-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Issue #3293] Create POST /users/:userId/saved-opportunities API sche…
…ma and stub endpoint (#3330) ## Summary Fixes #3293 ### Time to review: 20 mins ## Changes proposed Create an API for users to save opportunities. Make sure this API is scoped to the currently logged in user Response body a basic success message ## Additional information See attached unit tests
- Loading branch information
1 parent
c4fab20
commit 9f9d41f
Showing
4 changed files
with
216 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
106 changes: 106 additions & 0 deletions
106
api/tests/src/api/users/test_user_save_opportunity_post.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,106 @@ | ||
import uuid | ||
|
||
import pytest | ||
|
||
from src.auth.api_jwt_auth import create_jwt_for_user | ||
from src.db.models.user_models import UserSavedOpportunity | ||
from tests.src.db.models.factories import OpportunityFactory, UserFactory | ||
|
||
|
||
@pytest.fixture | ||
def user(enable_factory_create, db_session): | ||
user = UserFactory.create() | ||
db_session.commit() | ||
return user | ||
|
||
|
||
@pytest.fixture | ||
def user_auth_token(user, db_session): | ||
token, _ = create_jwt_for_user(user, db_session) | ||
return token | ||
|
||
|
||
@pytest.fixture(autouse=True) | ||
def clear_opportunities(db_session): | ||
db_session.query(UserSavedOpportunity).delete() | ||
db_session.commit() | ||
yield | ||
|
||
|
||
def test_user_save_opportunity_post_unauthorized_user( | ||
client, db_session, user, user_auth_token, enable_factory_create | ||
): | ||
# Create an opportunity | ||
opportunity = OpportunityFactory.create() | ||
|
||
# Try to save an opportunity for a different user ID | ||
different_user_id = uuid.uuid4() | ||
response = client.post( | ||
f"/v1/users/{different_user_id}/saved-opportunities", | ||
headers={"X-SGG-Token": user_auth_token}, | ||
json={"opportunity_id": opportunity.opportunity_id}, | ||
) | ||
|
||
assert response.status_code == 401 | ||
assert response.json["message"] == "Unauthorized user" | ||
|
||
# Verify no opportunity was saved | ||
saved_opportunities = db_session.query(UserSavedOpportunity).all() | ||
assert len(saved_opportunities) == 0 | ||
|
||
|
||
def test_user_save_opportunity_post_no_auth(client, db_session, user, enable_factory_create): | ||
# Create an opportunity | ||
opportunity = OpportunityFactory.create() | ||
|
||
# Try to save an opportunity without authentication | ||
response = client.post( | ||
f"/v1/users/{user.user_id}/saved-opportunities", | ||
json={"opportunity_id": opportunity.opportunity_id}, | ||
) | ||
|
||
assert response.status_code == 401 | ||
assert response.json["message"] == "Unable to process token" | ||
|
||
# Verify no opportunity was saved | ||
saved_opportunities = db_session.query(UserSavedOpportunity).all() | ||
assert len(saved_opportunities) == 0 | ||
|
||
|
||
def test_user_save_opportunity_post_invalid_request( | ||
client, user, user_auth_token, enable_factory_create, db_session | ||
): | ||
# Make request with missing opportunity_id | ||
response = client.post( | ||
f"/v1/users/{user.user_id}/saved-opportunities", | ||
headers={"X-SGG-Token": user_auth_token}, | ||
json={}, | ||
) | ||
|
||
assert response.status_code == 422 # Validation error | ||
|
||
# Verify no opportunity was saved | ||
saved_opportunities = db_session.query(UserSavedOpportunity).all() | ||
assert len(saved_opportunities) == 0 | ||
|
||
|
||
def test_user_save_opportunity_post( | ||
client, user, user_auth_token, enable_factory_create, db_session | ||
): | ||
# Create an opportunity | ||
opportunity = OpportunityFactory.create() | ||
|
||
# Make the request to save an opportunity | ||
response = client.post( | ||
f"/v1/users/{user.user_id}/saved-opportunities", | ||
headers={"X-SGG-Token": user_auth_token}, | ||
json={"opportunity_id": opportunity.opportunity_id}, | ||
) | ||
|
||
assert response.status_code == 200 | ||
assert response.json["message"] == "Success" | ||
|
||
# Verify the opportunity was saved in the database | ||
saved_opportunity = db_session.query(UserSavedOpportunity).one() | ||
assert saved_opportunity.user_id == user.user_id | ||
assert saved_opportunity.opportunity_id == opportunity.opportunity_id |