2026-04-06 12:41:49 +01:00
|
|
|
"""
|
|
|
|
|
Router endpoints for organisation module
|
|
|
|
|
|
|
|
|
|
Endpoints:
|
|
|
|
|
- [get]/id/{org_id} - Retrieves an organisation by its ID
|
|
|
|
|
- [post]/ - Creates a new organisation
|
|
|
|
|
- [patch]/{org_id}/questionnaire - Updates the questionnaire data for an organisation (can be partial or final submission)
|
|
|
|
|
- [patch]/{org_id}/status - Updates the status of an organisation
|
|
|
|
|
- [patch]/{org_id}/contact - Assigns a contact to an organisation (as billing, security, or owner)
|
|
|
|
|
- [get]/{org_id}/users - Retrieves all users associated with an organisation
|
|
|
|
|
- [get]/{org_id}/users/admins - Retrieves only the admin users of an organisation
|
|
|
|
|
- [post]/{org_id}/users - Adds a new user to an organisation
|
|
|
|
|
- [patch]/{org_id}/users - Updates details of an existing organisation user (e.g., admin status)
|
|
|
|
|
- [delete]/{org_id} - Deletes an organisation by ID
|
|
|
|
|
- [get]/{org_id}/contact/{contact_type} - Retrieves the contact of a specific type (owner, billing, security) for an organisation
|
|
|
|
|
"""
|
2026-05-19 11:11:03 +01:00
|
|
|
from typing import Annotated
|
|
|
|
|
|
2026-04-06 12:41:49 +01:00
|
|
|
from fastapi import APIRouter, HTTPException
|
|
|
|
|
from fastapi.params import Path
|
|
|
|
|
|
|
|
|
|
from sqlalchemy.sql import exists
|
|
|
|
|
|
|
|
|
|
from src.auth.service import super_admin_dependency
|
|
|
|
|
from src.database import db_dependency
|
|
|
|
|
from src.contact.models import Contact
|
|
|
|
|
|
|
|
|
|
from src.organisation.constants import ContactType
|
|
|
|
|
from src.organisation.models import Organisation as Org, OrgUsers
|
|
|
|
|
from src.organisation.schemas import OrgOrgPostRequest, OrgQuestionnairePatchRequest, OrgStatusPatchRequest, \
|
|
|
|
|
OrgContactPatchRequest, \
|
|
|
|
|
OrgUserPostRequest, OrgUserGetResponse, OrgContactGetResponse, OrgOrgGetResponse
|
|
|
|
|
|
|
|
|
|
router = APIRouter(
|
|
|
|
|
prefix="/org",
|
|
|
|
|
tags=["org"],
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@router.get("/id/{org_id}", response_model=OrgOrgGetResponse)
|
2026-05-19 11:11:03 +01:00
|
|
|
async def get_org_by_id(db: db_dependency, org_id: Annotated[int, Path(gt=0)]):
|
2026-04-06 12:41:49 +01:00
|
|
|
org_model = (db.query(Org).filter(Org.id == org_id).first())
|
|
|
|
|
if org_model is None:
|
|
|
|
|
raise HTTPException(status_code=404, detail="Organisation not found")
|
|
|
|
|
|
|
|
|
|
response = {
|
|
|
|
|
"name": org_model.name,
|
|
|
|
|
"status": org_model.status,
|
|
|
|
|
"owner_contact": (db.query(Contact).filter(Contact.id == org_model.owner_contact_id).first()),
|
|
|
|
|
"billing_contact": (db.query(Contact).filter(Contact.id == org_model.billing_contact_id).first()),
|
|
|
|
|
"security_contact": (db.query(Contact).filter(Contact.id == org_model.security_contact_id).first()),
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return response
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@router.post("/")
|
|
|
|
|
async def create_org(db: db_dependency, org_request: OrgOrgPostRequest):
|
|
|
|
|
org_model = Org(**org_request.model_dump())
|
|
|
|
|
|
|
|
|
|
org_model.status = "partial" # Status is always set to partial at first, see update_questionnaire() doc
|
|
|
|
|
|
|
|
|
|
db.add(org_model)
|
|
|
|
|
db.commit()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@router.patch("/{org_id}/questionnaire")
|
2026-05-19 11:11:03 +01:00
|
|
|
async def update_questionnaire(db: db_dependency, q_request: OrgQuestionnairePatchRequest, org_id: Annotated[int, Path(gt=0)]):
|
2026-04-06 12:41:49 +01:00
|
|
|
"""
|
|
|
|
|
Route for updating questionnaire.
