DC/dc-project
1
1
Fork 0
Code Issues 25 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

Valider les resource entrente #91

Merged
flecomte merged 46 commits from 21-valid-input into master 2021-04-16 03:27:11 +02:00
Conversation 1 Commits 46 Files Changed 83 +63 -5
3 changed files with 63 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 367f59ee18 - Show all commits

27
src/main/kotlin/fr/dcproject/component/vote/routes/PutVoteOnComment.kt
View File

@@ -1,15 +1,21 @@
package fr.dcproject.component.vote.routes
import fr.dcproject.application.http.badRequestIfNotValid
import fr.dcproject.common.security.assert
import fr.dcproject.common.utils.receiveOrBadRequest
import fr.dcproject.component.auth.citizen
import fr.dcproject.component.auth.citizenOrNull
import fr.dcproject.component.auth.mustBeAuth
import fr.dcproject.component.comment.generic.database.CommentRef
import fr.dcproject.component.comment.generic.database.CommentRepository
import fr.dcproject.component.vote.VoteAccessControl
import fr.dcproject.component.vote.database.VoteCommentRepository
import fr.dcproject.component.vote.database.VoteForUpdate
import io.konform.validation.Validation
import io.konform.validation.jsonschema.maximum
import io.konform.validation.jsonschema.minimum
import io.ktor.application.call
import io.ktor.features.NotFoundException
import io.ktor.http.HttpStatusCode
import io.ktor.locations.KtorExperimentalLocationsAPI
import io.ktor.locations.Location
@@ -21,18 +27,29 @@ import java.util.UUID
@KtorExperimentalLocationsAPI
object PutVoteOnComment {
@Location("/comments/{comment}/vote")
class CommentVoteRequest(val comment: UUID) {
data class Content(var note: Int)
class CommentVoteRequest(comment: UUID) {
val comment = CommentRef(comment)
data class Input(var note: Int) {
fun validate() = Validation<Input> {
Input::note {
minimum(-1)
maximum(1)
}
}.validate(this)
}
}
fun Route.putVoteOnComment(voteCommentRepo: VoteCommentRepository, commentRepo: CommentRepository, ac: VoteAccessControl) {
put<CommentVoteRequest> {
mustBeAuth()
val comment = commentRepo.findById(it.comment)!!
val content = call.receiveOrBadRequest<CommentVoteRequest.Content>()
val comment = commentRepo.findById(it.comment.id) ?: throw NotFoundException("Comment ${it.comment.id} not found")
val input = call.receiveOrBadRequest<CommentVoteRequest.Input>()
.apply { validate().badRequestIfNotValid() }
val vote = VoteForUpdate(
target = comment,
note = content.note,
note = input.note,
createdBy = this.citizen
)
ac.assert { canCreate(vote, citizenOrNull) }

6
src/main/resources/openapi.yaml
View File

@@ -1252,6 +1252,12 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/VoteAggregation'
400:
description: BadReqest
content:
application/json:
schema:
$ref: '#/components/schemas/400'
401:
$ref: '#/components/responses/401'
/citizens/{citizen}/votes/articles:

35
src/test/kotlin/integration/Vote routes.kt
View File

@@ -181,4 +181,39 @@ class `Vote routes` : BaseTest() {
}
}
}
@TestFactory
@Tag("BadRequest")
fun `I cannot vote comment with wrong request`(): List<DynamicTest> {
withIntegrationApplication {
`Given I have citizen`("Antoine", "Lavoisier")
`Given I have article`(id = "835c5101-ca39-4038-a4e6-da6ee62ca6d5")
`Given I have comment on article`(
createdBy = Name("Antoine", "Lavoisier"),
article = "835c5101-ca39-4038-a4e6-da6ee62ca6d5",
id = "e793eccc-456b-4450-a292-46d592229b74",
)
}
return listOf(-10, -2, +2, +10).map { note ->
DynamicTest.dynamicTest("""I can vote comment with note "$note"""") {
withIntegrationApplication {
`When I send a PUT request`("/comments/e793eccc-456b-4450-a292-46d592229b74/vote", ALL - REQUEST_BODY) {
`authenticated as`("Antoine", "Lavoisier")
`with body`(
"""
{
"note": $note
}
"""
)
} `Then the response should be` BadRequest and {
`And the response should not be null`()
`And the response should contain`("$.invalidParams[0].name", ".note")
`And the response should contain`("$.invalidParams[0].reason", if (note > 0) "must be at most '1'" else "must be at least '-1'")
}
}
}
}
}
}