search

benoit-bremaud / HappiHub

HappiHub - A platform for organizing and discovering cultural and artistic events. Join the community and explore events happening around you!
https://www.happihub.com
MIT License
1 stars 3 forks source link

feat: implement PUT /comments/:id route with author verification #188

Closed benoit-bremaud closed 4 months ago

benoit-bremaud commented 4 months ago

Summary

This pull request implements the PUT /comments/:id route to update a specific comment by ID and includes author verification to ensure that only the author of the comment or an admin/moderator can update the comment.

Changes Implemented

How to Test

  1. Update Comment as Author:

    • Send a PUT request to http://localhost:3000/comments/:id with a valid comment ID where the author matches the authenticated user.
    • Ensure the comment is updated successfully.

  2. Update Comment as Admin:

    • Send a PUT request to http://localhost:3000/comments/:id with a valid comment ID using an admin token.
    • Ensure the comment is updated successfully.

  3. Unauthorized Update Attempt:

    • Send a PUT request to http://localhost:3000/comments/:id with a valid comment ID using a token from a different user (not the author and not an admin).
    • Ensure the response is 403 Forbidden.

  4. Comment Not Found:

    • Send a PUT request to http://localhost:3000/comments/:id with a non-existent comment ID.
    • Ensure the response is 404 Not Found.

Example Request

PUT /comments/669b328c21af94e2afcdd83f HTTP/1.1
Host: localhost:3000
Authorization: Bearer <your_token>
Content-Type: application/json

{
  "content": "Updated comment content",
  "status": "approved"
}

Example Response

{
  "_id": "669b328c21af94e2afcdd83f",
  "content": "Updated comment content",
  "author": "669b2fba21af94e2afcdd82d",
  "event": "669b314e21af94e2afcdd832",
  "status": "approved",
  "createdAt": "2024-07-20T03:44:12.149Z",
  "updatedAt": "2024-07-20T03:44:12.149Z",
  "__v": 0
}

Resolves #150