uwblueprint
diff --git a/‎backend/app/routes/intake.py‎
Lines changed: 51 additions & 18 deletions b/‎backend/app/routes/intake.py‎
Lines changed: 51 additions & 18 deletions
diff --git a/‎backend/app/routes/user.py‎
Lines changed: 65 additions & 7 deletions b/‎backend/app/routes/user.py‎
Lines changed: 65 additions & 7 deletions
diff --git a/‎backend/app/schemas/user.py‎
Lines changed: 1 addition & 0 deletions b/‎backend/app/schemas/user.py‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎backend/app/services/implementations/form_processor.py‎
Lines changed: 108 additions & 10 deletions b/‎backend/app/services/implementations/form_processor.py‎
Lines changed: 108 additions & 10 deletions
diff --git a/‎frontend/src/APIClients/intakeAPIClient.ts‎
Lines changed: 2 additions & 1 deletion b/‎frontend/src/APIClients/intakeAPIClient.ts‎
Lines changed: 2 additions & 1 deletion
@@ -162,20 +162,27 @@ async def create_form_submission(
             form_name_mapping = {
                 "participant": "First Connection Participant Form",
                 "volunteer": "First Connection Volunteer Form",
+                "become_participant": "Become a Participant Form",
+                "become_volunteer": "Become a Volunteer Form",
             }
 
             form_name = form_name_mapping.get(effective_form_type)
             if not form_name:
                 raise HTTPException(
                     status_code=400,
-                    detail=f"Invalid formType: {effective_form_type}. Must be 'participant' or 'volunteer'",
+                    detail=f"Invalid formType: {effective_form_type}. Must be 'participant', 'volunteer', 'become_participant', or 'become_volunteer'",
                 )
 
-            # Find the form
-            form = db.query(Form).filter(Form.type == "intake", Form.name == form_name).first()
+            # Find the form - for become_* forms, look by type
+            if effective_form_type in ["become_participant", "become_volunteer"]:
+                form_type = effective_form_type
+                form = db.query(Form).filter(Form.type == form_type, Form.name == form_name).first()
+            else:
+                # Original intake forms
+                form = db.query(Form).filter(Form.type == "intake", Form.name == form_name).first()
 
             if not form:
-                raise HTTPException(status_code=500, detail=f"Intake form '{form_name}' not found in database")
+                raise HTTPException(status_code=500, detail=f"Form '{form_name}' not found in database")
             form_id = form.id
         else:
             # Verify the form exists and is of type 'intake'
@@ -190,21 +197,47 @@ async def create_form_submission(
 
         # Enforce role-to-form access (admin exempt)
         if current_user.role.name != "admin":
-            if current_user.role.name == "volunteer" and effective_form_type != "volunteer":
-                raise HTTPException(status_code=403, detail="Volunteers can only submit the volunteer intake form")
-            if current_user.role.name == "participant" and effective_form_type != "participant":
-                raise HTTPException(status_code=403, detail="Participants can only submit the participant intake form")
-
-        # Create the raw form submission record with pending status
-        db_submission = FormSubmission(
-            form_id=form_id,
-            user_id=target_user.id,
-            answers=submission.answers,
-            status="pending_approval",
-        )
+            if current_user.role.name == "volunteer" and effective_form_type not in ["volunteer", "become_participant"]:
+                raise HTTPException(
+                    status_code=403,
+                    detail="Volunteers can only submit the volunteer intake form or become participant form",
+                )
+            if current_user.role.name == "participant" and effective_form_type not in [
+                "participant",
+                "become_volunteer",
+            ]:
+                raise HTTPException(
+                    status_code=403,
+                    detail="Participants can only submit the participant intake form or become volunteer form",
+                )
 
