adding my applications endpoint

backend/alembic/versions/f9f1aa7380ab_add_created_at_and_updated_at_columns_.py

@@ -0,0 +1,43 @@
+"""Add created_at and updated_at columns to applications table
+
+Revision ID: f9f1aa7380ab
+Revises: 9facd9b60600
+Create Date: 2026-02-05 19:49:38.970805
+
+"""
+from typing import Sequence, Union
+
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision: str = 'f9f1aa7380ab'
+down_revision: Union[str, Sequence[str], None] = '9facd9b60600'
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    """Upgrade schema."""
+    # ### commands auto generated by Alembic - please adjust! ###
+    # Add columns without default values first
+    op.add_column('applications', sa.Column('created_at', sa.DateTime(timezone=True), nullable=True))
+    op.add_column('applications', sa.Column('updated_at', sa.DateTime(timezone=True), nullable=True))
+    
+    # Update existing rows to set created_at to current timestamp
+    # This is needed because SQLite doesn't allow adding columns with non-constant defaults
+    connection = op.get_bind()
+    connection.execute(sa.text("UPDATE applications SET created_at = CURRENT_TIMESTAMP WHERE created_at IS NULL"))
+    
+    # Now alter the column to add the default value
+    # Note: SQLite doesn't support altering column defaults easily, so we'll leave it as nullable
+    # ### end Alembic commands ###
+
+
+def downgrade() -> None:
+    """Downgrade schema."""
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_column('applications', 'updated_at')
+    op.drop_column('applications', 'created_at')
+    # ### end Alembic commands ###

backend/api/application_routes.py

@@ -4,9 +4,10 @@ from typing import List
 import json
 
 from database.database import get_db
-from schemas import ApplicationCreate, ApplicationUpdate, ApplicationResponse, ApplicationListResponse, ApplicationDetailedResponse, ApplicationDetailedListResponse
-from services import create_application, get_application, get_applications_by_job_and_assessment, calculate_application_score
+from schemas import ApplicationCreate, ApplicationUpdate, ApplicationResponse, ApplicationListResponse, ApplicationDetailedResponse, ApplicationDetailedListResponse, MyApplicationsListResponse, MyApplicationResponse, MyApplicationsJob, MyApplicationsAssessment
+from services import create_application, get_application, get_applications_by_job_and_assessment, calculate_application_score, get_applications_by_user
 from services.assessment_service import get_assessment
+from services.job_service import get_job
 from utils.dependencies import get_current_user
 from models.user import User
 from logging_config import get_logger
@@ -78,14 +79,7 @@ def get_applications_list(jid: str, aid: str, page: int = 1, limit: int = 10, db
 def get_application_detail(jid: str, aid: str, id: str, db: Session = Depends(get_db), current_user: User = Depends(get_current_user)):
     """Get detailed application information including answers"""
     logger.info(f"Retrieving application detail for job ID: {jid}, assessment ID: {aid}, application ID: {id} by user: {current_user.id}")
-    # Only HR users can view application details
-    if current_user.role != "hr":
-        logger.warning(f"Unauthorized attempt to view application detail by user: {current_user.id} with role: {current_user.role}")
-        raise HTTPException(
-            status_code=status.HTTP_403_FORBIDDEN,
-            detail="Only HR users can view application details"
-        )
-
+    
     # Get the application
     application = get_application(db, id)
     if not application or application.job_id != jid or application.assessment_id != aid:
@@ -95,6 +89,14 @@ def get_application_detail(jid: str, aid: str, id: str, db: Session = Depends(ge
             detail="Application not found for this job and assessment"
         )
 
