feat: add web UI with login, CRUD, admin, and API key management
- Add login page with JWT authentication - Add dashboard with stats and quick actions - Add links management page (full CRUD with search) - Add collections management page - Add API key management page with copy-to-clipboard - Add admin user management page (admin only) - Fix UUID type mismatches across all endpoints - Add updated_at column to api_keys and audit_log in schema.sql - Fix DB_PASSWORD default in docker-compose.yml - Add PyJWT to requirements.txt - Fix API docs URL (/docs instead of /api/docs) - Improve JS error handling (show actual messages) - Rewrite conftest.py with proper DB lifecycle management - Add 42 new integration tests (84 total, all passing) - test_admin.py: 15 tests for admin endpoints - test_auth_extended.py: 9 tests for API key CRUD - test_tags.py: 12 tests for tag endpoints - test_sync.py: 6 tests for sync endpoints
This commit is contained in:
@@ -10,7 +10,7 @@ from fastapi import APIRouter, HTTPException, Query, Request, status
|
||||
from pydantic import BaseModel, Field
|
||||
from sqlalchemy import and_, or_
|
||||
|
||||
from models.base import AuditLog, Bookmark, Collection, CollectionBookmark, get_session
|
||||
from models.base import AuditLog, Bookmark, Collection, CollectionBookmark, User, get_session
|
||||
from queries.executor import execute_query
|
||||
|
||||
router = APIRouter(prefix="/api/collections", tags=["Collections"])
|
||||
@@ -49,6 +49,13 @@ def get_current_user_id(request: Request) -> Optional[str]:
|
||||
return None
|
||||
|
||||
|
||||
def parse_uuid(id_str: str):
|
||||
try:
|
||||
return uuid.UUID(id_str) if isinstance(id_str, str) else id_str
|
||||
except (ValueError, AttributeError):
|
||||
return None
|
||||
|
||||
|
||||
def log_audit(db, action, entity_type, entity_id, user_id, old_value=None, new_value=None):
|
||||
try:
|
||||
audit = AuditLog(
|
||||
@@ -73,12 +80,16 @@ async def list_collections(
|
||||
):
|
||||
db = get_session()
|
||||
try:
|
||||
user_id = get_current_user_id(request) if request else None
|
||||
username = get_current_user_id(request) if request else None
|
||||
query = db.query(Collection)
|
||||
if user_id:
|
||||
query = query.filter(
|
||||
or_(Collection.created_by == user_id, Collection.is_public == True)
|
||||
)
|
||||
if username:
|
||||
user = db.query(User).filter(User.username == username).first()
|
||||
if user:
|
||||
query = query.filter(
|
||||
or_(Collection.created_by == user.id, Collection.is_public == True)
|
||||
)
|
||||
else:
|
||||
query = query.filter(Collection.is_public == True)
|
||||
else:
|
||||
query = query.filter(Collection.is_public == True)
|
||||
collections = query.order_by(Collection.created_at.desc()).offset(offset).limit(limit).all()
|
||||
@@ -91,14 +102,14 @@ async def list_collections(
|
||||
async def get_collection(collection_id: str):
|
||||
db = get_session()
|
||||
try:
|
||||
collection = db.query(Collection).filter(Collection.id == collection_id).first()
|
||||
collection = db.query(Collection).filter(Collection.id == parse_uuid(collection_id)).first()
|
||||
if not collection:
|
||||
raise HTTPException(status_code=404, detail="Collection not found")
|
||||
result = collection.to_dict()
|
||||
if collection.query_type == "static":
|
||||
links = (
|
||||
db.query(CollectionBookmark)
|
||||
.filter(CollectionBookmark.collection_id == collection_id)
|
||||
.filter(CollectionBookmark.collection_id == parse_uuid(collection_id))
|
||||
.all()
|
||||
)
|
||||
result["link_ids"] = [lb.bookmark_id for lb in links]
|
||||
@@ -111,30 +122,40 @@ async def get_collection(collection_id: str):
|
||||
async def create_collection(data: CollectionCreate, request: Request):
|
||||
db = get_session()
|
