[FEAT] API Endpoint For Organisation Creation by users - Backend

[FredChuksDev]

Description

Develop a backend API for creating organisations, including authentication and authorization checks, input validation, and error handling.

Acceptance Criteria

1. Authentication Middleware

   • Implement middleware to ensure the user is authenticated using JWT.
   • If authentication fails, return a 401 Unauthorized status code.
   • If authenticated, proceed with the request.

2. Create Organisation Endpoint

   • Accepts HTTP POST requests at /api/v1/organisations.
   • Creates a new organisation with a 201 Created status code if the user request is valid.

3. Field Validation

   • Validate all supplied fields.
   • If validation fails, return a 422 Unprocessable Entity status code with detailed error messages.

Request Body

{
  "name": "String",
  "description": "String",
  "email": "string",
  "industry": "string",
  "type": "string",
  "country": "string",
  "address": "string",
  "state": "string",
}

Successful Response

{
  "status": "success",
  "message": "organisation created successfully",
  "data": {
    "id": "String",
    "name": "String",
    "description": "String",
    "owner_id": "string",
    "slug" : "string",
    "email": "string",
    "industry": "string",
    "type": "string",
    "country": "string",
    "address": "string",
    "state": "string",
    "created_at": "2024-01-01T12:00:00Z",
    "updated_at": "2024-06-01T12:00:00Z"
  },
  "status_code": 201
}

Unsuccessful Response

{
  "status": "Bad Request",
  "message": "Client error",
  "statusCode": 400
}

Validation Error Response

{
  "errors": [
    {
      "field": "String",
      "message": "String"
    }
  ]
}

Unauthenticated Error Response

{
  "status": "Unauthorized",
  "message": "User not authenticated",
  "statusCode": 401
}

Database Design

Table organisations {
  id uuid [primary key]
  slug varchar(255) [unique]
  owner_id uuid [foreign key to users(id)]
  name varchar(255)
  email varchar(255)
  industry varchar(255)
  type varchar(255)
  country varchar(255)
  address varchar(255)
  state varchar(255)
  description text
  created_at timestamp
  updated_at timestamp
}

Table organisations_user {
  user_id uuid [foreign key to users(id)]
  organisation_id uuid [foreign key to organisations(id)]
  role varchar(255)
  created_at timestamp
  updated_at timestamp
}

Ref: users.id < organisations_user.user_id
Ref: organisations.id < organisations_user.organisation_id

Purpose

Provide a backend service that allows admins to create new organizations, ensuring proper authentication, authorization, and validation.

Requirements

• [ ] Implement middleware for JWT authentication.
• [ ] Develop server-side logic to create a new organisation.
• [ ] Develop server-side logic to bind user to the created organisation.
• [ ] Validate each field in the request json.

Expected Outcome

The API endpoint allows admins to create new organisations with appropriate validation and authentication.

Task

• [ ] Create the endpoint HTTP POST /api/v1/organisations to create new organisations.
• [ ] Implement authentication middleware to validate JWT tokens.
• [ ] Validate all fields in the request body.
• [ ] Write unit tests for all scenarios, including successful creation, validation errors, and authentication/authorization checks.
• [ ] Perform security testing to ensure data protection and compliance.

Testing

• Write unit tests for successful organisation creation.
• Write unit tests for fields validation.
• Write unit tests for bad client requests.
• Write unit tests for authentication checks.
• Perform security testing to ensure data protection and compliance.
• Test various scenarios for creating organisations, including edge cases and error handling.

[FredChuksDev]

This issue is linked to the approved issue here