AOSSIE-Org
diff --git a/‎backend/app/database/albums.py‎
Lines changed: 59 additions & 17 deletions b/‎backend/app/database/albums.py‎
Lines changed: 59 additions & 17 deletions
diff --git a/‎backend/app/routes/albums.py‎
Lines changed: 95 additions & 13 deletions b/‎backend/app/routes/albums.py‎
Lines changed: 95 additions & 13 deletions
@@ -50,8 +50,9 @@ def db_create_albums_table() -> None:
                 album_id TEXT PRIMARY KEY,
                 album_name TEXT UNIQUE,
                 description TEXT,
-                is_hidden BOOLEAN DEFAULT 0,
-                password_hash TEXT
+                is_locked BOOLEAN DEFAULT 0,
+                password_hash TEXT,
+                cover_image_path TEXT
             )
             """
         )
@@ -61,6 +62,26 @@ def db_create_albums_table() -> None:
             conn.close()
 
 
+def db_migrate_add_cover_image_column() -> None:
+    """Add cover_image_path column to existing albums table if it doesn't exist"""
+    conn = None
+    try:
+        conn = sqlite3.connect(DATABASE_PATH)
+        cursor = conn.cursor()
+
+        # Check if column exists
+        cursor.execute("PRAGMA table_info(albums)")
+        columns = [column[1] for column in cursor.fetchall()]
+
+        if "cover_image_path" not in columns:
+            cursor.execute("ALTER TABLE albums ADD COLUMN cover_image_path TEXT")
+            conn.commit()
+            print("Added cover_image_path column to albums table")
+    finally:
+        if conn is not None:
+            conn.close()
+
+
 def db_create_album_images_table() -> None:
     conn = None
     try:
@@ -83,14 +104,15 @@ def db_create_album_images_table() -> None:
             conn.close()
 
 
-def db_get_all_albums(show_hidden: bool = False):
+def db_get_all_albums(show_locked: bool = True):
+    """Get all albums. By default, returns all albums including locked ones."""
     conn = sqlite3.connect(DATABASE_PATH)
     cursor = conn.cursor()
     try:
-        if show_hidden:
-            cursor.execute("SELECT * FROM albums")
-        else:
-            cursor.execute("SELECT * FROM albums WHERE is_hidden = 0")
+        # Always show all albums (locked and unlocked)
+        cursor.execute(
+            "SELECT album_id, album_name, description, is_locked, password_hash, cover_image_path FROM albums"
+        )
         albums = cursor.fetchall()
         return albums
     finally:
@@ -101,7 +123,10 @@ def db_get_album_by_name(name: str):
     conn = sqlite3.connect(DATABASE_PATH)
     cursor = conn.cursor()
     try:
-        cursor.execute("SELECT * FROM albums WHERE album_name = ?", (name,))
+        cursor.execute(
+            "SELECT album_id, album_name, description, is_locked, password_hash, cover_image_path FROM albums WHERE album_name = ?",
+            (name,),
+        )
         album = cursor.fetchone()
         return album if album else None
     finally:
@@ -112,7 +137,10 @@ def db_get_album(album_id: str):
     conn = sqlite3.connect(DATABASE_PATH)
     cursor = conn.cursor()
     try:
-        cursor.execute("SELECT * FROM albums WHERE album_id = ?", (album_id,))
+        cursor.execute(
+            "SELECT album_id, album_name, description, is_locked, password_hash, cover_image_path FROM albums WHERE album_id = ?",
+            (album_id,),
+        )
         album = cursor.fetchone()
         return album if album else None
     finally:
@@ -123,7 +151,7 @@ def db_insert_album(
     album_id: str,
     album_name: str,
     description: str = "",
-    is_hidden: bool = False,
+    is_locked: bool = False,
     password: str = None,
 ):
     conn = sqlite3.connect(DATABASE_PATH)
@@ -136,10 +164,10 @@ def db_insert_album(
             ).decode("utf-8")
         cursor.execute(
             """
-            INSERT INTO albums (album_id, album_name, description, is_hidden, password_hash)
+            INSERT INTO albums (album_id, album_name, description, is_locked, password_hash)
             VALUES (?, ?, ?, ?, ?)
             """,
-            (album_id, album_name, description, int(is_hidden), password_hash),
+            (album_id, album_name, description, int(is_locked), password_hash),
         )
         conn.commit()
     finally:
@@ -150,7 +178,7 @@ def db_update_album(
     album_id: str,
     album_name: str,
     description: str,
-    is_hidden: bool,
+    is_locked: bool,
     password: str = None,
 ):
     conn = sqlite3.connect(DATABASE_PATH)
@@ -164,20 +192,20 @@ def db_update_album(
             cursor.execute(
                 """
                 UPDATE albums
-                SET album_name = ?, description = ?, is_hidden = ?, password_hash = ?
+                SET album_name = ?, description = ?, is_locked = ?, password_hash = ?
                 WHERE album_id = ?
                 """,
-                (album_name, description, int(is_hidden), password_hash, album_id),
+                (album_name, description, int(is_locked), password_hash, album_id),
             )
         else:
             # Update without changing password
             cursor.execute(
                 """
                 UPDATE albums
-                SET album_name = ?, description = ?, is_hidden = ?
+                SET album_name = ?, description = ?, is_locked = ?
                 WHERE album_id = ?
                 """,
-                (album_name, description, int(is_hidden), album_id),
+                (album_name, description, int(is_locked), album_id),
             )
         conn.commit()
     finally:
@@ -190,6 +218,20 @@ def db_delete_album(album_id: str):
         cursor.execute("DELETE FROM albums WHERE album_id = ?", (album_id,))
 
