First commit

backend/app/api/v1/memberships.py

@@ -0,0 +1,163 @@
+from fastapi import APIRouter, Depends, HTTPException, status
+from sqlalchemy.orm import Session
+from typing import List
+from datetime import date, timedelta
+
+from ...core.database import get_db
+from ...models.models import Membership, MembershipStatus, User, MembershipTier
+from ...schemas import (
+    MembershipCreate, MembershipUpdate, MembershipResponse, MessageResponse
+)
+from ...api.dependencies import get_current_active_user, get_admin_user
+
+router = APIRouter()
+
+
+@router.get("/my-memberships", response_model=List[MembershipResponse])
+async def get_my_memberships(
+    current_user: User = Depends(get_current_active_user),
+    db: Session = Depends(get_db)
+):
+    """Get current user's memberships"""
+    memberships = db.query(Membership).filter(
+        Membership.user_id == current_user.id
+    ).all()
+    return memberships
+
+
+@router.post("/", response_model=MembershipResponse, status_code=status.HTTP_201_CREATED)
+async def create_membership(
+    membership_data: MembershipCreate,
+    current_user: User = Depends(get_current_active_user),
+    db: Session = Depends(get_db)
+):
+    """Create a new membership for current user"""
+    # Verify tier exists
+    tier = db.query(MembershipTier).filter(
+        MembershipTier.id == membership_data.tier_id
+    ).first()
+    
+    if not tier:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Membership tier not found"
+        )
+    
+    if not tier.is_active:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Membership tier is not active"
+        )
+    
+    # Create membership
+    membership = Membership(
+        user_id=current_user.id,
+        tier_id=membership_data.tier_id,
+        start_date=membership_data.start_date,
+        end_date=membership_data.end_date,
+        auto_renew=membership_data.auto_renew,
+        status=MembershipStatus.PENDING
+    )
+    
+    db.add(membership)
+    db.commit()
+    db.refresh(membership)
+    
+    return membership
+
+
+@router.get("/{membership_id}", response_model=MembershipResponse)
+async def get_membership(
+    membership_id: int,
+    current_user: User = Depends(get_current_active_user),
+    db: Session = Depends(get_db)
+):
+    """Get membership by ID"""
+    membership = db.query(Membership).filter(
+        Membership.id == membership_id
+    ).first()
+    
+    if not membership:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Membership not found"
+        )
+    
+    # Check if user has permission to view this membership
+    if membership.user_id != current_user.id and current_user.role.value not in ["admin", "super_admin"]:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Not authorized to view this membership"
+        )
+    
+    return membership
+
+
+@router.put("/{membership_id}", response_model=MembershipResponse)
+async def update_membership(
+    membership_id: int,
+    membership_update: MembershipUpdate,
+    current_user = Depends(get_admin_user),
+    db: Session = Depends(get_db)
+):
+    """Update membership (admin only)"""
+    membership = db.query(Membership).filter(
+        Membership.id == membership_id
+    ).first()
+    
+    if not membership:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Membership not found"
+        )
+    
+    update_data = membership_update.model_dump(exclude_unset=True)
+    
+    for field, value in update_data.items():
+        setattr(membership, field, value)
+    
+    db.commit()
+    db.refresh(membership)
+    
+    return membership
+
+
+@router.get("/", response_model=List[MembershipResponse])
+async def list_memberships(
+    skip: int = 0,
+    limit: int = 100,
+    status: MembershipStatus | None = None,
+    current_user = Depends(get_admin_user),
+    db: Session = Depends(get_db)
+):
+    """List all memberships (admin only)"""
+    query = db.query(Membership)
+    
+    if status:
+        query = query.filter(Membership.status == status)
+    
+    memberships = query.offset(skip).limit(limit).all()
+    return memberships
+
+
+@router.delete("/{membership_id}", response_model=MessageResponse)
+async def delete_membership(
+    membership_id: int,
+    current_user = Depends(get_admin_user),
+    db: Session = Depends(get_db)
+):
+    """Delete membership (admin only)"""
+    membership = db.query(Membership).filter(
+        Membership.id == membership_id
+    ).first()
+    
+    if not membership:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Membership not found"
+        )
+    
+    db.delete(membership)
+    db.commit()
+    
+    return {"message": "Membership deleted successfully"}