fastapi
diff --git a/‎.env‎
Lines changed: 2 additions & 0 deletions b/‎.env‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎.github/workflows/playwright.yml‎
Lines changed: 4 additions & 4 deletions b/‎.github/workflows/playwright.yml‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎.github/workflows/test-backend.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/test-backend.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/test-docker-compose.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/test-docker-compose.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎backend/app/alembic/versions/d29f99ac75e5_add_question_answer_exam_examattempt_to_.py‎
Lines changed: 77 additions & 0 deletions b/‎backend/app/alembic/versions/d29f99ac75e5_add_question_answer_exam_examattempt_to_.py‎
Lines changed: 77 additions & 0 deletions
diff --git a/‎backend/app/api/main.py‎
Lines changed: 12 additions & 1 deletion b/‎backend/app/api/main.py‎
Lines changed: 12 additions & 1 deletion
diff --git a/‎backend/app/api/routes/exam_attempts.py‎
Lines changed: 85 additions & 0 deletions b/‎backend/app/api/routes/exam_attempts.py‎
Lines changed: 85 additions & 0 deletions
diff --git a/‎backend/app/api/routes/exams.py‎
Lines changed: 136 additions & 0 deletions b/‎backend/app/api/routes/exams.py‎
Lines changed: 136 additions & 0 deletions
@@ -48,3 +48,5 @@ AWS_ACCESS_KEY_ID=yourkey
 AWS_SECRET_ACCESS_KEY=yoursecret
 AWS_REGION=us-east-1
 S3_BUCKET=your-bucket-name
+
+OPENAI_API_KEY=yourkey
@@ -23,7 +23,7 @@ jobs:
       AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
       AWS_REGION: ${{ secrets.AWS_REGION }}
       S3_BUCKET: ${{ secrets.S3_BUCKET }}
-      # OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
+      OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
     # Set job outputs to values from filter step
     outputs:
       changed: ${{ steps.filter.outputs.changed }}
@@ -52,7 +52,7 @@ jobs:
       AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
       AWS_REGION: ${{ secrets.AWS_REGION }}
       S3_BUCKET: ${{ secrets.S3_BUCKET }}
-      # OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
+      OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
     strategy:
       matrix:
         shardIndex: [1, 2, 3, 4]
@@ -109,7 +109,7 @@ jobs:
       AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
       AWS_REGION: ${{ secrets.AWS_REGION }}
       S3_BUCKET: ${{ secrets.S3_BUCKET }}
-      # OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
+      OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
     steps:
     - uses: actions/checkout@v5
     - uses: actions/setup-node@v5
@@ -146,7 +146,7 @@ jobs:
       AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
       AWS_REGION: ${{ secrets.AWS_REGION }}
       S3_BUCKET: ${{ secrets.S3_BUCKET }}
-      # OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
+      OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
     steps:
       - name: Decide whether the needed jobs succeeded or failed
         uses: re-actors/alls-green@release/v1
 
@@ -17,7 +17,7 @@ jobs:
       AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
       AWS_REGION: ${{ secrets.AWS_REGION }}
       S3_BUCKET: ${{ secrets.S3_BUCKET }}
-      # OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
+      OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
     steps:
       - name: Checkout
         uses: actions/checkout@v5
 
@@ -17,7 +17,7 @@ jobs:
       AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
       AWS_REGION: ${{ secrets.AWS_REGION }}
       S3_BUCKET: ${{ secrets.S3_BUCKET }}
-      # OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
+      OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
 
