refactor(api): introduce UserContext schema for API dependency injection

Replace direct User database model imports in API endpoints with UserContext schema, following the architecture principle that API routes should not import database models directly. Changes: - Create UserContext schema in models/schema/auth.py with from_user() factory - Update app/api/deps.py to return UserContext from all auth dependencies - Add _get_user_model() helper for functions needing User model access - Update 58 API endpoint files to use UserContext instead of User - Add noqa comments for 4 legitimate edge cases (enums, internal helpers) Architecture validation: 0 errors (down from 61), 11 warnings remain Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-30 20:47:33 +01:00
parent 1ad30bd77e
commit cad862f469
60 changed files with 755 additions and 589 deletions
--- a/app/api/v1/vendor/letzshop.py
+++ b/app/api/v1/vendor/letzshop.py
@@ -31,7 +31,7 @@ from app.services.letzshop import (
    LetzshopOrderService,
    OrderNotFoundError,
 )
-from models.database.user import User
+from models.schema.auth import UserContext
 from app.modules.marketplace.schemas import (
    FulfillmentConfirmRequest,
    FulfillmentOperationResponse,
@@ -81,7 +81,7 @@ def get_credentials_service(db: Session) -> LetzshopCredentialsService:

@router.get("/status", response_model=LetzshopCredentialsStatus)
 def get_letzshop_status(
-    current_user: User = Depends(get_current_vendor_api),
+    current_user: UserContext = Depends(get_current_vendor_api),
    db: Session = Depends(get_db),
 ):
    """Get Letzshop integration status for the current vendor."""
@@ -92,7 +92,7 @@ def get_letzshop_status(

@router.get("/credentials", response_model=LetzshopCredentialsResponse)
 def get_credentials(
-    current_user: User = Depends(get_current_vendor_api),
+    current_user: UserContext = Depends(get_current_vendor_api),
    db: Session = Depends(get_db),
 ):
    """Get Letzshop credentials for the current vendor (API key is masked)."""
@@ -122,7 +122,7 @@ def get_credentials(
@router.post("/credentials", response_model=LetzshopCredentialsResponse)
 def save_credentials(
    credentials_data: LetzshopCredentialsCreate,
-    current_user: User = Depends(get_current_vendor_api),
+    current_user: UserContext = Depends(get_current_vendor_api),
    db: Session = Depends(get_db),
 ):
    """Create or update Letzshop credentials for the current vendor."""
@@ -158,7 +158,7 @@ def save_credentials(
@router.patch("/credentials", response_model=LetzshopCredentialsResponse)
 def update_credentials(
    credentials_data: LetzshopCredentialsUpdate,
-    current_user: User = Depends(get_current_vendor_api),
+    current_user: UserContext = Depends(get_current_vendor_api),
    db: Session = Depends(get_db),
 ):
    """Partially update Letzshop credentials for the current vendor."""
@@ -194,7 +194,7 @@ def update_credentials(

@router.delete("/credentials", response_model=LetzshopSuccessResponse)
 def delete_credentials(
-    current_user: User = Depends(get_current_vendor_api),
+    current_user: UserContext = Depends(get_current_vendor_api),
    db: Session = Depends(get_db),
 ):
    """Delete Letzshop credentials for the current vendor."""
@@ -218,7 +218,7 @@ def delete_credentials(