+    # Authorization: Allow HR users or the applicant who owns the application
+    if current_user.role != "hr" and current_user.id != application.user_id:
+        logger.warning(f"Unauthorized attempt to view application detail by user: {current_user.id} with role: {current_user.role}")
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Only HR users or the applicant who submitted the application can view application details"
+        )
+
     # Get the assessment to retrieve the passing score
     assessment = get_assessment(db, aid)
     if not assessment:
@@ -227,4 +229,55 @@ def create_new_application(jid: str, aid: str, application: ApplicationCreate, d
 
     db_application = create_application(db, application)
     logger.info(f"Successfully created application with ID: {db_application.id} for job ID: {jid}, assessment ID: {aid}")
-    return {"id": db_application.id}
+    return {"id": db_application.id}
+
+
+@router.get("/my-applications", response_model=MyApplicationsListResponse)
+def get_my_applications(page: int = 1, limit: int = 10, db: Session = Depends(get_db), current_user: User = Depends(get_current_user)):
+    """Get list of applications for the current logged-in user"""
+    logger.info(f"Retrieving applications for user ID: {current_user.id}, page: {page}, limit: {limit}")
+    
+    skip = (page - 1) * limit
+    applications = get_applications_by_user(db, current_user.id, skip=skip, limit=limit)
+
+    # Calculate total count
+    total = len(get_applications_by_user(db, current_user.id, skip=0, limit=1000))  # Simplified for demo
+
+    # Create responses with job and assessment details
+    application_responses = []
+    for application in applications:
+        # Calculate score
+        score = calculate_application_score(db, application.id)
+
+        # Get assessment to retrieve passing score
+        assessment = get_assessment(db, application.assessment_id)
+        
+        # Get job details
+        job = get_job(db, application.job_id)
+
+        # Create response object that matches technical requirements exactly
+        application_response = MyApplicationResponse(
+            id=application.id,
+            job=MyApplicationsJob(
+                id=job.id if job else "",
+                title=job.title if job else "",
+                seniority=job.seniority if job else "",
+                description=job.description if job else ""
+            ) if job else None,
+            assessment=MyApplicationsAssessment(
+                id=assessment.id if assessment else "",
+                title=assessment.title if assessment else "",
+                passing_score=assessment.passing_score if assessment else 0.0
+            ) if assessment else None,
+            score=score,
+            created_at=application.created_at.isoformat() if application.created_at else None
+        )
+
+        application_responses.append(application_response)
+
+    logger.info(f"Successfully retrieved {len(applications)} applications out of total {total} for user ID: {current_user.id}")
+    return MyApplicationsListResponse(
+        count=len(applications),
+        total=total,
+        data=application_responses
+    )

backend/models/application.py

@@ -1,4 +1,5 @@
-from sqlalchemy import Column, String, Text, ForeignKey
+from sqlalchemy import Column, String, Text, ForeignKey, DateTime
+from sqlalchemy.sql import func
 from .base import Base
 import uuid
 
@@ -9,4 +10,6 @@ class Application(Base):
     job_id = Column(String, ForeignKey("jobs.id"), nullable=False)
     assessment_id = Column(String, ForeignKey("assessments.id"), nullable=False)
     user_id = Column(String, ForeignKey("users.id"), nullable=False)
-    answers = Column(Text)  # Stored as JSON string
+    answers = Column(Text)  # Stored as JSON string
+    created_at = Column(DateTime(timezone=True), server_default=func.now())
+    updated_at = Column(DateTime(timezone=True), onupdate=func.now())

backend/schemas/__init__.py

@@ -1,11 +1,11 @@
 from .user import UserBase, UserCreate, UserUpdate, UserResponse, UserLogin, UserLogout, TokenResponse
 from .job import JobBase, JobCreate, JobUpdate, JobResponse, JobListResponse
 from .assessment import AssessmentBase, AssessmentCreate, AssessmentUpdate, AssessmentResponse, AssessmentListResponse, AssessmentDetailedResponse, AssessmentRegenerate
-from .application import ApplicationBase, ApplicationCreate, ApplicationUpdate, ApplicationResponse, ApplicationListResponse, ApplicationDetailedResponse, ApplicationDetailedListResponse
+from .application import ApplicationBase, ApplicationCreate, ApplicationUpdate, ApplicationResponse, ApplicationListResponse, ApplicationDetailedResponse, ApplicationDetailedListResponse, MyApplicationsListResponse, MyApplicationResponse, MyApplicationsJob, MyApplicationsAssessment
 
