436 lines
16 KiB
Python
Executable File
436 lines
16 KiB
Python
Executable File
# /opt/docker/dev/service_finder/backend/app/api/v1/endpoints/assets.py
|
|
import uuid
|
|
import logging
|
|
from typing import Any, Dict, List
|
|
from fastapi import APIRouter, Depends, HTTPException, status
|
|
from sqlalchemy.ext.asyncio import AsyncSession
|
|
from sqlalchemy import select, desc
|
|
from sqlalchemy.orm import selectinload
|
|
|
|
from app.db.session import get_db
|
|
from app.api.deps import get_current_user
|
|
from app.models import Asset, AssetCost
|
|
from app.models.identity import User
|
|
from app.services.cost_service import cost_service
|
|
from app.services.asset_service import AssetService
|
|
from app.schemas.asset_cost import AssetCostCreate, AssetCostResponse
|
|
from app.schemas.asset import AssetResponse, AssetCreate
|
|
|
|
router = APIRouter()
|
|
|
|
@router.get("/vehicles", response_model=List[AssetResponse])
|
|
async def get_user_vehicles(
|
|
skip: int = 0,
|
|
limit: int = 100,
|
|
db: AsyncSession = Depends(get_db),
|
|
current_user: User = Depends(get_current_user)
|
|
):
|
|
"""
|
|
Get all vehicles/assets belonging to the current user or their organization.
|
|
|
|
This endpoint returns a paginated list of vehicles that the authenticated user
|
|
has access to (either as owner or through organization membership).
|
|
|
|
Garage-centric logic: In corporate mode, only returns vehicles physically
|
|
parked in the active organization's garages (branches).
|
|
"""
|
|
from sqlalchemy import or_, select
|
|
|
|
if current_user.scope_id is None:
|
|
# Personal mode: only show vehicles owned/operated personally (no organization)
|
|
stmt = (
|
|
select(Asset)
|
|
.where(
|
|
or_(
|
|
Asset.owner_org_id.is_(None),
|
|
Asset.operator_org_id.is_(None)
|
|
),
|
|
or_(
|
|
Asset.owner_person_id == current_user.person_id,
|
|
Asset.operator_person_id == current_user.person_id
|
|
)
|
|
)
|
|
.order_by(Asset.created_at.desc())
|
|
.offset(skip)
|
|
.limit(limit)
|
|
.options(selectinload(Asset.catalog))
|
|
)
|
|
else:
|
|
# Corporate mode: only show vehicles belonging to the active organization's garages
|
|
try:
|
|
scope_org_id = int(current_user.scope_id)
|
|
except (ValueError, TypeError):
|
|
# If scope_id is not a valid integer, treat as no organization
|
|
scope_org_id = None
|
|
|
|
if scope_org_id is None:
|
|
# Fallback: no valid organization, return empty list
|
|
return []
|
|
|
|
# First, get all branch IDs (garages) for this organization
|
|
from app.models.marketplace.organization import Branch
|
|
branch_stmt = select(Branch.id).where(
|
|
Branch.organization_id == scope_org_id,
|
|
Branch.is_deleted == False,
|
|
Branch.status == "active"
|
|
)
|
|
branch_result = await db.execute(branch_stmt)
|
|
branch_ids = [row[0] for row in branch_result.all()]
|
|
|
|
if not branch_ids:
|
|
# Organization has no active garages, return empty list
|
|
return []
|
|
|
|
# Query assets that are in any of the organization's garages
|
|
stmt = (
|
|
select(Asset)
|
|
.where(
|
|
Asset.branch_id.in_(branch_ids),
|
|
Asset.status == "active"
|
|
)
|
|
.order_by(Asset.created_at.desc())
|
|
.offset(skip)
|
|
.limit(limit)
|
|
.options(selectinload(Asset.catalog))
|
|
)
|
|
|
|
result = await db.execute(stmt)
|
|
assets = result.scalars().all()
|
|
|
|
return assets
|
|
|
|
@router.get("/{asset_id}/financial-summary", response_model=Dict[str, Any])
|
|
async def get_asset_financial_report(
|
|
asset_id: uuid.UUID,
|
|
db: AsyncSession = Depends(get_db),
|
|
current_user: User = Depends(get_current_user)
|
|
):
|
|
"""
|
|
MB 2.0 Dinamikus Pénzügyi Riport.
