import uuid from fastapi import APIRouter, Depends, HTTPException, status, Query from sqlalchemy.orm import Session from typing import Optional from app.core.database import get_db from app.models import User, Project, Trigger, TriggerLog, CustomField from app.schemas.trigger import ( TriggerCreate, TriggerUpdate, TriggerResponse, TriggerListResponse, TriggerLogResponse, TriggerLogListResponse, TriggerUserInfo ) from app.middleware.auth import get_current_user, check_project_access, check_project_edit_access from app.services.trigger_scheduler import TriggerSchedulerService from app.services.trigger_service import TriggerService from app.services.action_executor import ActionValidationError router = APIRouter(tags=["triggers"]) FIELD_CHANGE_FIELDS = {"status_id", "assignee_id", "priority", "start_date", "due_date", "custom_fields"} FIELD_CHANGE_OPERATORS = {"equals", "not_equals", "changed_to", "changed_from", "before", "after", "in"} DATE_FIELDS = {"start_date", "due_date"} def trigger_to_response(trigger: Trigger) -> TriggerResponse: """Convert Trigger model to TriggerResponse.""" return TriggerResponse( id=trigger.id, project_id=trigger.project_id, name=trigger.name, description=trigger.description, trigger_type=trigger.trigger_type, conditions=trigger.conditions, actions=trigger.actions if isinstance(trigger.actions, list) else [trigger.actions], is_active=trigger.is_active, created_by=trigger.created_by, created_at=trigger.created_at, updated_at=trigger.updated_at, creator=TriggerUserInfo( id=trigger.creator.id, name=trigger.creator.name, email=trigger.creator.email, ) if trigger.creator else None, ) def _validate_field_change_conditions(conditions, project_id: str, db: Session) -> None: rules = [] if conditions.rules is not None: if conditions.logic != "and": raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail="Composite conditions only support logic 'and'", ) if not conditions.rules: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail="Composite conditions require at least one rule", ) rules = conditions.rules else: if not conditions.field: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail="Field is required for field_change triggers", ) rules = [conditions] for rule in rules: field = rule.field operator = rule.operator value = rule.value field_id = rule.field_id or getattr(conditions, "field_id", None) if field not in FIELD_CHANGE_FIELDS: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail="Invalid condition field. Must be 'status_id', 'assignee_id', 'priority', 'start_date', 'due_date', or 'custom_fields'", ) if not operator: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail="Operator is required for field_change triggers", ) if operator not in FIELD_CHANGE_OPERATORS: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail="Invalid operator. Must be 'equals', 'not_equals', 'changed_to', 'changed_from', 'before', 'after', or 'in'", ) if value is None: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail="Condition value is required for field_change triggers", ) field_type = None if field in DATE_FIELDS: field_type = "date" elif field == "custom_fields": if not field_id: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail="Custom field ID is required when field is custom_fields", ) custom_field = db.query(CustomField).filter( CustomField.id == field_id, CustomField.project_id == project_id, ).first() if not custom_field: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail="Custom field not found in this project", ) field_type = custom_field.field_type if operator in {"before", "after"}: if field_type not in {"date", "number", "formula"}: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail="Operator 'before/after' is only valid for date or number fields", ) if operator == "in": if field_type == "date": if not isinstance(value, dict) or "start" not in value or "end" not in value: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail="Date 'in' operator requires a range with start and end", ) elif not isinstance(value, list): raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail="Operator 'in' requires a list of values", ) @router.post("/api/projects/{project_id}/triggers", response_model=TriggerResponse, status_code=status.HTTP_201_CREATED) async def create_trigger( project_id: str, trigger_data: TriggerCreate, db: Session = Depends(get_db), current_user: User = Depends(get_current_user), ): """Create a new trigger for a project.""" project = db.query(Project).filter(Project.id == project_id).first() if not project: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="Project not found", ) if not check_project_edit_access(current_user, project): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Permission denied - only project owner can manage triggers", ) # Validate trigger type valid_trigger_types = ["field_change", "schedule", "creation"] if trigger_data.trigger_type not in valid_trigger_types: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail=f"Invalid trigger type. Must be one of: {', '.join(valid_trigger_types)}", ) # Validate conditions based on trigger type if trigger_data.trigger_type == "field_change": _validate_field_change_conditions(trigger_data.conditions, project_id, db) elif trigger_data.trigger_type == "schedule": # Validate schedule conditions has_cron = trigger_data.conditions.cron_expression is not None has_deadline = trigger_data.conditions.deadline_reminder_days is not None if not has_cron and not has_deadline: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail="Schedule triggers require either cron_expression or deadline_reminder_days", ) # Validate cron expression if provided if has_cron: is_valid, error_msg = TriggerSchedulerService.parse_cron_expression( trigger_data.conditions.cron_expression ) if not is_valid: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail=error_msg or "Invalid cron expression", ) # Validate