feat: write PATCH /v1/flows/:flowId

packages/backend/src/controllers/api/v1/flows/update-flow.js

@@ -0,0 +1,15 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const flow = await request.currentUser.authorizedFlows
+    .findOne({
+      id: request.params.flowId,
+    })
+    .throwIfNotFound();
+
+  await flow.$query().patchAndFetch({
+    name: request.body.name,
+  });
+
+  renderObject(response, flow);
+};

packages/backend/src/controllers/api/v1/flows/update-flow.test.js

@@ -0,0 +1,168 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../test/factories/user.js';
+import { createFlow } from '../../../../../test/factories/flow.js';
+import { createPermission } from '../../../../../test/factories/permission.js';
+import getFlowMock from '../../../../../test/mocks/rest/api/v1/flows/get-flow.js';
+
+describe('PATCH /api/v1/flows/:flowId', () => {
+  let currentUser, currentUserRole, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    currentUserRole = await currentUser.$relatedQuery('role');
+
+    token = await createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the updated flow data of current user', async () => {
+    const currentUserFlow = await createFlow({ userId: currentUser.id });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await createPermission({
+      action: 'update',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    const newFlowName = 'Updated flow';
+
+    const response = await request(app)
+      .patch(`/api/v1/flows/${currentUserFlow.id}`)
+      .set('Authorization', token)
+      .send({
+        name: newFlowName,
+      })
+      .expect(200);
+
+    const refetchedCurrentUserFlow = await currentUserFlow.$query();
+
+    const expectedPayload = await getFlowMock({
+      ...refetchedCurrentUserFlow,
+      name: newFlowName,
+    });
+
+    expect(response.body).toStrictEqual(expectedPayload);
+  });
+
+  it('should return the updated flow data of another user', async () => {
+    const anotherUser = await createUser();
+    const anotherUserFlow = await createFlow({ userId: anotherUser.id });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await createPermission({
+      action: 'update',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const response = await request(app)
+      .patch(`/api/v1/flows/${anotherUserFlow.id}`)
+      .set('Authorization', token)
+      .send({
+        name: 'Updated flow',
+      })
+      .expect(200);
+
+    const refetchedAnotherUserFlow = await anotherUserFlow.$query();
+
+    const expectedPayload = await getFlowMock({
+      ...refetchedAnotherUserFlow,
+      name: 'Updated flow',
+    });
+
+    expect(response.body).toStrictEqual(expectedPayload);
+  });
+
+  it('should return not found response for not existing flow UUID', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await createPermission({
+      action: 'update',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const notExistingFlowUUID = Crypto.randomUUID();
+
+    await request(app)
+      .patch(`/api/v1/flows/${notExistingFlowUUID}`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await createPermission({
+      action: 'update',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await request(app)
+      .patch('/api/v1/flows/invalidFlowUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
+
+  it('should return unprocessable entity response for invalid data', async () => {
+    const currentUserFlow = await createFlow({ userId: currentUser.id });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await createPermission({
+      action: 'update',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    const response = await request(app)
+      .patch(`/api/v1/flows/${currentUserFlow.id}`)
+      .set('Authorization', token)
+      .send({
+        name: 123123,
+      })
+      .expect(422);
+
+    expect(response.body.errors).toStrictEqual({
+      name: ['must be string'],
+    });
+    expect(response.body.meta.type).toStrictEqual('ModelValidation');
+  });
+});

packages/backend/src/helpers/authorization.js

@@ -81,6 +81,10 @@ const authorizationList = {
     action: 'create',
     subject: 'Connection',
   },
+  'PATCH /api/v1/flows/:flowId': {
+    action: 'update',
+    subject: 'Flow',
+  },
 };
 
 export const authorizeUser = async (request, response, next) => {

packages/backend/src/routes/api/v1/flows.js

@@ -3,10 +3,12 @@ import { authenticateUser } from '../../../helpers/authentication.js';
 import { authorizeUser } from '../../../helpers/authorization.js';
 import getFlowsAction from '../../../controllers/api/v1/flows/get-flows.js';
 import getFlowAction from '../../../controllers/api/v1/flows/get-flow.js';
+import updateFlowAction from '../../../controllers/api/v1/flows/update-flow.js';
 
 const router = Router();
 
 router.get('/', authenticateUser, authorizeUser, getFlowsAction);
 router.get('/:flowId', authenticateUser, authorizeUser, getFlowAction);
+router.patch('/:flowId', authenticateUser, authorizeUser, updateFlowAction);
 
 export default router;

packages/backend/test/mocks/rest/api/v1/flows/get-flow.js

@@ -1,4 +1,4 @@
-const getFlowMock = async (flow, steps) => {
+const getFlowMock = async (flow, steps = []) => {
   const data = {
     active: flow.active,
     id: flow.id,
@@ -6,7 +6,10 @@ const getFlowMock = async (flow, steps) => {
     status: flow.active ? 'published' : 'draft',
     createdAt: flow.createdAt.getTime(),
     updatedAt: flow.updatedAt.getTime(),
-    steps: steps.map((step) => ({
+  };
+
+  if (steps.length) {
+    data.steps = steps.map((step) => ({
       appKey: step.appKey,
       iconUrl: step.iconUrl,
       id: step.id,
@@ -16,8 +19,8 @@ const getFlowMock = async (flow, steps) => {
       status: step.status,
       type: step.type,
       webhookUrl: step.webhookUrl,
-    })),
+    }));
-  };
+  }
 
   return {
     data: data,