Skip to content

Kunzite - Aisha M.#106

Open
aimo22 wants to merge 14 commits intoAda-C19:mainfrom
aimo22:main
Open

Kunzite - Aisha M.#106
aimo22 wants to merge 14 commits intoAda-C19:mainfrom
aimo22:main

Conversation

@aimo22
Copy link

@aimo22 aimo22 commented May 12, 2023

No description provided.

marciaga
marciaga reviewed May 16, 2023
View reviewed changes
Copy link

@marciaga marciaga left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good work! Nice job with the tests as well. I left a few comments for you, one perhaps most importantly, about the Slack API key.

app/__init__.py Outdated
app.config['SQLALCHEMY_DATABASE_URI'] = os.environ.get(
"RENDER_DATABASE_URI")

# if test_config is None:
Copy link

@marciaga marciaga May 16, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd recommend using this logic to switch between testing and non-testing environments. This is why your tests are erroring out in Learn.

app/models/task.py
goal_id = db.Column(db.Integer, db.ForeignKey("goal.id"))

def to_dict_with_goal(self):
if not self.completed_at:
Copy link

@marciaga marciaga May 16, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice 👍🏽

app/models/task.py
is_complete=self.is_complete,
goal_id=self.goal_id
))
def to_dict(self):
Copy link

@marciaga marciaga May 16, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Rather than have two functions that do nearly the same thing, why not adopt the same approach of using conditional logic to set the goal_id?

app/routes/goal_routes.py
@bp.route("", methods=["POST"])
def create_a_goal():
request_body = request.get_json()
if "title" not in request_body or not request_body["title"]:
Copy link

@marciaga marciaga May 16, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thorough!

app/routes/task_routes.py
def get_all_tasks():
sorted_query = request.args.get("sort")
if sorted_query == "asc":
tasks = Task.query.order_by("title")
Copy link

@marciaga marciaga May 16, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Assuming this order_by does ascending by default, without you having to explicitly call order_by(Task.title.asc())? Also, can the .all() be left off of the order_by queries (i.e. does it return what all() returns by default?

app/routes/task_routes.py Outdated
task.is_complete = True

PATH = "https://slack.com/api/chat.postMessage"
Authorization = "Bearer xoxb-5242678399683-5266537240624-SzcfKHmF2xZaq407bmmGcsdL"
Copy link

@marciaga marciaga May 16, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This API key should be in a .env file (which should be in the project's .gitignore and therefore not committed). It's potentially dangerous to commit API keys, in one scenario, a malicious actor could use your API key to make calls as though it were coming from your application, which if a credit card is attached to the API account, could rack up fraudulent charges or exploit any number of other potential vulnerabilities exposed by the key. I'd recommend revoking/deleting this key.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@marciaga marciaga marciaga left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@aimo22 @marciaga