|
|
Visszaadja a kategóriákra bontott és az összesített költségeket (Local/EUR).
|
|
"""
|
|
# 1. Jogosultság ellenőrzése (Csak a tulajdonos vagy admin láthatja)
|
|
# (Itt egy gyors check, hogy az asset az övé-e)
|
|
|
|
try:
|
|
return await cost_service.get_asset_financial_summary(db, asset_id)
|
|
except Exception as e:
|
|
raise HTTPException(status_code=500, detail="Hiba a riport generálásakor")
|
|
|
|
@router.get("/{asset_id}/costs", response_model=List[AssetCostResponse])
|
|
async def list_asset_costs(
|
|
asset_id: uuid.UUID,
|
|
skip: int = 0,
|
|
limit: int = 100,
|
|
db: AsyncSession = Depends(get_db),
|
|
current_user: User = Depends(get_current_user)
|
|
):
|
|
"""Tételes költséglista lapozással (Pagination)."""
|
|
stmt = (
|
|
select(AssetCost)
|
|
.where(AssetCost.asset_id == asset_id)
|
|
.order_by(desc(AssetCost.date))
|
|
.offset(skip)
|
|
.limit(limit)
|
|
)
|
|
res = await db.execute(stmt)
|
|
return res.scalars().all()
|
|
|
|
|
|
@router.get("/{asset_id}", response_model=AssetResponse)
|
|
async def get_asset(
|
|
asset_id: uuid.UUID,
|
|
db: AsyncSession = Depends(get_db),
|
|
current_user: User = Depends(get_current_user)
|
|
):
|
|
"""
|
|
Get detailed information about a specific vehicle/asset.
|
|
|
|
Returns the asset's full technical profile including catalog data
|
|
and vehicle model definition specifications.
|
|
"""
|
|
# Check if user has access to this asset
|
|
from sqlalchemy import or_
|
|
from app.models.marketplace.organization import OrganizationMember
|
|
|
|
# Get user's organization memberships
|
|
org_stmt = select(OrganizationMember.organization_id).where(
|
|
OrganizationMember.user_id == current_user.id
|
|
)
|
|
org_result = await db.execute(org_stmt)
|
|
user_org_ids = [row[0] for row in org_result.all()]
|
|
|
|
# Query asset with catalog and master definition
|
|
stmt = (
|
|
select(Asset)
|
|
.where(
|
|
Asset.id == asset_id,
|
|
or_(
|
|
Asset.owner_person_id == current_user.id,
|
|
Asset.owner_org_id.in_(user_org_ids) if user_org_ids else False,
|
|
Asset.operator_person_id == current_user.id,
|
|
Asset.operator_org_id.in_(user_org_ids) if user_org_ids else False
|
|
)
|
|
)
|
|
.options(
|
|
selectinload(Asset.catalog).selectinload(AssetCatalog.master_definition)
|
|
)
|
|
)
|
|
|
|
result = await db.execute(stmt)
|
|
asset = result.scalar_one_or_none()
|
|
|
|
if not asset:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_404_NOT_FOUND,
|
|
detail="Asset not found or you don't have permission to access it"
|
|
)
|
|
|
|
return asset
|
|
|
|
|
|
@router.post("/vehicles", response_model=AssetResponse, status_code=status.HTTP_201_CREATED)
|
|
async def create_or_claim_vehicle(
|
|
payload: AssetCreate,
|
|
db: AsyncSession = Depends(get_db),
|
|
current_user: User = Depends(get_current_user)
|
|
):
|
|
"""
|
|
Új jármű hozzáadása vagy meglévő jármű igénylése a flottához.
