Merge pull request #65 from Cavdy/ft-connect-patch-and-delete-account…

…-to-database-165431071

#165431071 connect patch and delete account to database

server/v1/config/user.sql

@@ -21,4 +21,7 @@ SELECT email FROM users WHERE email=$1, ['email']
 INSERT into users values($1), ['value']
 
 -- delete from users table
-DELETE FROM users;
+DELETE FROM users;
+
+-- admin
+INSERT into users(email, firstName, lastName, password, type, isAdmin) values('admin@banka.com', 'cavdy', 'ikenna', '$2a$10$CmmIst1.D3QjaWuafKbBaOuAFu0r9o7xxQY.0SMKiAN.h9z52a2y2', 'staff', true)

server/v1/controllers/createAccount.js

@@ -10,21 +10,24 @@ const CreateAccountController = {
       data: createdAccount,
     }).status(201);
   },
+
   // patchAccount
-  patchAccount(req, res) {
+  async patchAccount(req, res) {
     const { accountNumber } = req.params;
     const accountStatus = req.body;
-    const updatedAccount = CreateAccountService
+    const updatedAccount = await CreateAccountService
       .patchAccount(accountNumber, accountStatus, req.authorizedData);
     return res.json({
       status: 'success',
       data: updatedAccount,
     }).status(201);
   },
+
   // deleteAccount
-  deleteAccount(req, res) {
+  async deleteAccount(req, res) {
     const { accountNumber } = req.params;
-    const deleteAccount = CreateAccountService.deleteAccount(accountNumber, req.authorizedData);
+    const deleteAccount = await CreateAccountService
+      .deleteAccount(accountNumber, req.authorizedData);
     return res.json({
       status: 'success',
       data: deleteAccount,

server/v1/services/createAccount.js

@@ -23,7 +23,7 @@ const CreateAccountService = {
           [userData.email, firstname, lastname, accountNumberGenerator, createdOn, id, accountData.type, status, balance]);
       if (response.command === 'INSERT') {
         const accountDbData = await dbConnection
-          .dbConnect('SELECT id, accountnumber, createdon, owner, type, status, balance FROM accounts WHERE accountNumber=$1', [accountNumberGenerator]);
+          .dbConnect('SELECT id, accountnumber, createdon, owner, type, status, balance FROM accounts WHERE accountnumber=$1', [accountNumberGenerator]);
         const account = new AccountModel();
         account.id = accountDbData.rows[0].id;
         account.accountNumber = accountDbData.rows[0].accountnumber;
@@ -40,34 +40,52 @@ const CreateAccountService = {
 
     return accountOutput;
   },
-  patchAccount(accountNumber, accountUpdate, staff) {
+
+  async patchAccount(accountNumber, accountUpdate, staff) {
     let account;
 
-    if (staff.loggedUser.type === 'staff' || staff.loggedUser.isAdmin === true) {
+    // pulling users data from database
+    const userDetails = await dbConnection
+      .dbConnect('SELECT type, isadmin FROM users WHERE email=$1', [staff.email]);
+    const { type, isadmin } = userDetails.rows[0];
+
+    if (type === 'staff' || isadmin === true) {
       // eslint-disable-next-line no-plusplus
-      for (let i = 0; i <= accounts.length - 1; i++) {
-        // eslint-disable-next-line eqeqeq
-        if (accounts[i].accountNumber == accountNumber) {
-          accounts[i].status = accountUpdate.status;
-          account = accounts[i];
+      const accountDbData = await dbConnection
+        .dbConnect('SELECT accountnumber FROM accounts WHERE accountnumber=$1', [accountNumber]);
+      if (accountDbData.rows.length > 0) {
+        const updateAccount = await dbConnection
+          .dbConnect('UPDATE accounts SET status=$1 WHERE accountnumber=$2', [accountUpdate.status, accountNumber]);
+        if (updateAccount.command === 'UPDATE') {
+          const userDbData = await dbConnection.dbConnect('SELECT accountnumber, status FROM accounts WHERE accountnumber=$1', [accountNumber]);
+          const { accountnumber, status } = userDbData.rows[0];
+          account = { accountnumber, status };
+        } else {
+          account = 'Something wrong happened';
         }
       }
     } else {
       account = 'Sorry you don\'t have permission to perform this task';
     }
     return account;
   },
-  deleteAccount(accountNumber, staff) {
+
+  async deleteAccount(accountNumber, staff) {
     let account;
 