|
|
|
|
|
The partial bool allows for submission of partially completed questionnaire and/or
|
|
|
|
|
final "are you sure" check before setting the org to be in "submitted" status, awaiting admin approval.
|
|
|
|
|
"""
|
|
|
|
|
org_model = db.query(Org).filter(Org.id == org_id).first()
|
|
|
|
|
if org_model is None:
|
|
|
|
|
raise HTTPException(status_code=404, detail="Organisation not found")
|
|
|
|
|
|
|
|
|
|
org_model.intake_questionnaire = q_request.intake_questionnaire
|
|
|
|
|
|
|
|
|
|
# Allows for partially completed questionnaires to be saved without being submitted for review
|
|
|
|
|
if not q_request.partial:
|
|
|
|
|
org_model.status = "submitted"
|
|
|
|
|
|
|
|
|
|
db.add(org_model)
|
|
|
|
|
db.commit()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@router.patch("/{org_id}/status")
|
2026-05-19 11:11:03 +01:00
|
|
|
async def update_status(db: db_dependency, status_request: OrgStatusPatchRequest, org_id: Annotated[int, Path(gt=0)]):
|
2026-04-06 12:41:49 +01:00
|
|
|
org_model = db.query(Org).filter(Org.id == org_id).first()
|
|
|
|
|
if org_model is None:
|
|
|
|
|
raise HTTPException(status_code=404, detail="Organisation not found")
|
|
|
|
|
|
|
|
|
|
org_model.status = status_request.status
|
|
|
|
|
|
|
|
|
|
db.add(org_model)
|
|
|
|
|
db.commit()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@router.patch("/{org_id}/contact")
|
2026-05-19 11:11:03 +01:00
|
|
|
async def update_contact(db: db_dependency, contact_request: OrgContactPatchRequest, org_id: Annotated[int, Path(gt=0)]):
|
2026-04-06 12:41:49 +01:00
|
|
|
org_model = db.query(Org).filter(Org.id == org_id).first()
|
|
|
|
|
if org_model is None:
|
|
|
|
|
raise HTTPException(status_code=404, detail="Organisation not found")
|
|
|
|
|
|
|
|
|
|
match contact_request.contact_type:
|
|
|
|
|
case "billing":
|
|
|
|
|
org_model.billing_contact_id = contact_request.contact_id
|
|
|
|
|
case "security":
|
|
|
|
|
org_model.security_contact_id = contact_request.contact_id
|
|
|
|
|
case "owner":
|
|
|
|
|
org_model.owner_contact_id = contact_request.contact_id
|
|
|
|
|
case _:
|
|
|
|
|
raise HTTPException(status_code=422, detail="Invalid contact type")
|
|
|
|
|
|
|
|
|
|
db.add(org_model)
|
|
|
|
|
db.commit()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@router.get("/{org_id}/users", response_model=list[OrgUserGetResponse])
|
2026-05-19 11:11:03 +01:00
|
|
|
async def get_users(db: db_dependency, org_id: Annotated[int, Path(gt=0)]):
|
2026-04-06 12:41:49 +01:00
|
|
|
org_exists = db.query(exists().where(Org.id == org_id)).scalar()
|
|
|
|
|
if not org_exists:
|
|
|
|
|
raise HTTPException(status_code=404, detail="Organisation not found")
|
|
|
|
|
|
|
|
|
|
org_user_models = db.query(OrgUsers).filter(OrgUsers.org_id == org_id).all()
|
|
|
|
|
|
|
|
|
|
return org_user_models
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@router.get("/{org_id}/users/admins", response_model=list[OrgUserGetResponse])
|
2026-05-19 11:11:03 +01:00
|
|
|
async def get_admin_users(db: db_dependency, org_id: Annotated[int, Path(gt=0)]):
|
2026-04-06 12:41:49 +01:00
|
|
|
