item.get_multi_by_owner( statement = (
db=db, owner_id=current_user.id, skip=skip, limit=limit select(Item)
.where(Item.owner_id == current_user.id)
.offset(skip)
.limit(limit)
) )
return items return session.exec(statement).all() # type: ignore
@router.post("/", response_model=schemas.Item) @router.get("/{id}")
def create_item( def read_item(session: SessionDep, current_user: CurrentUser, id: int) -> ItemOut:
*,
db: Session = Depends(deps.get_db),
item_in: schemas.ItemCreate,
current_user: models.User = Depends(deps.get_current_active_user),
) -> Any:
"""
Create new item.
"""
item = crud.item.create_with_owner(db=db, obj_in=item_in, owner_id=current_user.id)
return item
@router.put("/{id}", response_model=schemas.Item)
def update_item(
*,
db: Session = Depends(deps.get_db),
id: int,
item_in: schemas.ItemUpdate,
current_user: models.User = Depends(deps.get_current_active_user),
) -> Any:
"""
Update an item.
"""
item = crud.item.get(db=db, id=id)
if not item:
raise HTTPException(status_code=404, detail="Item not found")
if not crud.user.is_superuser(current_user) and (item.owner_id != current_user.id):
raise HTTPException(status_code=400, detail="Not enough permissions")
item = crud.item.update(db=db, db_obj=item, obj_in=item_in)
return item
@router.get("/{id}", response_model=schemas.Item)
def read_item(
*,
db: Session = Depends(deps.get_db),
id: int,
current_user: models.User = Depends(deps.get_current_active_user),
) -> Any:
""" """
Get item by ID. Get item by ID.
""" """
item = crud.item.get(db=db, id=id) item = session.get(Item, id)
if not item: if not item:
raise HTTPException(status_code=404, detail="Item not found") raise HTTPException(status_code=404, detail="Item not found")
if not crud.user.is_superuser(current_user) and (item.owner_id != current_user.id): if not current_user.is_superuser and (item.owner_id != current_user.id):
raise HTTPException(status_code=400, detail="Not enough permissions") raise HTTPException(status_code=400, detail="Not enough permissions")
return item return item # type: ignore
@router.delete("/{id}", response_model=schemas.Item) @router.post("/")
def delete_item( def create_item(
*, *, session: SessionDep, current_user: CurrentUser, item_in: ItemCreate
db: Session = Depends(deps.get_db), ) -> ItemOut:
id: int, """
current_user: models.User = Depends(deps.get_current_active_user), Create new item.
) -> Any: """
item = Item.from_orm(item_in, update={"owner_id": current_user.id})
session.add(item)
session.commit()
session.refresh(item)
return item # type: ignore
@router.put("/{id}")
def update_item(
*, session: SessionDep, current_user: CurrentUser, id: int, item_in: ItemUpdate
) -> ItemOut:
"""
Update an item.
"""
item = session.get(Item, id)
if not item:
raise HTTPException(status_code=404, detail="Item not found")
if not current_user.is_superuser and (item.owner_id != current_user.id):
raise HTTPException(status_code=400, detail="Not enough permissions")
# TODO: check this actually works
update_dict = item_in.dict(exclude_unset=True)
item.from_orm(update_dict)
session.add(item)
session.commit()
session.refresh(item)
return item # type: ignore
@router.delete("/{id}")
def delete_item(session: SessionDep, current_user: CurrentUser, id: int) -> ItemOut:
""" """
Delete an item. Delete an item.
""" """
item = crud.item.get(db=db, id=id) item = session.get(Item, id)
if not item: if not item:
raise HTTPException(status_code=404, detail="Item not found") raise HTTPException(status_code=404, detail="Item not found")
if not crud.user.is_superuser(current_user) and (item.owner_id != current_user.id): if not current_user.is_superuser and (item.owner_id != current_user.id):
raise HTTPException(status_code=400, detail="Not enough permissions") raise HTTPException(status_code=400, detail="Not enough permissions")
item = crud.item.remove(db=db, id=id) session.delete(item)
return item session.commit()
return item # type: ignore