fastapi
diff --git a/‎backend/app/api/main.py‎
Lines changed: 9 additions & 6 deletions b/‎backend/app/api/main.py‎
Lines changed: 9 additions & 6 deletions
diff --git a/‎backend/app/api/routes/events.py‎
Lines changed: 185 additions & 0 deletions b/‎backend/app/api/routes/events.py‎
Lines changed: 185 additions & 0 deletions
diff --git a/‎backend/app/api/routes/speeches.py‎
Lines changed: 179 additions & 0 deletions b/‎backend/app/api/routes/speeches.py‎
Lines changed: 179 additions & 0 deletions
@@ -1,14 +1,17 @@
 from fastapi import APIRouter
 
-from app.api.routes import items, login, private, users, utils
+from app.api.routes import items, login, private, users, utils, events, speeches # Added events, speeches
 from app.core.config import settings
 
 api_router = APIRouter()
-api_router.include_router(login.router)
-api_router.include_router(users.router)
-api_router.include_router(utils.router)
-api_router.include_router(items.router)
+api_router.include_router(login.router) # No prefix, tags=['login'] typically
+api_router.include_router(users.router, prefix="/users", tags=["users"])
+api_router.include_router(utils.router, prefix="/utils", tags=["utils"]) # Assuming utils has a prefix
+api_router.include_router(items.router, prefix="/items", tags=["items"])
+api_router.include_router(events.router, prefix="/events", tags=["events"]) # Added
+api_router.include_router(speeches.router, prefix="/speeches", tags=["speeches"]) # Added
 
 
 if settings.ENVIRONMENT == "local":
-    api_router.include_router(private.router)
+    # Assuming private router also has a prefix if it's for specific resources
+    api_router.include_router(private.router, prefix="/private", tags=["private"])
@@ -0,0 +1,185 @@
+import uuid
+from typing import Any, List
+
+from fastapi import APIRouter, Depends, HTTPException, Body
+from sqlmodel import Session
+
+from app import crud, models # Removed schemas
+from app.api import deps
+from app.services import speech_analysis_service
+
+router = APIRouter()
+
+
+@router.post("/", response_model=models.CoordinationEventPublic, status_code=201)
+def create_event(
+    *,
+    db: Session = Depends(deps.get_db),
+    event_in: models.CoordinationEventCreate,
+    current_user: deps.CurrentUser,
+) -> models.CoordinationEvent:
+    """
+    Create a new coordination event.
+    The current user will be set as the creator and an initial participant.
+    """
+    event = crud.create_event(session=db, event_in=event_in, creator_id=current_user.id)
+    return event
+
+
+@router.get("/", response_model=List[models.CoordinationEventPublic])
+def list_user_events(
+    *,
+    db: Session = Depends(deps.get_db),
+    current_user: deps.CurrentUser,
+) -> Any:
+    """
+    List all events the current user is participating in.
+    """
+    events = crud.get_user_events(session=db, user_id=current_user.id)
+    return events
+
+
+@router.get("/{event_id}", response_model=models.CoordinationEventPublic)
+def get_event_details(
+    *,
+    db: Session = Depends(deps.get_db),
+    event_id: uuid.UUID,
+    current_user: deps.CurrentUser,
+) -> Any:
+    """
+    Get details of a specific event. User must be a participant.
+    """
+    event = crud.get_event(session=db, event_id=event_id)
+    if not event:
+        raise HTTPException(status_code=404, detail="Event not found")
+
+    # Check if current user is a participant
+    is_participant = any(p.user_id == current_user.id for p in event.participants)
+    if not is_participant and event.creator_id != current_user.id: # Creator also has access
+        raise HTTPException(status_code=403, detail="Not enough permissions")
+    return event
+
+
+@router.post("/{event_id}/participants", response_model=models.EventParticipantPublic)
+def add_event_participant(
+    *,
+    db: Session = Depends(deps.get_db),
+    event_id: uuid.UUID,
+    user_id_to_add: uuid.UUID = Body(..., embed=True),
+    role: str = Body("participant", embed=True),
+    current_user: deps.CurrentUser,
+) -> Any:
+    """
+    Add a user to an event. Only the event creator can add participants.