org_exists = db.query(exists().where(Org.id == org_id)).scalar()
|
|
|
|
|
if not org_exists:
|
|
|
|
|
raise HTTPException(status_code=404, detail="Organisation not found")
|
|
|
|
|
|
|
|
|
|
org_user_models = db.query(OrgUsers).filter(OrgUsers.org_id == org_id).filter(OrgUsers.is_admin == True).all()
|
|
|
|
|
|
|
|
|
|
return org_user_models
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@router.post("/{org_id}/users")
|
2026-05-19 11:11:03 +01:00
|
|
|
async def add_user_to_org(db: db_dependency, user_request: OrgUserPostRequest, org_id: Annotated[int, Path(gt=0)]):
|
2026-04-06 12:41:49 +01:00
|
|
|
org_user_model = OrgUsers(**user_request.model_dump(), org_id=org_id)
|
|
|
|
|
|
|
|
|
|
db.add(org_user_model)
|
|
|
|
|
db.commit()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@router.patch("/{org_id}/users")
|
2026-05-19 11:11:03 +01:00
|
|
|
async def update_user_details(db: db_dependency, user_request: OrgUserPostRequest, org_id: Annotated[int, Path(gt=0)]):
|
2026-04-06 12:41:49 +01:00
|
|
|
"""
|
|
|
|
|
Currently used only to update user admin status for organisation.
|
|
|
|
|
"""
|
|
|
|
|
# TODO: Check if org exists
|
|
|
|
|
org_user_model = db.query(OrgUsers).filter(OrgUsers.org_id == org_id).filter(OrgUsers.user_id == user_request.user_id).first()
|
|
|
|
|
|
|
|
|
|
if org_user_model is None:
|
|
|
|
|
raise HTTPException(status_code=404, detail="Organisation user not found")
|
|
|
|
|
|
|
|
|
|
if user_request.is_admin is not None:
|
|
|
|
|
org_user_model.is_admin = user_request.is_admin
|
|
|
|
|
|
|
|
|
|
db.add(org_user_model)
|
|
|
|
|
db.commit()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@router.delete("/{org_id}")
|
2026-05-19 11:11:03 +01:00
|
|
|
async def delete_organisation_by_id(db: db_dependency, org_id: Annotated[int, Path(gt=0)]):
|
2026-04-06 12:41:49 +01:00
|
|
|
org_model = (db.query(Org).filter(Org.id == org_id).first())
|
|
|
|
|
if org_model is None:
|
|
|
|
|
raise HTTPException(status_code=404, detail="Organisation not found")
|
|
|
|
|
db.delete(org_model)
|
|
|
|
|
db.commit()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@router.get("/{org_id}/contact/{contact_type}", response_model=OrgContactGetResponse)
|
2026-05-19 11:11:03 +01:00
|
|
|
async def get_contact(db: db_dependency, contact_type: ContactType, org_id: Annotated[int, Path(gt=0)]):
|
2026-04-06 12:41:49 +01:00
|
|
|
org_model = db.query(Org).filter(Org.id == org_id).first()
|
|
|
|
|
if org_model is None:
|
|
|
|
|
raise HTTPException(status_code=404, detail="Organisation not found")
|
|
|
|
|
match contact_type:
|
|
|
|
|
case "billing":
|
|
|
|
|
contact_id = org_model.billing_contact_id
|
|
|
|
|
case "security":
|
|
|
|
|
contact_id = org_model.security_contact_id
|
|
|
|
|
case "owner":
|
|
|
|
|
contact_id = org_model.owner_contact_id
|
|
|
|
|
case _:
|
|
|
|
|
raise HTTPException(status_code=422, detail="Invalid contact type")
|
|
|
|
|
|
|
|
|
|
contact_model = (db.query(Contact).filter(Contact.id == contact_id).first())
|
|
|
|
|
if contact_model is None:
|
|
|
|
|
raise HTTPException(status_code=404, detail="Contact not found")
|
|
|
|
|
|
|
|
|
|
return contact_model
|
