andela · jabichris · Mar 23, 2020 · Mar 15, 2020
diff --git a/package-lock.json b/package-lock.json
diff --git a/src/controllers/tripsController.js b/src/controllers/tripsController.js
@@ -428,4 +428,65 @@ export default class requestController {
       return Response.errorResponse(res, 500, res.__('server error'));
     }
   }
+
+  /**
+   * @param  {object} req
+   * @param  {object} res
+   * @param  {object} next
+   * @return {object} view specific trip request
+   */
+  static async viewRequest(req, res) {
+    try {
+      const { user } = req;
+      const { requestId } = req.params;
+      if (user.role === 'manager') {
+        const availableRequest = await db.Request.findOne({
+          where: {
+            id: requestId,
+            managerId: user.id
+          }
+        });
+        return !availableRequest
+          ? Response.errorResponse(res, 404, res.__('Request not found or not yours to manage'))
+          : Response.success(res, 200, res.__('Request found'), availableRequest);
+      }
+      if (user.role === 'requester') {
+        const Request = await db.Request.findOne({ where: { id: requestId, email: user.email } });
+        return !Request
+          ? Response.errorResponse(res, 404, res.__('Request not found or not yours'))
+          : Response.success(res, 200, res.__('Request found'), Request);
+      }
+      return Response.errorResponse(res, 401, res.__('you are not authorised for this operation'));
+    } catch (err) {
+      return Response.errorResponse(res, 500, res.__('server error'));
+    }
+  }
+
+  /**
+   * @param  {object} req
+   * @param  {object} res
+   * @param  {object} next
+   * @return {object} view all trip requests
+   */
+  static async viewAllRequests(req, res) {
+    try {
+      const { user } = req;
+      if (user.role === 'manager') {
+        const availableRequests = await db.Request.findAll({ where: { managerId: user.id } });
+        return availableRequests.length === 0
+          ? Response.errorResponse(res, 404, res.__('No trip requests available'))
+          : Response.success(res, 200, res.__('Requests found'), availableRequests);
+      }
+
+      if (user.role === 'requester') {
+        const Requests = await db.Request.findAll({ where: { email: user.email } });
+        return Requests.length === 0
+          ? Response.errorResponse(res, 404, res.__('Requests not found'))
+          : Response.success(res, 200, res.__('Requests found'), Requests);
+      }
+      return Response.errorResponse(res, 401, res.__('you are not authorised for this operation'));
+    } catch (err) {
+      return Response.errorResponse(res, 500, res.__('server error'));
+    }
+  }
 }
diff --git a/src/routes/tripsRoutes.js b/src/routes/tripsRoutes.js
@@ -16,10 +16,13 @@ router.post('/one-way', protectRoute.verifyUser, protectRoute.verifyRequester, p
 router.post('/return', protectRoute.verifyUser, protectRoute.verifyRequester, protectRoute.checkUserManager, rememberProfile, returnTripRules, validationResult, tripsController.createReturnRequest);
 router.post('/multi-city', protectRoute.verifyUser, protectRoute.verifyRequester, rememberProfile, multiCityTripRules, validationResult, tripsController.createMultiCityRequest);
 router.patch('/edit', protectRoute.verifyUser, protectRoute.verifyRequester, rememberProfile, requestRules, validationResult, tripsController.editRequest);
-router.get('/view', protectRoute.verifyUser, protectRoute.verifyManager, tripsController.availTripRequests);
+router.get('/view-pending', protectRoute.verifyUser, protectRoute.verifyManager, tripsController.availTripRequests);
 router.put('/:requestId/confirm', protectRoute.verifyUser, protectRoute.verifyManager, tripsController.confirmRequest);
 router.patch('/:requestId/reject', protectRoute.verifyUser, protectRoute.verifyManager, tripsController.rejectRequest);
 router.patch('/:requestId/approve', protectRoute.verifyUser, protectRoute.verifyManager, tripsController.approveRequest);
 router.get('/search', protectRoute.verifyUser, searchQueryRules, validationResult, tripsController.requestSearch);
 
