"""Support ticket endpoints for CRM functionality.""" from typing import Optional from uuid import UUID from fastapi import APIRouter, Depends, HTTPException, Query, status from sqlalchemy.orm import Session from app.api.deps import get_current_admin, get_current_user, get_db, require_user_type from app.models.support import SupportTicket, SupportTicketMessage, TicketStatus, TicketType from app.models.user import UserType from app.schemas.common import SuccessResponse from app.schemas.support import ( SupportTicketCreate, SupportTicketMessageCreate, SupportTicketMessageResponse, SupportTicketResponse, SupportTicketUpdate, ) router = APIRouter(prefix="/support", tags=["support"]) @router.get("/tickets", response_model=SuccessResponse) async def list_tickets( ticket_type: Optional[TicketType] = Query(None), status: Optional[TicketStatus] = Query(None), student_id: Optional[UUID] = Query(None), db: Session = Depends(get_db), current_user_data: dict = Depends(get_current_user), ): """List support tickets with optional filters.""" query = db.query(SupportTicket) # Users (students, corporate partners) can only see their own tickets user_data = current_user_data if user_data.get("type") == "user": user = user_data.get("user") if user.user_type in (UserType.GLOBAL_UNDERGRADUATE, UserType.CORPORATE_PARTNER): query = query.filter(SupportTicket.student_id == user.id) if ticket_type: query = query.filter(SupportTicket.ticket_type == ticket_type) if status: query = query.filter(SupportTicket.status == status) if student_id: query = query.filter(SupportTicket.student_id == student_id) tickets = query.order_by(SupportTicket.created_at.desc()).all() return SuccessResponse( data=[SupportTicketResponse.model_validate(t).model_dump() for t in tickets], message="Support tickets retrieved successfully", ) @router.post("/tickets", response_model=SuccessResponse, status_code=status.HTTP_201_CREATED) async def create_ticket( ticket_data: SupportTicketCreate, db: Session = Depends(get_db), current_user_data: dict = Depends(get_current_user), ): """Create a new support ticket (students and corporate partners).""" # Verify allowed user user_data = current_user_data if user_data.get("type") != "user": raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Only authenticated users can create support tickets", ) user = user_data.get("user") # Auto-assign based on ticket type assigned_to = None if ticket_data.ticket_type == TicketType.FINANCE: assigned_to = "bursary" elif ticket_data.ticket_type == TicketType.REGISTRAR: assigned_to = "registrar" elif ticket_data.ticket_type == TicketType.IT: assigned_to = "it" elif ticket_data.ticket_type == TicketType.ACADEMIC: assigned_to = "academic" ticket = SupportTicket( student_id=user.id, ticket_type=ticket_data.ticket_type, subject=ticket_data.subject, description=ticket_data.description, status=ticket_data.status, assigned_to=assigned_to, ) db.add(ticket) db.flush() # Create initial message in the thread initial_message = SupportTicketMessage( ticket_id=ticket.id, sender_id=user.id, sender_role=str(user.user_type.value), content=ticket_data.description, ) db.add(initial_message) db.commit() db.refresh(ticket) return SuccessResponse( data=SupportTicketResponse.model_validate(ticket).model_dump(), message="Support ticket created successfully", ) @router.get("/tickets/{ticket_id}", response_model=SuccessResponse) async def get_ticket( ticket_id: UUID, db: Session = Depends(get_db), current_user_data: dict = Depends(get_current_user), ): """Get a single support ticket.""" ticket = db.query(SupportTicket).filter(SupportTicket.id == ticket_id).first() if not ticket: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="Support ticket not found", ) # Students can only see their own tickets user_data = current_user_data if user_data.get("type") == "user": user = user_data.get("user") if user.user_type == UserType.GLOBAL_UNDERGRADUATE and str(ticket.student_id) != str(user.id): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="You can only view your own tickets", ) return SuccessResponse( data=SupportTicketResponse.model_validate(ticket).model_dump(), message="Support ticket retrieved successfully", ) @router.put("/tickets/{ticket_id}", response_model=SuccessResponse) async def update_ticket( ticket_id: UUID, ticket_data: SupportTicketUpdate, db: Session = Depends(get_db), current_admin = Depends(get_current_admin), ): """Update a support ticket (admin/staff only).""" ticket = db.query(SupportTicket).filter(SupportTicket.id == ticket_id).first() if not ticket: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="Support ticket not found", ) # Update fields if ticket_data.status is not None: ticket.status = ticket_data.status if ticket_data.status == TicketStatus.RESOLVED: from datetime import datetime ticket.resolved_at = datetime.utcnow() # Get current admin user ID ticket.resolved_by = current_admin.id if ticket_data.assigned_to is not None: ticket.assigned_to = ticket_data.assigned_to if ticket_data.internal_notes is not None: ticket.internal_notes = ticket_data.internal_notes if ticket_data.resolution is not None: ticket.resolution = ticket_data.resolution db.commit() db.refresh(ticket) return SuccessResponse( data=SupportTicketResponse.model_validate(ticket).model_dump(), message="Support ticket updated successfully", ) @router.get("/tickets/{ticket_id}/messages", response_model=SuccessResponse) async def list_ticket_messages( ticket_id: UUID, db: Session = Depends(get_db), current_user_data: dict = Depends(get_current_user), ): """List all messages for a support ticket.""" ticket = db.query(SupportTicket).filter(SupportTicket.id == ticket_id).first() if not ticket: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="Support ticket not found", ) user_data = current_user_data if user_data.get("type") == "user": user = user_data.get("user") # Students and corporate partners can only see their own ticket messages if user.user_type in (UserType.GLOBAL_UNDERGRADUATE, UserType.CORPORATE_PARTNER) and str(ticket.student_id) != str(user.id): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="You can only view your own ticket messages", ) messages = ( db.query(SupportTicketMessage) .filter(SupportTicketMessage.ticket_id == ticket_id) .order_by(SupportTicketMessage.created_at.asc()) .all() ) return SuccessResponse( data=[SupportTicketMessageResponse.model_validate(m).model_dump() for m in messages], message="Support ticket messages retrieved successfully", ) @router.post("/tickets/{ticket_id}/messages", response_model=SuccessResponse, status_code=status.HTTP_201_CREATED) async def create_ticket_message( ticket_id: UUID, message_data: SupportTicketMessageCreate, db: Session = Depends(get_db), current_user_data: dict = Depends(get_current_user), ): """Append a new message to a support ticket thread.""" ticket = db.query(SupportTicket).filter(SupportTicket.id == ticket_id).first() if not ticket: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="Support ticket not found", ) user_data = current_user_data if user_data.get("type") != "user": raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Only authenticated users can reply to tickets", ) user = user_data.get("user") # Students and corporate partners can only reply to their own tickets if user.user_type in (UserType.GLOBAL_UNDERGRADUATE, UserType.CORPORATE_PARTNER) and str(ticket.student_id) != str(user.id): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="You can only reply to your own tickets", ) message = SupportTicketMessage( ticket_id=ticket.id, sender_id=user.id, sender_role=str(user.user_type.value), content=message_data.content, ) db.add(message) db.commit() db.refresh(message) return SuccessResponse( data=SupportTicketMessageResponse.model_validate(message).model_dump(), message="Message added to ticket successfully", )