|
|
|
|
A végpont a következőket végzi:
|
|
- Ellenőrzi a felhasználó járműlimitjét
|
|
- Ha a VIN már létezik, tulajdonjog-átvitelt kezdeményez
|
|
- Ha új, létrehozza a járművet és a kapcsolódó digitális ikreket
|
|
- XP jutalom adása a felhasználónak
|
|
"""
|
|
try:
|
|
# Determine organization ID based on user's active scope (garage isolation)
|
|
# The owner_org_id MUST be set to the current_user.scope_id.
|
|
# If the scope is null, it stays null (personal).
|
|
org_id = None
|
|
if current_user.scope_id is not None:
|
|
try:
|
|
org_id = int(current_user.scope_id)
|
|
except (ValueError, TypeError):
|
|
# If scope_id is not a valid integer, treat as personal (no organization)
|
|
pass
|
|
|
|
asset = await AssetService.create_or_claim_vehicle(
|
|
db=db,
|
|
user_id=current_user.id,
|
|
org_id=org_id,
|
|
vin=payload.vin,
|
|
license_plate=payload.license_plate,
|
|
catalog_id=payload.catalog_id
|
|
)
|
|
return asset
|
|
except ValueError as e:
|
|
raise HTTPException(status_code=400, detail=str(e))
|
|
except HTTPException:
|
|
raise
|
|
except Exception as e:
|
|
logger = logging.getLogger(__name__)
|
|
logger.error(f"Vehicle creation error: {e}")
|
|
raise HTTPException(status_code=500, detail="Belső szerverhiba a jármű létrehozásakor")
|
|
|
|
|
|
@router.get("/{asset_id}/maintenance", response_model=List[AssetCostResponse])
|
|
async def list_maintenance_records(
|
|
asset_id: uuid.UUID,
|
|
skip: int = 0,
|
|
limit: int = 100,
|
|
db: AsyncSession = Depends(get_db),
|
|
current_user: User = Depends(get_current_user)
|
|
):
|
|
"""
|
|
List maintenance records for a specific vehicle.
|
|
|
|
Returns paginated list of maintenance costs with cost_category = 'maintenance'.
|
|
"""
|
|
# Check if user has access to this asset
|
|
from sqlalchemy import or_
|
|
from app.models.marketplace.organization import OrganizationMember
|
|
|
|
# Get user's organization memberships
|
|
org_stmt = select(OrganizationMember.organization_id).where(
|
|
OrganizationMember.user_id == current_user.id
|
|
)
|
|
org_result = await db.execute(org_stmt)
|
|
user_org_ids = [row[0] for row in org_result.all()]
|
|
|
|
# Check asset access
|
|
asset_stmt = select(Asset).where(
|
|
Asset.id == asset_id,
|
|
or_(
|
|
Asset.owner_person_id == current_user.id,
|
|
Asset.owner_org_id.in_(user_org_ids) if user_org_ids else False,
|
|
Asset.operator_person_id == current_user.id,
|
|
Asset.operator_org_id.in_(user_org_ids) if user_org_ids else False
|
|
)
|
|
)
|
|
asset_result = await db.execute(asset_stmt)
|
|
asset = asset_result.scalar_one_or_none()
|
|
|
|
if not asset:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_404_NOT_FOUND,
|
|
detail="Asset not found or you don't have permission to access it"
|
|
)
|
|
|
|
# Query maintenance costs
|
|
stmt = (
|
|
select(AssetCost)
|
|
.where(
|
|
AssetCost.asset_id == asset_id,
|
|
AssetCost.cost_category == "maintenance"
|
|
)
|
|
.order_by(desc(AssetCost.date))
|
|
.offset(skip)
|
|
.limit(limit)
|
|
)
|
|
res = await db.execute(stmt)
|
|
return res.scalars().all()
|
|
|
|
|
|
@router.post("/{asset_id}/maintenance", response_model=AssetCostResponse, status_code=status.HTTP_201_CREATED)
|
|
async def create_maintenance_record(
|
|
asset_id: uuid.UUID,
|
|
payload: Dict[str, Any],
|
|
db: AsyncSession = Depends(get_db),
|
|
current_user: User = Depends(get_current_user)
|
|
):
|
|
"""
|
|
Add a maintenance record for a vehicle.
