Hugging Face's logo

Spaces:
Ritesh1035
/
app
Sleeping

App Files Community
Ritesh1035 commited on
Commit
9054418
·
verified ·
1 Parent(s): 5891108

Update app.py

Browse files
Files changed (1) hide show
  1. app.py +6 -8
app.py CHANGED
@@ -343,10 +343,9 @@ async def get_investment(investment_id: int, current_user_data=Depends(get_curre
343
  async def update_investment(investment_id: int, update_data: InvestmentUpdate, current_user_data=Depends(get_current_user)):
344
  try:
345
  current_user, token = current_user_data
346
- user_supabase = get_user_supabase_client(token)
347
 
348
  # Check if investment exists and belongs to user
349
- check_result = user_supabase.table("investments").select("id").eq("id", investment_id).execute()
350
 
351
  if not check_result.data:
352
  raise HTTPException(status_code=404, detail="Investment not found")
@@ -361,8 +360,8 @@ async def update_investment(investment_id: int, update_data: InvestmentUpdate, c
361
  if not update_dict:
362
  raise HTTPException(status_code=400, detail="No valid fields to update")
363
 
364
- # Update investment
365
- result = user_supabase.table("investments").update(update_dict).eq("id", investment_id).execute()
366
 
367
  return InvestmentResponse(
368
  id=investment_id,
@@ -375,16 +374,15 @@ async def update_investment(investment_id: int, update_data: InvestmentUpdate, c
375
  async def delete_investment(investment_id: int, current_user_data=Depends(get_current_user)):
376
  try:
377
  current_user, token = current_user_data
378
- user_supabase = get_user_supabase_client(token)
379
 
380
  # Check if investment exists and belongs to user
381
- check_result = user_supabase.table("investments").select("id").eq("id", investment_id).execute()
382
 
383
  if not check_result.data:
384
  raise HTTPException(status_code=404, detail="Investment not found")
385
 
386
- # Delete investment
387
- result = user_supabase.table("investments").delete().eq("id", investment_id).execute()
388
 
389
  return InvestmentResponse(
390
  id=investment_id,
 
343
  async def update_investment(investment_id: int, update_data: InvestmentUpdate, current_user_data=Depends(get_current_user)):
344
  try:
345
  current_user, token = current_user_data
 
346
 
347
  # Check if investment exists and belongs to user
348
+ check_result = supabase.table("investments").select("id").eq("id", investment_id).eq("user_id", current_user.id).execute()
349
 
350
  if not check_result.data:
351
  raise HTTPException(status_code=404, detail="Investment not found")
 
360
  if not update_dict:
361
  raise HTTPException(status_code=400, detail="No valid fields to update")
362
 
363
+ # Update investment using service client with user verification
364
+ result = supabase.table("investments").update(update_dict).eq("id", investment_id).eq("user_id", current_user.id).execute()
365
 
366
  return InvestmentResponse(
367
  id=investment_id,
 
374
  async def delete_investment(investment_id: int, current_user_data=Depends(get_current_user)):
375
  try:
376
  current_user, token = current_user_data
 
377
 
378
  # Check if investment exists and belongs to user
379
+ check_result = supabase.table("investments").select("id").eq("id", investment_id).eq("user_id", current_user.id).execute()
380
 
381
  if not check_result.data:
382
  raise HTTPException(status_code=404, detail="Investment not found")
383
 
384
+ # Delete investment using service client with user verification
385
+ result = supabase.table("investments").delete().eq("id", investment_id).eq("user_id", current_user.id).execute()
386
 
387
  return InvestmentResponse(
388
  id=investment_id,