-        db.add(db_submission)
-        db.flush()  # Get the submission ID without committing
+        # For role-change forms, ensure only one submission exists per user
+        existing_submission = None
+        if form and form.type in ["become_participant", "become_volunteer"]:
+            existing_submission = (
+                db.query(FormSubmission)
+                .filter(
+                    FormSubmission.user_id == target_user.id,
+                    FormSubmission.form_id == form.id,
+                )
+                .order_by(FormSubmission.submitted_at.desc())
+                .first()
+            )
+
+        if existing_submission:
+            existing_submission.answers = submission.answers
+            existing_submission.status = "pending_approval"
+            existing_submission.submitted_at = datetime.utcnow()
+            db_submission = existing_submission
+        else:
+            db_submission = FormSubmission(
+                form_id=form_id,
+                user_id=target_user.id,
+                answers=submission.answers,
+                status="pending_approval",
+            )
+            db.add(db_submission)
+            db.flush()  # Get the submission ID without committing
 
         # For intake forms: Update essential fields on User and set form_status
         # Full processing to UserData happens on admin approval
 
@@ -1,8 +1,10 @@
 from typing import Optional
 
-from fastapi import APIRouter, Depends, HTTPException, Query
+from fastapi import APIRouter, Depends, HTTPException, Query, Request
+from sqlalchemy.orm import Session
 
 from app.middleware.auth import has_roles
+from app.models.User import User
 from app.schemas.user import (
     UserCreateRequest,
     UserCreateResponse,
@@ -13,6 +15,7 @@
 )
 from app.schemas.user_data import UserDataUpdateRequest
 from app.services.implementations.user_service import UserService
+from app.utilities.db_utils import get_db
 from app.utilities.service_utils import get_user_service
 
 router = APIRouter(
@@ -59,14 +62,29 @@ async def get_users(
         raise HTTPException(status_code=500, detail=str(e))
 
 
-# admin only get user by ID
+# get user by ID (admin or self)
 @router.get("/{user_id}", response_model=UserResponse)
 async def get_user(
     user_id: str,
+    request: Request,
+    db: Session = Depends(get_db),
     user_service: UserService = Depends(get_user_service),
-    authorized: bool = has_roles([UserRole.ADMIN]),
 ):
     try:
+        # Get current user's auth_id from request state
+        current_user_auth_id = request.state.user_id
+        current_user = db.query(User).filter(User.auth_id == current_user_auth_id).first()
+
+        if not current_user:
+            raise HTTPException(status_code=401, detail="User not found")
+
+        # Check if user is admin or accessing their own profile
+        is_admin = current_user.role_id == 3  # Admin role_id
+        is_self = str(current_user.id) == str(user_id)
+
+        if not (is_admin or is_self):
+            raise HTTPException(status_code=403, detail="You can only access your own profile")
+
         return await user_service.get_user_by_id(user_id)
     except HTTPException as http_ex:
         raise http_ex
@@ -122,14 +140,34 @@ async def delete_user(
         raise HTTPException(status_code=500, detail=str(e))
 
 
-# soft delete user
+# soft delete user (admin or self)
 @router.post("/{user_id}/deactivate")
 async def deactivate_user(
     user_id: str,
+    request: Request,
+    db: Session = Depends(get_db),
     user_service: UserService = Depends(get_user_service),
-    authorized: bool = has_roles([UserRole.ADMIN]),
 ):
     try:
+        # Get current user's auth_id from request state
+        current_user_auth_id = request.state.user_id
+        current_user = db.query(User).filter(User.auth_id == current_user_auth_id).first()
+
+        if not current_user:
+            raise HTTPException(status_code=401, detail="User not found")
+
+        # Get target user
+        target_user = db.query(User).filter(User.id == user_id).first()
+        if not target_user:
+            raise HTTPException(status_code=404, detail="Target user not found")
+
+        # Check if user is admin or modifying themselves
+        is_admin = current_user.role_id == 3  # Admin role_id
+        is_self = str(current_user.id) == str(user_id)
+
+        if not (is_admin or is_self):
+            raise HTTPException(status_code=403, detail="You can only deactivate your own account")
+
         await user_service.soft_delete_user_by_id(user_id)
         return {"message": "User deactivated successfully"}
     except HTTPException as http_ex:
@@ -138,14 +176,34 @@ async def deactivate_user(
         raise HTTPException(status_code=500, detail=str(e))
 