@router.post("/test", response_model=LetzshopConnectionTestResponse)
 def test_connection(
-    current_user: User = Depends(get_current_vendor_api),
+    current_user: UserContext = Depends(get_current_vendor_api),
    db: Session = Depends(get_db),
 ):
    """Test the Letzshop connection using stored credentials."""
@@ -239,7 +239,7 @@ def test_connection(
@router.post("/test-key", response_model=LetzshopConnectionTestResponse)
 def test_api_key(
    test_request: LetzshopConnectionTestRequest,
-    current_user: User = Depends(get_current_vendor_api),
+    current_user: UserContext = Depends(get_current_vendor_api),
    db: Session = Depends(get_db),
 ):
    """Test a Letzshop API key without saving it."""
@@ -268,7 +268,7 @@ def list_orders(
    skip: int = Query(0, ge=0),
    limit: int = Query(50, ge=1, le=200),
    status: str | None = Query(None, description="Filter by order status"),
-    current_user: User = Depends(get_current_vendor_api),
+    current_user: UserContext = Depends(get_current_vendor_api),
    db: Session = Depends(get_db),
 ):
    """List Letzshop orders for the current vendor."""
@@ -319,7 +319,7 @@ def list_orders(
@router.get("/orders/{order_id}", response_model=LetzshopOrderDetailResponse)
 def get_order(
    order_id: int = Path(..., description="Order ID"),
-    current_user: User = Depends(get_current_vendor_api),
+    current_user: UserContext = Depends(get_current_vendor_api),
    db: Session = Depends(get_db),
 ):
    """Get a specific Letzshop order with full details."""
@@ -381,7 +381,7 @@ def get_order(
@router.post("/orders/import", response_model=LetzshopSyncTriggerResponse)
 def import_orders(
    sync_request: LetzshopSyncTriggerRequest = LetzshopSyncTriggerRequest(),
-    current_user: User = Depends(get_current_vendor_api),
+    current_user: UserContext = Depends(get_current_vendor_api),
    db: Session = Depends(get_db),
 ):
    """Import new orders from Letzshop."""
@@ -455,7 +455,7 @@ def import_orders(
 def confirm_order(
    order_id: int = Path(..., description="Order ID"),
    confirm_request: FulfillmentConfirmRequest | None = None,
-    current_user: User = Depends(get_current_vendor_api),
+    current_user: UserContext = Depends(get_current_vendor_api),
    db: Session = Depends(get_db),
 ):
    """
@@ -525,7 +525,7 @@ def confirm_order(
 def reject_order(
    order_id: int = Path(..., description="Order ID"),
    reject_request: FulfillmentRejectRequest | None = None,
-    current_user: User = Depends(get_current_vendor_api),
+    current_user: UserContext = Depends(get_current_vendor_api),
    db: Session = Depends(get_db),
 ):
    """Reject inventory units for a Letzshop order."""
@@ -580,7 +580,7 @@ def reject_order(
 def set_order_tracking(
    order_id: int = Path(..., description="Order ID"),
    tracking_request: FulfillmentTrackingRequest = ...,
-    current_user: User = Depends(get_current_vendor_api),
+    current_user: UserContext = Depends(get_current_vendor_api),
    db: Session = Depends(get_db),
 ):
    """Set tracking information for a Letzshop order."""
@@ -642,7 +642,7 @@ def set_order_tracking(
 def list_sync_logs(
    skip: int = Query(0, ge=0),
    limit: int = Query(50, ge=1, le=200),
-    current_user: User = Depends(get_current_vendor_api),
+    current_user: UserContext = Depends(get_current_vendor_api),
    db: Session = Depends(get_db),
 ):
    """List Letzshop sync logs for the current vendor."""
@@ -691,7 +691,7 @@ def list_fulfillment_queue(
    skip: int = Query(0, ge=0),
    limit: int = Query(50, ge=1, le=200),
    status: str | None = Query(None, description="Filter by status"),
-    current_user: User = Depends(get_current_vendor_api),
+    current_user: UserContext = Depends(get_current_vendor_api),
    db: Session = Depends(get_db),
 ):
    """List fulfillment queue items for the current vendor."""
@@ -743,7 +743,7 @@ def export_products_letzshop(
        "en", description="Language for title/description (en, fr, de)"
    ),
    include_inactive: bool = Query(False, description="Include inactive products"),
-    current_user: User = Depends(get_current_vendor_api),
+    current_user: UserContext = Depends(get_current_vendor_api),
    db: Session = Depends(get_db),
 ):
    """