     steps:
       - name: Checkout
 
@@ -0,0 +1,77 @@
+"""Add Question, Answer, Exam, ExamAttempt to the db
+
+Revision ID: d29f99ac75e5
+Revises: db14556d2858
+Create Date: 2025-10-08 11:21:23.657380
+
+"""
+from alembic import op
+import sqlalchemy as sa
+import sqlmodel.sql.sqltypes
+
+
+# revision identifiers, used by Alembic.
+revision = 'd29f99ac75e5'
+down_revision = 'db14556d2858'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.create_table('exam',
+    sa.Column('title', sa.Text(), nullable=False),
+    sa.Column('description', sa.Text(), nullable=True),
+    sa.Column('duration_minutes', sa.Integer(), nullable=True),
+    sa.Column('is_published', sa.Boolean(), nullable=False),
+    sa.Column('id', sa.Uuid(), nullable=False),
+    sa.Column('owner_id', sa.Uuid(), nullable=False),
+    sa.ForeignKeyConstraint(['owner_id'], ['user.id'], ),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.create_table('examattempt',
+    sa.Column('score', sa.Float(), nullable=True),
+    sa.Column('is_complete', sa.Boolean(), nullable=False),
+    sa.Column('id', sa.Uuid(), nullable=False),
+    sa.Column('exam_id', sa.Uuid(), nullable=False),
+    sa.Column('owner_id', sa.Uuid(), nullable=False),
+    sa.Column('completed_at', sa.DateTime(), nullable=True),
+    sa.Column('created_at', sa.DateTime(), nullable=False),
+    sa.Column('updated_at', sa.DateTime(), nullable=False),
+    sa.ForeignKeyConstraint(['exam_id'], ['exam.id'], ondelete='CASCADE'),
+    sa.ForeignKeyConstraint(['owner_id'], ['user.id'], ondelete='CASCADE'),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.create_table('question',
+    sa.Column('question', sa.Text(), nullable=False),
+    sa.Column('answer', sa.Text(), nullable=True),
+    sa.Column('id', sa.Uuid(), nullable=False),
+    sa.Column('type', sa.Enum('MULTIPLE_CHOICE', 'TRUE_FALSE', 'SHORT_ANSWER', name='questiontype'), nullable=False),
+    sa.Column('options', sa.JSON(), nullable=True),
+    sa.Column('exam_id', sa.Uuid(), nullable=False),
+    sa.ForeignKeyConstraint(['exam_id'], ['exam.id'], ),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.create_table('answer',
+    sa.Column('response', sqlmodel.sql.sqltypes.AutoString(), nullable=False),
+    sa.Column('is_correct', sa.Boolean(), nullable=True),
+    sa.Column('explanation', sqlmodel.sql.sqltypes.AutoString(), nullable=True),
+    sa.Column('id', sa.Uuid(), nullable=False),
+    sa.Column('attempt_id', sa.Uuid(), nullable=False),
+    sa.Column('question_id', sa.Uuid(), nullable=False),
+    sa.Column('created_at', sa.DateTime(), nullable=False),
+    sa.Column('updated_at', sa.DateTime(), nullable=False),
+    sa.ForeignKeyConstraint(['attempt_id'], ['examattempt.id'], ),
+    sa.ForeignKeyConstraint(['question_id'], ['question.id'], ),
+    sa.PrimaryKeyConstraint('id')
+    )
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_table('answer')
+    op.drop_table('question')
+    op.drop_table('examattempt')
+    op.drop_table('exam')
+    # ### end Alembic commands ###
@@ -1,6 +1,15 @@
 from fastapi import APIRouter
 
-from app.api.routes import documents, items, login, private, users, utils
+from app.api.routes import (
+    documents,
+    exam_attempts,
+    exams,
+    items,
+    login,
+    private,
+    users,
+    utils,
+)
 from app.core.config import settings
 
 api_router = APIRouter()
@@ -9,6 +18,8 @@
 api_router.include_router(users.router)
 api_router.include_router(utils.router)
 api_router.include_router(items.router)
+api_router.include_router(exams.router)
+api_router.include_router(exam_attempts.router)
 
 
 if settings.ENVIRONMENT == "local":
 