+    """
+    event = crud.get_event(session=db, event_id=event_id)
+    if not event:
+        raise HTTPException(status_code=404, detail="Event not found")
+    if event.creator_id != current_user.id:
+        raise HTTPException(status_code=403, detail="Only the event creator can add participants")
+
+    # Check if user to add exists (optional, DB will catch it if not)
+    user_to_add = db.get(models.User, user_id_to_add)
+    if not user_to_add:
+        raise HTTPException(status_code=404, detail="User to add not found")
+
+    participant = crud.add_event_participant(
+        session=db, event_id=event_id, user_id=user_id_to_add, role=role
+    )
+    if not participant:
+        raise HTTPException(status_code=400, detail="Participant already in event or other error")
+    return participant
+
+
+@router.delete("/{event_id}/participants/{user_id_to_remove}", response_model=models.Message)
+def remove_event_participant(
+    *,
+    db: Session = Depends(deps.get_db),
+    event_id: uuid.UUID,
+    user_id_to_remove: uuid.UUID,
+    current_user: deps.CurrentUser,
+) -> Any:
+    """
+    Remove a participant from an event.
+    Allowed if:
+    - Current user is the event creator.
+    - Current user is removing themselves.
+    """
+    event = crud.get_event(session=db, event_id=event_id)
+    if not event:
+        raise HTTPException(status_code=404, detail="Event not found")
+
+    is_creator = event.creator_id == current_user.id
+    is_self_removal = user_id_to_remove == current_user.id
+
+    if not (is_creator or is_self_removal):
+        raise HTTPException(status_code=403, detail="Not enough permissions to remove participant")
+
+    # Prevent creator from being removed by themselves if they are the last participant (or handle elsewhere)
+    if is_self_removal and is_creator and len(event.participants) == 1:
+        raise HTTPException(status_code=400, detail="Creator cannot remove themselves if they are the last participant. Delete the event instead.")
+
+
+    removed_participant = crud.remove_event_participant(
+        session=db, event_id=event_id, user_id=user_id_to_remove
+    )
+    if not removed_participant:
+        raise HTTPException(status_code=404, detail="Participant not found in this event")
+    return models.Message(message="Participant removed successfully")
+
+
+@router.get("/{event_id}/participants", response_model=List[models.UserPublic])
+def list_event_participants(
+    *,
+    db: Session = Depends(deps.get_db),
+    event_id: uuid.UUID,
+    current_user: deps.CurrentUser,
+) -> Any:
+    """
+    List participants of an event. User must be a participant of the event.
+    """
+    event = crud.get_event(session=db, event_id=event_id)
+    if not event:
+        raise HTTPException(status_code=404, detail="Event not found")
+
+    is_participant = any(p.user_id == current_user.id for p in event.participants)
+    if not is_participant and event.creator_id != current_user.id:
+         raise HTTPException(status_code=403, detail="User must be a participant to view other participants")
+
+    participants = crud.get_event_participants(session=db, event_id=event_id)
+    return participants
+
+
+@router.get("/{event_id}/speech-analysis", response_model=List[models.PersonalizedNudgePublic])
+def get_event_speech_analysis(
+    *,
+    db: Session = Depends(deps.get_db),
+    event_id: uuid.UUID,
+    current_user: deps.CurrentUser,
+) -> Any:
+    """
+    Perform analysis on speeches within an event and return personalized nudges
+    for the current user. User must be a participant of the event.
+    """
+    event = crud.get_event(session=db, event_id=event_id)
+    if not event:
+        raise HTTPException(status_code=404, detail="Event not found")
+
+    # Check if current user is a participant or creator
+    is_participant = any(p.user_id == current_user.id for p in event.participants)
+    if not is_participant and event.creator_id != current_user.id:
+        raise HTTPException(status_code=403, detail="User must be a participant or creator to access speech analysis.")
