demo-backend/document-service/app/routers/loan_officer_router.py

# --- Library Imports ---
from fastapi import APIRouter, BackgroundTasks, Depends, Form, Query, Security, UploadFile
from sqlalchemy.orm import Session

from app.schema.examples.document import *
from app.schema.examples.error_response import *
from app.schema.response_schema import ResponseSchema
from app.services.document_service import DocumentService

# ---
# --- User Imports ---
from app.utils.database import get_db
from app.utils.jwt import VerifyToken
from app.utils.utility import create_swagger_response

# ---


router = APIRouter()
auth = VerifyToken()


@router.put(
    "/update_file/{document_id}",
    dependencies=[Depends(auth.verify), Depends(auth.is_loan_officer)],
    response_model=ResponseSchema,
    summary="Update File",
    responses=create_swagger_response(
        update_file_response, [unauthorized_response, permission_denied, document_not_found]
    ),
    description="Update an existing file in blob storage for a specified application.",
)
async def update_file(
    document_id: int,
    applicationId: int = Form(),
    documentTitle: str = Form(default=None, Optional=True),
    file: UploadFile = UploadFile(...),
    userId: int = Form(default=None, Optional=True),
    user=Security(auth.verify, scopes=[]),
    db: Session = Depends(get_db),
):
    """
    Update an existing file in blob storage for a specified application.

    - **document_id**: The ID of the document to update.
    - **applicationId**: The ID of the application.
    - **documentTitle**: The title of the document.
    - **file**: The file to be updated.
    - **userId**: The ID of the user.
    - **user**: The authenticated user.
    - **db**: The database session.
    """
    payload = {
        "document_id": document_id,
        "application_id": applicationId,
        "document_title": documentTitle,
        "user_id": userId,
    }
    result = await DocumentService.update_file(file, user, payload, db)
    return result


@router.delete(
    "/document/{document_id}",
    dependencies=[Depends(auth.verify), Depends(auth.is_loan_officer)],
    response_model=ResponseSchema,
    summary="Delete Document",
    responses=create_swagger_response(
        delete_document_response, [unauthorized_response, document_not_found, permission_denied]
    ),
    description="Delete a document from blob storage.",
)
async def delete_document(
    document_id: int,
    user_id: int = Form(default=None, Optional=True),
    db: Session = Depends(get_db),
    user=Security(auth.verify, scopes=[]),
):
    """
    Delete a document from blob storage.

    - **document_id**: The ID of the document to delete.
    - **user_id**: The ID of the user.
    - **db**: The database session.
    - **user**: The authenticated user.
    """
    return await DocumentService.delete_document(db, document_id, user, user_id)


@router.get(
    "/documents/user/{user_id}/application/{application_id}",
    dependencies=[Depends(auth.verify), Depends(auth.is_loan_officer)],
    response_model=ResponseSchema,
    summary="List Documents",
    responses=create_swagger_response(list_documents_response, [unauthorized_response, permission_denied]),
    description="Fetch a list of document types for a specific user and application.",
)
async def list_documents(
    application_id: int,
    user_id: str,
    db: Session = Depends(get_db),
):
    """
    Fetch a list of document types for a specific user and application.

    - **application_id**: The ID of the application.
    - **user_id**: The ID of the user.
    - **db**: The database session.
    """
    return await DocumentService.get_document_types(application_id, user_id, db)


@router.get(
    "/read_file",
    dependencies=[Depends(auth.verify), Depends(auth.is_loan_officer)],
    response_model=ResponseSchema,
    summary="Read File",
    description="Read a file from blob storage.",
)
async def read_file(
    document_id: int = Query(),
    user_id: int = Query(),
    user=Security(auth.verify, scopes=[]),
    db: Session = Depends(get_db),
):
    """
    Read a file from blob storage.

    - **document_id**: The ID of the document to read.
    - **user_id**: The ID of the user.
    - **user**: The authenticated user.
    - **db**: The database session.
    """
    result = await DocumentService.read_file_from_blob_storage(document_id, user, user_id, db)
    return result


@router.post(
    "/upload_file",
    dependencies=[Depends(auth.verify), Depends(auth.is_loan_officer)],
    response_model=ResponseSchema,
    summary="Upload File",
    responses=create_swagger_response(upload_file_response, [unauthorized_response, permission_denied]),
    description="Upload a file to blob storage for a specified application.",
)
async def upload_file(
    background_tasks: BackgroundTasks,
    applicationId: int = Form(),
    userProfileId: int = Form(),
    userId: int = Form(),
    documentTypeId: int = Form(default=None, Optional=True),
    documentSubTypeId: int = Form(default=None, Optional=True),
    documentTitle: str = Form(default=None, Optional=True),
    file: UploadFile = UploadFile(...),
    user=Security(auth.verify, scopes=[]),
    db: Session = Depends(get_db),
):
    """
    Upload a file to blob storage for a specified application.

    - **background_tasks**: The background task manager.
    - **applicationId**: The ID of the application.
    - **userProfileId**: The ID of the user profile.
    - **documentTypeId**: The ID of the document type.
    - **userId**: The ID of the user.
    - **documentSubTypeId**: The ID of the document subtype.
    - **documentTitle**: The title of the document.
    - **file**: The file to be uploaded.
    - **user**: The authenticated user.
    - **db**: The database session.
    """
    payload = {
        "user_id": userId,
        "user_profile_id": userProfileId,
        "application_id": applicationId,
        "document_subtype_id": documentSubTypeId,
        "document_type_id": documentTypeId,
        "document_title": documentTitle,
    }
    result = await DocumentService.upload_file_to_blob_storage(file, user, payload, db, background_tasks)

    return result


@router.post(
    "/doc_verification/approve/{user_document_id}",
    response_model=ResponseSchema,
    summary="Verify Document",
    responses=create_swagger_response(
        approve_document_response, [unauthorized_response, document_not_found, permission_denied]
    ),
    description="Approve a user document.",
    dependencies=[Depends(auth.verify), Depends(auth.is_loan_officer)],
)
async def approve_document(user_document_id: str, user_id: int = Form(), db: Session = Depends(get_db)):
    """
    Approve a user document.

    - **user_document_id**: The ID of the user document.
    - **user_id**: The ID of the user.
    - **db**: The database session.
    """
    return DocumentService.approve_document(db, user_document_id, user_id)


@router.post(
    "/doc_verification/reject/{user_document_id}",
    response_model=ResponseSchema,
    summary="Reject Document",
    responses=create_swagger_response(
        reject_document_response, [unauthorized_response, permission_denied, document_not_found]
    ),
    description="Reject a user document.",
    dependencies=[Depends(auth.verify), Depends(auth.is_loan_officer)],
)
async def reject_document(user_document_id: str, user_id: int = Form(), db: Session = Depends(get_db)):
    """
    Reject a user document.

    - **user_document_id**: The ID of the user document.
    - **user_id**: The ID of the user.
    - **db**: The database session.
    """
    return DocumentService.reject_document(db, user_document_id, user_id)