@@ -0,0 +1,85 @@
+import uuid
+from typing import Any
+
+from fastapi import APIRouter, HTTPException
+
+from app import crud
+from app.api.deps import CurrentUser, SessionDep
+from app.models import (
+    Exam,
+    ExamAttempt,
+    ExamAttemptCreate,
+    ExamAttemptPublic,
+    ExamAttemptUpdate,
+)
+
+router = APIRouter(prefix="/exam-attempts", tags=["exam-attempts"])
+
+
+def get_exam_by_id(session: SessionDep, exam_in: ExamAttemptCreate) -> Exam | None:
+    exam = session.get(Exam, exam_in.exam_id)
+    return exam
+
+
+@router.post("/", response_model=ExamAttemptPublic)
+def create_exam_attempt(
+    session: SessionDep, current_user: CurrentUser, exam_in: ExamAttemptCreate
+) -> Any:
+    """
+    Create a new exam attempt for a specific exam.
+    """
+    exam = get_exam_by_id(session, exam_in)
+    if not exam:
+        raise HTTPException(status_code=404, detail="Exam not found")
+
+    if not current_user.is_superuser and exam.owner_id != current_user.id:
+        raise HTTPException(status_code=403, detail="Not enough permissions")
+
+    exam_attempt = crud.create_exam_attempt(
+        session=session, user_id=current_user.id, exam_in=exam_in
+    )
+    return exam_attempt
+
+
+@router.get("/{id}", response_model=ExamAttemptPublic)
+def read_exam_attempt(
+    session: SessionDep, current_user: CurrentUser, id: uuid.UUID
+) -> Any:
+    """
+    Get ExamAttempt by ID.
+    """
+    exam_attempt = session.get(ExamAttempt, id)
+    if not exam_attempt:
+        raise HTTPException(status_code=404, detail="Exam Attempt not found")
+    if not current_user.is_superuser and (exam_attempt.owner_id != current_user.id):
+        raise HTTPException(status_code=403, detail="Not enough permissions")
+
+    return exam_attempt
+
+
+@router.patch("/{attempt_id}", response_model=ExamAttemptPublic)
+def update_exam_attempt(
+    *,
+    attempt_id: uuid.UUID,
+    session: SessionDep,
+    exam_attempt_in: ExamAttemptUpdate,
+    current_user: CurrentUser,
+) -> Any:
+    """
+    Update an exam attempt with answers.
+    If `is_complete=True`, compute the score.
+    """
+    exam_attempt = session.get(ExamAttempt, attempt_id)
+    if not exam_attempt:
+        raise HTTPException(status_code=404, detail="Exam attempt not found")
+
+    if not current_user.is_superuser and exam_attempt.owner_id != current_user.id:
+        raise HTTPException(status_code=403, detail="Not allowed")
+
+    if exam_attempt.is_complete:
+        raise HTTPException(status_code=409, detail="Exam attempt is already completed")
+
+    exam_attempt = crud.update_exam_attempt(
+        session=session, db_exam_attempt=exam_attempt, exam_attempt_in=exam_attempt_in
+    )
+    return exam_attempt
@@ -0,0 +1,136 @@
+import uuid
+from typing import Any
+
+from fastapi import APIRouter, HTTPException
+from sqlmodel import func, select
+
+from app import crud
+from app.api.deps import CurrentUser, SessionDep
+from app.core.ai.openai import generate_questions_from_documents
+from app.models import (
+    Exam,
+    ExamCreate,
+    ExamPublic,
+    ExamsPublic,
+    ExamUpdate,
+    GenerateQuestionsRequest,
+    Message,
+    QuestionCreate,
+)
+
+router = APIRouter(prefix="/exams", tags=["exams"])
+
+
+@router.post("/generate", response_model=ExamPublic)
+async def generate_exam(
+    *,
+    session: SessionDep,
+    payload: GenerateQuestionsRequest,
+    current_user: CurrentUser,
+) -> ExamPublic:
+    # TODO: fix the hardcoding here
+    exam_in = ExamCreate(
+        title="Midterm Exam",
+        description="generated exam",
+        duration_minutes=30,
+        is_published=False,
+    )
+    db_exam = crud.create_db_exam(
+        session=session, exam_in=exam_in, owner_id=current_user.id
+    )
+
+    # 2. Generate questions
+    generated_questions: list[QuestionCreate] = await generate_questions_from_documents(
+        session, payload.document_ids
+    )
+
+    return crud.create_exam(
+        session=session,
+        db_exam=db_exam,
+        questions=generated_questions,
+    )
+
+
+@router.get("/{id}", response_model=ExamPublic)
+def read_exam(session: SessionDep, current_user: CurrentUser, id: uuid.UUID) -> Any:
+    """
+    Get exam by ID.
+    """
+    exam = session.get(Exam, id)
+    if not exam:
+        raise HTTPException(status_code=404, detail="Exam not found")
+    if not current_user.is_superuser and (exam.owner_id != current_user.id):
+        raise HTTPException(status_code=400, detail="Not enough permissions")
+    return exam
+
+
+@router.get("/", response_model=ExamsPublic)
+def read_exams(
+    session: SessionDep, current_user: CurrentUser, skip: int = 0, limit: int = 100
+) -> Any:
+    """
+    Retrieve exams.
+    """
+
+    if current_user.is_superuser:
+        count_statement = select(func.count()).select_from(Exam)
+        count = session.exec(count_statement).one()
+        statement = select(Exam).offset(skip).limit(limit)
+        exams = session.exec(statement).all()
+    else:
+        count_statement = (
+            select(func.count())
+            .select_from(Exam)
+            .where(Exam.owner_id == current_user.id)
+        )
+        count = session.exec(count_statement).one()
+        statement = (
+            select(Exam)
+            .where(Exam.owner_id == current_user.id)
+            .offset(skip)
+            .limit(limit)
+        )
+        exams = session.exec(statement).all()
+
+    return ExamsPublic(data=exams, count=count)
+
+
+@router.put("/{id}", response_model=ExamPublic)
+def update_exam(
+    *,
+    session: SessionDep,
+    current_user: CurrentUser,
+    id: uuid.UUID,
+    exam_in: ExamUpdate,
+) -> Any:
+    """
+    Update an exam.
+    """
+    exam = session.get(Exam, id)
+    if not exam:
+        raise HTTPException(status_code=404, detail="Exam not found")
+    if not current_user.is_superuser and (exam.owner_id != current_user.id):
+        raise HTTPException(status_code=403, detail="Not enough permissions")
+    update_dict = exam_in.model_dump(exclude_unset=True)
+    exam.sqlmodel_update(update_dict)
+    session.add(exam)
+    session.commit()
+    session.refresh(exam)
+    return exam
+
+
+@router.delete("/{id}")
+def delete_exam(
+    session: SessionDep, current_user: CurrentUser, id: uuid.UUID
+) -> Message:
+    """
+    Delete an exam.
+    """
+    exam = session.get(Exam, id)
+    if not exam:
+        raise HTTPException(status_code=404, detail="Exam not found")
+    if not current_user.is_superuser and (exam.owner_id != current_user.id):
+        raise HTTPException(status_code=403, detail="Not enough permissions")
+    session.delete(exam)
+    session.commit()
+    return Message(message="Exam deleted successfully")