+
+    all_event_nudges = speech_analysis_service.analyse_event_speeches(db=db, event_id=event_id)
+
+    # Filter nudges for the current user
+    user_nudges = [
+        models.PersonalizedNudgePublic(
+            nudge_type=n.nudge_type,
+            message=n.message,
+            severity=n.severity
+        )
+        for n in all_event_nudges if n.user_id == current_user.id
+    ]
+
+    return user_nudges
@@ -0,0 +1,179 @@
+import uuid
+from typing import Any, List
+
+from fastapi import APIRouter, Depends, HTTPException
+from sqlmodel import Session
+
+from app import crud, models # Removed schemas
+from app.api import deps
+
+router = APIRouter()
+
+# Helper function to check if user is participant or creator of the event associated with a speech
+def check_event_access_for_speech(db: Session, speech_id: uuid.UUID, user: models.User) -> models.SecretSpeech:
+    speech = crud.get_speech(session=db, speech_id=speech_id)
+    if not speech:
+        raise HTTPException(status_code=404, detail="Speech not found")
+
+    event = crud.get_event(session=db, event_id=speech.event_id)
+    if not event:
+        raise HTTPException(status_code=404, detail="Associated event not found") # Should not happen if DB is consistent
+
+    is_participant = any(p.user_id == user.id for p in event.participants)
+    if not is_participant and event.creator_id != user.id:
+        raise HTTPException(status_code=403, detail="User does not have access to the event of this speech")
+    return speech
+
+# Helper function to check if user is participant or creator of an event
+def check_event_membership(db: Session, event_id: uuid.UUID, user: models.User) -> models.CoordinationEvent:
+    event = crud.get_event(session=db, event_id=event_id)
+    if not event:
+        raise HTTPException(status_code=404, detail="Event not found")
+
+    is_participant = any(p.user_id == user.id for p in event.participants)
+    if not is_participant and event.creator_id != user.id:
+        raise HTTPException(status_code=403, detail="User must be a participant or creator of the event")
+    return event
+
+
+@router.post("/", response_model=models.SecretSpeechPublic, status_code=201)
+def create_speech(
+    *,
+    db: Session = Depends(deps.get_db),
+    speech_in: models.SecretSpeechWithInitialVersionCreate, # Use the new combined schema
+    current_user: deps.CurrentUser,
+) -> Any:
+    """
+    Create a new secret speech. The current user will be set as the creator.
+    An initial version of the speech is created with the provided draft.
+    User must be a participant of the specified event.
+    """
+    # Check if user has access to the event
+    event = check_event_membership(db=db, event_id=speech_in.event_id, user=current_user)
+    if not event: # Should be handled by check_event_membership raising HTTPException
+        raise HTTPException(status_code=404, detail="Event not found or user not participant.")
+
+    # The SecretSpeechCreate model is currently empty, so we pass an instance.
+    # The actual speech metadata (event_id, creator_id) are passed directly to crud.create_speech
+    db_speech = crud.create_speech(
+        session=db,
+        speech_in=models.SecretSpeechCreate(), # Pass empty base model if no direct fields
+        event_id=speech_in.event_id,
+        creator_id=current_user.id,
+        initial_draft=speech_in.initial_speech_draft,
+        initial_tone=speech_in.initial_speech_tone,
+        initial_duration=speech_in.initial_estimated_duration_minutes,
+    )
+    return db_speech
+
+
+@router.get("/event/{event_id}", response_model=List[models.SecretSpeechPublic])
+def list_event_speeches(
+    *,
+    db: Session = Depends(deps.get_db),
+    event_id: uuid.UUID,
+    current_user: deps.CurrentUser,
+) -> Any:
+    """
+    Get all speeches for a given event. User must be a participant of the event.