 
+def db_update_album_cover_image(album_id: str, cover_image_path: str):
+    """Update the cover image path for an album"""
+    conn = sqlite3.connect(DATABASE_PATH)
+    cursor = conn.cursor()
+    try:
+        cursor.execute(
+            "UPDATE albums SET cover_image_path = ? WHERE album_id = ?",
+            (cover_image_path, album_id),
+        )
+        conn.commit()
+    finally:
+        conn.close()
+
+
 def db_get_album_images(album_id: str):
     conn = sqlite3.connect(DATABASE_PATH)
     cursor = conn.cursor()
 
@@ -1,4 +1,4 @@
-from fastapi import APIRouter, HTTPException, status, Query, Body, Path
+from fastapi import APIRouter, HTTPException, status, Body, Path
 import uuid
 from app.schemas.album import (
     GetAlbumsResponse,
@@ -11,6 +11,7 @@
     SuccessResponse,
     ErrorResponse,
     ImageIdsRequest,
+    SetCoverImageRequest,
     Album,
 )
 from app.database.albums import (
@@ -24,24 +25,32 @@
     db_add_images_to_album,
     db_remove_image_from_album,
     db_remove_images_from_album,
+    db_update_album_cover_image,
     verify_album_password,
 )
 
 router = APIRouter()
 
 
-# GET /albums/ - Get all albums
+# GET /albums/ - Get all albums (including locked ones)
 @router.get("/", response_model=GetAlbumsResponse)
-def get_albums(show_hidden: bool = Query(False)):
-    albums = db_get_all_albums(show_hidden)
+def get_albums():
+    """Get all albums. Always returns both locked and unlocked albums."""
+    albums = db_get_all_albums()
     album_list = []
     for album in albums:
+        # Get image count for each album
+        image_ids = db_get_album_images(album[0])
+        image_count = len(image_ids)
+
         album_list.append(
             Album(
                 album_id=album[0],
                 album_name=album[1],
                 description=album[2] or "",
-                is_hidden=bool(album[3]),
+                is_locked=bool(album[3]),
+                cover_image_path=album[5] if len(album) > 5 else None,
+                image_count=image_count,
             )
         )
     return GetAlbumsResponse(success=True, albums=album_list)
@@ -64,7 +73,7 @@ def create_album(body: CreateAlbumRequest):
     album_id = str(uuid.uuid4())
     try:
         db_insert_album(
-            album_id, body.name, body.description, body.is_hidden, body.password
+            album_id, body.name, body.description, body.is_locked, body.password
         )
         return CreateAlbumResponse(success=True, album_id=album_id)
     except Exception as e:
@@ -91,11 +100,17 @@ def get_album(album_id: str = Path(...)):
         )
 
     try:
+        # Get image count for the album
+        image_ids = db_get_album_images(album_id)
+        image_count = len(image_ids)
+
         album_obj = Album(
             album_id=album[0],
             album_name=album[1],
             description=album[2] or "",
-            is_hidden=bool(album[3]),
+            is_locked=bool(album[3]),
+            cover_image_path=album[5] if len(album) > 5 else None,
+            image_count=image_count,
         )
         return GetAlbumResponse(success=True, data=album_obj)
     except Exception as e:
@@ -109,6 +124,8 @@ def get_album(album_id: str = Path(...)):
         )
 
