Merge branch 'main' into issues/1174_check-whether-user-can-use-profile-api

mwtrew · web-flow · commit 80ab47e69cfa · 2026-02-26T15:28:30.000Z
diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md
diff --git a/AGENTS.md b/AGENTS.md
@@ -0,0 +1,45 @@
+# Project Overview
+- Rails 7.1 monolith for the Raspberry Pi Code Editor API (REST + GraphQL), served at `editor-api.raspberrypi.org`.
+- Primary runtime via Docker; API listens on port 3009.
+
+## Architecture
+- **REST** under `app/controllers/api/**` with Jbuilder views in `app/views/api/**`; **GraphQL** at `/graphql` (schema in `app/graphql/**`).
+- **Auth**: Browser/session via OmniAuth (OIDC to Hydra); API token via `Authorization: Bearer` with `Identifiable#identify_user` → `User.from_token` → `HydraPublicApiClient`.
+- **Authorization**: cancancan in `app/models/ability.rb`. Use `load_and_authorize_resource` in controllers; GraphQL uses `Types::ProjectType.authorized?` and `current_ability` in context.
+- **Domain**: `Project` (+ `Component`) with Active Storage attachments. Domain operations in `lib/concepts/**` (e.g. `Project::Create`, `Project::CreateRemix`). Prefer calling these from controllers/mutations.
+- **Jobs**: GoodJob (`bundle exec good_job start --max-threads=8`). Admin UI at `/admin/good_job`.
+- **Integrations**: Profile API (`lib/profile_api_client.rb`), UserInfo API, GitHub GraphQL (`lib/github_api.rb`), GitHub webhooks via `GithubWebhooksController`.
+- **Storage/CORS**: Active Storage uses S3 in non-dev. CORS via `config/initializers/cors.rb` and `lib/origin_parser.rb`. `CorpMiddleware` sets CORP for Active Storage routes.
+
+## Key Conventions
+- GraphQL context: `current_user`, `current_ability`, `remix_origin`. Object IDs use GlobalID. Locale fallback via `ProjectLoader`: `[requested, 'en', nil]`.
+- REST pagination returns HTTP `Link` header (see `Api::ProjectsController#pagination_link_header`).
+- Project rules: identifiers unique per locale; default component name/extension immutable on update; students cannot update `instructions` on school projects; creating a project in a school auto-builds `SchoolProject`.
+- Remix: `Project::CreateRemix` clones media/components, sets `remix_origin`, clears `lesson_id`.
+- Errors: domain ops return `OperationResponse` with `:error`; controllers return 4xx heads; GraphQL raises `GraphQL::ExecutionError`. Exceptions reported to Sentry.
+- snake_case for variable numbers (exceptions: `sha256`, `X-Hub-Signature-256`).
+
+## Quickstart
+```bash
+cp .env.example .env
+docker compose build
+docker compose run --rm api rails db:setup
+docker compose up
+```
+
+## Development
+- Use `docker compose` for all commands; project mounts into `editor-api:builder` with tmpfs for `tmp/`.
+
+## Testing
+- Full suite: `docker compose run --rm api rspec`
+- Single spec: `docker compose run --rm api rspec spec/path/to/spec.rb`
+- Lint: `docker compose run --rm api bundle exec rubocop`
+- CI: CircleCI with Ruby 3.2, Postgres 12, Redis.
+
+## Where to Look First
+- Routes: `config/routes.rb`. Auth: `config/initializers/omniauth.rb`, `app/helpers/authentication_helper.rb`, `app/controllers/concerns/identifiable.rb`.
+- Permissions: `app/models/ability.rb`. Domain ops: `lib/concepts/**`. Models: `app/models/**`. GraphQL: `app/graphql/**`.
+
+## Security
+- Never commit secrets (`.env`, `config/master.key`, API tokens, webhook secrets).
+- `.env.example` contains placeholder values only.
diff --git a/lib/tasks/seeds_helper.rb b/lib/tasks/seeds_helper.rb
@@ -6,7 +6,8 @@ module SeedsHelper
     john_doe: 'bbb9b8fd-f357-4238-983d-6f87b99bdbb2', # john.doe@example.com
     jane_smith: 'e52de409-9210-4e94-b08c-dd11439e07d9', # student
     john_smith: '0d488bec-b10d-46d3-b6f3-4cddf5d90c71', # student
-    emily_ssouser: '88e0aed6-8f20-4e40-98f9-610a0ab1cfcc' # sso student
+    emily_ssouser: '88e0aed6-8f20-4e40-98f9-610a0ab1cfcc', # sso student
+    jim_dun: '019a649f-87f3-483b-8eea-39a05c324264' # user with no school
   }.freeze
 
   # Match the school in profile...
diff --git a/lib/tasks/test_seeds.rake b/lib/tasks/test_seeds.rake
@@ -12,26 +12,31 @@ namespace :test_seeds do
       Rails.logger.info 'Destroying existing seeds...'
       creator_id = ENV.fetch('SEEDING_CREATOR_ID', TEST_USERS[:jane_doe])
       teacher_id = ENV.fetch('SEEDING_TEACHER_ID', TEST_USERS[:john_doe])
+      teacher_signup_id = TEST_USERS[:jim_dun]
 
       # Hard coded as the student's school needs to match
       student_ids = [TEST_USERS[:jane_smith], TEST_USERS[:john_smith], TEST_USERS[:emily_ssouser]]
       school_id = TEST_SCHOOL
+      teacher_signup_school_id =
+        School.find_by(creator_id: teacher_signup_id)&.id
 
       # Remove the roles first
+      Role.where(user_id: teacher_signup_id).destroy_all
       Role.where(user_id: [creator_id, teacher_id] + student_ids).destroy_all
 
       # Destroy the project and then the lesson itself (The lesson's `before_destroy` prevents us using destroy)
       lesson_ids = Lesson.where(school_id:).pluck(:id)
-      Project.where(lesson_id: [lesson_ids]).destroy_all
-      Lesson.where(id: [lesson_ids]).delete_all
+      Project.where(lesson_id: lesson_ids).destroy_all
+      Lesson.where(id: lesson_ids).delete_all
 
       # Destroy the class members and then the class itself
-      school_class_ids = SchoolClass.where(school_id:).pluck(:id)
-      ClassStudent.where(school_class_id: [school_class_ids]).destroy_all
-      SchoolClass.where(id: [school_class_ids]).destroy_all
+      school_class_ids = SchoolClass.where(school_id: [school_id, teacher_signup_school_id].compact).pluck(:id)
+      ClassStudent.where(school_class_id: school_class_ids).destroy_all
+      SchoolClass.where(id: school_class_ids).destroy_all
 
-      # Destroy the school
-      School.find(school_id).destroy
+      # Destroy the schools
+      school_ids = [school_id, teacher_signup_school_id].compact
+      School.where(id: school_ids).destroy_all
 
       Rails.logger.info 'Done...'
     rescue StandardError => e