|
|
|
|
Expected payload fields:
|
|
- date: ISO datetime string (required)
|
|
- odometer: integer (optional, current mileage)
|
|
- description: string (required)
|
|
- cost: float (required, net amount)
|
|
- currency: string (optional, default: "EUR")
|
|
- invoice_number: string (optional)
|
|
"""
|
|
# Check if user has access to this asset
|
|
from sqlalchemy import or_
|
|
from app.models.marketplace.organization import OrganizationMember
|
|
|
|
# Get user's organization memberships
|
|
org_stmt = select(OrganizationMember.organization_id).where(
|
|
OrganizationMember.user_id == current_user.id
|
|
)
|
|
org_result = await db.execute(org_stmt)
|
|
user_org_ids = [row[0] for row in org_result.all()]
|
|
|
|
# Check asset access and get asset
|
|
asset_stmt = select(Asset).where(
|
|
Asset.id == asset_id,
|
|
or_(
|
|
Asset.owner_person_id == current_user.id,
|
|
Asset.owner_org_id.in_(user_org_ids) if user_org_ids else False,
|
|
Asset.operator_person_id == current_user.id,
|
|
Asset.operator_org_id.in_(user_org_ids) if user_org_ids else False
|
|
)
|
|
)
|
|
asset_result = await db.execute(asset_stmt)
|
|
asset = asset_result.scalar_one_or_none()
|
|
|
|
if not asset:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_404_NOT_FOUND,
|
|
detail="Asset not found or you don't have permission to access it"
|
|
)
|
|
|
|
# Validate required fields
|
|
required_fields = ["date", "description", "cost"]
|
|
for field in required_fields:
|
|
if field not in payload:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
|
|
detail=f"Missing required field: {field}"
|
|
)
|
|
|
|
try:
|
|
# Parse date
|
|
from datetime import datetime
|
|
date = datetime.fromisoformat(payload["date"].replace("Z", "+00:00"))
|
|
|
|
# Determine organization ID: use asset's current org, owner org, or user's active organization
|
|
organization_id = asset.current_organization_id or asset.owner_org_id
|
|
|
|
if not organization_id:
|
|
# Get user's active organization from their scope_id
|
|
if current_user.scope_id:
|
|
try:
|
|
organization_id = int(current_user.scope_id)
|
|
except (ValueError, TypeError):
|
|
# If scope_id is not a valid integer, try to get from organization memberships
|
|
from sqlalchemy import select
|
|
from app.models.marketplace.organization import OrganizationMember
|
|
stmt = select(OrganizationMember.organization_id).where(
|
|
OrganizationMember.user_id == current_user.id
|
|
).limit(1)
|
|
result = await db.execute(stmt)
|
|
org_row = result.first()
|
|
organization_id = org_row[0] if org_row else None
|
|
else:
|
|
# Try to get from organization memberships
|
|
from sqlalchemy import select
|
|
from app.models.marketplace.organization import OrganizationMember
|
|
stmt = select(OrganizationMember.organization_id).where(
|
|
OrganizationMember.user_id == current_user.id
|
|
).limit(1)
|
|
result = await db.execute(stmt)
|
|
org_row = result.first()
|
|
organization_id = org_row[0] if org_row else None
|
|
|
|
if not organization_id:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_400_BAD_REQUEST,
|
|
detail="Cannot determine organization for this cost record. Please ensure you have an active organization."
|
|
)
|
|
|
|
# Create AssetCost record
|
|
maintenance_cost = AssetCost(
|
|
asset_id=asset_id,
|
|
organization_id=organization_id,
|
|
cost_category="maintenance",
|
|
amount_net=float(payload["cost"]),
|
|
currency=payload.get("currency", "EUR"),
|
|
date=date,
|
|
invoice_number=payload.get("invoice_number"),
|
|
data={
|
|
"odometer": payload.get("odometer"),
|
|
"description": payload["description"],
|
|
"type": "maintenance"
|
|
}
|
|
)
|
|
|
|
db.add(maintenance_cost)
|
|
await db.commit()
|
|
await db.refresh(maintenance_cost)
|
|
|
|
# Also create an AssetEvent for the maintenance
|
|
from app.models.vehicle import AssetEvent
|
|
maintenance_event = AssetEvent(
|
|
asset_id=asset_id,
|
|
event_type="maintenance"
|
|
)
|
|
db.add(maintenance_event)
|
|
await db.commit()
|
|
|
|
return maintenance_cost
|
|
|
|
except ValueError as e:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
|
|
detail=f"Invalid data format: {str(e)}"
|
|
)
|
|
except Exception as e:
|
|
await db.rollback()
|
|
logger = logging.getLogger(__name__)
|
|
logger.error(f"Maintenance record creation error: {e}")
|
|
raise HTTPException(
|
|
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
|
|
detail="Internal server error while creating maintenance record"
|
|
) |