Refactoring Hub Firms routes

api/rpk-api/hub/firm/routes.py

@@ -1,4 +1,3 @@
-from beanie import PydanticObjectId
 from fastapi import APIRouter, Depends, HTTPException
 
 from hub.auth import get_current_user
@@ -7,42 +6,41 @@ from hub.firm import Firm, FirmRead, FirmCreate, FirmUpdate
 
 router = APIRouter()
 
-@router.get("/", response_model=list[FirmRead], response_description="{} records retrieved".format(Firm.__name__))
+@router.get("/", response_model=list[FirmRead], response_description="List of firms owned by the current user")
 async def read_list(user=Depends(get_current_user)) -> list[FirmRead]:
     return await Firm.find({ "owner": user.id}).to_list()
 
-@router.post("/", response_description="{} added to the database".format(Firm.__name__))
+@router.post("/", response_description="Firm added to the database")
 async def create(item: FirmCreate, user=Depends(get_current_user)) -> FirmRead:
-    firm_dict = {"name": item.name, "instance": item.instance}
-    exists = await Firm.find_one(firm_dict)
+    exists = await Firm.get_by_name(item.instance, item.firm)
     if exists:
         raise HTTPException(status_code=400, detail="Firm already exists")
 
     record = Firm(created_by=user.id, updated_by=user.id, owner=user.id, **item.model_dump())
     o = await record.create()
-    user.firms.append(firm_dict)
+    user.firms.append({"instance": item.instance, "firm": item.firm})
     await user.save()
     return FirmRead(**o.model_dump())
 
-@router.get("/{id}", response_description="{} record retrieved".format(Firm.__name__))
-async def read_id(id: PydanticObjectId, user=Depends(get_current_user)) -> FirmRead:
-    item = await Firm.get(id)
+@router.get("/{instance}/{firm}", response_description="Firm retrieved")
+async def read_id(instance: str, firm: str, user=Depends(get_current_user)) -> FirmRead:
+    item = await Firm.get_by_name(instance, firm)
+    if not item or not user.belong_to(item) not in user.firms:
+        raise HTTPException(status_code=404, detail="Item not found")
+
     return FirmRead(**item.model_dump())
 
 
-@router.put("/{id}", response_description="{} record updated".format(Firm.__name__))
-async def update(id: PydanticObjectId, req: FirmUpdate, user=Depends(get_current_user)) -> FirmRead:
-    item = await Firm.get(id)
-    if not item:
-        raise HTTPException(
-            status_code=404,
-            detail="{} record not found!".format(Firm.__name__)
-        )
+@router.put("/{instance}/{firm}", response_description="Firm updated")
+async def update(instance: str, firm: str, req: FirmUpdate, user=Depends(get_current_user)) -> FirmRead:
+    item = await Firm.get_by_name(instance, firm)
+    if not item or not user.belong_to(item) not in user.firms:
+        raise HTTPException(status_code=404, detail="Item not found")
 
     if item.owner != user.id:
         raise HTTPException(
             status_code=403,
-            detail="Insufficient credentials to modify {} record".format(Firm.__name__)
+            detail="Insufficient credentials to modify Firm"
         )
 
     req = {k: v for k, v in req.model_dump().items() if v is not None}
@@ -53,21 +51,19 @@ async def update(id: PydanticObjectId, req: FirmUpdate, user=Depends(get_current
     await item.update(update_query)
     return FirmRead(**item.dict())
 
-@router.delete("/{id}", response_description="{} record deleted from the database".format(Firm.__name__))
-async def delete(id: PydanticObjectId, user=Depends(get_current_user)) -> dict:
-    item = await Firm.get(id)
-    if not item:
-        raise HTTPException(
-            status_code=404,
-            detail="{} record not found!".format(Firm.__name__)
-        )
+@router.delete("/{instance}/{firm}", response_description="Firm deleted from the database")
+async def delete(instance: str, firm: str, user=Depends(get_current_user)) -> dict:
+    item = await Firm.get_by_name(instance, firm)
+    if not item or not user.belong_to(item) not in user.firms:
+        raise HTTPException(status_code=404, detail="Firm not found")
+
     if item.owner != user.id:
         raise HTTPException(
             status_code=403,
-            detail="Insufficient credentials delete {} record".format(Firm.__name__)
+            detail="Insufficient credentials delete Firm"
         )
 
     await item.delete()
     return {
-        "message": "{} deleted successfully".format(Firm.__name__)
+        "message": "Firm deleted successfully"
     }