LabConnect-RCOS · aniket132123 · Dec 11, 2025 · Sep 28, 2025 · Oct 3, 2025 · Oct 10, 2025
diff --git a/labconnect/main/auth_routes.py b/labconnect/main/auth_routes.py
@@ -23,6 +23,7 @@
     UserCourses,
     UserDepartments,
     UserMajors,
+    LabManager
 )
 
 from . import main_blueprint
@@ -194,6 +195,34 @@
     db.session.commit()
     return make_response({"msg": "New user added"})
 
+# promotes User to a Lab Manager
+# requires a super admin to promote
+@main_blueprint.patch("/users/<string:email>/permissions")
+@jwt_required()
+def promoteUser(email: str) -> Response:
+    json_data = request.json
+    if not json_data or not json_data.get("promote"):
+        abort(400)
+
+    # if user accessing doesn't have the right perms then they can't assign perms
+    promoter_id = get_jwt_identity()
+    promoter_perms = db.session.query(ManagementPermissions).filter_by(user_id=promoter_id).first()
+    if not promoter_perms or not promoter_perms.super_admin:
+        return make_response({"msg": "Missing permissions"}, 401)
+
+    # look for the user that will be promoted
+    manager = db.session.query(User).filter_by(email=email).first()
+    if not manager:
+        return make_response({"msg": "No user matches RCS ID"}, 500)
+
+    management_permissions = db.session.query(ManagementPermissions).filter_by(user_id=manager.id).first()
+    management_permissions.admin = True
+
+    db.session.commit()
+
+    return make_response({"msg": "User promoted to Lab Manager"}, 200)
+
+
 
 @main_blueprint.get("/metadata/")
 def metadataRoute() -> Response:

diff --git a/labconnect/main/routes.py b/labconnect/main/routes.py
@@ -27,13 +27,16 @@ def index() -> dict[str, str]:
 @main_blueprint.get("/departments")
 def departmentCards():
     data = db.session.execute(
-        db.select(RPIDepartments.name, RPIDepartments.school_id, RPIDepartments.id)
+        db.select(RPIDepartments.name, RPIDepartments.school_id, RPIDepartments.id, 
+                  RPIDepartments.description, RPIDepartments.website)
     ).all()
     results = [
         {
-            "title": department.name,
-            "department_id": department.id,
-            "school": department.school_id,
+            "name": department.name,
+            "description": department.description,
+            "id": department.id,
+            "school_id": department.school_id,
+            "website": department.website,
             "image": "https://cdn-icons-png.flaticon.com/512/5310/5310672.png",
         }
         for department in data

diff --git a/labconnect/serializers.py b/labconnect/serializers.py
@@ -3,7 +3,8 @@
 
 
 def serialize_course(course: Courses) -> str:
-    return f"{course.code} {course.name}"
+    course = {'code': course.code, 'name': course.name}
+    return course
 
 
 def serialize_opportunity(

diff --git a/tests/conftest.py b/tests/conftest.py
@@ -17,7 +17,7 @@
 def test_client():
     # Set the Testing configuration prior to creating the Flask application
     flask_app = create_app()
-    flask_app.config.update({"TESTING": True, "DEBUG": True})
+    flask_app.config.update({"TESTING": True, "DEBUG": True, "JWT_COOKIE_CSRF_PROTECT": False})
 
     # Create a test client using the Flask application configured for testing
     with flask_app.test_client() as testing_client:

diff --git a/tests/test_authentication.py b/tests/test_authentication.py
@@ -2,8 +2,9 @@
 Test authentication routes
 """
 
-# from flask import json
-# from flask.testing import FlaskClient
+from flask import json
+from flask.testing import FlaskClient
+import pytest
 
 
 # def test_login_route_one(test_client: FlaskClient) -> None:
@@ -159,3 +160,6 @@
 #     response = test_client.post("/login")
 
