144 lines
4.4 KiB
Python
144 lines
4.4 KiB
Python
# app/api/v1/admin/vendors.py
|
|
"""
|
|
Vendor management endpoints for admin.
|
|
"""
|
|
|
|
import logging
|
|
from typing import Optional
|
|
|
|
from fastapi import APIRouter, Depends, Query, HTTPException
|
|
from sqlalchemy.orm import Session
|
|
|
|
from app.api.deps import get_current_admin_user
|
|
from app.core.database import get_db
|
|
from app.services.admin_service import admin_service
|
|
from models.schema.vendor import VendorListResponse, VendorResponse, VendorCreate
|
|
from models.database.user import User
|
|
|
|
router = APIRouter(prefix="/vendors")
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
@router.post("", response_model=VendorResponse)
|
|
def create_vendor_with_owner(
|
|
vendor_data: VendorCreate,
|
|
db: Session = Depends(get_db),
|
|
current_admin: User = Depends(get_current_admin_user),
|
|
):
|
|
"""
|
|
Create a new vendor with owner user account (Admin only).
|
|
|
|
This endpoint:
|
|
1. Creates a new vendor
|
|
2. Creates an owner user account for the vendor
|
|
3. Sets up default roles (Owner, Manager, Editor, Viewer)
|
|
4. Sends welcome email to vendor owner (if email service configured)
|
|
|
|
Returns the created vendor with owner information.
|
|
"""
|
|
vendor, owner_user, temp_password = admin_service.create_vendor_with_owner(
|
|
db=db,
|
|
vendor_data=vendor_data
|
|
)
|
|
|
|
return {
|
|
**VendorResponse.model_validate(vendor).model_dump(),
|
|
"owner_email": owner_user.email,
|
|
"owner_username": owner_user.username,
|
|
"temporary_password": temp_password, # Only shown once!
|
|
"login_url": f"{vendor.subdomain}.platform.com/vendor/login" if vendor.subdomain else None
|
|
}
|
|
|
|
|
|
@router.get("", response_model=VendorListResponse)
|
|
def get_all_vendors_admin(
|
|
skip: int = Query(0, ge=0),
|
|
limit: int = Query(100, ge=1, le=1000),
|
|
search: Optional[str] = Query(None, description="Search by name or vendor code"),
|
|
is_active: Optional[bool] = Query(None),
|
|
is_verified: Optional[bool] = Query(None),
|
|
db: Session = Depends(get_db),
|
|
current_admin: User = Depends(get_current_admin_user),
|
|
):
|
|
"""Get all vendors with admin view (Admin only)."""
|
|
vendors, total = admin_service.get_all_vendors(
|
|
db=db,
|
|
skip=skip,
|
|
limit=limit,
|
|
search=search,
|
|
is_active=is_active,
|
|
is_verified=is_verified
|
|
)
|
|
return VendorListResponse(vendors=vendors, total=total, skip=skip, limit=limit)
|
|
|
|
|
|
@router.get("/{vendor_id}", response_model=VendorResponse)
|
|
def get_vendor_details(
|
|
vendor_id: int,
|
|
db: Session = Depends(get_db),
|
|
current_admin: User = Depends(get_current_admin_user),
|
|
):
|
|
"""Get detailed vendor information (Admin only)."""
|
|
vendor = admin_service.get_vendor_by_id(db, vendor_id)
|
|
return VendorResponse.model_validate(vendor)
|
|
|
|
|
|
@router.put("/{vendor_id}/verify")
|
|
def verify_vendor(
|
|
vendor_id: int,
|
|
db: Session = Depends(get_db),
|
|
current_admin: User = Depends(get_current_admin_user),
|
|
):
|
|
"""Verify/unverify vendor (Admin only)."""
|
|
vendor, message = admin_service.verify_vendor(db, vendor_id)
|
|
return {"message": message, "vendor": VendorResponse.model_validate(vendor)}
|
|
|
|
|
|
@router.put("/{vendor_id}/status")
|
|
def toggle_vendor_status(
|
|
vendor_id: int,
|
|
db: Session = Depends(get_db),
|
|
current_admin: User = Depends(get_current_admin_user),
|
|
):
|
|
"""Toggle vendor active status (Admin only)."""
|
|
vendor, message = admin_service.toggle_vendor_status(db, vendor_id)
|
|
return {"message": message, "vendor": VendorResponse.model_validate(vendor)}
|
|
|
|
|
|
@router.delete("/{vendor_id}")
|
|
def delete_vendor(
|
|
vendor_id: int,
|
|
confirm: bool = Query(False, description="Must be true to confirm deletion"),
|
|
db: Session = Depends(get_db),
|
|
current_admin: User = Depends(get_current_admin_user),
|
|
):
|
|
"""
|
|
Delete vendor and all associated data (Admin only).
|
|
|
|
WARNING: This is destructive and will delete:
|
|
- Vendor account
|
|
- All products
|
|
- All orders
|
|
- All customers
|
|
- All team members
|
|
|
|
Requires confirmation parameter.
|
|
"""
|
|
if not confirm:
|
|
raise HTTPException(
|
|
status_code=400,
|
|
detail="Deletion requires confirmation parameter: confirm=true"
|
|
)
|
|
|
|
message = admin_service.delete_vendor(db, vendor_id)
|
|
return {"message": message}
|
|
|
|
|
|
@router.get("/stats/vendors")
|
|
def get_vendor_statistics(
|
|
db: Session = Depends(get_db),
|
|
current_admin: User = Depends(get_current_admin_user),
|
|
):
|
|
"""Get vendor statistics for admin dashboard (Admin only)."""
|
|
return admin_service.get_vendor_statistics(db)
|