Merge pull request #50 from andela/bg-documentation-fix

[Bug] Fix swagger documentation

src/controllers/commentController.js

@@ -73,7 +73,7 @@ export const getUserTripComments = async (req, res, next) => {
     const { id, roleId } = req.auth;
     if (roleId === 6) {
       const trip = await findUserTrip(Number(tripId), id);
-      if (!trip) {
+      if (!trip.length) {
         return respondWithWarning(res, statusCode.resourceNotFound, 'Trip not found');
       }
       const data = await fetchTripComments(trip);

src/docs/swagger/paths/accommodations.js

@@ -1,4 +1,3 @@
-
 export const createAccommodationPath = {
   post: {
     tags: [
@@ -10,7 +9,7 @@ export const createAccommodationPath = {
       }
     ],
     consumes: [
-      'multipart/mixed'
+      'multipart/form-data'
     ],
     summary: 'Create an accommodation',
     description: 'Allows travel admin and suppliers to create accommodation',
@@ -64,14 +63,11 @@ export const createAccommodationPath = {
         }
       },
       {
-        name: 'images[]',
+        name: 'images',
         in: 'formData',
         description: 'file to upload',
         required: false,
-        type: 'array',
-        items: {
-          type: 'file'
-        }
+        type: 'file',
       }
     ],
     responses: {

src/docs/swagger/paths/auth.js

@@ -43,7 +43,7 @@ export const signInPath = {
   }
 };
 export const logoutPath = {
-  post: {
+  get: {
     tags: ['auth'],
     security: [
       {

src/docs/swagger/paths/profile.js

@@ -1,20 +1,16 @@
 const ProfilePath = {
   post: {
     tags: [
-      'profile'
+      'users'
+    ],
+    security: [
+      {
+        BearerToken: []
+      }
     ],
     summary: 'Create profile of a user',
     description: 'Allows signed-in user to create profile',
     parameters: [
-      {
-        name: 'authorization',
-        in: 'header',
-        description: 'User authentication token',
-        required: true,
-        schema: {
-          $ref: '#/definitions/ProfileHeaders'
-        }
-      },
       {
         name: 'body',
         in: 'body',
@@ -26,7 +22,7 @@ const ProfilePath = {
       }
     ],
     responses: {
-      200: {
+      201: {
         description: 'User creates profile successfully',
         schema: {
           $ref: '#/definitions/ProfileResponds'
@@ -51,7 +47,7 @@ const ProfilePath = {
         }
       },
       409: {
-        description: 'Server error',
+        description: 'Conflict',
         schema: {
           $ref: '#/definitions/conflict'
         }
@@ -66,21 +62,15 @@ const ProfilePath = {
   },
   get: {
     tags: [
-      'profile'
+      'users'
     ],
-    summary: 'Get profile of a user',
-    description: 'Allows signed-in user to get their profile',
-    parameters: [
+    security: [
       {
-        name: 'authorization',
-        in: 'header',
-        description: 'User authentication token',
-        required: true,
-        schema: {
-          $ref: '#/definitions/ProfileHeaders'
-        }
+        BearerToken: []
       }
     ],
+    summary: 'Get profile of a user',
+    description: 'Allows signed-in user to get their profile',
     responses: {
       200: {
         description: 'User creates profile successfully',
@@ -101,7 +91,7 @@ const ProfilePath = {
         }
       },
       404: {
-        description: 'Unauthorized user',
+        description: 'User not found',
         schema: {
           $ref: '#/definitions/notFound'
         }
@@ -116,20 +106,16 @@ const ProfilePath = {
   },
   patch: {
     tags: [
-      'profile'
+      'users'
+    ],
+    security: [
+      {
+        BearerToken: []
+      }
     ],
     summary: 'Update profile of a user',
     description: 'Allows signed-in user to update profile',
     parameters: [
-      {
-        name: 'authorization',
-        in: 'header',
-        description: 'User authentication token',
-        required: true,
-        schema: {
-          $ref: '#/definitions/ProfileHeaders'
-        }
-      },
       {
         name: 'body',
         in: 'body',

src/docs/swagger/swagger.js

@@ -1,5 +1,4 @@
 // eslint-disable-next-line import/named
-import { API_URL } from '../../config/constants';
 import { created, success } from './definitions/successResponse';
 import {
   badRequest, notAuthorized, accessForbidden, notFound, conflict,
@@ -59,7 +58,7 @@ const swaggerDocument = {
     description: 'API Documentation for Barefoot Nomad.',
     header: 'none'
   },
-  host: API_URL,
+  host: 'bn-api-staging.herokuapp.com',
   basePath: '/api/v1/',
   produces: ['application/json'],
   consumes: ['application/json'],

src/middlewares/commentMiddleware.js

@@ -4,5 +4,10 @@ import { respondWithWarning } from '../helpers/responseHandler';
 
