Merge pull request #17 from tuanle03/clr-56-create-api-post

[CLR-56] Create API Posts

Author: tuanle03

app/api/web/posts_api.rb

@@ -0,0 +1,226 @@
+module AP
+  class Web::PostsAPI < Grape::API
+
+    helpers do
+      def format_post(post)
+        {
+          id: post.id,
+          title: post.title,
+          body: post.body,
+          total_view: post.total_view,
+          total_feedback: post.feedbacks.count,
+          created_at: post.created_at.to_fs(:ymd_hms)
+        }
+      end
+    end
+
+    resource :posts do
+
+      desc 'Get a list of posts by limit'
+      params do
+        optional :limit, type: Integer, default: 10, desc: 'Limit number of posts'
+      end
+      get do
+        posts = Post.approved.limit(params[:limit]).map { |post| format_post(post) }
+        status 200
+        {
+          success: true,
+          posts: posts
+        }
+      end
+
+      desc 'Get a list of posts by newest'
+      params do
+        optional :limit, type: Integer, default: 10, desc: 'Limit number of posts'
+      end
+      get '/newest' do
+        posts = Post.approved.newest.limit(params[:limit]).map { |post| format_post(post) }
+        status 200
+        {
+          success: true,
+          posts: posts
+        }
+      end
+
+      desc 'Get a list of posts by most viewed'
+      params do
+        optional :limit, type: Integer, default: 10, desc: 'Limit number of posts'
+      end
+      get '/most_viewed' do
+        posts = Post.approved.most_viewed.limit(params[:limit]).map { |post| format_post(post) }
+        status 200
+        {
+          success: true,
+          posts: posts
+        }
+      end
+
+      desc 'Get a post'
+      params do
+        requires :id, type: Integer, desc: 'Post id'
+      end
+      get ':id' do
+        post = Post.find_by(id: params[:id])
+        if post
+          post.update(total_view: post.total_view + 1)
+          status 200
+          {
+            success: true,
+            post: format_post(post)
+          }
+        else
+          status 400
+          {
+            success: false,
+            error: 'Post not found'
+          }
+        end
+      end
+
+      desc 'Create a post'
+      params do
+        requires :title, type: String, desc: 'Post title', allow_blank: false
+        requires :body, type: String, desc: 'Post body', allow_blank: false
+      end
+      post do
+        authenticate_user!
+        if current_user.admin?
+          post = current_user.posts.new({
+            title: params[:title],
+            body: params[:body],
+            status: 'approved'
+          })
+        end
+
+        if post.save
+          status 200
+          {
+            success: true,
+            message: 'Post created successfully'
+          }
+        else
+          status 400
+          {
+            success: false,
+            error: 'Post cannot be created'
+          }
+        end
+      end
+
+      desc 'Update a post'
+      params do
+        requires :id, type: Integer, desc: 'Post id'
+        optional :new_title, type: String, desc: 'New post title'
+        optional :new_body, type: String, desc: 'New post body'
+      end
+      put ':id' do
+        authenticate_user!
+        post = current_user.posts.find_by(id: params[:id])
+        if post
+          post.update({
+            title: params[:new_title],
+            body: params[:new_body]
+          })
+          status 200
+          {
+            success: true,
+            message: 'Post updated successfully'
+          }
+        else
+          status 400
+          {
+            success: false,
+            error: 'Post cannot be updated'
+          }
+        end
+      end
+
+      desc 'Delete a post'
+      params do
+        requires :id, type: Integer, desc: 'Post id'
+      end
+      delete ':id' do
+        authenticate_user!
+        if current_user.admin?
+          post = Post.find_by(id: params[:id])
+        else
+          post = current_user.posts.find_by(id: params[:id])
+        end
+
+        if post
+          post.update(status: 'deleted')
+          status 200
+          {
+            success: true,
+            message: 'Post deleted successfully'
+          }
+        else
+          status 400
+          {
+            success: false,
+            error: 'Post cannot be deleted'
+          }
+        end
+      end
+
+      desc 'List of posts by user'
+      params do
+        requires :id, type: Integer, desc: 'User id'
+      end
+      get '/user/:id' do
+        status 200
+        {
+          success: true,
+          posts: current_user.posts.approved.map { |post| format_post(post) }
+        }
+      end
+
+      desc 'Approve a post'
+      params do
+        requires :id, type: Integer, desc: 'Post id'
+      end
+      put '/approve/:id' do
+        authenticate_user!
+        if current_user.admin?
+          post = Post.find_by(id: params[:id])
+          if post
+            post.update(status: 'approved')
+            status 200
+            {
+              success: true,
+              message: 'Post approved successfully'
+            }
+          end
+        else
+          status 400
+          {
+            success: false,
+            error: 'You are not authorized'
+          }
+        end
+      end
+
+      desc 'Get a list feedbacks of a post'
+      params do
+        requires :id, type: Integer, desc: 'Post id'
+      end
+      get '/:id/feedbacks' do
+        feedbacks = Post.find_by(id: params[:id])&.feedbacks
+        return status 400 unless feedbacks
+        status 200
+        {
+          success: true,
+          feedbacks: feedbacks.map do |feedback|
+            {
+              id: feedback.id,
+              user_name: feedback.user.name,
+              content: feedback.content,
+              total_like: feedback.total_likes,
+              created_at: feedback.created_at.to_fs(:ymd_hms)
+            }
+          end
+        }
+      end
+    end
+  end
+end

