fix: moved registration to its own endpoint

Author: jbriones1

src/elections/models.py

@@ -32,7 +32,7 @@ class ElectionResponse(BaseModel):
     datetime_start_nominations: str
     datetime_start_voting: str
     datetime_end_voting: str
-    available_positions: list[str]
+    available_positions: list[OfficerPositionEnum]
     status: ElectionStatusEnum
 
     survey_link: str | None = Field(None, description="Only available to admins")
@@ -44,15 +44,15 @@ class ElectionParams(BaseModel):
     datetime_start_nominations: str
     datetime_start_voting: str
     datetime_end_voting: str
-    available_positions: list[str] | None = None
+    available_positions: list[OfficerPositionEnum] | None = None
     survey_link: str | None = None
 
 class ElectionUpdateParams(BaseModel):
     type: ElectionTypeEnum | None = None
     datetime_start_nominations: str | None = None
     datetime_start_voting: str | None = None
     datetime_end_voting: str | None = None
-    available_positions: list[str] | None = None
+    available_positions: list[OfficerPositionEnum] | None = None
     survey_link: str | None = None
 
 class NomineeApplicationParams(BaseModel):
@@ -66,7 +66,7 @@ class NomineeApplicationUpdateParams(BaseModel):
 class NomineeApplicationModel(BaseModel):
     computing_id: str
     nominee_election: str
-    position: str
+    position: OfficerPositionEnum
     speech: str | None = None
 
 class NomineeInfoModel(BaseModel):

src/elections/tables.py

@@ -32,9 +32,9 @@ class Election(Base):
     slug: Mapped[str] = mapped_column(String(MAX_ELECTION_SLUG), primary_key=True)
     name: Mapped[str] = mapped_column(String(MAX_ELECTION_NAME), nullable=False)
     type: Mapped[str] = mapped_column(String(64), default="general_election")
-    datetime_start_nominations: Mapped[datetime] = mapped_column(DateTime(timezone=True), nullable=False)
-    datetime_start_voting: Mapped[datetime] = mapped_column(DateTime(timezone=True), nullable=False)
-    datetime_end_voting: Mapped[datetime] = mapped_column(DateTime(timezone=True), nullable=False)
+    datetime_start_nominations: Mapped[datetime] = mapped_column(DateTime(), nullable=False)
+    datetime_start_voting: Mapped[datetime] = mapped_column(DateTime(), nullable=False)
+    datetime_end_voting: Mapped[datetime] = mapped_column(DateTime(), nullable=False)
 
     # a comma-separated string of positions which must be elements of OfficerPosition
     # By giving it the type `StringList`, the database entry will automatically be marshalled to the correct form

src/elections/urls.py

@@ -1,4 +1,3 @@
-import re
 from datetime import datetime
 
 from fastapi import APIRouter, HTTPException, Request, status
@@ -11,31 +10,23 @@
 from elections.models import (
     ElectionParams,
     ElectionResponse,
-    ElectionStatusEnum,
     ElectionTypeEnum,
     ElectionUpdateParams,
-    NomineeApplicationModel,
-    NomineeApplicationParams,
-    NomineeApplicationUpdateParams,
     NomineeInfoModel,
     NomineeInfoUpdateParams,
 )
-from elections.tables import Election, NomineeApplication, NomineeInfo
+from elections.tables import Election, NomineeInfo
 from officers.constants import COUNCIL_REP_ELECTION_POSITIONS, GENERAL_ELECTION_POSITIONS, OfficerPositionEnum
 from permission.types import ElectionOfficer, WebsiteAdmin
 from utils.shared_models import DetailModel, SuccessResponse
-from utils.urls import admin_or_raise, get_current_user, logged_in_or_raise
+from utils.urls import admin_or_raise, get_current_user, slugify
 
 router = APIRouter(
     prefix="/elections",
     tags=["elections"],
 )
 
-def _slugify(text: str) -> str:
-    """Creates a unique slug based on text passed in. Assumes non-unicode text."""
-    return re.sub(r"[\W_]+", "-", text.strip().replace("/", "").replace("&", ""))
-
-async def _get_user_permissions(
+async def get_user_permissions(
     request: Request,
     db_session: database.DBSession,
 ) -> tuple[bool, str | None, str | None]:
@@ -108,7 +99,7 @@ async def list_elections(
     request: Request,
     db_session: database.DBSession,
 ):
-    is_admin, _, _ = await _get_user_permissions(request, db_session)
+    is_admin, _, _ = await get_user_permissions(request, db_session)
     election_list = await elections.crud.get_all_elections(db_session)
     if election_list is None or len(election_list) == 0:
         raise HTTPException(
@@ -149,15 +140,15 @@ async def get_election(
     election_name: str
 ):
     current_time = datetime.now()
-    slugified_name = _slugify(election_name)
+    slugified_name = slugify(election_name)
     election = await elections.crud.get_election(db_session, slugified_name)
     if election is None:
         raise HTTPException(
             status_code=status.HTTP_404_NOT_FOUND,
             detail=f"election with slug {slugified_name} does not exist"
         )
 