 export const verifyComment = async (req, res, next) => {
   const comment = await findCommentById(Number(req.params.commentId));
+  req.comment = comment;
   return !comment ? respondWithWarning(res, statusCode.resourceNotFound, 'Comment not found') : next();
 };
+
+export const checkVisibility = async (req, res, next) => (!req.comment.isVisible ? respondWithWarning(res, statusCode.success, 'Comment has been deleted') : next());
+
+export const checkDeletePermission = async (req, res, next) => ((req.auth.id !== req.comment.userId) ? respondWithWarning(res, statusCode.unauthorizedAccess, 'Access denied. You don\'t have the permission to delete this comment') : next());

src/routes/api/accommodation.routes.js

@@ -13,7 +13,7 @@ const router = express.Router();
 
 router.post('/', authenticateUserToken, checkPermission('CREATE_NEW_ACCOMODATION'), multerUploads, createAccommodation, accommodationController.createAccommodation);
 router.get('/', authenticateUserToken, checkPermission('VIEW_ACCOMODATION'), accommodationController.getAccommodations);
-router.get('/trip/:tripId', authenticateUserToken, checkPermission('VIEW_ACCOMODATION'), getTripAccommodations, verifyTrip, accommodationController.getTripAccommodations);
+router.get('/trips/:tripId', authenticateUserToken, checkPermission('VIEW_ACCOMODATION'), getTripAccommodations, verifyTrip, accommodationController.getTripAccommodations);
 router.get('/:accommodationId', authenticateUserToken, checkPermission('VIEW_ACCOMODATION'), getSingleAccommodation, accommodationController.getOneAccommodation);
 router.post('/rooms/:accommodationId', authenticateUserToken, checkPermission('CREATE_ROOM'), createRoom, accommodationController.createRoom);
 

src/routes/api/comment.routes.js

@@ -2,7 +2,7 @@ import { Router } from 'express';
 import { authenticateUserToken } from '../../middlewares/authentication';
 import { checkPermission } from '../../middlewares/checkPermission';
 import { verifyTrip } from '../../middlewares/tripMiddleware';
-import { verifyComment } from '../../middlewares/commentMiddleware';
+import { verifyComment, checkVisibility, checkDeletePermission } from '../../middlewares/commentMiddleware';
 import { validateCreateComment, validateDeleteParams, validateTripId } from '../../middlewares/validateTripRequest';
 import {
   createTripComment, removeComment, getUserTripComments, getTripComments
@@ -12,7 +12,7 @@ const router = Router();
 
 router.post('/:tripId/comment', authenticateUserToken, validateCreateComment, verifyTrip, checkPermission('CREATE_TRIP_COMMENT'), createTripComment);
 
-router.delete('/:tripId/comments/:commentId', authenticateUserToken, validateDeleteParams, verifyTrip, verifyComment, checkPermission('DELETE_TRIP_COMMENT'), removeComment);
+router.delete('/:tripId/comments/:commentId', authenticateUserToken, validateDeleteParams, verifyTrip, verifyComment, checkVisibility, checkDeletePermission, removeComment);
 
 router.get('/:tripId/comments', authenticateUserToken, validateTripId, verifyTrip, checkPermission('VIEW_TRIP_COMMENT'), getUserTripComments, getTripComments);
 

src/services/commentServices.js

@@ -34,11 +34,14 @@ export const createComment = async (payload) => {
 export const findCommentById = async (commentId) => {
   try {
     const comment = await Comment.findOne({
-      where: { id: commentId },
+      attributes: ['id', 'tripId', 'userId', 'comment', 'isVisible'],
+      where: {
+        id: commentId
+      },
       logging: false
     });
 
-    return comment;
+    return comment.toJSON();
   } catch (error) {
     return {
       errors: error

src/test/accommodation.test.js

@@ -248,7 +248,7 @@ describe('ACCOMMODATION CONTROLLER', () => {
 
     it('it should get accommodations for a specific trip', (done) => {
       chai.request(app)
-        .get(`${accommodationUrl}/trip/2`)
+        .get(`${accommodationUrl}/trips/2`)
         .set('Authorization', currentToken)
         .end((error, res) => {
           expect(res).to.have.status(200);
@@ -287,7 +287,7 @@ describe('ACCOMMODATION CONTROLLER', () => {
 
     it('it should return error if tripId is invalid', (done) => {
       chai.request(app)
-        .get(`${accommodationUrl}/trip/a2`)
+        .get(`${accommodationUrl}/trips/a2`)
         .set('Authorization', currentToken)
         .end((error, res) => {
           expect(res).to.have.status(400);

src/test/comment.test.js

@@ -174,9 +174,9 @@ describe('DELETE TRIP COMMENT', () => {
 
   it('it should return an error for access denied', async () => {
     const res = await request
-      .delete(`${approveTripUrl}/1/comments/1`)
+      .delete(`${approveTripUrl}/1/comments/2`)
       .set('Authorization', blockedToken);
-    expect(res).to.have.status(403);
+    expect(res).to.have.status(401);
     expect(res.body).to.have.property('success');
     expect(res.body).to.have.property('message');
     expect(res.body).to.have.property('payload');