 
+# PUT /albums/{album_id} - Update Album
+@router.put("/{album_id}", response_model=SuccessResponse)
 # PUT /albums/{album_id} - Update Album
 @router.put("/{album_id}", response_model=SuccessResponse)
 def update_album(album_id: str = Path(...), body: UpdateAlbumRequest = Body(...)):
@@ -127,11 +144,11 @@ def update_album(album_id: str = Path(...), body: UpdateAlbumRequest = Body(...)
         "album_id": album[0],
         "album_name": album[1],
         "description": album[2],
-        "is_hidden": bool(album[3]),
+        "is_locked": bool(album[3]),
         "password_hash": album[4],
     }
 
-    if album_dict["password_hash"]:
+    if album_dict["is_locked"]:
         if not body.current_password:
             raise HTTPException(
                 status_code=status.HTTP_401_UNAUTHORIZED,
@@ -154,7 +171,7 @@ def update_album(album_id: str = Path(...), body: UpdateAlbumRequest = Body(...)
 
     try:
         db_update_album(
-            album_id, body.name, body.description, body.is_hidden, body.password
+            album_id, body.name, body.description, body.is_locked, body.password
         )
         return SuccessResponse(success=True, msg="Album updated successfully")
     except Exception as e:
@@ -215,18 +232,18 @@ def get_album_images(
         "album_id": album[0],
         "album_name": album[1],
         "description": album[2],
-        "is_hidden": bool(album[3]),
+        "is_locked": bool(album[3]),
         "password_hash": album[4],
     }
 
-    if album_dict["is_hidden"]:
+    if album_dict["is_locked"]:
         if not body.password:
             raise HTTPException(
                 status_code=status.HTTP_401_UNAUTHORIZED,
                 detail=ErrorResponse(
                     success=False,
                     error="Password Required",
-                    message="Password is required to access this hidden album.",
+                    message="Password is required to access this locked album.",
                 ).model_dump(),
             )
         if not verify_album_password(album_id, body.password):
@@ -355,3 +372,68 @@ def remove_images_from_album(
                 success=False, error="Failed to Remove Images", message=str(e)
             ).model_dump(),
         )
+
+
+# PUT /albums/{album_id}/cover - Set album cover image
+@router.put("/{album_id}/cover", response_model=SuccessResponse)
+def set_album_cover_image(
+    album_id: str = Path(...), body: SetCoverImageRequest = Body(...)
+):
+    """Set or update the cover image for an album"""
+    album = db_get_album(album_id)
+    if not album:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail=ErrorResponse(
+                success=False,
+                error="Album Not Found",
+                message="No album exists with the provided ID.",
+            ).model_dump(),
+        )
+
+    # Verify the image exists in the album
+    album_image_ids = db_get_album_images(album_id)
+    if body.image_id not in album_image_ids:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail=ErrorResponse(
+                success=False,
+                error="Image Not In Album",
+                message="The specified image is not in this album.",
+            ).model_dump(),
+        )
+
+    try:
+        # Get the image path from the database
+        import sqlite3
+        from app.config.settings import DATABASE_PATH
+
+        conn = sqlite3.connect(DATABASE_PATH)
+        cursor = conn.cursor()
+        cursor.execute("SELECT path FROM images WHERE id = ?", (body.image_id,))
+        result = cursor.fetchone()
+        conn.close()
+
+        if not result:
+            raise HTTPException(
+                status_code=status.HTTP_404_NOT_FOUND,
+                detail=ErrorResponse(
+                    success=False,
+                    error="Image Not Found",
+                    message="The specified image does not exist.",
+                ).model_dump(),
+            )
+
+        image_path = result[0]
+        db_update_album_cover_image(album_id, image_path)
+
+        return SuccessResponse(
+            success=True, msg="Album cover image updated successfully"
+        )
+    except Exception as e:
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail=ErrorResponse(
+                success=False, error="Failed to Set Cover Image", message=str(e)
+            ).model_dump(),
+        )