add trips permissions

drb-c2-core/app/routers/trips.py

@@ -18,6 +18,32 @@ from app.internal.auth import (
 
 router = APIRouter(prefix="/trips", tags=["trips"])
 
+
+# ---------------------------------------------------------------------------
+# Access control helpers
+# ---------------------------------------------------------------------------
+
+async def _discord_id_for_firebase(firebase_uid: str) -> Optional[str]:
+    link = await fstore.doc_get("firebase_discord_links", firebase_uid)
+    return (link or {}).get("discord_user_id")
+
+
+def _trip_is_accessible(trip: dict, *, is_service: bool, firebase_uid: Optional[str], discord_id: Optional[str]) -> bool:
+    """Return True if the caller may read this trip."""
+    if is_service:
+        return True  # bot sees all; it filters client-side per-user
+    if trip.get("visibility", "public") == "public":
+        return True
+    if not firebase_uid:
+        return False
+    # attendees keyed by discord_id — check linked discord_id
+    if discord_id:
+        if discord_id in trip.get("attendees", {}):
+            return True
+        if discord_id in trip.get("invited_discord_ids", []):
+            return True
+    return False
+
 # ---------------------------------------------------------------------------
 # AI assistant — tool definitions
 # ---------------------------------------------------------------------------
@@ -189,8 +215,12 @@ class ChatRequest(BaseModel):
 
 
 @router.get("")
-async def list_trips():
-    return await fstore.collection_list("trips")
+async def list_trips(decoded: dict = Depends(require_service_or_firebase_token)):
+    trips = await fstore.collection_list("trips")
+    is_service = bool(decoded.get("service"))
+    firebase_uid = decoded.get("uid")
+    discord_id = await _discord_id_for_firebase(firebase_uid) if firebase_uid else None
+    return [t for t in trips if _trip_is_accessible(t, is_service=is_service, firebase_uid=firebase_uid, discord_id=discord_id)]
 
 
 @router.post("")
@@ -209,6 +239,8 @@ async def create_trip(body: TripCreate):
         "attendees": {},  # {discord_user_id: discord_username}
         "available_tags": body.available_tags,
         "overlap_tags": body.overlap_tags,
+        "visibility": body.visibility if body.visibility in ("public", "private") else "public",
+        "invited_discord_ids": body.invited_discord_ids,
         "created_at": now,
     }
     await fstore.doc_set("trips", trip_id, doc, merge=False)
@@ -216,12 +248,17 @@ async def create_trip(body: TripCreate):
 
 
 @router.get("/{trip_id}")
-async def get_trip(trip_id: str):
+async def get_trip(trip_id: str, decoded: dict = Depends(require_service_or_firebase_token)):
     trip = await fstore.doc_get("trips", trip_id)
     if not trip:
         raise HTTPException(404, f"Trip '{trip_id}' not found.")
+    is_service = bool(decoded.get("service"))
+    firebase_uid = decoded.get("uid")
+    discord_id = await _discord_id_for_firebase(firebase_uid) if firebase_uid else None
+    if not _trip_is_accessible(trip, is_service=is_service, firebase_uid=firebase_uid, discord_id=discord_id):
+        raise HTTPException(403, "This trip is private.")
     events = await fstore.collection_list("trip_events", trip_id=trip_id)
-    events.sort(key=lambda e: (e["date"], e.get("time") or ""))
+    events.sort(key=lambda e: (e["date"], e.get("start_time") or ""))
     return {**trip, "events": events}
 
 
@@ -259,12 +296,49 @@ async def join_trip(
     trip = await fstore.doc_get("trips", trip_id)
     if not trip:
         raise HTTPException(404, f"Trip '{trip_id}' not found.")
+    if trip.get("visibility", "public") == "private":
+        invited = trip.get("invited_discord_ids", [])
+        attendees_existing = trip.get("attendees", {})
+        if body.discord_user_id not in invited and body.discord_user_id not in attendees_existing:
+            raise HTTPException(403, "This trip is private. You need an invite to join.")
     attendees = trip.get("attendees", {})
     attendees[body.discord_user_id] = body.discord_username or body.discord_user_id
     await fstore.doc_update("trips", trip_id, {"attendees": attendees})
     return {"ok": True, "attendees": attendees}
 
 
+@router.put("/{trip_id}/visibility")
+async def set_visibility(trip_id: str, body: dict, _: dict = Depends(require_service_key_or_admin)):
+    trip = await fstore.doc_get("trips", trip_id)
+    if not trip:
+        raise HTTPException(404, f"Trip '{trip_id}' not found.")
+    visibility = body.get("visibility", "public")
+    if visibility not in ("public", "private"):
+        raise HTTPException(400, "visibility must be 'public' or 'private'.")
+    await fstore.doc_update("trips", trip_id, {"visibility": visibility})
+    return {"visibility": visibility}
+
+
+@router.post("/{trip_id}/invite/{discord_user_id}")
+async def invite_user(trip_id: str, discord_user_id: str, _: dict = Depends(require_service_key_or_admin)):
+    trip = await fstore.doc_get("trips", trip_id)
+    if not trip:
+        raise HTTPException(404, f"Trip '{trip_id}' not found.")
+    invited = list(set(trip.get("invited_discord_ids", []) + [discord_user_id]))
+    await fstore.doc_update("trips", trip_id, {"invited_discord_ids": invited})
+    return {"ok": True, "invited_discord_ids": invited}
+
+
+@router.delete("/{trip_id}/invite/{discord_user_id}")
+async def revoke_invite(trip_id: str, discord_user_id: str, _: dict = Depends(require_service_key_or_admin)):
+    trip = await fstore.doc_get("trips", trip_id)
+    if not trip:
+        raise HTTPException(404, f"Trip '{trip_id}' not found.")
+    invited = [u for u in trip.get("invited_discord_ids", []) if u != discord_user_id]
+    await fstore.doc_update("trips", trip_id, {"invited_discord_ids": invited})
+    return {"ok": True, "invited_discord_ids": invited}
+
+
 @router.post("/{trip_id}/leave")
 async def leave_trip(
     trip_id: str,