gnx/Hotel-Booking
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

updates

Browse Source
This commit is contained in:
Iliyan Angelov
2025-11-21 15:01:24 +02:00
parent 4ab7546de0
commit 9a6190e8ef
889 changed files with 1912 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
Backend/src/routes/invoice_routes.py
View File

@@ -13,7 +13,7 @@ router = APIRouter(prefix='/invoices', tags=['invoices'])
@router.get('/')
async def get_invoices(booking_id: Optional[int]=Query(None), status_filter: Optional[str]=Query(None, alias='status'), page: int=Query(1, ge=1), limit: int=Query(10, ge=1, le=100), current_user: User=Depends(get_current_user), db: Session=Depends(get_db)):
try:
user_id = None if current_user.role_id == 1 else current_user.id
user_id = None if current_user.role_id in [1, 4] else current_user.id # admin and accountant can see all invoices
result = InvoiceService.get_invoices(db=db, user_id=user_id, booking_id=booking_id, status=status_filter, page=page, limit=limit)
return {'status': 'success', 'data': result}
except Exception as e:
@@ -25,7 +25,7 @@ async def get_invoice_by_id(id: int, current_user: User=Depends(get_current_user
invoice = InvoiceService.get_invoice(id, db)
if not invoice:
raise HTTPException(status_code=404, detail='Invoice not found')
if current_user.role_id != 1 and invoice['user_id'] != current_user.id:
if current_user.role_id not in [1, 4] and invoice['user_id'] != current_user.id: # admin and accountant can see all invoices
raise HTTPException(status_code=403, detail='Forbidden')
return {'status': 'success', 'data': {'invoice': invoice}}
except HTTPException:
@@ -36,7 +36,7 @@ async def get_invoice_by_id(id: int, current_user: User=Depends(get_current_user
@router.post('/')
async def create_invoice(invoice_data: dict, current_user: User=Depends(get_current_user), db: Session=Depends(get_db)):
try:
if current_user.role_id not in [1, 2]:
if current_user.role_id not in [1, 2, 4]: # admin, staff, and accountant can create invoices
raise HTTPException(status_code=403, detail='Forbidden')
booking_id = invoice_data.get('booking_id')
if not booking_id:
@@ -64,7 +64,7 @@ async def create_invoice(invoice_data: dict, current_user: User=Depends(get_curr
raise HTTPException(status_code=500, detail=str(e))
@router.put('/{id}')
async def update_invoice(id: int, invoice_data: dict, current_user: User=Depends(authorize_roles('admin', 'staff')), db: Session=Depends(get_db)):
async def update_invoice(id: int, invoice_data: dict, current_user: User=Depends(authorize_roles('admin', 'staff', 'accountant')), db: Session=Depends(get_db)):
try:
invoice = db.query(Invoice).filter(Invoice.id == id).first()
if not invoice:
@@ -79,7 +79,7 @@ async def update_invoice(id: int, invoice_data: dict, current_user: User=Depends
raise HTTPException(status_code=500, detail=str(e))
@router.post('/{id}/mark-paid')
async def mark_invoice_as_paid(id: int, payment_data: dict, current_user: User=Depends(authorize_roles('admin', 'staff')), db: Session=Depends(get_db)):
async def mark_invoice_as_paid(id: int, payment_data: dict, current_user: User=Depends(authorize_roles('admin', 'staff', 'accountant')), db: Session=Depends(get_db)):
try:
amount = payment_data.get('amount')
updated_invoice = InvoiceService.mark_invoice_as_paid(invoice_id=id, db=db, amount=amount, updated_by_id=current_user.id)
@@ -112,7 +112,7 @@ async def get_invoices_by_booking(booking_id: int, current_user: User=Depends(ge
booking = db.query(Booking).filter(Booking.id == booking_id).first()
if not booking:
raise HTTPException(status_code=404, detail='Booking not found')
if current_user.role_id != 1 and booking.user_id != current_user.id:
if current_user.role_id not in [1, 4] and booking.user_id != current_user.id: # admin and accountant can see all invoices
raise HTTPException(status_code=403, detail='Forbidden')
result = InvoiceService.get_invoices(db=db, booking_id=booking_id)
return {'status': 'success', 'data': result}