fix: updating parameters works for election dates

Author: jbriones1

src/elections/models.py

@@ -39,9 +39,8 @@ class ElectionResponse(BaseModel):
     candidates: list[CandidateModel] | None = Field(None, description="Only available to admins")
 
 class ElectionParams(BaseModel):
-    slug: str
     name: str
-    type: ElectionTypeEnum | None = None
+    type: ElectionTypeEnum
     datetime_start_nominations: str
     datetime_start_voting: str
     datetime_end_voting: str
@@ -57,7 +56,6 @@ class ElectionUpdateParams(BaseModel):
     survey_link: str | None = None
 
 class NomineeApplicationParams(BaseModel):
-    election_name: str
     computing_id: str
     position: OfficerPositionEnum
 
@@ -69,7 +67,7 @@ class NomineeApplicationModel(BaseModel):
     computing_id: str
     nominee_election: str
     position: str
-    speech: str
+    speech: str | None = None
 
 class NomineeInfoModel(BaseModel):
     computing_id: str
@@ -79,7 +77,7 @@ class NomineeInfoModel(BaseModel):
     email: str
     discord_username: str
 
-class NomineeUpdateParams(BaseModel):
+class NomineeInfoUpdateParams(BaseModel):
     full_name: str | None = None
     linked_in: str | None = None
     instagram: str | None = None

src/elections/tables.py

@@ -1,4 +1,4 @@
-from datetime import datetime
+from datetime import date, datetime
 
 from sqlalchemy import (
     DateTime,
@@ -21,7 +21,6 @@
     ElectionStatusEnum,
     ElectionUpdateParams,
     NomineeApplicationUpdateParams,
-    NomineeUpdateParams,
 )
 from officers.types import OfficerPositionEnum
 
@@ -53,7 +52,6 @@ def available_positions(self, value: str | list[str]) -> None:
             value = ",".join(value)
         self._available_positions = value
 
-
     def private_details(self, at_time: datetime) -> dict:
         # is serializable
         return {
@@ -105,18 +103,27 @@ def to_update_dict(self) -> dict:
             "name": self.name,
             "type": self.type,
 
-            "datetime_start_nominations": self.datetime_start_nominations,
-            "datetime_start_voting": self.datetime_start_voting,
-            "datetime_end_voting": self.datetime_end_voting,
+            "datetime_start_nominations": self.datetime_start_nominations.date(),
+            "datetime_start_voting": self.datetime_start_voting.date(),
+            "datetime_end_voting": self.datetime_end_voting.date(),
 
             "available_positions": self._available_positions,
             "survey_link": self.survey_link,
         }
 
     def update_from_params(self, params: ElectionUpdateParams):
-        update_data = params.model_dump(exclude_unset=True)
+        update_data = params.model_dump(
+            exclude_unset=True,
+            exclude={"datetime_start_nominations", "datetime_start_voting", "datetime_end_voting"}
+        )
         for k, v in update_data.items():
             setattr(self, k, v)
+        if params.datetime_start_nominations:
+            self.datetime_start_nominations = datetime.fromisoformat(params.datetime_start_nominations)
+        if params.datetime_start_voting:
+            self.datetime_start_voting = datetime.fromisoformat(params.datetime_start_voting)
+        if params.datetime_end_voting:
+            self.datetime_end_voting = datetime.fromisoformat(params.datetime_end_voting)
 
     def status(self, at_time: datetime) -> str:
         if at_time <= self.datetime_start_nominations:

src/elections/urls.py

@@ -18,7 +18,7 @@
     NomineeApplicationParams,
     NomineeApplicationUpdateParams,
     NomineeInfoModel,
-    NomineeUpdateParams,
+    NomineeInfoUpdateParams,
 )
 from elections.tables import Election, NomineeApplication, NomineeInfo
 from officers.constants import COUNCIL_REP_ELECTION_POSITIONS, GENERAL_ELECTION_POSITIONS
@@ -97,7 +97,7 @@ def _raise_if_bad_election_data(
 # elections ------------------------------------------------------------- #
 
 @router.get(
-    "/list",
+    "",
     description="Returns a list of all elections & their status",
     response_model=list[ElectionResponse],
     responses={
@@ -220,12 +220,6 @@ async def create_election(
     body: ElectionParams,
     db_session: database.DBSession,
 ):
-    if body.name == "list":
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail="cannot use that election name",
-        )
-
     if body.available_positions is None:
         if body.type not in ElectionTypeEnum:
             raise HTTPException(
@@ -238,14 +232,17 @@ async def create_election(
 
     slugified_name = _slugify(body.name)
     current_time = datetime.now()
+    start_nominations = datetime.fromisoformat(body.datetime_start_nominations)
+    start_voting = datetime.fromisoformat(body.datetime_start_voting)
+    end_voting = datetime.fromisoformat(body.datetime_end_voting)
 
