Add product admin

src/allmende_payment_system/api/admin.py

@@ -1,12 +1,14 @@
 from decimal import Decimal
+from typing import Annotated
 
-from fastapi import APIRouter, HTTPException, Request
+from fastapi import APIRouter, File, Form, HTTPException, Request
 from sqlalchemy import select
 from starlette import status
 from starlette.responses import RedirectResponse
 
+from allmende_payment_system.api import types
 from allmende_payment_system.api.dependencies import SessionDep, UserDep
-from allmende_payment_system.models import Permission, User, UserGroup
+from allmende_payment_system.models import Area, Permission, Product, User, UserGroup
 from allmende_payment_system.tools import get_jinja_renderer
 
 admin_router = APIRouter(prefix="/admin")
@@ -156,3 +158,112 @@ async def delete_group(
     ).scalar_one()
     session.delete(group)
     return RedirectResponse(url="/admin/groups", status_code=status.HTTP_303_SEE_OTHER)
+
+
+# PRODUCTS
+
+
+@admin_router.get("/products")
+async def get_products(
+    request: Request,
+    session: SessionDep,
+    user: UserDep,
+):
+    products = session.scalars(
+        select(Product).order_by(Product.area_id, Product.name)
+    ).all()
+
+    templates = get_jinja_renderer()
+
+    return templates.TemplateResponse(
+        "products.html.jinja",
+        context={"request": request, "products": products},
+    )
+
+
+@admin_router.get("/products/edit/{product_id}")
+async def edit_product_get(
+    request: Request, session: SessionDep, user: UserDep, product_id: int
+):
+    product = session.execute(select(Product).where(Product.id == product_id)).scalar()
+
+    areas = session.scalars(select(Area)).all()
+
+    templates = get_jinja_renderer()
+
+    return templates.TemplateResponse(
+        "product_edit.html.jinja",
+        context={
+            "request": request,
+            "product": product,
+            "edit_mode": True,
+            "areas": areas,
+        },
+    )
+
+
+@admin_router.post("/products/edit/{product_id}")
+async def edit_product_post(
+    request: Request,
+    session: SessionDep,
+    user: UserDep,
+    product_id: int,
+    product_data: Annotated[types.Product, Form()],
+):
+    if not user.has_permission("product", "edit"):
+        raise HTTPException(status_code=403, detail="Insufficient permissions")
+
+    product = session.execute(
+        select(Product).where(Product.id == product_id)
+    ).scalar_one()
+
+    for field_name, data in product_data.model_dump().items():
+        setattr(product, field_name, data)
+
+    session.flush()
+
+    return RedirectResponse(
+        url="/admin/products", status_code=status.HTTP_303_SEE_OTHER
+    )
+
+
+@admin_router.get("/products/new")
+async def new_product_get(
+    request: Request,
+    session: SessionDep,
+    user: UserDep,
+):
+    if not user.has_permission("product", "edit"):
+        raise HTTPException(status_code=403, detail="Insufficient permissions")
+
+    areas = session.scalars(select(Area)).all()
+
+    templates = get_jinja_renderer()
+
+    return templates.TemplateResponse(
+        "product_edit.html.jinja",
+        context={"request": request, "edit_mode": False, "areas": areas},
+    )
+
+
+@admin_router.post("/products/new")
+async def new_product_post(
+    request: Request,
+    session: SessionDep,
+    user: UserDep,
+    product_data: Annotated[types.Product, Form()],
+    # product_image: Annotated[bytes, File()]
+):
+    if not user.has_permission("product", "edit"):
+        raise HTTPException(status_code=403, detail="Insufficient permissions")
+    # print(len(product_image))
+    product = Product()
+
+    for field_name, data in product_data.model_dump().items():
+        setattr(product, field_name, data)
+
+    session.add(product)
+
+    return RedirectResponse(
+        url="/admin/products", status_code=status.HTTP_303_SEE_OTHER
+    )