+    """
+    check_event_membership(db=db, event_id=event_id, user=current_user)
+    speeches = crud.get_event_speeches(session=db, event_id=event_id)
+    return speeches
+
+
+@router.get("/{speech_id}", response_model=models.SecretSpeechPublic) # Consider a more detailed model for owner
+def get_speech_details(
+    *,
+    db: Session = Depends(deps.get_db),
+    speech_id: uuid.UUID,
+    current_user: deps.CurrentUser,
+) -> Any:
+    """
+    Get a specific speech. User must have access to the event of this speech.
+    If the user is the creator of the speech, they might get more details
+    (e.g. draft of the current version - this needs handling in response shaping).
+    """
+    speech = check_event_access_for_speech(db=db, speech_id=speech_id, user=current_user)
+    # Basic SecretSpeechPublic doesn't include version details.
+    # If we want to embed current version, we'd fetch it and combine.
+    # For now, returning speech metadata. API consumer can fetch versions separately.
+    return speech
+
+
+@router.post("/{speech_id}/versions", response_model=models.SecretSpeechVersionPublic, status_code=201)
+def create_speech_version(
+    *,
+    db: Session = Depends(deps.get_db),
+    speech_id: uuid.UUID,
+    version_in: models.SecretSpeechVersionCreate,
+    current_user: deps.CurrentUser,
+) -> Any:
+    """
+    Create a new version for a secret speech.
+    User must be the creator of the speech or a participant in the event (adjust as needed).
+    """
+    speech = crud.get_speech(session=db, speech_id=speech_id)
+    if not speech:
+        raise HTTPException(status_code=404, detail="Speech not found")
+
+    # Permission: only speech creator can add versions
+    if speech.creator_id != current_user.id:
+        # Or, check event participation if that's the rule:
+        # check_event_access_for_speech(db=db, speech_id=speech_id, user=current_user)
+        raise HTTPException(status_code=403, detail="Only the speech creator can add new versions.")
+
+    new_version = crud.create_speech_version(
+        session=db, version_in=version_in, speech_id=speech_id, creator_id=current_user.id
+    )
+    return new_version
+
+
+@router.get("/{speech_id}/versions", response_model=List[models.SecretSpeechVersionPublic])
+def list_speech_versions(
+    *,
+    db: Session = Depends(deps.get_db),
+    speech_id: uuid.UUID,
+    current_user: deps.CurrentUser,
+) -> Any:
+    """
+    List all versions of a speech.
+    If current user is speech creator, they see full details (including draft).
+    Otherwise, they see the public version (no draft).
+    """
+    speech = check_event_access_for_speech(db=db, speech_id=speech_id, user=current_user)
+    versions = crud.get_speech_versions(session=db, speech_id=speech_id)
+
+    public_versions = []
+    for v in versions:
+        if speech.creator_id == current_user.id or v.creator_id == current_user.id: # Speech creator or version creator sees draft
+            public_versions.append(models.SecretSpeechVersionDetailPublic.model_validate(v))
+        else:
+            public_versions.append(models.SecretSpeechVersionPublic.model_validate(v))
+    return public_versions
+
+
+@router.put("/{speech_id}/versions/{version_id}/set-current", response_model=models.SecretSpeechPublic)
+def set_current_speech_version(
+    *,
+    db: Session = Depends(deps.get_db),
+    speech_id: uuid.UUID,
+    version_id: uuid.UUID,
+    current_user: deps.CurrentUser,
+) -> Any:
+    """
+    Set a specific version of a speech as the current one.
+    User must be the creator of the speech.
+    """
+    speech = crud.get_speech(session=db, speech_id=speech_id)
+    if not speech:
+        raise HTTPException(status_code=404, detail="Speech not found")
+    if speech.creator_id != current_user.id:
+        raise HTTPException(status_code=403, detail="Only the speech creator can set the current version.")
+
+    updated_speech = crud.set_current_speech_version(
+        session=db, speech_id=speech_id, version_id=version_id
+    )
+    if not updated_speech:
+        raise HTTPException(status_code=404, detail="Version not found or does not belong to this speech.")
+    return updated_speech