actions configuration (FEAT-014, FEAT-015) try: actions_dicts = [a.model_dump(exclude_none=True) for a in trigger_data.actions] TriggerService.validate_actions(actions_dicts, db) except ActionValidationError as e: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail=str(e), ) # Create trigger trigger = Trigger( id=str(uuid.uuid4()), project_id=project_id, name=trigger_data.name, description=trigger_data.description, trigger_type=trigger_data.trigger_type, conditions=trigger_data.conditions.model_dump(), actions=[a.model_dump(exclude_none=True) for a in trigger_data.actions], is_active=trigger_data.is_active, created_by=current_user.id, ) db.add(trigger) db.commit() db.refresh(trigger) return trigger_to_response(trigger) @router.get("/api/projects/{project_id}/triggers", response_model=TriggerListResponse) async def list_triggers( project_id: str, is_active: Optional[bool] = None, db: Session = Depends(get_db), current_user: User = Depends(get_current_user), ): """List all triggers for a project.""" project = db.query(Project).filter(Project.id == project_id).first() if not project: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="Project not found", ) if not check_project_access(current_user, project): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Access denied", ) query = db.query(Trigger).filter(Trigger.project_id == project_id) if is_active is not None: query = query.filter(Trigger.is_active == is_active) triggers = query.order_by(Trigger.created_at.desc()).all() return TriggerListResponse( triggers=[trigger_to_response(t) for t in triggers], total=len(triggers), ) @router.get("/api/triggers/{trigger_id}", response_model=TriggerResponse) async def get_trigger( trigger_id: str, db: Session = Depends(get_db), current_user: User = Depends(get_current_user), ): """Get a specific trigger by ID.""" trigger = db.query(Trigger).filter(Trigger.id == trigger_id).first() if not trigger: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="Trigger not found", ) project = trigger.project if not check_project_access(current_user, project): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Access denied", ) return trigger_to_response(trigger) @router.put("/api/triggers/{trigger_id}", response_model=TriggerResponse) async def update_trigger( trigger_id: str, trigger_data: TriggerUpdate, db: Session = Depends(get_db), current_user: User = Depends(get_current_user), ): """Update a trigger.""" trigger = db.query(Trigger).filter(Trigger.id == trigger_id).first() if not trigger: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="Trigger not found", ) project = trigger.project if not check_project_edit_access(current_user, project): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Permission denied", ) # Update fields if provided if trigger_data.name is not None: trigger.name = trigger_data.name if trigger_data.description is not None: trigger.description = trigger_data.description if trigger_data.conditions is not None: # Validate conditions based on trigger type if trigger.trigger_type == "field_change": _validate_field_change_conditions(trigger_data.conditions, trigger.project_id, db) elif trigger.trigger_type == "schedule": # Validate cron expression if provided if trigger_data.conditions.cron_expression is not None: is_valid, error_msg = TriggerSchedulerService.parse_cron_expression( trigger_data.conditions.cron_expression ) if not is_valid: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail=error_msg or "Invalid cron expression", ) trigger.conditions = trigger_data.conditions.model_dump(exclude_none=True) if trigger_data.actions is not None: # Validate actions configuration (FEAT-014, FEAT-015) try: actions_dicts = [a.model_dump(exclude_none=True) for a in trigger_data.actions] TriggerService.validate_actions(actions_dicts, db) except ActionValidationError as e: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail=str(e), ) trigger.actions = [a.model_dump(exclude_none=True) for a in trigger_data.actions] if trigger_data.is_active is not None: trigger.is_active = trigger_data.is_active db.commit() db.refresh(trigger) return trigger_to_response(trigger) @router.delete("/api/triggers/{trigger_id}", status_code=status.HTTP_204_NO_CONTENT) async def delete_trigger( trigger_id: str, db: Session = Depends(get_db), current_user: User = Depends(get_current_user), ): """Delete a trigger.""" trigger = db.query(Trigger).filter(Trigger.id == trigger_id).first() if not trigger: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="Trigger not found", ) project = trigger.project if not check_project_edit_access(current_user, project): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Permission denied", ) db.delete(trigger) db.commit() @router.get("/api/triggers/{trigger_id}/logs", response_model=TriggerLogListResponse) async def list_trigger_logs( trigger_id: str, limit: int = Query(50, ge=1, le=200, description="Number of logs to return"), offset: int = Query(0, ge=0, description="Number of logs to skip"), db: Session = Depends(get_db), current_user: User = Depends(get_current_user), ): """Get execution logs for a trigger.""" trigger = db.query(Trigger).filter(Trigger.id == trigger_id).first() if not trigger: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="Trigger not found", ) project = trigger.project if not check_project_access(current_user, project): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Access denied", ) total = db.query(TriggerLog).filter(TriggerLog.trigger_id == trigger_id).count() logs = db.query(TriggerLog).filter( TriggerLog.trigger_id == trigger_id, ).order_by(TriggerLog.executed_at.desc()).offset(offset).limit(limit).all() return TriggerLogListResponse( logs=[ TriggerLogResponse( id=log.id, trigger_id=log.trigger_id, task_id=log.task_id, executed_at=log.executed_at, status=log.status, details=log.details, error_message=log.error_message, ) for log in logs ], total=total, )