feat: add post request validation

isharghura · isharghura · commit 2dd0d0c1a97c · 2025-09-25T23:07:33.000-04:00
diff --git a/app.py b/app.py
@@ -8,6 +8,8 @@
 
 from models import Education, Experience, Skill
 
+from helper import validate_fields
+
 
 app = Flask(__name__)
 
@@ -65,9 +67,9 @@ def experience():
             "description",
             "logo",
         ]
-        # Validating User Input
-        if not all(field in user_input for field in required_fields):
-            return jsonify({"error": "Missing required fields"}), 400
+        is_valid, missing = validate_fields(user_input, required_fields)
+        if not is_valid:
+            return jsonify({"error": f"Missing required field: {missing}"}), 400
 
         # Create a new Experience instance
         # Using the length of the of the experience list and the index of the new experience
@@ -81,7 +83,6 @@ def experience():
     if request.method == "POST":
         return jsonify({})
 
-
     return jsonify({})
 
 
@@ -99,122 +100,114 @@ def get_single_experience(pk):
     return jsonify({})
 
 
-
 @app.route("/resume/education", methods=["GET", "POST"])
 def education():
     """
     Handles education requests
     """
     if request.method == "GET":
-        return jsonify({})
-
-    if request.method == "POST":
-        return jsonify({})
-
-
-    if request.method == 'GET':
         existing_education_records = data["education"]
-        return jsonify(
-            {
-                "message": "list of education records returned successfully",
-                "data": existing_education_records,
-            }
-        ), 200
-
-
+        return (
+            jsonify(
+                {
+                    "message": "list of education records returned successfully",
+                    "data": existing_education_records,
+                }
+            ),
+            200,
+        )
 
     if request.method == "POST":
-
         body = request.get_json()
-        payload = {
-            "course": body.get("course"),
-            "school": body.get("school"),
-            "start_date": body.get("start_date"),
-            "end_date": body.get("end_date"),
-            "grade": body.get("grade"),
-            "logo": body.get("logo"),
-        }
-
-        for key, value in payload.items():
-            if value is None:
-                message = f"{key} must not be empty"
-                return jsonify(
-                    {
-                        "message": message,
-                    }
-                ), 400
+        required_fields = [
+            "course",
+            "school",
+            "start_date",
+            "end_date",
+            "grade",
+            "logo",
+        ]
+        is_valid, missing = validate_fields(body, required_fields)
+        if not is_valid:
+            return (
+                jsonify({"message": f"{missing} must not be empty"}),
+                400,
+            )
 
         new_record = Education(
-            payload[ "course" ],
-            payload["school"],
-            payload["start_date"],
-            payload["end_date"],
-            payload["grade"],
-            payload["logo"],
+            body["course"],
+            body["school"],
+            body["start_date"],
+            body["end_date"],
+            body["grade"],
+            body["logo"],
         )
 
         existing_education_records = data["education"]
         length_of_exisiting_records = len(existing_education_records)
         existing_education_records.append(new_record)
 
-        return jsonify(
-            {
-                "message": "education added successfully",
-                "data": length_of_exisiting_records,
-            }
-        ),201
+        return (
+            jsonify(
+                {
+                    "message": "education added successfully",
+                    "data": length_of_exisiting_records,
+                }
+            ),
+            201,
+        )
 
-  
     return jsonify({})
 
 
 @app.route("/resume/education/<int:education_id>", methods=["GET"])
 def get_education(education_id):
-    '''
-    Handles retrieving specific education 
-    '''
+    """
+    Handles retrieving specific education
+    """
     existing_education_records = data["education"]
-    if education_id > len(existing_education_records) - 1  :
-        return jsonify(
+    if education_id > len(existing_education_records) - 1:
+        return (
+            jsonify(
+                {
+                    "message": "education does not exist",
+                }
+            ),
+            404,
+        )
+
+    record = existing_education_records[education_id]
+    return (
+        jsonify(
             {
-                "message": "education does not exist",
+                "message": "education record returned successfully",
+                "data": record,
             }
-        ), 404
-
-    record  = existing_education_records[education_id]
-    return jsonify(
-        {
-            "message": "education record returned successfully",
-            "data": record,
-        }
-    ), 200
-
+        ),
+        200,
+    )
 