-    is_valid_user, _, _ = await _get_user_permissions(request, db_session)
+    is_valid_user, _, _ = await get_user_permissions(request, db_session)
     if current_time >= election.datetime_start_voting or is_valid_user:
 
         election_json = election.private_details(current_time)
@@ -229,7 +220,7 @@ async def create_election(
     else:
         available_positions = body.available_positions
 
-    slugified_name = _slugify(body.name)
+    slugified_name = slugify(body.name)
     current_time = datetime.now()
     start_nominations = datetime.fromisoformat(body.datetime_start_nominations)
     start_voting = datetime.fromisoformat(body.datetime_start_voting)
@@ -245,7 +236,7 @@ async def create_election(
         available_positions
     )
 
-    is_valid_user, _, _ = await _get_user_permissions(request, db_session)
+    is_valid_user, _, _ = await get_user_permissions(request, db_session)
     if not is_valid_user:
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
@@ -305,14 +296,14 @@ async def update_election(
     db_session: database.DBSession,
     election_name: str,
 ):
-    is_valid_user, _, _ = await _get_user_permissions(request, db_session)
+    is_valid_user, _, _ = await get_user_permissions(request, db_session)
     if not is_valid_user:
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
             detail="must have election officer or admin permission"
         )
 
-    slugified_name = _slugify(election_name)
+    slugified_name = slugify(election_name)
     election = await elections.crud.get_election(db_session, slugified_name)
     if not election:
         raise HTTPException(
@@ -360,8 +351,8 @@ async def delete_election(
     db_session: database.DBSession,
     election_name: str
 ):
-    slugified_name = _slugify(election_name)
-    is_valid_user, _, _ = await _get_user_permissions(request, db_session)
+    slugified_name = slugify(election_name)
+    is_valid_user, _, _ = await get_user_permissions(request, db_session)
     if not is_valid_user:
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
@@ -374,237 +365,6 @@ async def delete_election(
     old_election = await elections.crud.get_election(db_session, slugified_name)
     return JSONResponse({"success": old_election is None})
 
