from flask import Blueprint, request, jsonify from flask_jwt_extended import jwt_required from app.database import db from app.models import Review, TireBusiness from app.auth import get_current_user reviews_bp = Blueprint('reviews', __name__) def review_to_dict(review): """Convert Review model to dictionary.""" return { 'id': review.id, 'business_id': review.business_id, 'user_id': review.user_id, 'user_name': review.user_name, 'user_avatar': review.user_avatar, 'rating': review.rating, 'comment': review.comment, 'created_at': review.created_at.isoformat() if review.created_at else None } @reviews_bp.route('/business/', methods=['GET']) def get_business_reviews(business_id): """Get all reviews for a business. Public endpoint.""" reviews = Review.query.filter_by(business_id=business_id).order_by(Review.created_at.desc()).all() return jsonify([review_to_dict(r) for r in reviews]), 200 @reviews_bp.route('', methods=['POST']) @jwt_required() def create_review(): """Create a new review. Requires authentication.""" user = get_current_user() if not user: return jsonify({'error': 'Authentication required'}), 401 data = request.get_json() business_id = data.get('business_id') rating = data.get('rating') comment = data.get('comment', '') user_name = data.get('user_name', user.email.split('@')[0]) user_avatar = data.get('user_avatar') if not all([business_id, rating]): return jsonify({'error': 'business_id and rating are required'}), 400 if rating < 1 or rating > 5: return jsonify({'error': 'Rating must be between 1 and 5'}), 400 # Check if user already reviewed this business existing_review = Review.query.filter_by( business_id=business_id, user_id=user.id ).first() if existing_review: return jsonify({'error': 'You have already reviewed this business'}), 400 # Create review review_id = f"review-{business_id}-{user.id}" new_review = Review( id=review_id, business_id=business_id, user_id=user.id, user_name=user_name, user_avatar=user_avatar, rating=rating, comment=comment ) db.session.add(new_review) # Update business rating business = TireBusiness.query.filter_by(id=business_id).first() if business: current_total = business.rating * business.review_count new_review_count = business.review_count + 1 new_rating = (current_total + rating) / new_review_count business.rating = round(new_rating, 1) business.review_count = new_review_count db.session.commit() return jsonify(review_to_dict(new_review)), 201 @reviews_bp.route('/', methods=['DELETE']) @jwt_required() def delete_review(review_id): """Delete a review. Only the author can delete their review.""" user = get_current_user() if not user: return jsonify({'error': 'Authentication required'}), 401 review = Review.query.filter_by(id=review_id).first() if not review: return jsonify({'error': 'Review not found'}), 404 if review.user_id != user.id: return jsonify({'error': 'You can only delete your own reviews'}), 403 business_id = review.business_id rating = review.rating db.session.delete(review) # Update business rating business = TireBusiness.query.filter_by(id=business_id).first() if business and business.review_count > 1: current_total = business.rating * business.review_count new_review_count = business.review_count - 1 new_rating = (current_total - rating) / new_review_count business.rating = round(new_rating, 1) business.review_count = new_review_count elif business: business.rating = 0.0 business.review_count = 0 db.session.commit() return '', 204