feat: Implement rest API endpoint to delete flow

2024-09-14 11:35:17 +03:00
parent 89277e1665
commit bab25c51d9
5 changed files with 164 additions and 0 deletions
--- a/packages/backend/src/controllers/api/v1/flows/delete-flow.js
+++ b/packages/backend/src/controllers/api/v1/flows/delete-flow.js
@@ -0,0 +1,10 @@
+export default async (request, response) => {
+  const flow = await request.currentUser.authorizedFlows
+    .clone()
+    .findById(request.params.flowId)
+    .throwIfNotFound();
+
+  await flow.delete();
+
+  response.status(204).end();
+};
--- a/packages/backend/src/controllers/api/v1/flows/delete-flow.test.js
+++ b/packages/backend/src/controllers/api/v1/flows/delete-flow.test.js
@@ -0,0 +1,110 @@
+import { describe, it, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../test/factories/user.js';
+import { createFlow } from '../../../../../test/factories/flow.js';
+import { createPermission } from '../../../../../test/factories/permission.js';
+
+describe('DELETE /api/v1/flows/:flowId', () => {
+  let currentUser, currentUserRole, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    currentUserRole = await currentUser.$relatedQuery('role');
+
+    token = await createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should remove the current user flow and return no content', async () => {
+    const currentUserFlow = await createFlow({ userId: currentUser.id });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await createPermission({
+      action: 'delete',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await request(app)
+      .delete(`/api/v1/flows/${currentUserFlow.id}`)
+      .set('Authorization', token)
+      .expect(204);
+  });
+
+  it('should remove another user flow and return no content', async () => {
+    const anotherUser = await createUser();
+    const anotherUserFlow = await createFlow({ userId: anotherUser.id });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await createPermission({
+      action: 'delete',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await request(app)
+      .delete(`/api/v1/flows/${anotherUserFlow.id}`)
+      .set('Authorization', token)
+      .expect(204);
+  });
+
+  it('should return not found response for not existing flow UUID', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await createPermission({
+      action: 'delete',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    const notExistingFlowUUID = Crypto.randomUUID();
+
+    await request(app)
+      .delete(`/api/v1/flows/${notExistingFlowUUID}`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await createPermission({
+      action: 'delete',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await request(app)
+      .delete('/api/v1/flows/invalidFlowUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});