Centralized event access validation into a reusable `validate_event_access` function, eliminating duplicated code across endpoints. Updated the logic in `get_event` and `get_event_by_slug` to use this function. Adjusted tests to align with the refactored logic and fixed permission-based response statuses.
Updated event API to enforce stricter access controls based on user roles, including creators, managers, superusers, and guests. Added robust test cases for creating, fetching, and handling event access scenarios to ensure consistent behavior across endpoints.
Ensure that all event-related endpoints verify the presence of a valid authenticated user before proceeding. Raise a 401 Unauthorized error if authentication credentials are missing or invalid, enhancing the security of API routes.
Refactored the event API routes to improve error handling, add logging, and provide enhanced response structures with pagination. Updated tests to use new fixtures and include additional authentication utilities to facilitate testing with FastAPI's dependency injection. Also resolved issues with timezone awareness in event schemas.
Introduced routes for event management, including CRUD operations and querying by user or public visibility. Updated event themes routes with operation IDs for better documentation. Refactored `api/main.py` to `api/router.py` and integrated events routing into the API.