+router.get('/:requestId/view', protectRoute.verifyUser, tripsController.viewRequest);
+router.get('/view', protectRoute.verifyUser, tripsController.viewAllRequests);
+
 export default router;
diff --git a/src/services/localesServices/locales/en.json b/src/services/localesServices/locales/en.json
@@ -164,5 +164,10 @@
 	"the rating can only be an integer number less or equal to 5": "the rating can only be an integer number less or equal to 5",
 	"facility not found": "facility not found",
 	"you haven't visited this facility yet": "you haven't visited this facility yet",
-	"facility rated": "facility rated"
+	"facility rated": "facility rated",
+	"Request not found or not yours": "Request not found or not yours",
+	"Requests found": "Requests found",
+	"Request found": "Request found",
+	"Requests not found": "Requests not found",
+	"Request not found or not yours to approve": "Request not found or not yours to approve"
 }
diff --git a/src/services/localesServices/locales/fr.json b/src/services/localesServices/locales/fr.json
@@ -142,7 +142,6 @@
 	"This request has been a created by another user and belongs to another manager": "Cette demande a été créée par un autre utilisateur et appartient à un autre gestionnaire",
 	"all unread notifications marked as read": "toutes les notifications non lues marquées comme lues",
 	"no unread notifications": "pas de notifications non lues",
-	"Your trip to bisenyi on 2020-10-01 you requested has been approved": "Votre voyage à Bisenyi le 01/10/2020 que vous avez demandé a été approuvé",
 	"To view this approved request you made click below": "Pour voir cette demande approuvée que vous avez faite, cliquez ci-dessous",
 	"View request": "Afficher la demande",
 	"the trip to": "le voyage à",
@@ -173,5 +172,10 @@
 	"the rating can only be an integer number less or equal to 5": "la note ne peut être qu'un nombre entier inférieur ou égal à 5",
 	"facility not found": "installation non trouvée",
 	"you haven't visited this facility yet":"vous n'avez pas encore visité cette installation",
-	"facility rated": "évalué par l'établissement"
+	"facility rated": "évalué par l'établissement",
+	"Request not found or not yours": "Demande non trouvée ou pas la vôtre",
+	"Requests found": "Demandes trouvées",
+	"Requests not found": "Demandes non trouvées",
+	"Request found": "Demande trouvée",
+	"Request not found or not yours to approve": "Demande d'approbation introuvable ou non à vous"
 }
diff --git a/src/swagger/trips.swagger.js b/src/swagger/trips.swagger.js
@@ -213,7 +213,8 @@
 *             description: The request does not exist or it's either been approved or rejected
 *       '401':
 *             description: Only the requester of this trip can edit the trip.
-* */
+*/
+
 /**
  * @swagger
  * definitions:
@@ -304,7 +305,7 @@
 
 /**
  * @swagger
- * /api/v1/trips/view:
+ * /api/v1/trips/view-pending:
  *   get:
  *     security:
  *       - bearerAuth: []
@@ -327,6 +328,7 @@
  *       '401':
  *         description: You are not authorized to perform this action
  */
+
 /**
 * @swagger
 * /api/v1/trips/{requestId}/confirm:
@@ -351,6 +353,7 @@
 *       '200':
 *             description: request re-confirmed.
 * */
+
 /**
 * @swagger
 * /api/v1/trips/{requestId}/reject:
@@ -400,6 +403,7 @@
 *       '404':
 *             description: request with that id and still open is not found in your direct report
 * */
+
 /**
 * @swagger
 * /api/v1/trips/search:
@@ -436,3 +440,59 @@
 *       '404':
 *             description: request not found.
 * */
+
+/**
+ * @swagger
+ * /api/v1/trips/{requestId}/view:
+ *   get:
+ *     security:
+ *       - bearerAuth: []
+ *     tags:
+ *       - Trips
+ *     name: User view a trip request
+ *     summary: User or his manager should be able to view a trip request he made
+ *     parameters:
+ *       - name: token
+ *         in: header
+ *       - name: requestId
+ *         in: path
+ *     produces:
+ *       - application/json
+ *     consumes:
+ *       - application/json
+ *     responses:
+ *       '200':
+ *         description: Request found
+ *       '401':
+ *         description: You are not authorized to perform this action
+ *       '404':
+ *         description: Request not found or not yours
+ */
+
+/**
+ * @swagger
+ * /api/v1/trips/view:
+ *   get:
+ *     security:
+ *       - bearerAuth: []
+ *     tags:
+ *       - Trips
+ *     name: Manager or requester view trip requests
+ *     summary: Requester and manager should be able to view all requests the requester's requests
+ *     parameters:
+ *       - name: token
+ *         in: header
+ *         schema:
+ *           type: string
+ *     produces:
+ *       - application/json
+ *     consumes:
+ *       - application/json
+ *     responses:
+ *       '200':
+ *         description: Requests found
+ *       '404':
+ *         description: Requests not found
+ *       '401':
+ *         description: You are not authorized to perform this action
+ */
diff --git a/src/tests/availReqeusts.test.js → src/tests/availRequests.test.js b/src/tests/availReqeusts.test.js → src/tests/availRequests.test.js
@@ -28,7 +28,7 @@ describe('AVAIL REQUESTS FOR APPROVAL', () => {
   it('should pending requests to approve', (done) => {
     chai
       .request(index)
-      .get('/api/v1/trips/view')
+      .get('/api/v1/trips/view-pending')
       .set('token', token)
       .end((_err, res) => {
         expect(res.status).to.equal(200);
@@ -40,7 +40,7 @@ describe('AVAIL REQUESTS FOR APPROVAL', () => {
       .request(index)
       .post('/api/v1/auth/login')
       .send({
-        email: 'jdev@andela.com',
+        email: 'jim@andela.com',
         password: 'Bien@BAR789'
       })
       .end((err, res) => {
@@ -51,7 +51,7 @@ describe('AVAIL REQUESTS FOR APPROVAL', () => {
   it('should return that your not authorised for this operation', (done) => {
     chai
       .request(index)
-      .get('/api/v1/trips/view')
+      .get('/api/v1/trips/view-pending')
       .set('token', unauthToken)
       .end((_err, res) => {
         expect(res.status).to.equal(401);

