timekeeper/app/routes/viewer.py

from fastapi import APIRouter, Depends, Form, Request, HTTPException
from fastapi.responses import RedirectResponse
from sqlalchemy.orm import Session
from sqlalchemy import text

from ..db import get_session

router = APIRouter(tags=["Viewer"])

@router.post("/viewer/delete-period")
def delete_period(
    request: Request,
    timesheet_id: int = Form(...),
    db: Session = Depends(get_session),
):
    if not request.session.get("is_admin"):
        raise HTTPException(status_code=403, detail="Admin access required")

    tid = int(timesheet_id)

    # Cascade delete department import artifacts first
    db.execute(
        text(
            "DELETE FROM import_batch_items "
            "WHERE batch_id IN (SELECT id FROM import_batches WHERE timesheet_id = :tid)"
        ),
        {"tid": tid},
    )
    db.execute(text("DELETE FROM import_batches WHERE timesheet_id = :tid"), {"tid": tid})

    # Delete all time entries for the period
    db.execute(text("DELETE FROM time_entries WHERE timesheet_id = :tid"), {"tid": tid})

    # Delete week assignments to fully reset the period
    db.execute(text("DELETE FROM week_assignments WHERE timesheet_id = :tid"), {"tid": tid})

    # If your original route removed the TimesheetPeriod record, keep that behavior:
    # db.execute(text("DELETE FROM timesheet_periods WHERE id = :tid"), {"tid": tid})

    db.commit()
    return RedirectResponse(url="/viewer?msg=Time+period+deleted", status_code=303)