from fastapi import APIRouter, Depends, HTTPException, status from sqlalchemy.orm import Session from typing import List from datetime import date, timedelta from ...core.database import get_db from ...models.models import Membership, MembershipStatus, User, MembershipTier from ...schemas import ( MembershipCreate, MembershipUpdate, MembershipResponse, MessageResponse ) from ...api.dependencies import get_current_active_user, get_admin_user router = APIRouter() @router.get("/my-memberships", response_model=List[MembershipResponse]) async def get_my_memberships( current_user: User = Depends(get_current_active_user), db: Session = Depends(get_db) ): """Get current user's memberships""" memberships = db.query(Membership).filter( Membership.user_id == current_user.id ).all() return memberships @router.post("/", response_model=MembershipResponse, status_code=status.HTTP_201_CREATED) async def create_membership( membership_data: MembershipCreate, current_user: User = Depends(get_current_active_user), db: Session = Depends(get_db) ): """Create a new membership for current user""" # Verify tier exists tier = db.query(MembershipTier).filter( MembershipTier.id == membership_data.tier_id ).first() if not tier: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="Membership tier not found" ) if not tier.is_active: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail="Membership tier is not active" ) # Create membership membership = Membership( user_id=current_user.id, tier_id=membership_data.tier_id, start_date=membership_data.start_date, end_date=membership_data.end_date, auto_renew=membership_data.auto_renew, status=MembershipStatus.PENDING ) db.add(membership) db.commit() db.refresh(membership) return membership @router.get("/{membership_id}", response_model=MembershipResponse) async def get_membership( membership_id: int, current_user: User = Depends(get_current_active_user), db: Session = Depends(get_db) ): """Get membership by ID""" membership = db.query(Membership).filter( Membership.id == membership_id ).first() if not membership: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="Membership not found" ) # Check if user has permission to view this membership if membership.user_id != current_user.id and current_user.role.value not in ["admin", "super_admin"]: raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Not authorized to view this membership" ) return membership @router.put("/{membership_id}", response_model=MembershipResponse) async def update_membership( membership_id: int, membership_update: MembershipUpdate, current_user = Depends(get_admin_user), db: Session = Depends(get_db) ): """Update membership (admin only)""" membership = db.query(Membership).filter( Membership.id == membership_id ).first() if not membership: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="Membership not found" ) update_data = membership_update.model_dump(exclude_unset=True) for field, value in update_data.items(): setattr(membership, field, value) db.commit() db.refresh(membership) return membership @router.get("/", response_model=List[MembershipResponse]) async def list_memberships( skip: int = 0, limit: int = 100, status: MembershipStatus | None = None, current_user = Depends(get_admin_user), db: Session = Depends(get_db) ): """List all memberships (admin only)""" query = db.query(Membership) if status: query = query.filter(Membership.status == status) memberships = query.offset(skip).limit(limit).all() return memberships @router.delete("/{membership_id}", response_model=MessageResponse) async def delete_membership( membership_id: int, current_user = Depends(get_admin_user), db: Session = Depends(get_db) ): """Delete membership (admin only)""" membership = db.query(Membership).filter( Membership.id == membership_id ).first() if not membership: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="Membership not found" ) db.delete(membership) db.commit() return {"message": "Membership deleted successfully"}