Refactor user permissions and enhance stack, tag, and techie of the m…#135
Merged
Refactor user permissions and enhance stack, tag, and techie of the m…#135
Conversation
There was a problem hiding this comment.
Pull request overview
This PR tightens access control across multiple endpoints by introducing a shared “accepted user” permission guard, while also standardizing skill naming/skill API responses and strengthening project relationship validation.
Changes:
- Added
user_acceptedpermission dependency and updated multiple routes to require accepted/active users. - Normalized skill naming and adjusted skill search/response formats (including
/skills/allreturning a flat list). - Enhanced project create/update validation for stacks/tools (existence checks, duplicate handling in create, relationship updates in update).
Reviewed changes
Copilot reviewed 34 out of 34 changed files in this pull request and generated 8 comments.
Show a summary per file
| File | Description |
|---|---|
| utils/permissions.py | Introduces user_accepted and applies it to admin/PM checks. |
| services/user_service.py | Extends profile search to accept an optional status filter. |
| db/repository/users.py | Adds status filtering and expands text search (email + full name). |
| api/routes/profile_page.py | Exposes status filter and applies user_accepted to profile endpoints. |
| api/routes/users.py | Opens org-chart read endpoint to accepted users (admin remains for write/admin views). |
| api/routes/weekly_meetings.py | Restricts meeting read endpoints to accepted users. |
| api/routes/coding_challenges.py | Restricts challenge read endpoints to accepted users. |
| api/routes/techieotm.py | Restricts techie-of-the-month read endpoints to accepted users. |
| api/routes/tags.py | Restricts tag endpoints to accepted users. |
| api/routes/stacks.py | Restricts stack read/list endpoints to accepted users. |
| api/routes/project.py | Restricts project reads/list/members endpoints to accepted users. |
| api/routes/feeds.py | Restricts feed endpoints to accepted users. |
| api/routes/skills.py | Requires accepted users for most skill operations; changes /skills/all response shape; admin-gates /skills/data. |
| services/skill_service.py | Improves “add skills” behavior, adjusts search output fields, normalizes pool skill creation. |
| db/repository/skills.py | Centralizes skill-name normalization in repo methods. |
| api/api_models/skills.py | Changes skill name normalization behavior at the schema level. |
| services/project_service.py | Adds duplicate checks on create and relationship validation on update. |
| api/routes/technical_task.py | Applies user_accepted consistently to applicant task/submission reads/writes. |
| api/routes/email_templates.py | Admin-gates reads of templates. |
| api/routes/announcements.py | Adds admin-only image upload endpoint; requires accepted users for reads. |
| test/conftest.py | Ensures admin fixture user is ACCEPTED so admin-gated endpoints pass. |
| test/test_weekly_meetings.py | Updates tests for accepted-user requirement. |
| test/test_coding_challenges.py | Updates tests for accepted-user requirement. |
| test/test_techieotm.py | Updates tests to include auth headers for now-protected endpoints. |
| test/test_stacks.py | Updates tests to include auth headers for protected endpoints. |
| test/test_projects.py | Updates tests to include auth headers for protected endpoints. |
| test/test_profile_page.py | Updates tests to include auth headers for now-protected endpoint(s). |
| test/test_org_chart.py | Updates org-chart tests to reflect accepted-user access model. |
| test/test_feeds.py | Updates feed tests to include auth headers. |
| test/test_announcements.py | Updates announcement tests to include auth headers. |
| test/test_email_templates.py | Updates email template tests to include auth headers. |
| test/test_skills.py | Updates skill tests for auth and new /skills/all response shape. |
| test/test_skill_service_response.py | Updates skill search response-format expectations. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
…cements and feeds routes
TMCreme
approved these changes
Apr 6, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
…onth routes
user_acceptedpermission check to ensure only accepted users can access certain endpoints.stacks.py,tags.py,techieotm.py,technical_task.py,users.py,weekly_meetings.pyto useuser_acceptedfor user validation.SkillRepositoryto normalize skill names for consistency.ProjectServiceto validate project tools and stacks during creation and updates, ensuring no duplicates and proper error handling.