diff --git a/app/chats/schemas.py b/app/chats/schemas.py index cc3f47f..e18d12b 100644 --- a/app/chats/schemas.py +++ b/app/chats/schemas.py @@ -46,6 +46,9 @@ class ChatMemberRead(BaseModel): id: int user_id: int + username: str | None = None + name: str | None = None + avatar_url: str | None = None role: ChatMemberRole joined_at: datetime diff --git a/app/chats/service.py b/app/chats/service.py index 8302828..3733a86 100644 --- a/app/chats/service.py +++ b/app/chats/service.py @@ -276,7 +276,21 @@ async def get_chat_for_user(db: AsyncSession, *, chat_id: int, user_id: int) -> raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="You are not a member of this chat") members = await repository.list_chat_members(db, chat_id=chat_id) - return chat, members + enriched_members: list[ChatMemberRead] = [] + for member in members: + user = await get_user_by_id(db, member.user_id) + enriched_members.append( + ChatMemberRead( + id=member.id, + user_id=member.user_id, + username=user.username if user else None, + name=user.name if user else None, + avatar_url=user.avatar_url if user else None, + role=member.role, + joined_at=member.joined_at, + ) + ) + return chat, enriched_members async def ensure_chat_membership(db: AsyncSession, *, chat_id: int, user_id: int) -> None: diff --git a/docs/api-reference.md b/docs/api-reference.md index e5177d0..78c0c7b 100644 --- a/docs/api-reference.md +++ b/docs/api-reference.md @@ -771,7 +771,7 @@ Response: `200` + `ChatRead` ### GET `/api/v1/chats/{chat_id}/members` Auth required. -Response: `200` + `ChatMemberRead[]` +Response: `200` + `ChatMemberRead[]` (includes `username`, `name`, `avatar_url` for each member) ### POST `/api/v1/chats/{chat_id}/members` diff --git a/docs/core-checklist-status.md b/docs/core-checklist-status.md index 11795fe..1641e07 100644 --- a/docs/core-checklist-status.md +++ b/docs/core-checklist-status.md @@ -29,7 +29,7 @@ Legend: 20. GIF - `PARTIAL` (web GIF picker with Tenor search + preset fallback + favorites) 21. Message History/Search - `DONE` (history/pagination/chat+global search) 22. Text Formatting - `PARTIAL` (bold/italic/underline/spoiler/mono/links + strikethrough + quote/code block; toolbar still evolving) -23. Groups - `PARTIAL` (create/add/remove/invite link; join-by-invite and invite permissions covered by integration tests; advanced moderation partial) +23. Groups - `PARTIAL` (create/add/remove/invite link; join-by-invite and invite permissions covered by integration tests; members API now returns profile fields (`username/name/avatar_url`) for richer moderation UI; advanced moderation still partial) 24. Roles - `DONE` (owner/admin/member) 25. Admin Rights - `PARTIAL` (delete/pin/edit info + explicit ban APIs for groups/channels including ban list endpoint; integration tests cover channel member read-only, channel admin full-delete, channel message delete-for-all permissions, group profile edit permissions, owner-only role management rules, and admin-visible/member-forbidden ban-list access; remaining UX moderation tools limited) 26. Channels - `PARTIAL` (create/post/edit/delete/subscribe/unsubscribe; UX edge-cases still polishing) diff --git a/tests/test_chat_message_flow.py b/tests/test_chat_message_flow.py index 0771fc1..bb39dbd 100644 --- a/tests/test_chat_message_flow.py +++ b/tests/test_chat_message_flow.py @@ -774,6 +774,34 @@ async def test_group_admin_can_edit_chat_profile(client, db_session): assert body["description"] == "Updated by admin" +async def test_chat_members_endpoint_returns_user_profile_fields(client, db_session): + owner = await _create_verified_user(client, db_session, "members_owner@example.com", "members_owner", "strongpass123") + member = await _create_verified_user(client, db_session, "members_user@example.com", "members_user", "strongpass123") + + me_member = await client.get("/api/v1/auth/me", headers={"Authorization": f"Bearer {member['access_token']}"}) + member_id = me_member.json()["id"] + + create_group = await client.post( + "/api/v1/chats", + headers={"Authorization": f"Bearer {owner['access_token']}"}, + json={"type": ChatType.GROUP.value, "title": "Members profile group", "member_ids": [member_id]}, + ) + assert create_group.status_code == 200 + chat_id = create_group.json()["id"] + + members_response = await client.get( + f"/api/v1/chats/{chat_id}/members", + headers={"Authorization": f"Bearer {owner['access_token']}"}, + ) + assert members_response.status_code == 200 + rows = members_response.json() + member_row = next((item for item in rows if item["user_id"] == member_id), None) + assert member_row is not None + assert member_row["username"] == "members_user" + assert "name" in member_row + assert "avatar_url" in member_row + + async def test_group_admin_cannot_change_member_roles(client, db_session): owner = await _create_verified_user(client, db_session, "roles_owner@example.com", "roles_owner", "strongpass123") admin_user = await _create_verified_user(client, db_session, "roles_admin@example.com", "roles_admin", "strongpass123")