From dba44aa4fbd053cedbeac633939766e380635d41 Mon Sep 17 00:00:00 2001
From: Scott Idem <stidem@gmail.com>
Date: Thu, 6 Jul 2023 18:10:49 -0400
Subject: [PATCH] Improvements for API CRUD list endpoints and related
 sql_select function. Now supports enabled and hidden.

---
 app/db_sql.py           | 48 +++++++++++++++++++++++++++++++++++++++++
 app/routers/api_crud.py | 10 +++++++--
 2 files changed, 56 insertions(+), 2 deletions(-)

diff --git a/app/db_sql.py b/app/db_sql.py
index c746993..f0980c7 100644
--- a/app/db_sql.py
+++ b/app/db_sql.py
@@ -529,6 +529,8 @@ def sql_select(
         record_id_random: str|None = None,
         field_name: str|None = None,
         field_value = None,
+        enabled: str = 'enabled', # enabled, disabled, all
+        hidden: str = 'not_hidden', # hidden, not_hidden, all
         limit: int = 9999999,
         offset: int = 0,
         sql: str|None = None,
@@ -549,7 +551,16 @@ def sql_select(
 
     if table_name and not (record_id or record_id_random or field_name or field_value or sql or data):
         # Select all records from a table
+        # Updated 2023-07-06
         log.info('Select all records from a table')
+
+        # NOTE: This is new and currently only working with the API CRUD list endpoint and the sql_select function calls. -2023-07-06
+        # NOTE: This call (without field_name, field_value) may need more testing.
+        data = {}
+        sql_enabled, data['enable'] = sql_enable_part(table_name=table_name, enabled=enabled) # Reasonably safe return str and bool
+
+        sql_hidden, data['hidden'] = sql_hidden_part(table_name=table_name, hidden=hidden) # Reasonably safe return str and bool
+
         sql = text(
             f"""
             SELECT *
@@ -588,16 +599,25 @@ def sql_select(
             )
     elif table_name and field_name and field_value and not (record_id or record_id_random or sql or data):
         # Select all records from a table with a specific field and field value
+        # Updated 2023-07-06
         log.info('Select all records from a table with a specific field and field value')
 
+        # NOTE: This is new and currently only working with the API CRUD list endpoint and the sql_select function calls. -2023-07-06
+        # NOTE: This may need more testing.
         data = {}
         data[field_name] = field_value
 
+        sql_enabled, data['enable'] = sql_enable_part(table_name=table_name, enabled=enabled) # Reasonably safe return str and bool
+
+        sql_hidden, data['hidden'] = sql_hidden_part(table_name=table_name, hidden=hidden) # Reasonably safe return str and bool
+
         sql = text(
             f"""
             SELECT *
             FROM `{table_name}`
             WHERE `{table_name}`.{field_name} = :{field_name}
+            {sql_enabled}
+            {sql_hidden}
             {sql_limit_offset}
             ;
             """
@@ -1414,6 +1434,34 @@ def sql_enable_part(table_name: str, enabled: str) -> bool|dict:
 # ### END ### API DB SQL Methods ### sql_enable_part() ###
 
 
+# ### BEGIN ### API DB SQL Methods ### sql_hidden_part() ###
+# Updated 2022-01-17
+@logger_reset
+def sql_hidden_part(table_name: str, hidden: str) -> bool|dict:
+    log.setLevel(logging.WARNING) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
+    log.debug(locals())
+
+    if not table_name: return False
+
+    if hidden in ['hidden', 'not_hidden', 'all']:
+        log.info(f'Creating partial SQL string for "hidden" check. Hide: {hidden}')
+        if hidden == 'hidden':
+            sql = f'AND `{table_name}`.hide = true'
+            hide = True
+        elif hidden == 'not_hidden':
+            sql = f'AND (`{table_name}`.hide = false OR `{table_name}`.hide IS NULL)'
+            hide = False
+        elif hidden == 'all':
+            sql = f'AND (`{table_name}`.hide = true OR `{table_name}`.hide = false OR `{table_name}`.hide IS NULL)'
+            hide = None
+        log.debug(sql)
+
+        return sql, hide
+    else:
+        return False
+# ### END ### API DB SQL Methods ### sql_enable_part() ###
+
+
 # ### BEGIN ### API DB SQL Methods ### sql_limit_offset_part() ###
 # Updated 2022-01-17
 @logger_reset
diff --git a/app/routers/api_crud.py b/app/routers/api_crud.py
index 99e8427..17f8c1e 100644
--- a/app/routers/api_crud.py
+++ b/app/routers/api_crud.py
@@ -173,6 +173,8 @@ async def get_obj_li(
         for_obj_type: Optional[str] = Query(None, max_length=50),
         for_obj_id: Optional[str] = Query(None, max_length=22),
 
+        enabled: str = 'enabled',
+        hidden: str = 'not_hidden', # hidden, not_hidden, all,
         limit: int = 10000,
         offset: int = 0,
 
@@ -183,6 +185,7 @@ async def get_obj_li(
         exclude_unset: Optional[bool] = False,
         exclude_none: Optional[bool] = True,
         response: Response = Response,
+        # commons: Common_Route_Params = Depends(common_route_params), # Switch to this later... sooner
         ):
     log.setLevel(logging.DEBUG) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
     log.debug(locals())
@@ -227,9 +230,12 @@ async def get_obj_li(
         #data[f'{for_obj_type}_id'] = for_obj_id
         field_name = f'{for_obj_type}_id'
 
-        sql_result = sql_select(table_name=table_name, field_name=field_name, field_value=for_obj_id, limit=limit, offset=offset)
+        # NOTE: The enabled and hidden parameters are new to this endpoint and the sql_select function! -2023-07-06
+        sql_result = sql_select(table_name=table_name, field_name=field_name, field_value=for_obj_id, enabled=enabled, hidden=hidden, limit=limit, offset=offset)
     else:
-        sql_result = sql_select(table_name=table_name)
+        # NOTE: The enabled and hidden parameters are new to this endpoint and the sql_select function! -2023-07-06
+        # NOTE: This call (without field_name, field_value, limit, offset) may need more testing.
+        sql_result = sql_select(table_name=table_name, enabled=enabled, hidden=hidden, limit=limit, offset=offset)
 
     log.debug(sql_result)