myrmidon / python /src /server /api_routes /blog_api.py
tek Atrust
chore(deploy): build monolithic server for Hugging Face
d5ef46f
Raw
History Blame Contribute Delete
3.81 kB
from fastapi import APIRouter, Depends, HTTPException, status
from ..auth.dependencies import requires_permission
from ..auth.permissions import CONTENT_PUBLISH, CONTENT_REJECT
from ..models.blog import BlogPostResponse, CreateBlogPostRequest, UpdateBlogPostRequest
from ..services.blog_service import BlogService
router = APIRouter(prefix="/api/blogs", tags=["blog"])
def get_blog_service():
return BlogService()
@router.get("", response_model=list[BlogPostResponse])
async def get_blog_posts(service: BlogService = Depends(get_blog_service)):
"""Get all blog posts. Public access."""
success, result = await service.list_posts()
if not success:
raise HTTPException(
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail=result.get("error", "Failed to fetch blog posts")
)
return result.get("posts", [])
@router.get("/{post_id}", response_model=BlogPostResponse)
async def get_blog_post(post_id: str, service: BlogService = Depends(get_blog_service)):
"""Get a single blog post by ID. Public access."""
success, result = await service.get_post(post_id)
if not success:
if result.get("error") == "Post not found.":
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Post not found")
raise HTTPException(
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail=result.get("error", "Failed to fetch blog post")
)
return result.get("post")
@router.post("", response_model=BlogPostResponse)
async def create_blog_post(
request: CreateBlogPostRequest,
current_user: dict = Depends(requires_permission(CONTENT_PUBLISH)),
service: BlogService = Depends(get_blog_service),
):
"""Create a new blog post. Requires CONTENT_PUBLISH permission."""
post_data = request.model_dump(mode="json", exclude={"id"})
success, result = await service.create_post(post_data)
if not success:
raise HTTPException(status_code=500, detail=result.get("error"))
return result.get("post")
@router.patch("/{post_id}", response_model=BlogPostResponse)
async def update_blog_post(
post_id: str,
request: UpdateBlogPostRequest,
current_user: dict = Depends(requires_permission(CONTENT_PUBLISH)),
service: BlogService = Depends(get_blog_service),
):
"""Update an existing blog post. Requires CONTENT_PUBLISH permission."""
update_data = request.model_dump(mode="json", exclude_unset=True)
success, result = await service.update_post(post_id, update_data)
if not success:
raise HTTPException(status_code=404, detail=result.get("error"))
return result.get("post")
@router.patch("/{post_id}/status")
async def update_blog_post_status(
post_id: str,
request: dict,
current_user: dict = Depends(requires_permission(CONTENT_PUBLISH)),
service: BlogService = Depends(get_blog_service),
):
"""Update the status of an existing blog post. Requires CONTENT_PUBLISH permission."""
status_val = request.get("status")
if not status_val:
raise HTTPException(status_code=400, detail="Status value is required.")
success, result = await service.update_post(post_id, {"status": status_val})
if not success:
raise HTTPException(status_code=404, detail=result.get("error"))
return {"message": "Status updated successfully"}
@router.delete("/{post_id}", status_code=204)
async def delete_blog_post(
post_id: str,
current_user: dict = Depends(requires_permission(CONTENT_REJECT)),
service: BlogService = Depends(get_blog_service),
):
"""Delete a blog post. Requires CONTENT_REJECT permission."""
success, result = await service.delete_post(post_id)
if not success:
raise HTTPException(status_code=404, detail=result.get("error"))
return None