Merge b8f2b51 into 3d60bee

server/controllers/Comments.js

@@ -107,6 +107,88 @@ class Comments {
       serverError(res);
     }
   }
+
+  /**
+   * @name delete
+   * @async
+   * @static
+   * @memberof Comments
+   * @param {Object} req express request object
+   * @param {Object} res express response object
+   * @returns {JSON} JSON object with message on deleted message
+   */
+  static async delete(req, res) {
+    try {
+      const { slug, id } = req.params;
+      const { id: userId } = req.user;
+      const article = await Article.findBySlug(slug);
+      if (!article) {
+        return serverResponse(res, 404, { error: 'article not found' });
+      }
+      const articleId = article.id;
+      const comment = await Comment.findOne({ where: { id, articleId } });
+      if (!comment) {
+        return serverResponse(res, 404, { error: 'comment not found' });
+      }
+
+      const deletedComment = await Comment.destroy({
+        where: { id, articleId, userId }
+      });
+
+      if (!deletedComment) {
+        return serverResponse(res, 403, {
+          error: "you don't have permission to access this content"
+        });
+      }
+
+      return serverResponse(res, 200, { message: 'comment deleted' });
+    } catch (error) {
+      serverError(res);
+    }
+  }
+
+  /**
+   * @name update
+   * @async
+   * @static
+   * @memberof Comments
+   * @param {Object} req express request object
+   * @param {Object} res express response object
+   * @returns {JSON} JSON object with details of update message
+   */
+  static async update(req, res) {
+    try {
+      const { slug, id } = req.params;
+      const { id: userId } = req.user;
+      let { comment } = req.body;
+
+      const article = await Article.findBySlug(slug);
+      if (!article) {
+        return serverResponse(res, 404, { error: 'article not found' });
+      }
+
+      const articleId = article.id;
+      const commentData = await Comment.findOne({ where: { id, articleId } });
+      if (!commentData) {
+        return serverResponse(res, 404, { error: 'comment not found' });
+      }
+
+      const [rowsUpdated, [updatedComment]] = await Comment.update(
+        { comment },
+        { returning: true, where: { id, userId, articleId } }
+      );
+      if (rowsUpdated < 1) {
+        return serverResponse(res, 403, {
+          error: "you don't have permission to access this content"
+        });
+      }
+
+      comment = updatedComment.dataValues;
+      return serverResponse(res, 200, { message: 'comment updated', comment });
+    } catch (error) {
+      serverError(res);
+    }
+  }
 }
 
 export default Comments;

server/docs/authors-haven-api.yml

@@ -868,6 +868,103 @@ paths:
             schema:
               '$ref': '#/components/schemas/serverResponse'
 
+  /api/v1/articles/{slug}/comments/{commentId}:
+    patch:
+      parameters:
+        - in: path
+          name: slug
+          required: true
+          schema:
+            type: string
+          description: Article Slug
+        - in: path
+          name: commentId
+          required: true
+          schema:
+            type: integer
+          description: Comment Id
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              required:
+              - comment
+              properties:
+                comment:
+                  type: text
+                  example: This is a comment. 
+      summary: Route to update comment of an article
+      description: Allows owner of a comment to update 
+      security:
+        - ApiKeyAuth: []
+      responses:
+        200:
+          description: comment updated successfully
+          content:
+            application/json:
+              schema:
+                "$ref": "#/components/schemas/updateCommentResponse"
+        404:
+          description: article not found/no comments on article
+          content:
+            application/json:
+              schema:
+                "$ref": "#/components/schemas/errorResponse"
+        500:
+          description: Internal server error  
+          content:
+            application/json:
+              schema:
+                "$ref": "#/components/schemas/serverResponse"  
+
+    delete:
+      summary: Route to delete comment
+      description: Allows owner of a comment to delete comment 
+      security:
+        - ApiKeyAuth: []
+      parameters:
+        - in: path
+          name: slug
+          required: true
+          schema:
+            type: string
+          description: Article Slug
+        - in: path
+          name: commentId
+          required: true
+          schema:
+            type: integer
+          description: Comment Id
+      responses:
+        200:
+          description: comment updated successfully
+          content:
+            application/json:
+              schema:
+                "$ref": "#/components/schemas/updateCommentResponse"
+        401:
+          description: authentication error
+          content:
+            application/json:
+              schema:
+                "$ref": "#/components/schemas/errorResponse"
+
+        404:
+          description: article not found/no comments on article
+          content:
+            application/json:
+              schema:
+                "$ref": "#/components/schemas/errorResponse"
+        500:
+          description: Internal server error  
+          content:
+            application/json:
+              schema:
+                "$ref": "#/components/schemas/serverResponse" 
+
+
 components:
   securitySchemes:
     BearerAuth:
@@ -1329,3 +1426,9 @@ components:
                     type: string
                     format: date-time
                     example: 2017-07-21T17:32:28Z
+    updateCommentResponse:
+      type: object
+      properties:
+        message:
+          type: string 
+

server/routes/comment.js

@@ -13,13 +13,30 @@ const {
 
 route.post(
   '/:slug/comments',
+  validateCommentBody,
   verifyToken,
   getSessionFromToken,
   checkUserVerification,
-  validateCommentBody,
   Comments.create
 );
 
+route.patch(
+  '/:slug/comments/:id',
+  validateCommentBody,
+  verifyToken,
+  getSessionFromToken,
+  checkUserVerification,
+  Comments.update
+);
+
+route.delete(
+  '/:slug/comments/:id',
+  verifyToken,
+  getSessionFromToken,
+  checkUserVerification,
+  Comments.delete
+);
+
 route.get('/:slug/comments', Comments.getArticleComments);
 
 export default route;

server/routes/index.js

@@ -17,9 +17,8 @@ route.use('/sessions', session);
 route.use('/auth', auth);
 route.use('/profiles', profile, follower);
 route.use('/user', userFollower);
-route.use('/articles', article);
-route.use('/tags', tag);
 route.use('/articles', article, comment);
+route.use('/tags', tag);
 route.use('/categories', category);
 
 export default route;

test/articles/__mocks__/index.js

@@ -33,6 +33,13 @@ const ArticleData2 = {
   tags: 'tech,business'
 };
 
+const ArticleData20 = {
+  title: ' is simply dummy text of the printing and typesetting ',
+  description: 'ext ever since the 1500s, when an unknown printer',
+  articleBody: 'ext ever since the 1500s, when an unknown printer took a ga',
+  status: 'publish'
+};
+
 const noTagArticleData = {
   title: ' is simply dummy text of the printing and typesetting ',
   description: 'ext ever since the 1500s, when an unknown printer',
@@ -114,5 +121,6 @@ export {
   ArticleData4,
   badImage,
   ArticleData10,
+  ArticleData20,
   authenticatedUser
 };

test/comments/comment.test.js

@@ -109,7 +109,7 @@ describe('Add Comments to Article Tests', async () => {
   context(
     `
   when authenticated user attempts submitting number 
-  of chars above required`,
+  of chars above 5000`,
     () => {
       it('returns error', async () => {
         const res = await chai

test/comments/index.js

@@ -1 +1,2 @@
 import './comment.test';
+import './updateComment.test';