added unit tests, migration and split admin/user/participant get

Author: ebwu95

backend/app/interfaces/user_service.py

@@ -137,3 +137,14 @@ def delete_user_by_email(self, email):
         :raises Exception: if user deletion fails
         """
         pass
+
+    @abstractmethod
+    def get_admins(self):
+        """
+        Get all admin users
+
+        :return: list of UserDTOs for admin users
+        :rtype: [UserDTO]
+        :raises Exception: if user retrieval fails
+        """
+        pass

backend/app/routes/auth.py

@@ -2,7 +2,7 @@
 from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
 
 from ..schemas.auth import AuthResponse, LoginRequest, RefreshRequest, Token
-from ..schemas.user import UserRole, UserCreateRequest, UserCreateResponse
+from ..schemas.user import UserCreateRequest, UserCreateResponse, UserRole
 from ..services.implementations.auth_service import AuthService
 from ..services.implementations.user_service import UserService
 from ..utilities.service_utils import get_auth_service, get_user_service

backend/app/routes/user.py

@@ -1,4 +1,6 @@
-from fastapi import APIRouter, Depends, HTTPException
+from typing import Optional
+
+from fastapi import APIRouter, Depends, HTTPException, Query
 
 from app.middleware.auth import has_roles
 from app.schemas.user import (
@@ -40,11 +42,17 @@ async def create_user(
 # admin only get all users
 @router.get("/", response_model=UserListResponse)
 async def get_users(
+    admin: Optional[bool] = Query(
+        False, description="If true, returns admin users only"
+    ),
     user_service: UserService = Depends(get_user_service),
     authorized: bool = has_roles([UserRole.ADMIN]),
 ):
     try:
-        users = user_service.get_users()
+        if admin:
+            users = await user_service.get_admins()
+        else:
+            users = await user_service.get_users()
         return UserListResponse(users=users, total=len(users))
     except HTTPException as http_ex:
         raise http_ex
@@ -60,7 +68,7 @@ async def get_user(
     authorized: bool = has_roles([UserRole.ADMIN]),
 ):
     try:
-        return user_service.get_user_by_id(user_id)
+        return await user_service.get_user_by_id(user_id)
     except HTTPException as http_ex:
         raise http_ex
     except Exception as e:
@@ -76,7 +84,7 @@ async def update_user(
     authorized: bool = has_roles([UserRole.ADMIN]),
 ):
     try:
-        return user_service.update_user_by_id(user_id, user_update)
+        return await user_service.update_user_by_id(user_id, user_update)
     except HTTPException as http_ex:
         raise http_ex
     except Exception as e:
@@ -91,7 +99,7 @@ async def delete_user(
     authorized: bool = has_roles([UserRole.ADMIN]),
 ):
     try:
-        user_service.delete_user_by_id(user_id)
+        await user_service.delete_user_by_id(user_id)
         return {"message": "User deleted successfully"}
     except HTTPException as http_ex:
         raise http_ex

backend/app/services/implementations/user_service.py

@@ -82,7 +82,7 @@ async def create_user(self, user: UserCreateRequest) -> UserCreateResponse:
 
             raise HTTPException(status_code=500, detail=str(e))
 
-    def delete_user_by_email(self, email: str):
+    async def delete_user_by_email(self, email: str):
         try:
             db_user = self.db.query(User).filter(User.email == email).first()
             if not db_user:
@@ -98,7 +98,7 @@ def delete_user_by_email(self, email: str):
             self.logger.error(f"Error deleting user with email {email}: {str(e)}")
             raise HTTPException(status_code=500, detail=str(e))
 
-    def delete_user_by_id(self, user_id: str):
+    async def delete_user_by_id(self, user_id: str):
         try:
             db_user = self.db.query(User).filter(User.id == UUID(user_id)).first()
             if not db_user:
@@ -116,7 +116,7 @@ def delete_user_by_id(self, user_id: str):
             self.logger.error(f"Error deleting user {user_id}: {str(e)}")
             raise HTTPException(status_code=500, detail=str(e))
 
-    def get_user_id_by_auth_id(self, auth_id: str) -> str:
+    async def get_user_id_by_auth_id(self, auth_id: str) -> str:
         """Get user ID for a user by their Firebase auth_id"""
         user = self.db.query(User).filter(User.auth_id == auth_id).first()
         if not user:
@@ -129,7 +129,7 @@ def get_user_by_email(self, email: str):
             raise ValueError(f"User with email {email} not found")
         return user
 
-    def get_user_by_id(self, user_id: str) -> UserResponse:
+    async def get_user_by_id(self, user_id: str) -> UserResponse:
         try:
             user = (
                 self.db.query(User).join(Role).filter(User.id == UUID(user_id)).first()
@@ -159,15 +159,27 @@ def get_user_role_by_auth_id(self, auth_id: str) -> str:
             raise ValueError(f"User with auth_id {auth_id} not found")
         return user.role.name
 
-    def get_users(self) -> List[UserResponse]:
+    async def get_users(self) -> List[UserResponse]:
         try:
-            users = self.db.query(User).join(Role).all()
+            # Filter users to only include participants and volunteers (role_id 1 and 2)
+            users = (
+                self.db.query(User).join(Role).filter(User.role_id.in_([1, 2])).all()
+            )
+            return [UserResponse.model_validate(user) for user in users]
+        except Exception as e:
+            self.logger.error(f"Error getting users: {str(e)}")
+            raise HTTPException(status_code=500, detail=str(e))
+
+    async def get_admins(self) -> List[UserResponse]:
+        try:
+            # Get only admin users (role_id 3)
+            users = self.db.query(User).join(Role).filter(User.role_id == 3).all()
             return [UserResponse.model_validate(user) for user in users]
         except Exception as e:
-            self.logger.error(f"Error retrieving users: {str(e)}")
+            self.logger.error(f"Error retrieving admin users: {str(e)}")
             raise HTTPException(status_code=500, detail=str(e))
 
-    def update_user_by_id(
+    async def update_user_by_id(
         self, user_id: str, user_update: UserUpdateRequest
     ) -> UserResponse:
         try:

backend/migrations/versions/8bfb115acac1_add_approved_to_users.py

@@ -0,0 +1,30 @@
+"""add approved to users
+
+Revision ID: 8bfb115acac1
+Revises: c9bc2b4d1036
+Create Date: 2025-06-04 16:50:38.609239
+
+"""
+
+from typing import Sequence, Union
+
+import sqlalchemy as sa
+from alembic import op
+
+# revision identifiers, used by Alembic.
+revision: str = "8bfb115acac1"
+down_revision: Union[str, None] = "c9bc2b4d1036"
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.add_column("users", sa.Column("approved", sa.Boolean(), nullable=True))
+    # ### end Alembic commands ###
+
+
+def downgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_column("users", "approved")
+    # ### end Alembic commands ###