-    if (staff.loggedUser.type === 'staff' || staff.loggedUser.isAdmin === true) {
-      const Account = accounts.find(mAccount => mAccount.accountNumber == accountNumber);
+    const userDetails = await dbConnection
+      .dbConnect('SELECT type, isadmin FROM users WHERE email=$1', [staff.email]);
+    const { type, isadmin } = userDetails.rows[0];
 
-      if (typeof Account !== 'undefined') {
-        accounts.splice(Account.id - 1, 1);
-        account = 'account deleted';
+    if (type === 'staff' || isadmin === true) {
+      const checkAccount = await dbConnection
+        .dbConnect('SELECT accountnumber FROM accounts WHERE accountnumber=$1', [accountNumber]);
+      if (checkAccount.rows.length > 0) {
+        const accountDbData = await dbConnection
+          .dbConnect('DELETE FROM accounts WHERE accountnumber=$1', [accountNumber]);
+        if (accountDbData.command === 'DELETE') account = 'Account successfully deleted';
       } else {
-        account = 'no account found or account has been deleted';
+        account = 'no account found';
       }
     } else {
       account = 'Sorry you don\'t have permission to perform this task';

server/v1/test/accounts.js

@@ -1,12 +1,17 @@
 /* eslint-disable no-undef */
 import chaiHttp from 'chai-http';
 import chai, { expect } from 'chai';
+import dbConnection from '../config/database';
 
 import app from '../app';
 
 chai.use(chaiHttp);
 
 describe('Testing Accounts Controller', () => {
+  before(async () => {
+    await dbConnection
+      .dbConnect('INSERT into users(email, firstName, lastName, password, type, isAdmin) values($1, $2, $3, $4, $5, $6)', ['admin@banka.com', 'cavdy', 'ikenna', '$2a$10$CmmIst1.D3QjaWuafKbBaOuAFu0r9o7xxQY.0SMKiAN.h9z52a2y2', 'staff', true]);
+  });
   describe('Testing accounts controller', () => {
     it(
       'accounts should have all required details',
@@ -37,88 +42,83 @@ describe('Testing Accounts Controller', () => {
       },
     );
 
-    // it(
-    //   'should not patch account if not staff or admin',
-    //   (done) => {
-    //     const signinUrl = '/api/auth/signin';
-    //     chai.request(app)
-    //       .post(signinUrl)
-    //       .send({
-    //         email: 'banka@banka.com',
-    //         password: 'passworD1@',
-    //       })
-    //       .end((error, response) => {
-    //         const { token } = response.body.data;
-    //         chai.request(app)
-    //           .patch('/api/v1/accounts/306363789207')
-    //           .set('Authorization', `Bearer ${token}`)
-    //           .send({
-    //             status: 'dormant',
-    //           })
-    //           .end((err, res) => {
-    //             expect(res.body).to.be.an('object');
-    //             expect(res.body.status).to.equal('success');
-    //             expect(res.body.data).to.equal('Sorry you don\'t have permission to perform this task');
-    //           });
-    //         done();
-    //       });
-    //   },
-    // );
+    it(
+      'should not patch account if not staff or admin',
+      async () => {
+        const signinUrl = '/api/auth/signin';
+        const response = await chai.request(app)
+          .post(signinUrl)
+          .send({
+            email: 'banka872@banka4.com',
+            password: 'passworD4@',
+          });
+        const { token } = response.body.data[0];
+        const res = await chai.request(app)
+          .post('/api/v1/accounts')
+          .set('Authorization', `Bearer ${token}`)
+          .send({
+            type: 'savings',
+          });
+        const { accountnumber } = res.body.data;
+        const res1 = await chai.request(app)
+          .patch(`/api/v1/accounts/${accountnumber}`)
+          .set('Authorization', `Bearer ${token}`)
+          .send({
+            status: 'dormant',
+          });
+        expect(res1.body).to.be.an('object');
+        expect(res1.body.status).to.equal('success');
+        expect(res1.body.data).to.equal('Sorry you don\'t have permission to perform this task');
+      },
+    );
 
