Closed ning905 closed 1 year ago
Make sure you check the user
object on the req
object passed in to your controller to check it's the correct user making the edit
You'll also need to make sure they've actually provided some content, have a think about if there should be a minimum length for content on posts or if you want to just accept anything that's not empty
Other than that, I'm happy for you to go ahead with this. Really great work on this one!
Thanks Nathan!
user
in the req
matches with the author of the post. Is this what you mean?
Send a PATCH request to “/post/:id” Request body sample:
Check token validation Return errors respectively according to the auth.js middleware
After passing the validation stage, the request should have a user property. User sample:
Find the post in the database with the provided id in request params, and return the object including its user information. https://www.prisma.io/docs/concepts/components/prisma-client/crud#read Post sample:
If not found, return error 404, “The post with the provided id does not exist”
Check if the user id in the request matches the user id that comes with the post. If not match, return error 403, “Only the post author can edit the post”
Update the post content according to the request body. Include the new post object in the response. https://www.prisma.io/docs/concepts/components/prisma-client/crud#read Response sample: