from fastapi import APIRouter, Depends, HTTPException, status from ..auth.dependencies import requires_permission from ..auth.permissions import CONTENT_PUBLISH, CONTENT_REJECT from ..models.blog import BlogPostResponse, CreateBlogPostRequest, UpdateBlogPostRequest from ..services.blog_service import BlogService router = APIRouter(prefix="/api/blogs", tags=["blog"]) def get_blog_service(): return BlogService() @router.get("", response_model=list[BlogPostResponse]) async def get_blog_posts(service: BlogService = Depends(get_blog_service)): """Get all blog posts. Public access.""" success, result = await service.list_posts() if not success: raise HTTPException( status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail=result.get("error", "Failed to fetch blog posts") ) return result.get("posts", []) @router.get("/{post_id}", response_model=BlogPostResponse) async def get_blog_post(post_id: str, service: BlogService = Depends(get_blog_service)): """Get a single blog post by ID. Public access.""" success, result = await service.get_post(post_id) if not success: if result.get("error") == "Post not found.": raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Post not found") raise HTTPException( status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail=result.get("error", "Failed to fetch blog post") ) return result.get("post") @router.post("", response_model=BlogPostResponse) async def create_blog_post( request: CreateBlogPostRequest, current_user: dict = Depends(requires_permission(CONTENT_PUBLISH)), service: BlogService = Depends(get_blog_service), ): """Create a new blog post. Requires CONTENT_PUBLISH permission.""" post_data = request.model_dump(mode="json", exclude={"id"}) success, result = await service.create_post(post_data) if not success: raise HTTPException(status_code=500, detail=result.get("error")) return result.get("post") @router.patch("/{post_id}", response_model=BlogPostResponse) async def update_blog_post( post_id: str, request: UpdateBlogPostRequest, current_user: dict = Depends(requires_permission(CONTENT_PUBLISH)), service: BlogService = Depends(get_blog_service), ): """Update an existing blog post. Requires CONTENT_PUBLISH permission.""" update_data = request.model_dump(mode="json", exclude_unset=True) success, result = await service.update_post(post_id, update_data) if not success: raise HTTPException(status_code=404, detail=result.get("error")) return result.get("post") @router.patch("/{post_id}/status") async def update_blog_post_status( post_id: str, request: dict, current_user: dict = Depends(requires_permission(CONTENT_PUBLISH)), service: BlogService = Depends(get_blog_service), ): """Update the status of an existing blog post. Requires CONTENT_PUBLISH permission.""" status_val = request.get("status") if not status_val: raise HTTPException(status_code=400, detail="Status value is required.") success, result = await service.update_post(post_id, {"status": status_val}) if not success: raise HTTPException(status_code=404, detail=result.get("error")) return {"message": "Status updated successfully"} @router.delete("/{post_id}", status_code=204) async def delete_blog_post( post_id: str, current_user: dict = Depends(requires_permission(CONTENT_REJECT)), service: BlogService = Depends(get_blog_service), ): """Delete a blog post. Requires CONTENT_REJECT permission.""" success, result = await service.delete_post(post_id) if not success: raise HTTPException(status_code=404, detail=result.get("error")) return None