Add GET /v1/focus-sessions/{session_id}: fetch a single focus session#8987
Add GET /v1/focus-sessions/{session_id}: fetch a single focus session#8987ZachL111 wants to merge 5 commits into
Conversation
Focus sessions can be created, listed, and deleted, but there is no way to fetch a single one by id. Add the missing GET-by-id: it returns the stored document (with its id) and 404 when the session is absent, mirroring the get-by-id convention in sibling routers. Reuses the module's db/_user_col seam and the existing ref.get().exists idiom.
kodjima33
left a comment
There was a problem hiding this comment.
Reviewed: scoped backend addition, approve-only per policy (features/new endpoints are Nik's merge call).
|
Thanks for the focused backend addition here. I did a static maintainer review of the route/database change and the new unit coverage. Positive signal from my side: the implementation is small and coherently scoped, keeps the lookup under I’m not submitting a formal approval from automation because this adds a new authenticated user-data read endpoint, which falls under the maintainer policy’s data-access/security-sensitive gate. I don’t see a blocking implementation issue, but final approval/merge should remain a human maintainer call. |
|
Thanks for the update on this PR. I re-reviewed the current head ( Positive signal from my side: the implementation remains small and coherently scoped. The new GET handler is authenticated through I’m still not submitting a formal automation approval because this exposes a new authenticated user-data read endpoint and the monitor policy gates data-access/security-sensitive surfaces for human maintainer judgment. I don’t see a blocking implementation issue in this diff; final approval/merge should remain with maintainers. |
d5ca62a to
b50f75b
Compare
# Conflicts: # backend/route_policy_manifest.yaml
|
Thanks for keeping this endpoint focused. I re-reviewed the current head ( Positive signal from my side: the implementation is still small and scoped to the missing single-session read. The handler stays behind I’m not submitting a formal automation approval because this is a new authenticated user-data read endpoint, and the maintainer policy gates security/data-access surfaces for human maintainer judgment. I don’t see a blocking implementation issue in this diff; final approval/merge should remain with maintainers. |
|
Thanks David. Nothing outstanding on my side; agreed a human maintainer should make the final call on the new authenticated read surface. The gate that was red is now fixed on main (#9462), so this should go green on rerun. |
What
Adds
GET /v1/focus-sessions/{session_id}, which fetches a single focus session by id.Why
Focus sessions can be created (
POST /v1/focus-sessions), listed (GET /v1/focus-sessions), and deleted (DELETE /v1/focus-sessions/{session_id}), but there is no way to fetch one by id. A client that already has a session id (from the list or from a create response) cannot re-read that single session, for example to refresh a detail view after an edit. This adds the missing read.Details
id), or 404 when the session does not exist, mirroring the get-by-id convention in sibling routers.get_focus_session(uid, session_id)reuses the module'sdb/_user_colseam and the existingref.get().existsidiom.HTTPExceptionandtyping.Optional; import-clean.DELETE /v1/focus-sessions/{session_id}and the segmentless list route.Test
backend/tests/unit/test_focus_session_get.py: the router handler returns the session when found and raises 404 when missing; the db helper returns None when the doc is absent and injectsidwhen present. 4 passed locally. Uses the sanctioned seams (import the modules normally and patch.object on the singletons, no sys.modules mutation).