Add POST endpoint for wiki profiles (#927)

* Add POST endpoint for Wiki profiles

* Require a non-empty JSON profile

* Update CHANGELOG.md

Author: AndrewKostka

CHANGELOG.md

@@ -1,5 +1,8 @@
 # api
 
+## 10x.19.5
+- Add POST endpoint for wiki profiles
+
 ## 10x.19.4
 - Extend wiki details with profile data
 

app/Http/Controllers/WikiProfileController.php

@@ -0,0 +1,39 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Helper\ProfileValidator;
+use App\Rules\NonEmptyJsonRule;
+use App\Wiki;
+use App\WikiProfile;
+use Illuminate\Http\Request;
+
+class WikiProfileController extends Controller
+{
+    private $profileValidator;
+
+    public function __construct(ProfileValidator $profileValidator)
+    {
+        $this->profileValidator = $profileValidator;
+    }
+
+    public function create(Request $request): \Illuminate\Http\JsonResponse
+    {
+        $validatedInput = $request->validate([
+            'wiki' => ['required', 'integer'],
+            'profile' => ['required', 'json', new NonEmptyJsonRule]
+        ]);
+
+        $wiki = Wiki::find($validatedInput['wiki']);
+        if (!$wiki) {
+            abort(404, 'No such wiki');
+        }
+
+        $rawProfile = json_decode($validatedInput['profile'], true);
+        $profileValidator = $this->profileValidator->validate($rawProfile);
+        $profileValidator->validateWithBag('post');
+
+        $profile = WikiProfile::create(['wiki_id' => $wiki->id, ...$rawProfile]);
+        return response()->json(['data' => $profile]);
+    }
+}

app/Rules/NonEmptyJsonRule.php

@@ -0,0 +1,17 @@
+<?php
+
+namespace App\Rules;
+
+use Closure;
+use Illuminate\Contracts\Validation\ValidationRule;
+
+class NonEmptyJsonRule implements ValidationRule
+{
+    public function validate(string $attribute, mixed $value, Closure $fail): void
+    {
+        $json = json_decode($value, true);
+        if (!is_array($json) || empty($json)) {
+            $fail("The {$attribute} field must be a non-empty JSON object.");
+        }
+    }
+}

routes/api.php

@@ -47,6 +47,7 @@
             $router->post('managers/list', ['uses' => 'WikiManagersController@getManagersOfWiki']);
             $router->get('entityImport', ['middleware' => 'limit_wiki_access', 'uses' => 'WikiEntityImportController@get']);
             $router->post('entityImport', ['middleware' => 'limit_wiki_access', 'uses' => 'WikiEntityImportController@create']);
+            $router->post('profile', ['middleware' => 'limit_wiki_access', 'uses' => 'WikiProfileController@create']);
         });
         $router->apiResource('deletedWikiMetrics', 'DeletedWikiMetricsController')->only(['index'])
             ->middleware(AuthorisedUsersForDeletedWikiMetricsMiddleware::class);