app/api/web_api.rb

@@ -5,6 +5,7 @@ class WebAPI < Grape::API
   helpers ::Helpers::AuthenticationHelper
 
   mount Web::FeedbacksAPI
+  mount Web::PostsAPI
   mount Web::SessionsAPI
   mount Web::RegistrationsAPI
 

app/models/feedback.rb

@@ -1,6 +1,15 @@
 class Feedback < ApplicationRecord
   belongs_to :user
+  belongs_to :post
 
   has_many :comments, as: :linked_object
   has_many :votes, as: :linked_object
+
+  def total_likes
+    votes.liked.count
+  end
+
+  def total_comments
+    comments.count
+  end
 end

app/models/post.rb

@@ -1,3 +1,14 @@
 class Post < ApplicationRecord
   validates :title, presence: true
+
+  belongs_to :user
+  has_many :feedbacks, dependent: :destroy
+
+  scope :newest, -> { order(created_at: :desc) }
+  scope :oldest, -> { order(created_at: :asc) }
+  scope :most_viewed, -> { order(total_view: :desc) }
+  scope :approved, -> { where(status: 'approved') }
+  scope :pending, -> { where(status: 'pending') }
+  scope :rejected, -> { where(status: 'rejected') }
+  scope :total, -> { count }
 end

app/models/user.rb

@@ -29,4 +29,12 @@ def revoke_jwt(token)
   def jwt_revoked?(token)
     revoked_tokens.include?(token)
   end
+
+  def admin?
+    role == 'admin'
+  end
+
+  def name
+    "#{first_name} #{last_name}"
+  end
 end

app/models/vote.rb

@@ -3,21 +3,26 @@ class Vote < ApplicationRecord
 
   validates :user_id, presence: true
 
-  def self.create_or_update(user_id, vote_params)
-    vote = Vote.find_by(user_id: user_id, linked_object_id: vote_params[:linked_object_id], linked_object_type: vote_params[:linked_object_type])
-    if vote && vote.status.present?
-      vote.update(status: !vote.status)
-    else
-      vote = Vote.new(vote_params)
-      vote.user_id = user_id
+  scope :liked, -> { where(status: true) }
+
+  def self.toggle_vote(vote_params, user)
+    vote = Vote.find_or_initialize_by(
+      linked_object_id: vote_params[:linked_object_id],
+      linked_object_type: vote_params[:linked_object_type],
+      user_id: user.id
+    )
+
+    if vote.status.nil? || vote.status == false
       vote.status = true
-      vote.save
+    else
+      vote.status = false
     end
+    vote.save
   end
 
   private
 
   def self.vote_params
-    params.require(:vote).permit(:linked_object_id, :linked_object_type, :vote_type)
+    params.require(:vote).permit(:linked_object_id, :linked_object_type)
   end
 end

config/puma.rb

@@ -15,7 +15,7 @@
 
 # Specifies the `port` that Puma will listen on to receive requests; default is 3000.
 #
-port ENV.fetch("PORT") { 3000 }
+port ENV.fetch("PORT") { 2106 }
 
 # Specifies the `environment` that Puma will run in.
 #

spec/api/web/feedbacks_api_spec.rb

@@ -13,10 +13,14 @@ def app
   let(:user) { create(:user) }
   let(:token) { user.generate_jwt }
 
+  before do
+    create(:post, :approved, user: user)
+  end
+
   describe 'POST /web/feedbacks' do
     context 'with valid parameters' do
       it 'creates a feedback' do
-        post '/web/feedbacks', { content: 'Great post!', post_id: 1 }, 'HTTP_AUTHORIZATION' => "Bearer #{token}"
+        post '/web/feedbacks', { content: 'Feedback content', post_id: 1 }, 'HTTP_AUTHORIZATION' => "Bearer #{token}"
 
         expect(last_response.status).to eq(200)
         json = JSON.parse(last_response.body)