     # TODO: We might be able to just use a validation function from Pydantic or SQLAlchemy to check this
     _raise_if_bad_election_data(
         slugified_name,
         body.type,
-        datetime.fromisoformat(body.datetime_start_voting),
-        datetime.fromisoformat(body.datetime_start_voting),
-        datetime.fromisoformat(body.datetime_end_voting),
+        start_nominations,
+        start_voting,
+        end_voting,
         ",".join(available_positions),
     )
 
@@ -268,11 +265,10 @@ async def create_election(
             slug = slugified_name,
             name = body.name,
             type = body.type,
-            datetime_start_nominations = body.datetime_start_nominations,
-            datetime_start_voting = body.datetime_start_voting,
-            datetime_end_voting = body.datetime_end_voting,
-            # TODO: Make this automatically concatenate the string and set it to lowercase if supplied with a list[str]
-            available_positions = ",".join(available_positions),
+            datetime_start_nominations = start_nominations,
+            datetime_start_voting = start_voting,
+            datetime_end_voting = end_voting,
+            available_positions = available_positions,
             survey_link = body.survey_link
         )
     )
@@ -413,7 +409,7 @@ async def get_election_registrations(
     ])
 
 @router.post(
-    "/register",
+    "/registration/{election_name:str}",
     description="Register for a specific position in this election, but doesn't set a speech. Returns the created entry.",
     response_model=NomineeApplicationModel,
     responses={
@@ -428,6 +424,7 @@ async def register_in_election(
     request: Request,
     db_session: database.DBSession,
     body: NomineeApplicationParams,
+    election_name: str
 ):
     await admin_or_raise(request, db_session)
 
@@ -444,7 +441,7 @@ async def register_in_election(
             detail="must have submitted nominee info before registering"
         )
 
-    slugified_name = _slugify(body.election_name)
+    slugified_name = _slugify(election_name)
     election = await elections.crud.get_election(db_session, slugified_name)
     if election is None:
         raise HTTPException(
@@ -545,16 +542,11 @@ async def update_registration(
 
     registration.update_from_params(body)
 
-    await elections.crud.update_registration(db_session, NomineeApplication(
-        computing_id=computing_id,
-        nominee_election=slugified_name,
-        position=body.position,
-        speech=body.speech
-    ))
+    await elections.crud.update_registration(db_session, registration)
     await db_session.commit()
 
     registrant = await elections.crud.get_one_registration_in_election(
-        db_session, registration.computing_id, slugified_name, body.position
+        db_session, registration.computing_id, slugified_name, registration.position
     )
     if not registrant:
         raise HTTPException(
@@ -654,7 +646,7 @@ async def get_nominee_info(
 async def provide_nominee_info(
     request: Request,
     db_session: database.DBSession,
-    body: NomineeUpdateParams,
+    body: NomineeInfoUpdateParams,
     computing_id: str
 ):
     # TODO: There needs to be a lot more validation here.

src/permission/types.py

@@ -77,3 +77,4 @@ async def has_permission_or_raise(
     ) -> bool:
         if not await WebsiteAdmin.has_permission(db_session, computing_id):
             raise HTTPException(status_code=401, detail=errmsg)
+        return True

src/utils/urls.py

@@ -53,9 +53,10 @@ async def admin_or_raise(request: Request, db_session: database.DBSession) -> tu
 
     # where valid means elections officer or website admin
     if (await ElectionOfficer.has_permission(db_session, computing_id)) or (await WebsiteAdmin.has_permission(db_session, computing_id)):
+        return session_id, computing_id
+    else:
         raise HTTPException(
-            status_code=status.HTTP_403_UNAUTHORIZED,
+            status_code=status.HTTP_403_FORBIDDEN,
             detail="must be an admin"
         )
 
-    return session_id, computing_id

tests/integration/test_elections.py

@@ -87,7 +87,7 @@ async def test_read_elections(database_setup):
 # API endpoint testing (without AUTH)--------------------------------------
 @pytest.mark.anyio
 async def test_endpoints(client, database_setup):
-    response = await client.get("/elections/list")
+    response = await client.get("/elections")
     assert response.status_code == 200
     assert response.json() != {}
 
