Blog Update API Endpoint #5
Description
Description
Develop an endpoint to handle requests to update an existing blog post. This endpoint will validate the input data and update the blog post securely in the database. This endpoint should be accessible only to super admins. If the blog post is updated successfully, it will be returned to the client with a 200 OK status. If an error occurs, an appropriate error status will be returned.
Acceptance Criteria
- The endpoint allows super admins to update an existing blog post by its ID.
- The endpoint is protected by JWT-based authentication and role-based access control to ensure only super admins can access it.
- The endpoint validates the input data and returns appropriate error messages for invalid data.
- Returns a
200 OKstatus code and the updated blog post data when the blog post is updated successfully. - Returns an appropriate error message when an error occurs or when the user is not authorized.
Purpose
Provide the necessary backend services to allow super admin to edit and update their previously published blog posts.
Requirements
- Implement API endpoint for updating an existing blog post.
- Ensure only super admins can access this endpoint using JWT-based authentication and role-based access control.
- Validate the input data, including length and format checks for title, content, publish date, and author.
- Handle conflicts if a blog post with the same title already exists and return a
409 Conflictstatus code. - Handle unexpected errors and return the appropriate status code.
- Support partial updates using the
PATCHmethod.
Expected Outcome
- Super admins should be able to send a request to update an existing blog post.
- Users should receive appropriate status codes and responses based on the outcome of the request.
Endpoints
[PATCH] /api/v1/blogs/:id
-
Description: Updates an existing blog post.
-
Path Parameters:
id: The ID of the blog post to update.
-
Request Body:
title: The title of the blog post.content: The content of the blog post.updated_at: The updated date of the blog post.
{ "title": "string", "excerpt": "string", "content": "string", } -
Success Response:
-
Status:
200 OK -
Body:
{ "message": "Blog successfully updated", "id": "int", "title": "string", "excerpt": "string", "content": "string", "author": "string", "updated_at": "datetime", }
-
-
Error Response:
-
Status:
500 Internal Server Error -
Body:
{ "error": "Internal server error." }
-
-
Unauthorized Response:
-
Status:
403 Forbidden -
Body:
{ "error": "You do not have permission to perform this action." }
-
-
Not Found Response:
-
Status:
404 Not Found -
Body:
{ "error": "Blog post not found." }
-
-
Conflict Response:
-
Status:
409 Conflict -
Body:
{ "error": "A blog post with this title already exists." }
-
-
Bad Request Response:
-
Status:
400 Bad Request -
Body:
{ "error": "Invalid data." }
-
Testing
Test Scenarios
-
Successful Update of Blog Post
- Ensure that the endpoint successfully updates the data of an existing blog post.
- Verify that the response includes the updated blog post data and a
200 OKstatus code.
-
Unauthorized Access
- Simulate a request from a non-super admin user or from an unauthenticated user.
- Confirm that the endpoint returns a
403 Forbiddenstatus code and an appropriate error message.
-
Conflict Error
- Simulate a request to update a blog post with a title that already exists.
- Verify that the endpoint returns a
409 Conflictstatus code and an appropriate error message.
-
Internal Server Error
- Simulate an internal server error to raise an exception.
- Verify that the endpoint returns a
500 Internal Server Errorstatus code and an appropriate error message.
-
Blog Post Not Found
- Simulate a request to update a blog post that does not exist.
- Confirm that the endpoint returns a
404 Not Foundstatus code and an appropriate error message.
-
Invalid Data
- Send requests with invalid data (e.g., missing required fields, incorrect data types).
- Verify that the endpoint returns a
400 Bad Requeststatus code and an appropriate error message.