"""Notifications API endpoints.""" from typing import Annotated, Optional from fastapi import APIRouter, Depends, HTTPException, Query, status from sqlalchemy.orm import Session from app.core.deps import get_current_user, get_db from app.models.notification import Notification from app.models.user import User from app.schemas.notification import NotificationRead router = APIRouter(prefix="/notifications", tags=["notifications"]) @router.get("", response_model=list[NotificationRead]) def get_notifications( db: Annotated[Session, Depends(get_db)], current_user: Annotated[User, Depends(get_current_user)], is_read: Optional[bool] = Query(None, description="Filter by read status"), ) -> list[Notification]: """ Get notifications for the current user. Optional filter by read status (true/false/all). Returns notifications ordered by created_at DESC. """ query = db.query(Notification).filter(Notification.user_id == current_user.id) if is_read is not None: query = query.filter(Notification.is_read == is_read) notifications = query.order_by(Notification.created_at.desc()).all() return notifications @router.put("/{notification_id}/read", response_model=NotificationRead) def mark_notification_as_read( notification_id: int, db: Annotated[Session, Depends(get_db)], current_user: Annotated[User, Depends(get_current_user)], ) -> Notification: """ Mark a notification as read. Verifies the notification belongs to the current user. """ notification = ( db.query(Notification).filter(Notification.id == notification_id).first() ) if not notification: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="Notification not found", ) if notification.user_id != current_user.id: raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="You can only mark your own notifications as read", ) notification.is_read = True db.commit() db.refresh(notification) return notification