 
-# reactivate user
+# reactivate user (admin or self)
 @router.post("/{user_id}/reactivate")
 async def reactivate_user(
     user_id: str,
+    request: Request,
+    db: Session = Depends(get_db),
     user_service: UserService = Depends(get_user_service),
-    authorized: bool = has_roles([UserRole.ADMIN]),
 ):
     try:
+        # Get current user's auth_id from request state
+        current_user_auth_id = request.state.user_id
+        current_user = db.query(User).filter(User.auth_id == current_user_auth_id).first()
+
+        if not current_user:
+            raise HTTPException(status_code=401, detail="User not found")
+
+        # Get target user
+        target_user = db.query(User).filter(User.id == user_id).first()
+        if not target_user:
+            raise HTTPException(status_code=404, detail="Target user not found")
+
+        # Check if user is admin or modifying themselves
+        is_admin = current_user.role_id == 3  # Admin role_id
+        is_self = str(current_user.id) == str(user_id)
+
+        if not (is_admin or is_self):
+            raise HTTPException(status_code=403, detail="You can only reactivate your own account")
+
         await user_service.reactivate_user_by_id(user_id)
         return {"message": "User reactivated successfully"}
     except HTTPException as http_ex:
 
@@ -127,6 +127,7 @@ class UserCreateResponse(BaseModel):
     role_id: int
     auth_id: str
     approved: bool
+    active: bool
     form_status: FormStatus
     language: Language
 
 
@@ -5,14 +5,25 @@
 - intake: IntakeFormProcessor (creates UserData, updates form_status)
 - ranking: RankingProcessor (creates RankingPreference records)
 - secondary: VolunteerDataProcessor (creates VolunteerData)
+- role changes: handles become_participant / become_volunteer transitions
 """
 
 import logging
+from typing import Optional
 
+from sqlalchemy import delete, or_
 from sqlalchemy.orm import Session
 
-from app.models import FormSubmission, User
-from app.models.RankingPreference import RankingPreference
+from app.models import (
+    AvailabilityTemplate,
+    FormSubmission,
+    Match,
+    RankingPreference,
+    Role,
+    Task,
+    User,
+    suggested_times,
+)
 from app.models.User import FormStatus
 from app.services.implementations.intake_form_processor import IntakeFormProcessor
 from app.services.implementations.volunteer_data_service import VolunteerDataService
@@ -53,7 +64,6 @@ def process_approved_submission(self, submission: FormSubmission) -> None:
         elif form_type == "secondary":
             self._process_secondary_form(submission, user)
         elif form_type in ("become_participant", "become_volunteer"):
-            # These forms may have different processing logic
             self._process_role_change_form(submission, user, form_type)
         else:
             raise ValueError(f"Unknown form type: {form_type}")
@@ -141,13 +151,101 @@ def _process_role_change_form(self, submission: FormSubmission, user: User, form
         Process role change forms (become_participant, become_volunteer).
         These may require different handling based on business rules.
         """
-        # For now, just log that the form was approved
-        # Actual role changes might need additional business logic
+        if form_type == "become_participant":
+            self._process_become_participant_form(submission, user)
+            return
+
+        if form_type == "become_volunteer":
+            self._process_become_volunteer_form(submission, user)
+            return
+
         self.logger.info(
-            f"Role change form ({form_type}) approved for user {user.id}. " "Additional processing may be needed."
+            "Role change form (%s) approved for user %s. No custom handler defined.",
+            form_type,
+            user.id,
         )
 
