Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Blog Update API Endpoint #5

Open
6 tasks
Pythonian opened this issue Jul 20, 2024 · 1 comment
Open
6 tasks

Blog Update API Endpoint #5

Pythonian opened this issue Jul 20, 2024 · 1 comment
Assignees
@Pythonian
Labels
enhancement New feature or request

Comments

@Pythonian
Copy link
Owner

Pythonian commented Jul 20, 2024
edited
Loading

Description

Develop an endpoint to handle requests to update an existing blog post. This endpoint will validate the input data and update the blog post securely in the database. This endpoint should be accessible only to super admins. If the blog post is updated successfully, it will be returned to the client with a 200 OK status. If an error occurs, an appropriate error status will be returned.

Acceptance Criteria

  • The endpoint allows super admins to update an existing blog post by its ID.
  • The endpoint is protected by JWT-based authentication and role-based access control to ensure only super admins can access it.
  • The endpoint validates the input data and returns appropriate error messages for invalid data.
  • Returns a 200 OK status code and the updated blog post data when the blog post is updated successfully.
  • Returns an appropriate error message when an error occurs or when the user is not authorized.

Purpose

Provide the necessary backend services to allow super admin to edit and update their previously published blog posts.

Requirements

  • Implement API endpoint for updating an existing blog post.
  • Ensure only super admins can access this endpoint using JWT-based authentication and role-based access control.
  • Validate the input data, including length and format checks for title, content, publish date, and author.
  • Handle conflicts if a blog post with the same title already exists and return a 409 Conflict status code.
  • Handle unexpected errors and return the appropriate status code.
  • Support partial updates using the PATCH method.

Expected Outcome

  • Super admins should be able to send a request to update an existing blog post.
  • Users should receive appropriate status codes and responses based on the outcome of the request.

Endpoints

[PATCH] /api/v1/blogs/:id

  • Description: Updates an existing blog post.

  • Path Parameters:

    • id: The ID of the blog post to update.

  • Request Body:

    • title: The title of the blog post.
    • content: The content of the blog post.
    • updated_at: The updated date of the blog post.
      {
    "title": "string",
    "excerpt": "string",
    "content": "string",
  }

  • Success Response:

    • Status: 200 OK

    • Body:

      {
  "message": "Blog successfully updated",
  "id": "int",
  "title": "string",
  "excerpt": "string",
  "content": "string",
  "author": "string",
  "updated_at": "datetime",
}

  • Error Response:

    • Status: 500 Internal Server Error

    • Body:

      {
    "error": "Internal server error."
}

  • Unauthorized Response:

    • Status: 403 Forbidden

    • Body:

      {
    "error": "You do not have permission to perform this action."
}

  • Not Found Response:

    • Status: 404 Not Found

    • Body:

      {
    "error": "Blog post not found."
}

  • Conflict Response:

    • Status: 409 Conflict

    • Body:

      {
    "error": "A blog post with this title already exists."
}

  • Bad Request Response:

    • Status: 400 Bad Request

    • Body:

      {
    "error": "Invalid data."
}

Testing

Test Scenarios

  1. Successful Update of Blog Post

    • Ensure that the endpoint successfully updates the data of an existing blog post.
    • Verify that the response includes the updated blog post data and a 200 OK status code.

  2. Unauthorized Access

    • Simulate a request from a non-super admin user or from an unauthenticated user.
    • Confirm that the endpoint returns a 403 Forbidden status code and an appropriate error message.

  3. Conflict Error

    • Simulate a request to update a blog post with a title that already exists.
    • Verify that the endpoint returns a 409 Conflict status code and an appropriate error message.

  4. Internal Server Error

    • Simulate an internal server error to raise an exception.
    • Verify that the endpoint returns a 500 Internal Server Error status code and an appropriate error message.

  5. Blog Post Not Found

    • Simulate a request to update a blog post that does not exist.
    • Confirm that the endpoint returns a 404 Not Found status code and an appropriate error message.

  6. Invalid Data

    • Send requests with invalid data (e.g., missing required fields, incorrect data types).
    • Verify that the endpoint returns a 400 Bad Request status code and an appropriate error message.
Pythonian added a commit that referenced this issue Jul 23, 2024
@Pythonian
feat: Blog Update API Endpoint [Issue #5]
b97edbb
@Pythonian Pythonian self-assigned this Jul 23, 2024
@Pythonian Pythonian added the enhancement New feature or request label Jul 23, 2024
@Pythonian
Copy link
Owner Author 

{
  "status_code": 200
  "message": "Blog post updated successfully",
  "data": {
    "id": "7d1f89c2-3c24-7c3f-a8e5-9a8a3e6d2f7b",
    "title": "Updated Title",
    "content": "Updated content",
    "author_id": "a7f6e0c1-52e5-4d30-8b27-f2be4d4d1c77"
  }
}

I think the response body should incorporate some of the structure above.

{
  "message": "Blog successfully updated",
  "id": "int",
  "title": "string",
  "excerpt": "string",
  "content": "string",
  "author": "string",
  "updated_at": "datetime",
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Pythonian Pythonian

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Pythonian