Open bickelj opened 1 month ago
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 88.26%. Comparing base (
0d4fb85
) to head (8fbdf58
). Report is 27 commits behind head on main.
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
What do you think of not adding a new endpoint but rather having that detail become part of the organization object on the existing /organizations
endpoint. I don't think we need (or want) a new type of organization entity.
Similar to how Proposal
has its detailed values provided directly and we don't have both a Proposal
and a ProposalDetail
object type.
What do you think of not adding a new endpoint but rather having that detail become part of the organization object on the existing
/organizations
endpoint. I don't think we need (or want) a new type of organization entity.Similar to how
Proposal
has its detailed values provided directly and we don't have both aProposal
and aProposalDetail
object type.
I think it makes sense to bring the existing endpoint and the details endpoint closer together and perhaps even merge them. There are still reasons to keep the endpoints separate and even if the endpoints merge to keep some types of these objects separate, namely to make the dynamic part of the response optional via parameter.
/organizations
to be open to the public but the gold data not open. Also, different users will get different data based on their permissions. If we want to merge the expectations/requirements about openness then I think the endpoints could be merged. But I'd still probably prefer some type separation such that the one response not depending on authorization is the same for all users.organizations
entity does not change at all. One (gold data) is a relatively dynamic resource and the other (shallow org) a relatively static resource.Reason 1 (authorization) is new with fine-grained permission and I suppose it applies to proposals as well. Reason 2 (utility) applied and applies to proposals as well. Reason 3 (time) I suppose only applies to gold data for organizations.
@slifty See also related discussion in the issue at https://github.com/PhilanthropyDataCommons/service/issues/1087#issuecomment-2263883962 and following.
Feedback just now from @slifty: do the deep integration/merge, down to the query level. When selecting data, include the parameter of authorization to the One True Organizations query.
Odd, I got this locally too when running npm run test:ci
but not when running that test independently, e.g. node 'node_modules/jest/bin/jest.js' 'src/__tests__/organizations.int.test.ts' -c 'jest.config.int.js' -t '/organizations POST / requires authentication'
:
FAIL src/__tests__/organizations.int.test.ts
● /organizations › POST / › requires authentication
expected 401 "Unauthorized", got 400 "Bad Request"
389 | describe('POST /', () => {
390 | it('requires authentication', async () => {
> 391 | await agent.post('/organizations').expect(401);
| ^
392 | });
It seems to happen when running the whole suite but not when running a narrower amount of tests in the suite. Test interaction?
The above test failure happens when my new test is introduced but not when it is not introduced. Commenting out all tests except the existing POST where 401 is expected: test passes. Commenting out all tests except the same existing and my new: POST/401 test fails, line 22 of requireAuthentication.ts
is reached (should be line 11).
Order seems to matter as well. When my new test precedes the existing POST/401 test, the existing test fails. When my new test follows the existing POST/401 test, the existing test passes. So there may be something from my new prod code or test code causing the issue.
I see the bearer token and an auth
property on req
object when it shouldn't be there. Perhaps the same request is being re-used by supertest
. I see we re-use the agent
whereas the supertest
examples usually make a new call to request
or agent
where a new test is needed. Ah, there is a specific example of intentional test interaction whereby a request gets re-used that shows a const agent =
like we have. Search the examples page for "an example with mocha that shows how to persist a request and its cookies" to see it.
So yeah, if we don't want to re-use the same request, I think we need to make a new call to supertest
(agent or request).
The idea is to enhance the existing
/organizations
endpoint with by finding all the values associated with that organization, and return the best values.In order to think best about the ways to do a thing, it helps to try to do it.
Issue #1087