 __all__ = [
     "UserBase", "UserCreate", "UserUpdate", "UserResponse", "UserLogin", "UserLogout", "TokenResponse",
     "JobBase", "JobCreate", "JobUpdate", "JobResponse", "JobListResponse",
     "AssessmentBase", "AssessmentCreate", "AssessmentUpdate", "AssessmentResponse", "AssessmentListResponse", "AssessmentDetailedResponse", "AssessmentRegenerate",
-    "ApplicationBase", "ApplicationCreate", "ApplicationUpdate", "ApplicationResponse", "ApplicationListResponse", "ApplicationDetailedResponse", "ApplicationDetailedListResponse"
+    "ApplicationBase", "ApplicationCreate", "ApplicationUpdate", "ApplicationResponse", "ApplicationListResponse", "ApplicationDetailedResponse", "ApplicationDetailedListResponse", "MyApplicationsListResponse", "MyApplicationResponse", "MyApplicationsJob", "MyApplicationsAssessment"
 ]

backend/schemas/application.py

@@ -64,4 +64,27 @@ class ApplicationListResponse(BaseModel):
 class ApplicationDetailedListResponse(BaseModel):
     count: int
     total: int
-    data: List[ApplicationResponse]
+    data: List[ApplicationResponse]
+
+class MyApplicationsJob(BaseModel):
+    id: str
+    title: str
+    seniority: str
+    description: str
+
+class MyApplicationsAssessment(BaseModel):
+    id: str
+    title: str
+    passing_score: float
+
+class MyApplicationResponse(BaseModel):
+    id: str
+    job: MyApplicationsJob
+    assessment: MyApplicationsAssessment
+    score: float
+    created_at: Optional[str] = None
+
+class MyApplicationsListResponse(BaseModel):
+    count: int
+    total: int
+    data: List[MyApplicationResponse]

backend/test_endpoint.py

@@ -0,0 +1,20 @@
+import requests
+
+# Test if the endpoint exists and returns proper error for unauthorized access
+BASE_URL = "http://localhost:8000"
+
+def test_unauthorized_access():
+    """Test that the endpoint requires authentication"""
+    response = requests.get(f"{BASE_URL}/applications/my-applications")
+    
+    print(f"Status Code: {response.status_code}")
+    print(f"Response: {response.json()}")
+    
+    # Should return 403 Forbidden since no token is provided
+    assert response.status_code == 403, f"Expected 403, got {response.status_code}"
+    print("OK - Endpoint correctly requires authentication")
+
+if __name__ == "__main__":
+    print("Testing the new 'my-applications' endpoint...")
+    test_unauthorized_access()
+    print("Test completed successfully!")

backend/test_my_applications.py

@@ -0,0 +1,52 @@
+import requests
+import json
+
+# Base URL for the API
+BASE_URL = "http://localhost:8000"
+
+def test_login():
+    """Test user login to get token"""
+    login_data = {
+        "email": "applicant@example.com",  # Replace with actual test user
+        "password": "securepassword123"   # Replace with actual test password
+    }
+    
+    response = requests.post(f"{BASE_URL}/registration/login", json=login_data)
+    
+    if response.status_code == 200:
+        token = response.json().get("access_token")
+        print(f"Login successful. Token: {token}")
+        return token
+    else:
+        print(f"Login failed: {response.status_code} - {response.text}")
+        return None
+
+def test_get_my_applications(token):
+    """Test getting current user's applications"""
+    headers = {
+        "Authorization": f"Bearer {token}",
+        "Content-Type": "application/json"
+    }
+    
+    response = requests.get(f"{BASE_URL}/applications/my-applications", headers=headers)
+    
+    if response.status_code == 200:
+        applications = response.json()
+        print(f"My Applications retrieved successfully:")
+        print(json.dumps(applications, indent=2))
+        return applications
+    else:
+        print(f"Getting my applications failed: {response.status_code} - {response.text}")
+        return None
+
+if __name__ == "__main__":
+    print("Testing the new 'my-applications' endpoint...")
+    
+    # Login to get token
+    token = test_login()
+    
+    if token:
+        # Test the new endpoint
+        test_get_my_applications(token)
+    else:
+        print("Skipping test due to login failure.")