Single opportunity and User Profile Management #342
Conversation
new route that queries the database for all opportunities and returns them as a JSON list
test to ensure your new endpoint works correctly
creating a specific backend route to fetch the details of one opportunity by its ID
test verifies that the new endpoint correctly retrieves an opportunity or handle error
Added opportunity_to_dict helper Fix two GET endpoints for better error checks and improved data handling created corresponding tests in test_single_opportunity_routes.py for a smooth experience
GET /profile route to allow users to fetch their own profile data. Added a 'user_to_dict' helper function to consistently serialize user data.
PUT /profile route for user to update their personal details.
PUT /profile route for user to update their majors and department.
GET /profile endpoint: both successful data retrieval and unauthorized access PUT /profile endpoint: ensuring that full updates, partial updates, and unauthorized attempts are handled correctly. ISSUE: Login helper function to streamline authentication within the tests but the tests fail as user not in DB.
|
Here's the code health analysis summary for commits Analysis Summary
|
There was a problem hiding this comment.
Pull Request Overview
This PR adds profile management and single opportunity retrieval endpoints with comprehensive test coverage. The changes introduce new REST API routes for user profile operations and opportunity lookup functionality.
- Adds
GETandPUTendpoints for/profilewith JWT authentication for user profile retrieval and updates - Implements single opportunity retrieval via both URL parameter (
/opportunity/<id>) and JSON body (/opportunity) - Introduces helper functions
opportunity_to_dict()anduser_to_dict()for consistent serialization
Reviewed Changes
Copilot reviewed 6 out of 7 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| labconnect/main/profile_routes.py | New module implementing profile GET/PUT endpoints with JWT authentication and user/department/major management |
| labconnect/main/opportunity_routes.py | Adds opportunity_to_dict() helper and two new GET endpoints for single opportunity retrieval |
| labconnect/main/init.py | Imports the new profile_routes module into the blueprint |
| tests/test_profile_routes.py | Comprehensive tests for profile endpoints covering success cases, partial updates, and authorization |
| tests/test_single_opportunity_routes.py | Tests for opportunity_to_dict helper and single opportunity endpoints with various error cases |
| README.md | Updates testing documentation with command for running individual test files |
| .gitignore | Adds virtual environment directories to ignore list |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
@RafaelCenzano made the changes from the review — lmk if you’d like any other tweaks. |
Refactor tests to import opportunity_to_dict dynamically and use a fake Opportunities class.
This reverts commit c59099f.
|
Made the changes for the review comment, lmk any other changes needed |
| return {"msg": "Missing JSON in request"}, 400 | ||
|
|
||
| # Update basic User fields | ||
| user.first_name = json_data.get("first_name", user.first_name) |
There was a problem hiding this comment.
@WBroadwell not going to hold up this PR but would be good to make a ticket to validate and sanitze inputs on the frontend and backend.
Sanitization can be like this PR I have on another projects: https://github.com/alpha-phi-omega-ez/backend/pull/51/files#diff-b678c90e066bcc3eaff460004c1d8c094e9abc66acafe9226cbff14a85354882R24-R28
And validation just checkings like length limits like whats set in the database schema
Description
This pull request introduces two major new features to the backend, complete with testing:
GET /opportunity/<int:opportunity_id>) to fetch all details for a single opportunity. This also includes helper functions to properly serialize the opportunity data for the JSON response.GET /profileandPUT /profile. These endpoints allow an authenticated user to fetch their own profile data and update it, including personal details (name, website, etc.) and their associated majors and departments.These changes provide the core API functionality needed for the frontend to build the individual opportunity view page and the user profile settings page.
Fixes # (issue)
(Please link the relevant issue number here, if one exists)
Type of change
How Has This Been Tested?
This PR has been tested by adding new unit test files for both major features:
Single Opportunity Endpoint:
test_opportunity.pyandtest_single_opportunity_routes.py.User Profile Management:
test_profile_routes.py, was created to provide full coverage for the new endpoints.GET /profilesuccess (for an authenticated user) and failure (for an unauthorized user).PUT /profilesuccess (for both full and partial data updates) and failure (for an unauthorized user).All new and existing unit tests pass locally with these changes. The User Profile Management is not fully passing, as the existing authentication code needs fixes.
Checklist: