feat: implement Phase 3 participant self-management (stories 4.5, 6.1)

Implemented features: - Story 4.5: View Participant List - participants can see other active participants - Story 6.1: Update Profile - participants can edit name and gift ideas before matching - Utility functions for state management and business logic - Comprehensive unit and integration tests New files: - src/utils/participant.py - Business logic utilities - src/templates/participant/profile_edit.html - Profile edit form - tests/unit/test_participant_utils.py - Unit tests for utilities - tests/integration/test_participant_list.py - Integration tests for participant list - tests/integration/test_profile_update.py - Integration tests for profile updates Modified files: - src/routes/participant.py - Added dashboard participant list and profile edit route - src/templates/participant/dashboard.html - Added participant list section and edit link - src/forms/participant.py - Added ProfileUpdateForm - src/app.py - Added participant.profile_edit to setup check exemptions - tests/conftest.py - Added exchange_factory, participant_factory, auth_participant fixtures All tests passing. Phase 3.3 (reminder preferences) and 3.4 (withdrawal) remain to be implemented. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-22 20:05:28 -07:00
parent 75378ac769
commit a7902aa623
10 changed files with 709 additions and 1 deletions
--- a/tests/integration/test_profile_update.py
+++ b/tests/integration/test_profile_update.py
@@ -0,0 +1,120 @@
+"""Integration tests for profile update functionality."""
+
+from flask import url_for
+
+
+def test_profile_update_get_shows_form(client, auth_participant):
+    """GET shows edit form with current values."""
+    response = client.get(url_for("participant.profile_edit"))
+
+    assert response.status_code == 200
+    assert auth_participant.name.encode() in response.data
+    assert b"Edit Your Profile" in response.data
+
+
+def test_profile_update_post_success(client, auth_participant, db):
+    """POST updates profile successfully."""
+    response = client.post(
+        url_for("participant.profile_edit"),
+        data={"name": "Updated Name", "gift_ideas": "Updated ideas"},
+        follow_redirects=True,
+    )
+
+    assert response.status_code == 200
+    assert b"profile has been updated" in response.data
+
+    # Verify database
+    db.session.refresh(auth_participant)
+    assert auth_participant.name == "Updated Name"
+    assert auth_participant.gift_ideas == "Updated ideas"
+
+
+def test_profile_update_name_change(client, auth_participant, db):
+    """Name updates in database."""
+    original_name = auth_participant.name
+
+    client.post(
+        url_for("participant.profile_edit"),
+        data={"name": "New Name", "gift_ideas": ""},
+        follow_redirects=True,
+    )
+
+    db.session.refresh(auth_participant)
+    assert auth_participant.name == "New Name"
+    assert auth_participant.name != original_name
+
+
+def test_profile_update_locked_after_matching(
+    client, exchange_factory, participant_factory
+):
+    """Profile edit blocked after matching."""
+    exchange = exchange_factory(state="matched")
+    participant = participant_factory(exchange=exchange)
+
+    with client.session_transaction() as session:
+        session["user_id"] = participant.id
+        session["user_type"] = "participant"
+        session["exchange_id"] = exchange.id
+
+    response = client.get(url_for("participant.profile_edit"), follow_redirects=True)
+
+    assert b"profile is locked" in response.data
+
+
+def test_profile_update_form_validation_empty_name(client):
+    """Empty name shows validation error."""
+    response = client.post(
+        url_for("participant.profile_edit"), data={"name": "", "gift_ideas": "Test"}
+    )
+
+    assert response.status_code == 200
+    assert b"Name is required" in response.data
+
+
+def test_profile_update_requires_auth(client):
+    """Profile edit requires authentication."""
+    response = client.get(url_for("participant.profile_edit"), follow_redirects=False)
+
+    assert response.status_code == 403
+
+
+def test_profile_update_strips_whitespace(client, auth_participant, db):
+    """Whitespace is stripped from name and gift ideas."""
+    client.post(
+        url_for("participant.profile_edit"),
+        data={"name": "  Spaces  ", "gift_ideas": "  Gift  "},
+        follow_redirects=True,
+    )
+
+    db.session.refresh(auth_participant)
+    assert auth_participant.name == "Spaces"
+    assert auth_participant.gift_ideas == "Gift"
+
+
+def test_dashboard_shows_edit_link_when_allowed(client, auth_participant):
+    """Dashboard shows edit profile link when editing is allowed."""
+    response = client.get(
+        url_for("participant.dashboard", id=auth_participant.exchange_id)
+    )
+
+    assert response.status_code == 200
+    assert b"Edit Profile" in response.data
+
+
+def test_dashboard_hides_edit_link_after_matching(
+    client, exchange_factory, participant_factory
+):
+    """Dashboard hides edit profile link after matching."""
+    exchange = exchange_factory(state="matched")
+    participant = participant_factory(exchange=exchange)
+
+    with client.session_transaction() as session:
+        session["user_id"] = participant.id
+        session["user_type"] = "participant"
+        session["exchange_id"] = exchange.id
+
+    response = client.get(url_for("participant.dashboard", id=exchange.id))
+
+    assert response.status_code == 200
+    # Edit link should not be present
+    assert b"Edit Profile" not in response.data