tests/Routes/Wiki/ProfileControllerTest.php

@@ -0,0 +1,174 @@
+<?php
+
+namespace Tests\Routes\Wiki\Managers;
+
+use App\User;
+use App\Wiki;
+use App\WikiManager;
+use App\WikiProfile;
+use Tests\TestCase;
+
+class ProfileControllerTest extends TestCase
+{
+    protected $route = 'wiki/profile';
+
+    public function setUp(): void
+    {
+        parent::setUp();
+        Wiki::query()->delete();
+        WikiManager::query()->delete();
+        WikiProfile::query()->delete();
+    }
+
+    public function tearDown(): void
+    {
+        Wiki::query()->delete();
+        WikiManager::query()->delete();
+        WikiProfile::query()->delete();
+        parent::tearDown();
+    }
+
+    public function testFailOnMissingWiki(): void
+    {
+        $wiki = Wiki::factory()->create();
+        $user = User::factory()->create(['verified' => true]);
+        WikiManager::factory()->create(['wiki_id' => $wiki->id, 'user_id' => $user->id]);
+        $wiki->delete();
+
+        $this->actingAs($user, 'api')
+        ->json(
+            'POST',
+            $this->route,
+            [
+                'wiki' => $wiki->id,
+                'profile' => json_encode([
+                    'audience' => 'wide',
+                    'temporality' => 'permanent',
+                    'purpose' => 'data_hub'
+                ])
+            ]
+        )
+        ->assertStatus(404);
+    }
+
+    public function testFailOnWrongWikiManager(): void
+    {
+        $userWiki = Wiki::factory()->create();
+        $otherWiki = Wiki::factory()->create();
+        $user = User::factory()->create(['verified' => true]);
+        WikiManager::factory()->create(['wiki_id' => $userWiki->id, 'user_id' => $user->id]);
+
+        $this->actingAs($user, 'api')
+        ->json(
+            'POST',
+            $this->route,
+            [
+                'wiki' => $otherWiki->id,
+                'profile' => json_encode([
+                    'audience' => 'wide',
+                    'temporality' => 'permanent',
+                    'purpose' => 'data_hub'
+                ])
+            ]
+        )
+        ->assertStatus(403);
+    }
+
+    public function testFailOnEmptyProfile(): void
+    {
+        $userWiki = Wiki::factory()->create();
+        $user = User::factory()->create(['verified' => true]);
+        WikiManager::factory()->create(['wiki_id' => $userWiki->id, 'user_id' => $user->id]);
+
+        $this->actingAs($user, 'api')
+        ->json(
+            'POST',
+            $this->route,
+            [
+                'wiki' => $userWiki->id,
+                'profile' => '{}'
+            ]
+        )
+        ->assertStatus(422);
+    }
+
+    public function testFailOnInvalidProfile(): void
+    {
+        $wiki = Wiki::factory()->create();
+        $user = User::factory()->create(['verified' => true]);
+        WikiManager::factory()->create(['wiki_id' => $wiki->id, 'user_id' => $user->id]);
+
+        $this->actingAs($user, 'api')
+        ->json(
+            'POST',
+            $this->route,
+            [
+                'wiki' => $wiki->id,
+                'profile' => json_encode([
+                    'audience' => 'invalid option',
+                    'temporality' => 'permanent',
+                    'purpose' => 'data_hub'
+                ])
+            ]
+        )
+        ->assertStatus(422)
+        ->assertJson([
+            'message' => 'The selected audience is invalid.',
+            'errors' => [
+                'audience' => [
+                    'The selected audience is invalid.'
+                ]
+            ]
+        ]);
+    }
+
+    public function testKeepAllVersions(): void
+    {
+        $wiki = Wiki::factory()->create();
+        $user = User::factory()->create(['verified' => true]);
+        WikiManager::factory()->create(['wiki_id' => $wiki->id, 'user_id' => $user->id]);
+
+        $versionA = $this->actingAs($user, 'api')
+        ->json(
+            'POST',
+            $this->route,
+            [
+                'wiki' => $wiki->id,
+                'profile' => json_encode([
+                    'audience' => 'wide',
+                    'temporality' => 'permanent',
+                    'purpose' => 'data_hub'
+                ])
+            ]
+        )
+        ->assertStatus(200);
+
+        $versionB = $this->actingAs($user, 'api')
+        ->json(
+            'POST',
+            $this->route,
+            [
+                'wiki' => $wiki->id,
+                'profile' => json_encode([
+                    'audience' => 'wide',
+                    'temporality' => 'temporary',
+                    'purpose' => 'data_hub'
+                ])
+            ]
+        )
+        ->assertStatus(200);
+
+        $this->assertEquals(
+            2,
+            WikiProfile::where(['wiki_id' => $wiki->id])->count()
+        );
+        $this->assertEquals(
+            'permanent',
+            WikiProfile::find($versionA->decodeResponseJson()['data']['id'])['temporality']
+        );
+        $this->assertEquals(
+            'temporary',
+            WikiProfile::find($versionB->decodeResponseJson()['data']['id'])['temporality']
+        );
+    }
+}