d6e2df4a61
Events (create/list-per-person/soft-delete) and relationships (create/list-per-person/soft-delete) through the layered stack: editor-gated writes, privacy-engine reads, audit on every change. Events carry exactly one subject (person XOR partnership); relationships are typed qualified edges (parent_child gets a biological/adoptive/step/foster/donor/guardian qualifier). Adds a single-person GET. 18 tests pass. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Signed-off-by: Justin Paul <justin@jpaul.me>
55 lines
1.9 KiB
Python
55 lines
1.9 KiB
Python
import uuid
|
|
|
|
from fastapi import APIRouter, status
|
|
|
|
from app.api.deps import CurrentUser, SessionDep
|
|
from app.schemas.person import PersonCreate, PersonRead
|
|
from app.services import person_service, tree_service
|
|
|
|
# Persons are nested under their tree (the tenant boundary).
|
|
router = APIRouter(prefix="/trees", tags=["persons"])
|
|
|
|
|
|
@router.post(
|
|
"/{tree_id}/persons",
|
|
response_model=PersonRead,
|
|
status_code=status.HTTP_201_CREATED,
|
|
)
|
|
async def create_person(
|
|
tree_id: uuid.UUID, data: PersonCreate, session: SessionDep, current: CurrentUser
|
|
) -> PersonRead:
|
|
# get_tree enforces existence + view access; create_person enforces edit rights.
|
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
|
person = await person_service.create_person(
|
|
session,
|
|
actor=current,
|
|
tree=tree,
|
|
given=data.given,
|
|
surname=data.surname,
|
|
gender=data.gender,
|
|
is_living=data.is_living,
|
|
privacy_setting=data.privacy,
|
|
notes=data.notes,
|
|
)
|
|
return PersonRead.model_validate(person)
|
|
|
|
|
|
@router.get("/{tree_id}/persons", response_model=list[PersonRead])
|
|
async def list_persons(
|
|
tree_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
|
) -> list[PersonRead]:
|
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
|
persons = await person_service.list_persons(session, viewer_id=current.id, tree=tree)
|
|
return [PersonRead.model_validate(p) for p in persons]
|
|
|
|
|
|
@router.get("/{tree_id}/persons/{person_id}", response_model=PersonRead)
|
|
async def get_person(
|
|
tree_id: uuid.UUID, person_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
|
) -> PersonRead:
|
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
|
person = await person_service.get_person(
|
|
session, viewer_id=current.id, tree=tree, person_id=person_id
|
|
)
|
|
return PersonRead.model_validate(person)
|