diff --git a/src/tests/booking.test.js b/src/tests/booking.test.js
@@ -1,7 +1,7 @@
 
 import chai from 'chai';
 import chaiHttp from 'chai-http';
-import server from '../index';
+import app from '../index';
 import db from '../models';
 
 
@@ -19,7 +19,7 @@ describe('FACILITY BOOKING', () => {
       password: 'Bien@BAR789',
     };
     chai
-      .request(server)
+      .request(app)
       .post('/api/v1/auth/login')
       .send(loggedUser)
       .end((err, res) => {
@@ -30,7 +30,7 @@ describe('FACILITY BOOKING', () => {
 
   it('should book a room', (done) => {
     chai
-      .request(server)
+      .request(app)
       .post(bookingRoute)
       .set('token', token)
       .send({
@@ -48,7 +48,7 @@ describe('FACILITY BOOKING', () => {
   });
   it('should not book for a request does not exist or is not yours', (done) => {
     chai
-      .request(server)
+      .request(app)
       .post(bookingRoute)
       .set('token', token)
       .send({
@@ -66,7 +66,7 @@ describe('FACILITY BOOKING', () => {
   });
   it('should not book an unexisting room', (done) => {
     chai
-      .request(server)
+      .request(app)
       .post(bookingRoute)
       .set('token', token)
       .send({
@@ -85,7 +85,7 @@ describe('FACILITY BOOKING', () => {
 
   it('should not book a room with wrong checkin greater than checkout', (done) => {
     chai
-      .request(server)
+      .request(app)
       .post(bookingRoute)
       .set('token', token)
       .send({

diff --git a/src/tests/trips.test.js b/src/tests/trips.test.js
@@ -8,7 +8,8 @@ const {
   expect
 } = chai;
 
-let token, managerToken;
+let token, tokenWithNoRequests, managerToken;
+const requestId = 't1e74db7-h610-4f50-9f45-e2371j331ld5';
 const
   managerId = '0119b84a-99a4-41c0-8a0e-6e0b6c385165',
   location = 'kigali',
@@ -264,3 +265,78 @@ describe('SEARCH TESTS', () => {
       });
   });
 });
+describe('VIEW REQUESTS', () => {
+  before((done) => {
+    chai
+      .request(app)
+      .post('/api/v1/auth/login')
+      .send({
+        email: 'peter@andela.com',
+        password: 'Bien@BAR789'
+      })
+      .end((err, res) => {
+        tokenWithNoRequests = res.body.data;
+        done();
+      });
+  });
+  it('should allow a requester to view one trip', (done) => {
+    chai
+      .request(app)
+      .get(`/api/v1/trips/${requestId}/view`)
+      .set('token', token)
+      .end((err, res) => {
+        expect(res.status).to.equal(200);
+        expect(res.body.status).to.equal(200);
+        expect(res.body.data).to.be.an('object');
+        done();
+      });
+  });
+  it('should allow a manager to view one trip', (done) => {
+    chai
+      .request(app)
+      .get(`/api/v1/trips/${requestId}/view`)
+      .set('token', managerToken)
+      .end((err, res) => {
+        expect(res.status).to.equal(200);
+        expect(res.body.status).to.equal(200);
+        expect(res.body.data).to.be.an('object');
+        done();
+      });
+  });
+  it('should allow a requester to view all trips', (done) => {
+    chai
+      .request(app)
+      .get('/api/v1/trips/view')
+      .set('token', token)
+      .end((err, res) => {
+        expect(res.status).to.equal(200);
+        expect(res.body.status).to.equal(200);
+        expect(res.body.data).to.be.an('array');
+        done();
+      });
+  });
+  it('should not view an unexisting trip', (done) => {
+    chai
+      .request(app)
+      .get('/api/v1/trips/blahblah/view')
+      .set('token', token)
+      .end((err, res) => {
+        expect(res.status).to.equal(404);
+        expect(res.body.status).to.equal(404);
+        expect(res.body.error).to.equal('Request not found or not yours');
+        done();
+      });
+  });
+  it('should not view unexisting trips', (done) => {
+    chai
+      .request(app)
+      .get('/api/v1/trips/view')
+      .set('token', tokenWithNoRequests)
+      .end((err, res) => {
+        expect(res.status).to.equal(404);
+        expect(res.body.status).to.equal(404);
+        expect(res.body.error).to.equal('Requests not found');
+        done();
+      });
+  });
+});