`feature/delete-comment-by-id`

[benoit-bremaud]

feat: implement DELETE /comments/:id route to delete a comment by ID

Summary

This pull request implements the DELETE /comments/:id route that allows authenticated users to delete a specific comment by its ID. The route ensures that only the author of the comment or an admin can perform the deletion.

Changes Implemented

• Added deleteCommentById method to commentController to handle deleting a comment.
• Created a new route in commentRoutes.js for DELETE /comments/:id, protected by authenticateToken.
• Added verification to ensure only the author of the comment or an admin can delete the comment.
• Implemented error handling to return 404 Not Found if the comment is not found.
• Verified functionality with Postman tests.

How to Test

1. Delete Comment as Author:

   • Send a DELETE request to http://localhost:5000/comments/:id with a valid comment ID where the author matches the authenticated user.
   • Ensure the comment is deleted successfully.

2. Delete Comment as Admin:

   • Send a DELETE request to http://localhost:5000/comments/:id with a valid comment ID using an admin token.
   • Ensure the comment is deleted successfully.

3. Unauthorized Deletion Attempt:

   • Send a DELETE request to http://localhost:5000/comments/:id with a valid comment ID using a token from a different user (not the author and not an admin).
   • Ensure the response is 403 Forbidden.

4. Comment Not Found:

   • Send a DELETE request to http://localhost:5000/comments/:id with a non-existent comment ID.
   • Ensure the response is 404 Not Found.

Example Request (Admin)

DELETE /comments/669b31e121af94e2afcdd82f HTTP/1.1
Host: localhost:5000
Authorization: Bearer <admin_token>

Example Response

{
    "message": "Comment deleted successfully"
}

New Issues Created

• Issue #197: Create unit tests for DELETE /comments/:id route.
• Issue #198: Update API documentation to include DELETE /comments/:id route.

Resolves #152