 
 @app.route("/resume/skill", methods=["POST"])
 def skill():
-        json_data = request.json
-        try:
-            name = json_data["name"]
-            proficiency = json_data["proficiency"]
-            logo = json_data["logo"]
-
-            new_skill = Skill(name, proficiency, logo)
+    json_data = request.get_json()
+    required_fields = ["name", "proficiency", "logo"]
+    is_valid, missing = validate_fields(json_data, required_fields)
+    if not is_valid:
+        return jsonify({"error": f"Missing required field: {missing}"}), 400
 
+    try:
+        new_skill = Skill(
+            json_data["name"], json_data["proficiency"], json_data["logo"]
+        )
+        data["skill"].append(new_skill)
+        return jsonify({"id": len(data["skill"]) - 1}), 201
 
-            data["skill"].append(new_skill)
-
-            return jsonify(
-                {"id": len(data["skill"]) - 1}
-            ), 201
+    except Exception as e:
+        return jsonify({"error": str(e)}), 400
 
-        except KeyError:
-            return jsonify({"error": "Invalid request"}), 400
 
-        except TypeError as e:
-            return jsonify({"error": str(e)}), 400
-        
-@app.route('/resume/skill/<int:skill_id>', methods=['GET'])
+@app.route("/resume/skill/<int:skill_id>", methods=["GET"])
 def get_skill(skill_id):
     try:
         skill = data["skill"][skill_id]
diff --git a/helper.py b/helper.py
@@ -0,0 +1,9 @@
+def validate_fields(json_data, required_fields):
+    """
+    Validates that all required fields are present in the json_data.
+    Returns (True, None) if valid, (False, missing_field) if not.
+    """
+    for field in required_fields:
+        if field not in json_data or json_data[field] is None:
+            return False, field
+    return True, None
diff --git a/test_pytest.py b/test_pytest.py
@@ -34,7 +34,6 @@ def test_experience():
         app.test_client()
         .post("/resume/experience", json=example_experience)
         .json["index"]
-
     )
     response = app.test_client().get("/resume/experience")
     assert response.json[item_id] == example_experience
@@ -72,7 +71,6 @@ def test_skill():
         "name": "JavaScript",
         "proficiency": "2-4 years",
         "logo": "example-logo.png",
-
     }
 
     item_id = app.test_client().post("/resume/skill", json=example_skill).json["id"]
@@ -85,15 +83,60 @@ def test_get_skill_by_id():
     example_skill = {
         "name": "Blowing Bubbles an Fighting Crime",
         "proficiency": "5+ years",
-        "logo": "some-logo.png"
-
+        "logo": "some-logo.png",
     }
 
     item_id = app.test_client().post("/resume/skill", json=example_skill).json["id"]
 
-
-    response = app.test_client().get(f'/resume/skill/{item_id}')
+    response = app.test_client().get(f"/resume/skill/{item_id}")
     data = response.json
 
     assert response.status_code == 200
     assert data == example_skill
+
+
+def test_experience_missing_fields():
+    '''
+    Test POST /resume/experience with missing required fields
+    '''
+    incomplete_experience = {
+        "title": "Software Developer",
+        "start_date": "October 2022",
+        "end_date": "Present",
+        "description": "Writing Python Code"
+        # missing 'company' and 'logo'
+    }
+    response = app.test_client().post('/resume/experience', json=incomplete_experience)
+    assert response.status_code == 400
+    assert "Missing fields" in response.json["error"]
+
+
+def test_education_missing_fields():
+    '''
+    Test POST /resume/education with missing required fields
+    '''
+    incomplete_education = {
+        "degree": "Engineering",
+        "start_date": "October 2022",
+        "end_date": "August 2024",
+        "grade": "86%",
+        "logo": "example-logo.png"
+        # missing 'school'
+    }
+    response = app.test_client().post('/resume/education', json=incomplete_education)
+    assert response.status_code == 400
+    assert "Missing fields" in response.json["error"]
+
+
+def test_skill_missing_fields():
+    '''
+    Test POST /resume/skill with missing required fields
+    '''
+    incomplete_skill = {
+        "name": "JavaScript",
+        "proficiency": "2-4 years"
+        # missing 'logo'
+    }
+    response = app.test_client().post('/resume/skill', json=incomplete_skill)
+    assert response.status_code == 400
+    assert "Missing fields" in response.json["error"]