-        # Mark user as having a pending role change request if needed
-        if form_type == "become_volunteer":
-            user.pending_volunteer_request = True
-        # Additional logic for become_participant can be added here
+    def _process_become_participant_form(self, submission: FormSubmission, user: User) -> None:
+        """
+        Convert an existing volunteer into a participant by wiping volunteer data,
+        removing historical submissions/matches, and re-processing the submission
+        through the standard intake pipeline.
+        """
+        self.logger.info("Converting volunteer %s into participant via role change form", user.id)
+        self._cleanup_user_state_for_role_change(user, keep_submission_id=submission.id)
+
+        participant_role = self._get_role_by_name("participant")
+        user.role_id = participant_role.id
+        user.role = participant_role
+        user.pending_volunteer_request = False
+
+        # Reuse the standard intake processor to populate UserData
+        intake_processor = IntakeFormProcessor(self.db)
+        intake_processor.process_form_submission(user_id=str(user.id), form_data=submission.answers or {})
+
+        user.form_status = FormStatus.RANKING_TODO
+
+    def _process_become_volunteer_form(self, submission: FormSubmission, user: User) -> None:
+        """
+        Convert an existing participant into a volunteer and mark them ready for the secondary app.
+        """
+        self.logger.info("Converting participant %s into volunteer via role change form", user.id)
+        self._cleanup_user_state_for_role_change(user, keep_submission_id=submission.id)
+
+        volunteer_role = self._get_role_by_name("volunteer")
+        user.role_id = volunteer_role.id
+        user.role = volunteer_role
+        user.pending_volunteer_request = False
+
+        intake_processor = IntakeFormProcessor(self.db)
+        intake_processor.process_form_submission(user_id=str(user.id), form_data=submission.answers or {})
+
+        user.form_status = FormStatus.SECONDARY_APPLICATION_TODO
+
+    def _cleanup_user_state_for_role_change(self, user: User, keep_submission_id) -> None:
+        """Remove volunteer-specific records so the user can restart as a participant."""
+        # Clear ranking preferences
+        self.db.query(RankingPreference).filter(RankingPreference.user_id == user.id).delete(synchronize_session=False)
+
+        # Delete matches and their suggested time associations
+        matches = self.db.query(Match).filter(or_(Match.participant_id == user.id, Match.volunteer_id == user.id)).all()
+        if matches:
+            match_ids = [match.id for match in matches]
+            self.db.execute(delete(suggested_times).where(suggested_times.c.match_id.in_(match_ids)))
+            self.db.flush()
+            for match in matches:
+                self.db.delete(match)
+
+        # Remove tasks referencing the user (participant or assignee)
+        self.db.query(Task).filter(or_(Task.participant_id == user.id, Task.assignee_id == user.id)).delete(
+            synchronize_session=False
+        )
+
+        # Remove availability + volunteer-only data
+        self.db.query(AvailabilityTemplate).filter(AvailabilityTemplate.user_id == user.id).delete(
+            synchronize_session=False
+        )
+        if user.volunteer_data:
+            self.db.delete(user.volunteer_data)
+
+        # Remove any prior intake data so we can rebuild it
+        if user.user_data:
+            user.user_data.treatments.clear()
+            user.user_data.experiences.clear()
+            user.user_data.loved_one_treatments.clear()
+            user.user_data.loved_one_experiences.clear()
+            self.db.delete(user.user_data)
+
+        # Delete all historical form submissions except the current role-change request
+        self.db.query(FormSubmission).filter(
+            FormSubmission.user_id == user.id, FormSubmission.id != keep_submission_id
+        ).delete(synchronize_session=False)
+
+        self.db.flush()
+
+    def _get_role_by_name(self, role_name: str) -> Role:
+        """Lookup helper to avoid hard-coding role IDs."""
+        role: Optional[Role] = self.db.query(Role).filter(Role.name == role_name).first()
+        if not role:
+            raise ValueError(f"Role '{role_name}' not found in database")
+        return role
@@ -1,3 +1,4 @@
+import { IntakeFormType } from '@/constants/form';
 import baseAPIClient from './baseAPIClient';
 
 export type FormSubmissionStatus = 'pending_approval' | 'approved' | 'rejected';
@@ -49,7 +50,7 @@ class IntakeAPIClient {
    */
   async createFormSubmission(submission: {
     formId?: string;
-    formType?: 'participant' | 'volunteer';
+    formType?: IntakeFormType;
     userId?: string;
     answers: Record<string, unknown>;
   }): Promise<FormSubmission> {