Skip to content

[FEAT]: Endpoint to Implement Edit or Update of Comments #1046

New issue
New issue
Open
Open
[FEAT]: Endpoint to Implement Edit or Update of Comments#1046
Labels
approved
@BlessOnyi

Description

@BlessOnyi
BlessOnyi
opened on Feb 27, 2025

Description

Implement an endpoint to allow authenticated users to update their comments.

Acceptance Criteria

PATCH /api/v1/comments/{id}
  • It should be a PROTECTED endpoint requiring authentication.
  • It should allow users to edit only their own comments.
  • It should return an appropriate success message upon successful update.
  • It should return an appropriate error message if the comment does not exist or if the user lacks permission to edit it.

Purpose

To allow users to update their own comments while ensuring proper access control and security.

Requirements

  • Develop server-side logic to edit an existing comment based on the given criteria.
  • Ensure the comment ID is validated before performing any operation.
  • Implement authorization to ensure only the comment owner can edit it.
  • Write unit tests to confirm correctness and accuracy.

Expected Outcome

Users should be able to successfully update their own comments while unauthorized updates are prevented.

Tasks

  • Create PATCH endpoint /api/v1/comments/{id} to edit a comment.
  • Validate comment ID and ensure it exists before performing the update.
  • Implement authentication and authorization checks.
  • Write unit tests covering success and failure scenarios.

Example Requests [With Auth Token]

PATCH Request:
curl -X PATCH {rootdomain}/api/v1/comments/{id} \
     -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
     -H "Content-Type: application/json" \
     -d '{ "content": "Updated comment text" }'

Response (Success):

{
  "status_code": 200,
  "message": "Comment updated successfully",
  "comment_id": "123",
  "new_content": "Updated comment text"
}

Response (Error - Comment Not Found):

{
  "status_code": 404,
  "message": "Comment not found."
}

Response (Error - Forbidden: No Permission to Edit):

{
  "status_code": 403,
  "message": "You do not have permission to edit this comment."
}

Response (Error - Unauthorized Access: Missing or Invalid Token):

{
  "status_code": 401,
  "message": "Not authorized."
}

Testing

  • Write unit tests to ensure users can edit their comments.
  • Test authentication and authorization checks.
  • Validate error handling for invalid comment IDs and unauthorized updates.

Metadata

Metadata

Assignees

No one assigned

    Labels

    approved

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions