Skip to content

feat: add to the usecase and viewmodel of the get_all_members and get… #238

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
GuiGuerreiroo merged 2 commits into from
Feb 28, 2026
Merged

feat: add to the usecase and viewmodel of the get_all_members and get… #238

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
339f6da
feat: add to the usecase and viewmodel of the get_all_members and get…
GuiGuerreiroo Feb 28, 2026
37cde1d
fix: changed the strike_id definition from list to List[str] in get_a…
GuiGuerreiroo Feb 28, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions src/modules/get_all_members/app/get_all_members_usecase.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,7 @@ def __call__(self,user_id: str, start_date: Optional[int] = None, end_date: Opti
member.strikes_allowed= 4

member.strikes= len(member_list_strike_this_sem)
member.strikes_id= [s.strike_id for s in member_list_strike_this_sem]
member.hours_worked = hours_worked.get(member_user_id, 0) if is_admin else None
Comment on lines 88 to 92

Copilot AI Feb 28, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

member_list_strike_this_sem is only assigned inside if member_list_strikes:, but it’s used unconditionally to compute member.strikes and member.strikes_id. When get_strike_by_target_id returns None (or an empty list), this will raise UnboundLocalError. Initialize member_list_strikes to ... or [] and always build member_list_strike_this_sem (defaulting to an empty list) before taking len() / mapping ids.

Copilot uses AI. Check for mistakes.
member.project = member_projects[member_user_id]

Expand Down
2 changes: 2 additions & 0 deletions src/modules/get_all_members/app/get_all_members_viewmodel.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ def __init__(self, member: Member):
self.user_id = member.user_id
self.photo = member.photo
self.strikes = member.strikes
self.strikes_id = member.strikes_id
self.strikes_allowed = member.strikes_allowed
self.hours_worked = member.hours_worked

Expand All @@ -61,6 +62,7 @@ def to_dict(self):
'active' : self.active.value,
'user_id' : self.user_id,
'strikes' : self.strikes,
'strikes_id' : self.strikes_id,
'strikes_allowed' : self.strikes_allowed,
Comment on lines 63 to 66

Copilot AI Feb 28, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Returning strikes_id for every member from the non-admin get_all_members response can leak strike identifiers to regular users. In this codebase, GetStrikeUsecase only checks that the requester is active (no ownership/admin authorization), so exposing IDs here makes it trivial to fetch strike details for other users. Consider omitting strikes_id in this endpoint (or only including it for the requester / admins).

Copilot uses AI. Check for mistakes.
'photo' : self.photo,

Expand Down
1 change: 1 addition & 0 deletions src/modules/get_all_members_admin/app/get_all_members_admin_usecase.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,7 @@ def __call__(self,user_id: str, start_date: Optional[int] = None, end_date: Opti
member.strikes_allowed= 4

member.strikes= len(member_list_strike_this_sem)
member.strikes_id= [s.strike_id for s in member_list_strike_this_sem]
member.hours_worked = hours_worked.get(member_user_id, 0)
member.project = member_projects[member_user_id]

Expand Down
3 changes: 3 additions & 0 deletions src/modules/get_all_members_admin/app/get_all_members_admin_viewmodel.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ class MemberViewModel:
user_id: str
hours_worked: int
strikes: int
strikes_id: List[str]
strikes_allowed: int
photo: Optional[str] = None

Expand All @@ -42,6 +43,7 @@ def __init__(self, member: Member):
self.user_id = member.user_id
self.hours_worked = member.hours_worked
self.strikes = member.strikes
self.strikes_id = member.strikes_id
self.strikes_allowed = member.strikes_allowed
self.photo = member.photo

Expand All @@ -64,6 +66,7 @@ def to_dict(self):
'user_id' : self.user_id,
'hours_worked' : self.hours_worked,
'strikes' : self.strikes,
'strikes_id' : self.strikes_id,
'strikes_allowed' : self.strikes_allowed,
'photo' : self.photo
}
Expand Down
14 changes: 14 additions & 0 deletions tests/modules/get_all_members/app/test_get_all_members_controller.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@ def test_get_all_members_controller(self):
'user_id': "93bc6ada-c0d1-7054-66ab-e17414c48ae3",
'photo': None,
'strikes': 1,
'strikes_id': ['t0u1v2w3-x4y5-6789-0123-456789tuvwxy'],
'strikes_allowed': 2
}
},
Expand All @@ -68,6 +69,7 @@ def test_get_all_members_controller(self):
'user_id': "51ah5jaj-c9jm-1345-666ab-e12341c14a3",
'photo': None,
'strikes': 2,
'strikes_id': ['f6g7h8i9-j0k1-2345-6789-012345fghijk', 's9t0u1v2-w3x4-5678-9012-345678stuvwx'],
'strikes_allowed': 2
}
},
Expand All @@ -90,6 +92,7 @@ def test_get_all_members_controller(self):
'user_id': "76h35dg4-h76v-1875-987hn-h67gfv45Gt4",
'photo': None,
'strikes': 0,
'strikes_id': [],
'strikes_allowed': 2
}
},
Expand All @@ -112,6 +115,7 @@ def test_get_all_members_controller(self):
'user_id': "6f5g4h7J-876j-0098-123hb-hgb567fy4hb",
'photo': None,
'strikes': 4,
'strikes_id': ['d4e5f6g7-h8i9-0123-4567-890123defghi', 'g7h8i9j0-k1l2-3456-7890-123456ghijkl', 'h8i9j0k1-l2m3-4567-8901-234567hijklm', 'i9j0k1l2-m3n4-5678-9012-345678ijklmn'],
'strikes_allowed': 2
}
},
Expand All @@ -134,6 +138,7 @@ def test_get_all_members_controller(self):
'user_id': "6574hgyt-785n-9134-18gn4-7gh5uvn36cG",
'photo': None,
'strikes': 4,
'strikes_id': ['d4e5f6g7-h8i9-0123-4567-890123defghi', 'g7h8i9j0-k1l2-3456-7890-123456ghijkl', 'h8i9j0k1-l2m3-4567-8901-234567hijklm', 'i9j0k1l2-m3n4-5678-9012-345678ijklmn'],
'strikes_allowed': 2
}
},
Expand All @@ -156,6 +161,7 @@ def test_get_all_members_controller(self):
'user_id': "7gh5yf5H-857H-1234-75hng-94832hvng1s",
'photo': None,
'strikes': 4,
'strikes_id': ['b2c3d4e5-f6g7-8901-2345-678901bcdefg', 'o5p6q7r8-s9t0-1234-5678-901234opqrst', 'p6q7r8s9-t0u1-2345-6789-012345pqrstu', 'q7r8s9t0-u1v2-3456-7890-123456qrstuv'],
'strikes_allowed': 2
# alterei
}
Expand All @@ -179,6 +185,7 @@ def test_get_all_members_controller(self):
'user_id': "7465hvnb-143g-1675-86HnG-75hgnFbcg36",
'photo': None,
'strikes': 3,
'strikes_id': ['a1b2c3d4-e5f6-7890-1234-567890abcdef', 'c3d4e5f6-g7h8-9012-3456-789012cdefgh', 'n4o5p6q7-r8s9-0123-4567-890123nopqrs'],
'strikes_allowed': 2
}
},
Expand All @@ -201,6 +208,7 @@ def test_get_all_members_controller(self):
'user_id': "75648hbr-184n-1985-91han-7ghn4HgF182",
'photo': None,
'strikes': 3,
'strikes_id': ['l2m3n4o5-p6q7-8901-2345-678901lmnopq', 'm3n4o5p6-q7r8-9012-3456-789012mnopqr', 'p6q7r8s9-t0u1-2345-6789-012345pqrstu'],
'strikes_allowed': 2
}
},
Expand All @@ -223,6 +231,7 @@ def test_get_all_members_controller(self):
'user_id': "9183jBnh-997H-1010-10god-914gHy46tBh",
'photo': None,
'strikes': 3,
'strikes_id': ['l2m3n4o5-p6q7-8901-2345-678901lmnopq', 'm3n4o5p6-q7r8-9012-3456-789012mnopqr', 'p6q7r8s9-t0u1-2345-6789-012345pqrstu'],
'strikes_allowed': 2
}
},
Expand All @@ -245,6 +254,7 @@ def test_get_all_members_controller(self):
'user_id': '5f55f6a5-a66e-4fff-9faf-72cd478bd5a0',
'photo': None,
'strikes': 0,
'strikes_id': [],
'strikes_allowed': 2
}
},
Expand All @@ -267,6 +277,7 @@ def test_get_all_members_controller(self):
'user_id': '3b07232f-4f65-42c6-b005-242550b8b8dc',
'photo': None,
'strikes': 0,
'strikes_id': [],
'strikes_allowed': 2
}
},
Expand All @@ -289,6 +300,7 @@ def test_get_all_members_controller(self):
'user_id': '3b07232f-4f65-42c6-b005-242550b8b8bf',
'photo': None,
'strikes': 0,
'strikes_id': [],
'strikes_allowed': 2
}
},
Expand All @@ -311,6 +323,7 @@ def test_get_all_members_controller(self):
'user_id': '3b07232f-4f65-42c6-b005-242550b8b8ty',
'photo': None,
'strikes': 0,
'strikes_id': [],
'strikes_allowed': 2
}
},
Expand All @@ -333,6 +346,7 @@ def test_get_all_members_controller(self):
'user_id': '3b07232f-4f65-42c6-b005-242550b8h9ir',
'photo': None,
'strikes': 0,
'strikes_id': [],
'strikes_allowed': 2
}
}
Expand Down
Loading