Skip to content

Commit 2ae6aea

Browse files
jbriones1jbriones1
committed
wip: add officer models and update GET current officer docs
1 parent 98ad852 commit 2ae6aea

File tree

3 files changed

+58
-17
lines changed

3 files changed

+58
-17
lines changed

src/elections/urls.py

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@
2525
tags=["election"],
2626
)
2727

28-
async def get_user_permissions(
28+
async def get_election_permissions(
2929
request: Request,
3030
db_session: database.DBSession,
3131
) -> tuple[bool, str | None, str | None]:
@@ -96,7 +96,7 @@ async def list_elections(
9696
request: Request,
9797
db_session: database.DBSession,
9898
):
99-
is_admin, _, _ = await get_user_permissions(request, db_session)
99+
is_admin, _, _ = await get_election_permissions(request, db_session)
100100
election_list = await elections.crud.get_all_elections(db_session)
101101
if election_list is None or len(election_list) == 0:
102102
raise HTTPException(
@@ -145,7 +145,7 @@ async def get_election(
145145
detail=f"election with slug {slugified_name} does not exist"
146146
)
147147

148-
is_valid_user, _, _ = await get_user_permissions(request, db_session)
148+
is_valid_user, _, _ = await get_election_permissions(request, db_session)
149149
if current_time >= election.datetime_start_voting or is_valid_user:
150150

151151
election_json = election.private_details(current_time)
@@ -233,7 +233,7 @@ async def create_election(
233233
available_positions
234234
)
235235

236-
is_valid_user, _, _ = await get_user_permissions(request, db_session)
236+
is_valid_user, _, _ = await get_election_permissions(request, db_session)
237237
if not is_valid_user:
238238
raise HTTPException(
239239
status_code=status.HTTP_401_UNAUTHORIZED,
@@ -293,7 +293,7 @@ async def update_election(
293293
db_session: database.DBSession,
294294
election_name: str,
295295
):
296-
is_valid_user, _, _ = await get_user_permissions(request, db_session)
296+
is_valid_user, _, _ = await get_election_permissions(request, db_session)
297297
if not is_valid_user:
298298
raise HTTPException(
299299
status_code=status.HTTP_401_UNAUTHORIZED,
@@ -349,7 +349,7 @@ async def delete_election(
349349
election_name: str
350350
):
351351
slugified_name = slugify(election_name)
352-
is_valid_user, _, _ = await get_user_permissions(request, db_session)
352+
is_valid_user, _, _ = await get_election_permissions(request, db_session)
353353
if not is_valid_user:
354354
raise HTTPException(
355355
status_code=status.HTTP_401_UNAUTHORIZED,

src/officers/models.py

Lines changed: 41 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,41 @@
1+
from datetime import datetime
2+
3+
from pydantic import BaseModel
4+
5+
from officers.constants import OfficerPositionEnum
6+
7+
8+
class BaseOfficerModel(BaseModel):
9+
# TODO (#71): compute this using SFU's API & remove from being uploaded
10+
legal_name: str
11+
position: OfficerPositionEnum
12+
start_date: datetime
13+
end_date: str | None = None
14+
csss_email: str
15+
16+
class PublicOfficerResponse(BaseOfficerModel):
17+
"""
18+
Response when fetching public officer data
19+
"""
20+
is_active: bool
21+
nickname: str | None = None
22+
discord_name: str | None = None
23+
discord_nickname: int | None = None
24+
biography: str | None = None
25+
26+
class PrivateOfficerResponse(PublicOfficerResponse):
27+
"""
28+
Response when fetching private officer data
29+
"""
30+
computing_id: str
31+
phone_number: str | None = None
32+
github_username: str | None = None
33+
google_drive_email: str | None = None
34+
35+
class OfficerTermParams(BaseModel):
36+
"""
37+
Create a new officer term
38+
"""
39+
computing_id: str
40+
position: OfficerPositionEnum
41+
start_date: str

src/officers/urls.py

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,19 +1,17 @@
1-
import logging
2-
31
from fastapi import APIRouter, Body, HTTPException, Request
42
from fastapi.responses import JSONResponse, PlainTextResponse
53

64
import auth.crud
75
import database
86
import officers.crud
97
import utils
8+
from elections.urls import get_election_permissions
9+
from officers.models import PrivateOfficerResponse, PublicOfficerResponse
1010
from officers.tables import OfficerInfo, OfficerTerm
1111
from officers.types import InitialOfficerInfo, OfficerInfoUpload, OfficerTermUpload
1212
from permission.types import OfficerPrivateInfo, WebsiteAdmin
1313
from utils.urls import logged_in_or_raise
1414

15-
_logger = logging.getLogger(__name__)
16-
1715
router = APIRouter(
1816
prefix="/officers",
1917
tags=["officers"],
@@ -25,32 +23,34 @@
2523
async def _has_officer_private_info_access(
2624
request: Request,
2725
db_session: database.DBSession
28-
) -> tuple[None | str, None | str, bool]:
26+
) -> tuple[bool, str | None,]:
2927
"""determine if the user has access to private officer info"""
3028
session_id = request.cookies.get("session_id", None)
3129
if session_id is None:
32-
return None, None, False
30+
return False, None
3331

3432
computing_id = await auth.crud.get_computing_id(db_session, session_id)
3533
if computing_id is None:
36-
return session_id, None, False
34+
return False, None
3735

3836
has_private_access = await OfficerPrivateInfo.has_permission(db_session, computing_id)
39-
return session_id, computing_id, has_private_access
37+
return has_private_access, computing_id
4038

4139
# ---------------------------------------- #
4240
# endpoints
4341

4442
@router.get(
4543
"/current",
46-
description="Get information about all the officers. More information is given if you're authenticated & have access to private executive data.",
44+
description="Get information about the current officers. With no authorization, only get basic info.",
45+
response_model=list[PrivateOfficerResponse] | list[PublicOfficerResponse],
46+
operation_id="get_current_officers"
4747
)
4848
async def current_officers(
4949
# the request headers
5050
request: Request,
5151
db_session: database.DBSession,
5252
):
53-
_, _, has_private_access = await _has_officer_private_info_access(request, db_session)
53+
has_private_access, _ = await _has_officer_private_info_access(request, db_session)
5454
current_officers = await officers.crud.current_officers(db_session, has_private_access)
5555
return JSONResponse({
5656
position: [
@@ -71,7 +71,7 @@ async def all_officers(
7171
# and may only be accessed by that officer and executives. All other officer terms are public.
7272
include_future_terms: bool = False,
7373
):
74-
_, computing_id, has_private_access = await _has_officer_private_info_access(request, db_session)
74+
has_private_access, computing_id = await _has_officer_private_info_access(request, db_session)
7575
if include_future_terms:
7676
is_website_admin = (computing_id is not None) and (await WebsiteAdmin.has_permission(db_session, computing_id))
7777
if not is_website_admin:

0 commit comments

Comments
 (0)