DC/dc-project
1
1
Fork 0
Code Issues 25 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

Add validation on route PutVoteOnConstitution

Browse Source
This commit is contained in:
Fabrice Lecomte
2021-04-15 02:42:29 +02:00
parent 367f59ee18
commit 1118866856
3 changed files with 71 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/main/kotlin/fr/dcproject/component/vote/routes/PutVoteOnConstitution.kt
View File

@@ -1,5 +1,6 @@
package fr.dcproject.component.vote.routes package fr.dcproject.component.vote.routes
import fr.dcproject.application.http.badRequestIfNotValid
import fr.dcproject.common.security.assert import fr.dcproject.common.security.assert
import fr.dcproject.common.utils.receiveOrBadRequest import fr.dcproject.common.utils.receiveOrBadRequest
import fr.dcproject.component.auth.citizen import fr.dcproject.component.auth.citizen
@@ -11,6 +12,9 @@ import fr.dcproject.component.vote.VoteAccessControl
import fr.dcproject.component.vote.database.VoteConstitutionRepository import fr.dcproject.component.vote.database.VoteConstitutionRepository
import fr.dcproject.component.vote.database.VoteForUpdate import fr.dcproject.component.vote.database.VoteForUpdate
import fr.dcproject.component.vote.routes.PutVoteOnConstitution.ConstitutionVoteRequest.Input import fr.dcproject.component.vote.routes.PutVoteOnConstitution.ConstitutionVoteRequest.Input
import io.konform.validation.Validation
import io.konform.validation.jsonschema.maximum
import io.konform.validation.jsonschema.minimum
import io.ktor.application.call import io.ktor.application.call
import io.ktor.features.NotFoundException import io.ktor.features.NotFoundException
import io.ktor.http.HttpStatusCode import io.ktor.http.HttpStatusCode
@@ -26,17 +30,25 @@ object PutVoteOnConstitution {
@Location("/constitutions/{constitution}/vote") @Location("/constitutions/{constitution}/vote")
class ConstitutionVoteRequest(constitution: UUID) { class ConstitutionVoteRequest(constitution: UUID) {
val constitution = ConstitutionRef(constitution) val constitution = ConstitutionRef(constitution)
data class Input(var note: Int) data class Input(var note: Int) {
fun validate() = Validation<Input> {
Input::note {
minimum(-1)
maximum(1)
}
}.validate(this)
}
} }
fun Route.voteConstitution(repo: VoteConstitutionRepository, ac: VoteAccessControl, constitutionRepo: ConstitutionRepository) { fun Route.voteConstitution(repo: VoteConstitutionRepository, ac: VoteAccessControl, constitutionRepo: ConstitutionRepository) {
put<ConstitutionVoteRequest> { put<ConstitutionVoteRequest> {
mustBeAuth() mustBeAuth()
val constitution = constitutionRepo.findById(it.constitution.id) ?: throw NotFoundException("Unable to find constitution ${it.constitution.id}") val constitution = constitutionRepo.findById(it.constitution.id) ?: throw NotFoundException("Unable to find constitution ${it.constitution.id}")
val content = call.receiveOrBadRequest<Input>() val input = call.receiveOrBadRequest<Input>()
.apply { validate().badRequestIfNotValid() }
val vote = VoteForUpdate( val vote = VoteForUpdate(
target = constitution, target = constitution,
note = content.note, note = input.note,
createdBy = this.citizen createdBy = this.citizen
) )
ac.assert { canCreate(vote, citizenOrNull) } ac.assert { canCreate(vote, citizenOrNull) }

6
src/main/resources/openapi.yaml
View File

@@ -1194,6 +1194,12 @@ paths:
responses: responses:
201: 201:
description: Return only http status 201 on success description: Return only http status 201 on success
400:
description: BadReqest
content:
application/json:
schema:
$ref: '#/components/schemas/400'
/citizens/{citizen}/votes: /citizens/{citizen}/votes:
parameters: parameters:
- $ref: '#/components/parameters/citizen' - $ref: '#/components/parameters/citizen'

47
src/test/kotlin/integration/Vote routes.kt
View File

@@ -88,23 +88,62 @@ class `Vote routes` : BaseTest() {
} }
} }
@Test @TestFactory
fun `I can vote constitution`() { fun `I can vote constitution`(): List<DynamicTest> {
withIntegrationApplication { withIntegrationApplication {
`Given I have citizen`("Gregor", "Mendel") `Given I have citizen`("Gregor", "Mendel")
`Given I have constitution`(id = "76e79c89-efc1-492d-9e8f-dc9717363a11") `Given I have constitution`(id = "76e79c89-efc1-492d-9e8f-dc9717363a11")
}
return (-1..1).map { note ->
DynamicTest.dynamicTest("""I can vote constitution with note "$note"""") {
withIntegrationApplication {
`When I send a PUT request`("/constitutions/76e79c89-efc1-492d-9e8f-dc9717363a11/vote") { `When I send a PUT request`("/constitutions/76e79c89-efc1-492d-9e8f-dc9717363a11/vote") {
`authenticated as`("Gregor", "Mendel") `authenticated as`("Gregor", "Mendel")
`with body`( `with body`(
""" """
{ {
"note": 1 "note": $note
}
""" """
) )
} `Then the response should be` Created } `Then the response should be` Created
} }
} }
}
}
@TestFactory
@Tag("BadRequest")
fun `I cannot vote constitution with wrong request`(): List<DynamicTest> {
withIntegrationApplication {
`Given I have citizen`("Gregor", "Mendel")
`Given I have constitution`(id = "76e79c89-efc1-492d-9e8f-dc9717363a11")
}
return listOf(-10, -2, +2, +10).map { note ->
DynamicTest.dynamicTest("""I can vote constitution with note "$note"""") {
withIntegrationApplication {
`When I send a PUT request`(
"/constitutions/76e79c89-efc1-492d-9e8f-dc9717363a11/vote",
ALL - REQUEST_BODY
) {
`authenticated as`("Gregor", "Mendel")
`with body`(
"""
{
"note": $note
}
"""
)
} `Then the response should be` BadRequest and {
`And the response should not be null`()
`And the response should contain`("$.invalidParams[0].name", ".note")
`And the response should contain`("$.invalidParams[0].reason", if (note > 0) "must be at most '1'" else "must be at least '-1'")
}
}
}
}
}
@Test @Test
fun `I can get votes of current citizen`() { fun `I can get votes of current citizen`() {