||||
try:
|
||||
user_id = get_current_user_id(request)
|
||||
if not user_id:
|
||||
username = get_current_user_id(request)
|
||||
if not username:
|
||||
raise HTTPException(status_code=401, detail="Authentication required")
|
||||
|
||||
user = db.query(User).filter(User.username == username).first()
|
||||
if not user:
|
||||
raise HTTPException(status_code=404, detail="User not found")
|
||||
|
||||
created_by_id = user.id
|
||||
|
||||
collection = Collection(
|
||||
id=str(uuid.uuid4()),
|
||||
id=uuid.uuid4(),
|
||||
name=data.name,
|
||||
description=data.description,
|
||||
query_type=data.query_type,
|
||||
query_expression=data.query_expression,
|
||||
is_public=data.is_public,
|
||||
created_by=user_id,
|
||||
created_by=created_by_id,
|
||||
)
|
||||
db.add(collection)
|
||||
db.flush()
|
||||
|
||||
if data.query_type == "static" and data.link_ids:
|
||||
for link_id in data.link_ids:
|
||||
cb = CollectionBookmark(collection_id=collection.id, bookmark_id=link_id)
|
||||
try:
|
||||
lid = uuid.UUID(link_id) if isinstance(link_id, str) else link_id
|
||||
except (ValueError, AttributeError):
|
||||
continue
|
||||
cb = CollectionBookmark(collection_id=collection.id, bookmark_id=lid)
|
||||
db.add(cb)
|
||||
|
||||
db.commit()
|
||||
db.refresh(collection)
|
||||
log_audit(db, "create", "Collection", collection.id, user_id, new_value=collection.to_dict())
|
||||
log_audit(db, "create", "Collection", collection.id, created_by_id, new_value=collection.to_dict())
|
||||
return collection.to_dict()
|
||||
finally:
|
||||
db.close()
|
||||
@@ -144,7 +165,7 @@ async def create_collection(data: CollectionCreate, request: Request):
|
||||
async def update_collection(collection_id: str, data: CollectionUpdate, request: Request):
|
||||
db = get_session()
|
||||
try:
|
||||
collection = db.query(Collection).filter(Collection.id == collection_id).first()
|
||||
collection = db.query(Collection).filter(Collection.id == parse_uuid(collection_id)).first()
|
||||
if not collection:
|
||||
raise HTTPException(status_code=404, detail="Collection not found")
|
||||
|
||||
@@ -155,8 +176,9 @@ async def update_collection(collection_id: str, data: CollectionUpdate, request:
|
||||
|
||||
db.commit()
|
||||
db.refresh(collection)
|
||||
user_id = get_current_user_id(request)
|
||||
log_audit(db, "update", "Collection", collection_id, user_id, old_value=old_value, new_value=collection.to_dict())
|
||||
username = get_current_user_id(request)
|
||||
user = db.query(User).filter(User.username == username).first() if username else None
|
||||
log_audit(db, "update", "Collection", collection.id, user.id if user else None, old_value=old_value, new_value=collection.to_dict())
|
||||
return collection.to_dict()
|
||||
finally:
|
||||
db.close()
|
||||
@@ -166,20 +188,21 @@ async def update_collection(collection_id: str, data: CollectionUpdate, request:
|
||||
async def delete_collection(collection_id: str, request: Request):
|
||||
db = get_session()
|
||||
try:
|
||||
collection = db.query(Collection).filter(Collection.id == collection_id).first()
|
||||
collection = db.query(Collection).filter(Collection.id == parse_uuid(collection_id)).first()
|
||||
if not collection:
|
||||
raise HTTPException(status_code=404, detail="Collection not found")
|
||||
|
||||
old_value = collection.to_dict()
|
||||
if collection.query_type == "static":
|
||||
db.query(CollectionBookmark).filter(
|
||||
CollectionBookmark.collection_id == collection_id
|
||||
CollectionBookmark.collection_id == collection.id
|
||||
).delete()
|
||||
db.delete(collection)
|
||||
db.commit()
|
||||
user_id = get_current_user_id(request)
|
||||
log_audit(db, "delete", "Collection", collection_id, user_id, old_value=old_value)
|
||||