@@ -120,9 +120,8 @@ async def test_endpoints(client, database_setup):
     })
     assert response.status_code == 401 # unauthorized access to create an election
 
-    response = await client.post("/elections/register", json={
+    response = await client.post("/elections/registration/{test-election-1}", json={
         "computing_id": "1234567",
-        "election_name": "test-election-1",
         "position": "president",
     })
     assert response.status_code == 401 # unauthorized access to register candidates
@@ -171,7 +170,7 @@ async def test_endpoints_admin(client, database_setup):
     client.cookies = { "session_id": session_id }
 
     # test that more info is given if logged in & with access to it
-    response = await client.get("/elections/list")
+    response = await client.get("/elections")
     assert response.status_code == 200
     assert response.json() != {}
 
@@ -190,54 +189,46 @@ async def test_endpoints_admin(client, database_setup):
     assert response.status_code == 200
 
     # ensure that authorized users can create an election
-    response = await client.post("/elections/testElection4", json={
-        "election_type": "general_election",
+    response = await client.post("/elections", json={
+        "name": "testElection4",
+        "type": "general_election",
         "datetime_start_nominations": (datetime.now() - timedelta(days=1)).isoformat(),
         "datetime_start_voting": (datetime.now() + timedelta(days=7)).isoformat(),
         "datetime_end_voting": (datetime.now() + timedelta(days=14)).isoformat(),
-        "available_positions": "president,treasurer",
+        "available_positions": ["president", "treasurer"],
         "survey_link": "https://youtu.be/dQw4w9WgXcQ?si=kZROi2tu-43MXPM5"
     })
     assert response.status_code == 200
     # ensure that user can create elections without knowing each position type
-    response = await client.post("/elections/byElection4", json={
-        "election_type": "by_election",
+    response = await client.post("/elections", json={
+        "name": "byElection4",
+        "type": "by_election",
         "datetime_start_nominations": (datetime.now() - timedelta(days=1)).isoformat(),
         "datetime_start_voting": (datetime.now() + timedelta(days=7)).isoformat(),
         "datetime_end_voting": (datetime.now() + timedelta(days=14)).isoformat(),
         "survey_link": "https://youtu.be/dQw4w9WgXcQ?si=kZROi2tu-43MXPM5"
     })
     assert response.status_code == 200
 
-    # try creating an invalid election name
-    response = await client.post("/elections/list", json={
-        "election_type": "by_election",
-        "datetime_start_nominations": (datetime.now() - timedelta(days=1)).isoformat(),
-        "datetime_start_voting": (datetime.now() + timedelta(days=7)).isoformat(),
-        "datetime_end_voting": (datetime.now() + timedelta(days=14)).isoformat(),
-        "survey_link": "https://youtu.be/dQw4w9WgXcQ?si=kZROi2tu-43MXPM5"
-    })
-    assert response.status_code == 400
-
-
-
-
     # try to register for a past election -> should say nomination period expired
-    response = await client.post("/elections/registration/test election    1", json={
+    testElection1 = "test election    1"
+    response = await client.post(f"/elections/registration/{testElection1}", json={
+        "computing_id": load_test_db.SYSADMIN_COMPUTING_ID,
         "position": "president",
     })
     assert response.status_code == 400
     assert "nomination period" in response.json()["detail"]
 
-    # try to register for an invalid position
+    # try to register for an invalid position will just throw a 422
     response = await client.post(f"/elections/registration/{election_name}", json={
+        "computing_id": load_test_db.SYSADMIN_COMPUTING_ID,
         "position": "CEO",
     })
-    assert response.status_code == 400
-    assert "invalid position" in response.json()["detail"]
+    assert response.status_code == 422
 
     # try to register in an unknown election
     response = await client.post("/elections/registration/unknownElection12345", json={
+        "computing_id": load_test_db.SYSADMIN_COMPUTING_ID,
         "position": "president",
     })
     assert response.status_code == 404
@@ -247,6 +238,7 @@ async def test_endpoints_admin(client, database_setup):
 
     # register for an election correctly
     response = await client.post(f"/elections/registration/{election_name}", json={
+        "computing_id": "jdo12",
         "position": "president",
     })
     assert response.status_code == 200
@@ -256,6 +248,7 @@ async def test_endpoints_admin(client, database_setup):
 
     # duplicate registration
     response = await client.post(f"/elections/registration/{election_name}", json={
+        "computing_id": "jdo12",
         "position": "president",
     })
     assert response.status_code == 400