Event Manager Company: Software QA Analyst/Developer Onboarding Assignment

Welcome to the Event Manager Company! As a newly hired Software QA Analyst/Developer and a student in software engineering, you are embarking on an exciting journey to contribute to our project aimed at developing a secure, robust REST API that supports JWT (JSON Web Token ) token-based OAuth2 authentication. This API serves as the backbone of our user management system and will eventually expand to include features for event management and registration.

Instructor Videos

• Introduction to REST API with Postgres - This video provides an overview of the REST API you'll be working with, including its structure, endpoints, and interaction with the PostgreSQL database.
• Assignment Instructions - Detailed instructions on your tasks, guiding you through the assignment step by step.

Commands

1. Start and build a multi-container application:

docker compose up --build

2. Goto http://localhost/docs to view openapi spec documentation

Click "authorize" input username: admin@example.com password: secret

3. Goto http://localhost:5050 to connect and manage the database.

The following information must match the ones in the docker-compose.yml file.

Login:

• Email address / Username: admin@example.com
• Password: adminpassword

When add new server:

• Host name/address: postgres
• Port: 5432
• Maintenance database: myappdb
• Username: user
• Password: password

Optional Commands

Run pytest inside the containers:

Run all tests:

docker compose exec fastapi pytest

Run a single test:

docker compose exec fastapi pytest tests/test_services/test_user_service.py::test_list_users

Creating database migration:

docker compose exec fastapi alembic revision --autogenerate -m 'added admin'

Apply database migrations:

docker compose exec fastapi alembic upgrade head

Assignment Objectives

1. Familiarize with REST API functionality and structure: Gain hands-on experience working with a REST API, understanding its endpoints, request/response formats, and authentication mechanisms.

2. Implement and refine documentation: Critically analyze and improve existing documentation based on issues identified in the instructor videos. Ensure that the documentation is up-to-date and accurately reflects the current state of the software.

3. Engage in manual and automated testing: Develop comprehensive test cases and leverage automated testing tools like pytest to push the project's test coverage towards 90%. Gain experience with different types of testing, such as unit testing, integration testing, and end-to-end testing.

4. Explore and debug issues: Dive deep into the codebase to investigate and resolve issues related to user profile updates and OAuth token generation. Utilize debugging tools, interpret error messages, and trace the flow of execution to identify the root cause of problems.

5. Collaborate effectively: Experience the power of collaboration using Git for version control and GitHub for code reviews and issue tracking. Work with issues, branches, create pull requests, and merge code while following best practices.

Setup and Preliminary Steps

1. Fork the Project Repository: Fork the project repository to your own GitHub account. This creates a copy of the repository under your account, allowing you to work on the project independently.

2. Clone the Forked Repository: Clone the forked repository to your local machine using the git clone command. This creates a local copy of the repository on your computer, enabling you to make changes and run the project locally.

3. Verify the Project Setup: Follow the steps in the instructor video to set up the project using Docker. Docker allows you to package the application with all its dependencies into a standardized unit called a container. Verify that you can access the API documentation at http://localhost/docs and the database using PGAdmin at http://localhost:5050.

Testing and Database Management

1. Explore the API: Use http://localhost/docs to familiarize yourself with the API endpoints, request/response formats, and authentication mechanisms. It provides an interactive interface to explore and test the API endpoints.

2. Run Tests: Execute the provided test suite using pytest, a popular testing framework for Python. Running tests ensures that the existing functionality of the API is working as expected. Note that running tests will drop the database tables, so you may need to manually drop the Alembic version table using PGAdmin and re-run migrations to ensure a clean state.

3. Increase Test Coverage: To enhance the reliability of the API, aim to increase the project's test coverage to 90%. Write additional tests for various scenarios and edge cases to ensure that the API handles different situations correctly.

Collaborative Development Using Git

1. Enable Issue Tracking: Enable GitHub issues in your repository settings. GitHub Issues is a powerful tool for tracking bugs, enhancements, and other tasks related to the project. It allows you to create, assign, and prioritize issues, facilitating effective collaboration among team members.

2. Create Branches: For each issue or task you work on, create a new branch with a descriptive name using the git checkout -b command. Branching allows you to work on different features or fixes independently without affecting the main codebase. It enables parallel development and helps maintain a stable main branch.

3. Pull Requests and Code Reviews: When you have completed work on an issue, create a pull request to merge your changes into the main branch. Pull requests provide an opportunity for code review, where your team members can examine your changes, provide feedback, and suggest improvements. Code reviews help maintain code quality, catch potential issues, and promote knowledge sharing among the team.

Specific Issues to Address

In this assignment, you will identify, document, and resolve five specific issues related to:

1. Username validation: Investigate and resolve any issues related to username validation. This may involve handling special characters, enforcing length constraints, or ensuring uniqueness. Proper username validation is essential to maintain data integrity and prevent potential security vulnerabilities.

2. Password validation: Ensure that password validation follows security best practices, such as enforcing minimum length, requiring complexity (e.g., a mix of uppercase, lowercase, numbers, and special characters), and properly hashing passwords before storing them in the database. Robust password validation protects user accounts and mitigates the risk of unauthorized access.

3. Profile field edge cases: Test and handle various scenarios related to updating profile fields. This may include updating the bio and profile picture URL simultaneously or individually. Consider different combinations of fields being updated and ensure that the API handles these cases gracefully. Edge case testing helps uncover potential issues and ensures a smooth user experience.

Additionally, you will resolve a sixth issue demonstrated in the instructor video. These issues will test various combinations and scenarios to simulate real-world usage and potential edge cases. By addressing these specific issues, you will gain experience in identifying and resolving common challenges in API development.

Submission Requirements

To complete this assignment, submit the following:

1. GitHub Repository Link: Ensure that your repository is well-organized and includes:

• Five closed issues, each with accompanying test code and necessary application code modifications.
• Each issue should be well-documented, explaining the problem, the steps taken to resolve it, and the outcome. Proper documentation helps others understand your work and facilitates future maintenance.
• All issues should be merged into the main branch, following the Git workflow and best practices.

2. Updated README: Replace the existing README with:

• Links to the closed issues, providing easy access to your work.
• Link to project image deployed to Dockerhub.
• A 2-3 paragraph reflection on what you learned from this assignment, focusing on both technical skills and collaborative processes. Reflect on the challenges you faced, the solutions you implemented, and the insights you gained. This reflection helps solidify your learning and provides valuable feedback for improving the assignment in the future.

Grading Rubric

Criteria	Points
Resolved 5 issues related to username validation, password validation, and profile field edge cases	30
Resolved the issue demonstrated in the instructor video	20
Increased test coverage to 90% by writing comprehensive test cases	20
Followed collaborative development practices using Git and GitHub (branching, pull requests, code reviews)	15
Submitted a well-organized GitHub repository with clear documentation, links to closed issues, and a reflective summary	15
Total	100

Resources and Documentation

• Important Links:

• Git Command Reference I created and some explanation for collaboration with git

• Docker Commands and Running The Tests in the Application

• Look at the code comments:

  • Test Configuration and Fixtures
  • API User Routes
  • API Oauth Routes - Connection to HTTP
  • User Service - Business Logic - This implements whats called the service repository pattern
  • User Schema - Pydantic models
  • User Model - SQl Alchemy Model
  • Alembic Migration - this is what runs to create the tables when you do alembic upgrade head
  • See the tests folder for all the tests

• API Documentation: http://localhost/docs - Provides information on endpoints, request/response formats, and authentication.

• Database Management: http://localhost:5050 - The PGAdmin interface for managing the PostgreSQL database, allowing you to view and manipulate the database tables.

• Email service: https://mailtrap.io/ - Email Delivery Platform that delivers just in time. Great for dev, and marketing teams. After registered, put the credentials in .env file.

• Code Documentation: The project codebase includes docstrings and comments explaining various concepts and functionalities. Take the time to read through the code and understand how different components work together. Pay attention to the structure of the code, the naming conventions used, and the purpose of each function or class. Understanding the existing codebase will help you write code that is consistent and integrates well with the project.

• Additional Resources:

• SQLAlchemy Library - SQLAlchemy is a powerful SQL toolkit and Object-Relational Mapping (ORM) library for Python. It provides a set of tools for interacting with databases, including query building, database schema management, and data serialization. Familiarize yourself with SQLAlchemy's documentation to understand how it is used in the project for database operations.

• Pydantic Documentation - Pydantic is a data validation and settings management library for Python. It allows you to define data models with type annotations and provides automatic validation, serialization, and deserialization. Consult the Pydantic documentation to understand how it is used in the project for request/response validation and serialization.

• FastAPI Framework - FastAPI is a modern, fast (high-performance) Python web framework for building APIs. It leverages Python's type hints and provides automatic API documentation, request/response validation, and easy integration with other libraries. Explore the FastAPI documentation to gain a deeper understanding of its features and how it is used in the project.

• Alembic Documentation - Alembic is a lightweight database migration tool for usage with SQLAlchemy. It allows you to define and manage database schema changes over time, ensuring that the database structure remains consistent across different environments. Refer to the Alembic documentation to learn how to create and apply database migrations in the project.

These resources will provide you with a solid foundation to understand the tools, technologies, and concepts used in the project. Don't hesitate to explore them further and consult the documentation whenever you encounter challenges or need clarification.