-    // it(
-    //   'should not delete account if not staff or admin',
-    //   (done) => {
-    //     const signinUrl = '/api/auth/signin';
-    //     chai.request(app)
-    //       .post(signinUrl)
-    //       .send({
-    //         email: 'banka@banka.com',
-    //         password: 'passworD1@',
-    //       })
-    //       .end((error, response) => {
-    //         const { token } = response.body.data;
-    //         chai.request(app)
-    //           .delete('/api/v1/accounts/306363789207')
-    //           .set('Authorization', `Bearer ${token}`)
-    //           .send({
-    //             status: 'dormant',
-    //           })
-    //           .end((err, res) => {
-    //             expect(res.body).to.be.an('object');
-    //             expect(res.body.status).to.equal('success');
-    //             expect(res.body.data).to.equal('Sorry you don\'t have permission to perform this task');
-    //           });
-    //         done();
-    //       });
-    //   },
-    // );
+    it(
+      'should not delete account if not staff or admin',
+      async () => {
+        const signinUrl = '/api/auth/signin';
+        const response = await chai.request(app)
+          .post(signinUrl)
+          .send({
+            email: 'banka872@banka4.com',
+            password: 'passworD4@',
+          });
+        const { token } = response.body.data[0];
+        const res = await chai.request(app)
+          .post('/api/v1/accounts')
+          .set('Authorization', `Bearer ${token}`)
+          .send({
+            type: 'savings',
+          });
+        const { accountnumber } = res.body.data;
+        const res1 = await chai.request(app)
+          .delete(`/api/v1/accounts/${accountnumber}`)
+          .set('Authorization', `Bearer ${token}`)
+          .send();
+        expect(res1.body).to.be.an('object');
+        expect(res1.body.status).to.equal('success');
+        expect(res1.body.data).to.equal('Sorry you don\'t have permission to perform this task');
+      },
+    );
 
-    // it(
-    //   'should notify when account does not exist',
-    //   (done) => {
-    //     const signinUrl = '/api/auth/signin';
-    //     chai.request(app)
-    //       .post(signinUrl)
-    //       .send({
-    //         email: 'banka3@banka.com',
-    //         password: 'passworD3@',
-    //       })
-    //       .end((error, response) => {
-    //         const { token } = response.body.data;
-    //         chai.request(app)
-    //           .delete('/api/v1/accounts/306363789299')
-    //           .set('Authorization', `Bearer ${token}`)
-    //           .send({
-    //             status: 'dormant',
-    //           })
-    //           .end((err, res) => {
-    //             expect(res.body).to.be.an('object');
-    //             expect(res.body.status).to.equal('success');
-    //             expect(res.body.data).to.equal('no account found or account has been deleted');
-    //           });
-    //         done();
-    //       });
-    //   },
-    // );
+    it(
+      'should notify when account does not exist',
+      async () => {
+        const signinUrl = '/api/auth/signin';
+        const response = await chai.request(app)
+          .post(signinUrl)
+          .send({
+            email: 'admin@banka.com',
+            password: 'passworD4@',
+          });
+        const { token } = response.body.data[0];
+        const res = await chai.request(app)
+          .delete('/api/v1/accounts/883939378372')
+          .set('Authorization', `Bearer ${token}`)
+          .send();
+        expect(res.body).to.be.an('object');
+        expect(res.body.status).to.equal('success');
+        expect(res.body.data).to.equal('no account found');
+      },
+    );
   });
 });