return {"message": "Collection deleted successfully", "deleted_id": collection_id}
|
||||
username = get_current_user_id(request)
|
||||
user = db.query(User).filter(User.username == username).first() if username else None
|
||||
log_audit(db, "delete", "Collection", collection.id, user.id if user else None, old_value=old_value)
|
||||
return {"message": "Collection deleted successfully", "deleted_id": str(collection.id)}
|
||||
finally:
|
||||
db.close()
|
||||
|
||||
@@ -188,7 +211,7 @@ async def delete_collection(collection_id: str, request: Request):
|
||||
async def refresh_collection(collection_id: str):
|
||||
db = get_session()
|
||||
try:
|
||||
collection = db.query(Collection).filter(Collection.id == collection_id).first()
|
||||
collection = db.query(Collection).filter(Collection.id == parse_uuid(collection_id)).first()
|
||||
if not collection:
|
||||
raise HTTPException(status_code=404, detail="Collection not found")
|
||||
if collection.query_type != "dynamic":
|
||||
@@ -212,7 +235,10 @@ async def refresh_collection(collection_id: str):
|
||||
async def add_links_to_collection(collection_id: str, link_ids: List[str]):
|
||||
db = get_session()
|
||||
try:
|
||||
collection = db.query(Collection).filter(Collection.id == collection_id).first()
|
||||
parsed_cid = parse_uuid(collection_id)
|
||||
if parsed_cid is None:
|
||||
raise HTTPException(status_code=404, detail="Collection not found")
|
||||
collection = db.query(Collection).filter(Collection.id == parsed_cid).first()
|
||||
if not collection:
|
||||
raise HTTPException(status_code=404, detail="Collection not found")
|
||||
if collection.query_type != "static":
|
||||
@@ -221,13 +247,17 @@ async def add_links_to_collection(collection_id: str, link_ids: List[str]):
|
||||
existing = {
|
||||
cb.bookmark_id
|
||||
for cb in db.query(CollectionBookmark)
|
||||
.filter(CollectionBookmark.collection_id == collection_id)
|
||||
.filter(CollectionBookmark.collection_id == parsed_cid)
|
||||
.all()
|
||||
}
|
||||
added = 0
|
||||
for link_id in link_ids:
|
||||
if link_id not in existing:
|
||||
db.add(CollectionBookmark(collection_id=collection_id, bookmark_id=link_id))
|
||||
try:
|
||||
lid = uuid.UUID(link_id) if isinstance(link_id, str) else link_id
|
||||
except (ValueError, AttributeError):
|
||||
continue
|
||||
if lid not in existing:
|
||||
db.add(CollectionBookmark(collection_id=parsed_cid, bookmark_id=lid))
|
||||
added += 1
|
||||
|
||||
db.commit()
|
||||
@@ -240,15 +270,25 @@ async def add_links_to_collection(collection_id: str, link_ids: List[str]):
|
||||
async def remove_links_from_collection(collection_id: str, link_ids: List[str]):
|
||||
db = get_session()
|
||||
try:
|
||||
collection = db.query(Collection).filter(Collection.id == collection_id).first()
|
||||
parsed_cid = parse_uuid(collection_id)
|
||||
if parsed_cid is None:
|
||||
raise HTTPException(status_code=404, detail="Collection not found")
|
||||
collection = db.query(Collection).filter(Collection.id == parsed_cid).first()
|
||||
if not collection:
|
||||
raise HTTPException(status_code=404, detail="Collection not found")
|
||||
|
||||
parsed_link_ids = []
|
||||
for link_id in link_ids:
|
||||
try:
|
||||
parsed_link_ids.append(uuid.UUID(link_id) if isinstance(link_id, str) else link_id)
|
||||
except (ValueError, AttributeError):
|
||||
continue
|
||||
|
||||
removed = (
|
||||
db.query(CollectionBookmark)
|
||||
.filter(
|
||||
CollectionBookmark.collection_id == collection_id,
|
||||
CollectionBookmark.bookmark_id.in_(link_ids),
|
||||
CollectionBookmark.collection_id == parsed_cid,
|
||||
CollectionBookmark.bookmark_id.in_(parsed_link_ids),
|
||||
)
|
||||
.delete(synchronize_session=False)
|
||||
)
|
||||
|
||||
Reference in New Issue
Block a user