An API endpoint to enable users to update their comments in the Blog comment section. The endpoint ensures a user can update their comment in the blog section at will. The endpoint should at first ensure that the comment exists. The endpoint should also be protected, and ensure that the user that is logged in is the owner of the said comment.
Models Involved
Comment: Represents the comments made by users on blog posts.
Blog: Represents the blog posts to which comments are made.
Acceptance Criteria
The endpoint should be accessible at PUT /api/v1/user/blog/comment/{comment-id}
The endpoint should accept HTTP POST requests.
The endpoint should be secured to ensure that only authenticated users can update their comments.
Requests to the endpoint must include a valid authentication token in the Authorization header. Authorization: Bearer
The comment should be tied to the blog it is meant to comment on.
Endpoint
Description: Update the content of the About page. Endpoint: PUT /api/v1/about Authentication: Required Authorization: Creators of resource(comment) only Request Body:
{
"comment_body": "string"
}
Response
On a successful update of the comment, the API should return a 200 Ok status code.
The response body should contain status and a message
Response (Success):
If the comment body field is missing or invalid, the API should return a 400 Bad Request status code with appropriate validation error messages.
{
"message": "comment field must be provided",
"status": "unsuccessful",
"status_code": 400
}
If the comment is not found, the API should return a 404 Not Found status code with appropriate validation error messages.
{
"message": "comment not found",
"status": "unsuccessful",
"status_code": 404
}
If a user tries to edit a comment that does not belong to them, the API should return a 400 Bad Request status code with appropriate validation error messages.
{
"message": "You do not have permission to edit this comment.",
"status": "unsuccessful",
"status_code": 400
}
Purpose
Provides a secure backend service that allows users to update their comments in the blog section.
Requirements
Develop server-side logic to update the user’s comments in the blog section.
Securely handle comments updates and comply with security standards.
Ensure that the user owns or originally wrote the comment they want to update.
Expected Outcome
API endpoint allows users to update their comments in the blog section with appropriate validation and security measures.
Tasks
[ ] Define the server-side application's PUT /api/v1/user/blog/comment/{comment-id} route.
[ ] Ensure requests include a valid token in the Authorization header.
[ ] Validate that user owns the comment they want to update.
[ ] Update the comment body if it is valid and meets security requirements.
[ ] Handle cases where the current user is not the comment owner.
Testing
Write unit tests to validate user can only update a comment they have written.
Write integration tests to ensure end-to-end functionality.
Perform security testing to ensure data protection and compliance.
Description
An API endpoint to enable users to update their comments in the Blog comment section. The endpoint ensures a user can update their comment in the blog section at will. The endpoint should at first ensure that the comment exists. The endpoint should also be protected, and ensure that the user that is logged in is the owner of the said comment.
Models Involved
Acceptance Criteria
PUT /api/v1/user/blog/comment/{comment-id}
Endpoint
Description: Update the content of the About page.
Endpoint:
PUT /api/v1/about
Authentication: Required
Authorization: Creators of resource(comment) only
Request Body:
Response
Purpose
Provides a secure backend service that allows users to update their comments in the blog section.
Requirements
Expected Outcome
Tasks
Testing