 #     assert response.status_code == 400
+
+# def test_promotion(test_client: FlaskClient) -> None:
+
diff --git a/tests/test_departments.py b/tests/test_departments.py
@@ -21,39 +21,40 @@
                         "Computer Science",
                         "Biology",
                         "Materials Engineering",
-                        "Math",
                         "Environmental Engineering",
+                        "Math",
                         "Aerospace Engineering",
-                        "Areonautical Engineering",
+                        "Aeronautical Engineering",
+                        "Mechanical, Aerospace, and Nuclear Engineering"
                     ],
                 },
                 {
                     "field": "description",
                     "values": [
-                        "DS",
-                        "life",
+                        "DS is rough",
+                        "life science",
                         "also pretty cool",
+                        "water stuff",
                         "quick maths",
-                        "water",
                         "space, the final frontier",
                         "flying, need for speed",
                     ],
                 },
                 {
                     "field": "school_id",
                     "values": [
-                        "School of science",
-                        "School of science",
-                        "School of engineering",
-                        "School of science",
-                        "School of engineering",
-                        "School of engineering",
-                        "School of engineering",
+                        "School of Science",
+                        "School of Science",
+                        "School of Engineering",
+                        "School of Science",
+                        "School of Engineering",
+                        "School of Engineering",
+                        "School of Engineering",
                     ],
                 },
                 {
                     "field": "id",
-                    "values": ["CSCI", "BIOL", "MTLE", "MATH", "ENVI", "MANE", "MANE"],
+                    "values": ["CSCI", "BIOL", "MTLE", "MATH", "ENVE", "MANE"],
                 },
                 {
                     "field": "image",
@@ -62,12 +63,12 @@
                     ]
                     * 7,
                 },
-                {"field": "webcite", "values": ["https://www.rpi.edu"] * 7},
+                {"field": "website", "values": ["https://www.rpi.edu"] * 7},
             ],
         ),
         (
-            "/department",
-            {"department": "Computer Science"},
+            "/departments/CSCI",
+            None,
             200,
             [
                 {"field": "name", "values": ["Computer Science"]},
@@ -80,7 +81,7 @@
                         "https://cdn-icons-png.flaticon.com/512/5310/5310672.png"
                     ],
                 },
-                {"field": "webcite", "values": ["https://www.rpi.edu"]},
+                {"field": "website", "values": ["https://www.rpi.edu"]},
                 {
                     "field": "professors",
                     "subfields": [

diff --git a/tests/test_general.py b/tests/test_general.py
@@ -5,6 +5,7 @@
 import pytest
 from flask import json
 from flask.testing import FlaskClient
+from flask_jwt_extended import create_access_token
 
 
 def test_home_page(test_client: FlaskClient) -> None:
@@ -19,25 +20,6 @@
     assert {"Hello": "There"} == json.loads(response.data)
 
 
-def test_discover_route(test_client: FlaskClient) -> None:
-    """
-    GIVEN a Flask application configured for testing
-    WHEN the '/discover' page is requested (GET)
-    THEN check that the response is valid
-    """
-    response = test_client.get("/discover")
-
-    assert response.status_code == 200
-    # Uncomment and modify the following line with expected response data
-    # data = json.loads(response.data.decode("utf-8"))
-    # assert data["data"][0] == {
-    #     "title": "Nelson",
-    #     "major": "CS",
-    #     "attributes": ["Competitive Pay", "Four Credits", "Three Credits"],
-    #     "pay": 9000.0,
-    # }
-
-
 @pytest.mark.parametrize(
     "input_id, expected_profile",
     [
@@ -46,7 +28,7 @@
             {
                 "id": "cenzar",
                 "first_name": "Rafael",
-                "opportunities": [...],  # Replace with expected opportunities data
+                "opportunities": ["opportunity1"],  # Replace with expected opportunities data
             },
         )
     ],
@@ -57,8 +39,20 @@
     WHEN the '/profile/<user>' page is requested (GET)
     THEN check that the response is valid
     """
-    response = test_client.get("/profile", json={"id": input_id})
-
+    # login_response = test_client.post("/login", json={"username": "test_user", "password": "password123"})
+    # login_data = json.loads(login_response.data)
+    with test_client.application.app_context():
+        access_token = create_access_token(identity='[email protected]')
+
+    # response = test_client.get("/profile", json={"id": input_id})
+    # Make the request with the JWT token
+    response = test_client.get(
+        "/profile",
+        json={"id": input_id},
+        headers={'Authorization': f'Bearer {access_token}'}
+    )
+
+    print(response.data)
     assert response.status_code == 200
 
     json_data = json.loads(response.data)
@@ -108,7 +102,7 @@
     response = test_client.get("/years")
 
     assert response.status_code == 200
-    assert [2024, 2025, 2026, 2027, 2028, 2029, 2030, 2031] == json.loads(response.data)
+    assert [2025, 2026, 2027, 2028, 2029, 2030, 2031] == json.loads(response.data)
 
 
 def test_professor_profile(test_client: FlaskClient) -> None:
@@ -117,7 +111,7 @@
     WHEN the '/getProfessorProfile/<id>' page is requested (GET)
     THEN check that the response is valid
     """
-    response = test_client.get("/getProfessorProfile/1")
+    response = test_client.get("/staff/cenzar")
 
     assert response.status_code == 200