-# registration ------------------------------------------------------------- #
-
-@router.get(
-    "/registration/{election_name:str}",
-    description="get all the registrations of a single election",
-    response_model=list[NomineeApplicationModel],
-    responses={
-        401: { "description": "Not logged in", "model": DetailModel },
-        404: { "description": "Election with slug does not exist", "model": DetailModel }
-     },
-    operation_id="get_election_registrations"
-)
-async def get_election_registrations(
-    request: Request,
-    db_session: database.DBSession,
-    election_name: str
-):
-    _, computing_id = await logged_in_or_raise(request, db_session)
-
-    slugified_name = _slugify(election_name)
-    if await elections.crud.get_election(db_session, slugified_name) is None:
-        raise HTTPException(
-            status_code=status.HTTP_404_NOT_FOUND,
-            detail=f"election with slug {slugified_name} does not exist"
-        )
-
-    registration_list = await elections.crud.get_all_registrations_of_user(db_session, computing_id, slugified_name)
-    if registration_list is None:
-        return JSONResponse([])
-    return JSONResponse([
-        item.serialize() for item in registration_list
-    ])
-
-@router.post(
-    "/registration/{election_name:str}",
-    description="Register for a specific position in this election, but doesn't set a speech. Returns the created entry.",
-    response_model=NomineeApplicationModel,
-    responses={
-        400: { "description": "Bad request", "model": DetailModel },
-        401: { "description": "Not logged in", "model": DetailModel },
-        403: { "description": "Not an admin", "model": DetailModel },
-        404: { "description": "No election found", "model": DetailModel },
-    },
-    operation_id="register"
-)
-async def register_in_election(
-    request: Request,
-    db_session: database.DBSession,
-    body: NomineeApplicationParams,
-    election_name: str
-):
-    await admin_or_raise(request, db_session)
-
-    if body.position not in OfficerPositionEnum:
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail=f"invalid position {body.position}"
-        )
-
-    if await elections.crud.get_nominee_info(db_session, body.computing_id) is None:
-        # ensure that the user has a nominee info entry before allowing registration to occur.
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail="must have submitted nominee info before registering"
-        )
-
-    slugified_name = _slugify(election_name)
-    election = await elections.crud.get_election(db_session, slugified_name)
-    if election is None:
-        raise HTTPException(
-            status_code=status.HTTP_404_NOT_FOUND,
-            detail=f"election with slug {slugified_name} does not exist"
-        )
-
-    if body.position not in election.available_positions:
-        # NOTE: We only restrict creating a registration for a position that doesn't exist,
-        # not updating or deleting one
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail=f"{body.position} is not available to register for in this election"
-        )
-
-    if election.status(datetime.now()) != ElectionStatusEnum.NOMINATIONS:
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail="registrations can only be made during the nomination period"
-        )
-
-    if await elections.crud.get_all_registrations_of_user(db_session, body.computing_id, slugified_name):
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail="person is already registered in this election"
-        )
-
-    # TODO: associate specific elections officers with specific elections, then don't
-    # allow any elections officer running an election to register for it
-    await elections.crud.add_registration(db_session, NomineeApplication(
-        computing_id=body.computing_id,
-        nominee_election=slugified_name,
-        position=body.position,
-        speech=None
-    ))
-    await db_session.commit()
-
-    registrant = await elections.crud.get_one_registration_in_election(
-        db_session, body.computing_id, slugified_name, body.position
-    )
-    if not registrant:
-        raise HTTPException(
-            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
-            detail="failed to find new registrant"
-        )
-    return registrant
-
-@router.patch(
-    "/registration/{election_name:str}/{position:str}/{computing_id:str}",
-    description="update the application of a specific registrant and return the changed entry",
-    response_model=NomineeApplicationModel,
-    responses={
-        400: { "description": "Bad request", "model": DetailModel },
-        401: { "description": "Not logged in", "model": DetailModel },
-        403: { "description": "Not an admin", "model": DetailModel },
-        404: { "description": "No election found", "model": DetailModel },
-    },
-    operation_id="update_registration"
-)
-async def update_registration(
-    request: Request,
-    db_session: database.DBSession,
-    body: NomineeApplicationUpdateParams,
-    election_name: str,
-    computing_id: str,
-    position: OfficerPositionEnum
-):
-    await admin_or_raise(request, db_session)
-
-    if body.position not in OfficerPositionEnum:
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail=f"invalid position {body.position}"
-    )
-
-    slugified_name = _slugify(election_name)
-    election = await elections.crud.get_election(db_session, slugified_name)
-    if election is None:
-        raise HTTPException(
-            status_code=status.HTTP_404_NOT_FOUND,
-            detail=f"election with slug {slugified_name} does not exist"
-        )
-
-    # self updates can only be done during nomination period. Officer updates can be done whenever
-    if election.status(datetime.now()) != ElectionStatusEnum.NOMINATIONS:
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail="speeches can only be updated during the nomination period"
-        )
-
-    registration = await elections.crud.get_one_registration_in_election(db_session, computing_id, slugified_name, position)
-    if not registration:
-        raise HTTPException(
-            status_code=status.HTTP_404_NOT_FOUND,
-            detail="no registration record found"
-        )
-
-    registration.update_from_params(body)
-
-    await elections.crud.update_registration(db_session, registration)
-    await db_session.commit()
-
-    registrant = await elections.crud.get_one_registration_in_election(
-        db_session, registration.computing_id, slugified_name, registration.position
-    )
-    if not registrant:
-        raise HTTPException(
-            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
-            detail="failed to find changed registrant"
-        )
-    return registrant
-
-@router.delete(
-    "/registration/{election_name:str}/{position:str}/{computing_id:str}",
-    description="delete the registration of a person",
-    response_model=SuccessResponse,
-    responses={
-        400: { "description": "Bad request", "model": DetailModel },
-        401: { "description": "Not logged in", "model": DetailModel },
-        403: { "description": "Not an admin", "model": DetailModel },
-        404: { "description": "No election or registrant found", "model": DetailModel },
-    },
-    operation_id="delete_registration"
-)
-async def delete_registration(
-    request: Request,
-    db_session: database.DBSession,
-    election_name: str,
-    position: OfficerPositionEnum,
-    computing_id: str
-):
-    await admin_or_raise(request, db_session)
-
-    if position not in OfficerPositionEnum:
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail=f"invalid position {position}"
-        )
-
-    slugified_name = _slugify(election_name)
-    election = await elections.crud.get_election(db_session, slugified_name)
-    if election is None:
-        raise HTTPException(
-            status_code=status.HTTP_404_NOT_FOUND,
-            detail=f"election with slug {slugified_name} does not exist"
-        )
-
-    if election.status(datetime.now()) != ElectionStatusEnum.NOMINATIONS:
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail="registration can only be revoked during the nomination period"
-        )
-
-    if not await elections.crud.get_all_registrations_of_user(db_session, computing_id, slugified_name):
-        raise HTTPException(
-            status_code=status.HTTP_404_NOT_FOUND,
-            detail=f"{computing_id} was not registered in election {slugified_name} for {position}"
-        )
-
-    await elections.crud.delete_registration(db_session, computing_id, slugified_name, position)
-    await db_session.commit()
-    old_election = await elections.crud.get_one_registration_in_election(db_session, computing_id, slugified_name, position)
-    return JSONResponse({"success": old_election is None})
-
 # nominee info ------------------------------------------------------------- #
 
 @router.get(