Adds GET products/all for privileged users (#237)

The API adds the endpoint GET /api/v2/products/all, which returns all products, regardless of usergroup or visibility. This endpoint will be used for the product management frontend in AnalogIO/shifty-webapp#20, discussed in #217 (and slack). This endpoint is only accessible for users with Board privileges and will allow board members to manage the visibilty of products or products that they otherwise don't have access to themselves in the app. --------- Co-authored-by: Omid Marfavi <[email protected]>
AnalogIO · Dec 12, 2023 · ee7d26c · ee7d26c
1 parent 058db04
commit ee7d26c
Show file tree

Hide file tree

Showing 5 changed files with 163 additions and 15 deletions.
diff --git a/coffeecard/CoffeeCard.Library/Services/v2/IProductService.cs b/coffeecard/CoffeeCard.Library/Services/v2/IProductService.cs
@@ -10,6 +10,7 @@ public interface IProductService : IDisposable
     {
         Task<IEnumerable<Product>> GetProductsForUserAsync(User user);
         Task<Product> GetProductAsync(int productId);
+        Task<IEnumerable<Product>> GetAllProductsAsync();
         Task<ChangedProductResponse> AddProduct(AddProductRequest product);
 
         Task<ChangedProductResponse> UpdateProduct(UpdateProductRequest product);

diff --git a/coffeecard/CoffeeCard.Library/Services/v2/ProductService.cs b/coffeecard/CoffeeCard.Library/Services/v2/ProductService.cs
@@ -35,6 +35,14 @@ private async Task<IEnumerable<Product>> GetProductsAsync(UserGroup userGroup)
                 .ToListAsync();
         }
 
+        public async Task<IEnumerable<Product>> GetAllProductsAsync()
+        {
+            return await _context.Products
+                .OrderBy(p => p.Id)
+                .Include(p => p.ProductUserGroup)
+                .ToListAsync();
+        }
+
         public async Task<Product> GetProductAsync(int productId)
         {
             var product = await _context.Products

diff --git a/coffeecard/CoffeeCard.Models/DataTransferObjects/v2/Products/ProductResponse.cs b/coffeecard/CoffeeCard.Models/DataTransferObjects/v2/Products/ProductResponse.cs
@@ -15,6 +15,7 @@ namespace CoffeeCard.Models.DataTransferObjects.v2.Products
     ///     "name": "Coffee clip card",
     ///     "description": "Coffee clip card of 10 clips",
     ///     "isPerk": true,
+    ///     "visible": true,
     ///     "AllowedUserGroups": ["Manager", "Board"]
     /// }
     /// </example>
@@ -68,6 +69,14 @@ public class ProductResponse
         [Required]
         public bool IsPerk { get; set; }
 
+        /// <summary>
+        /// Visibility of products for users
+        /// </summary>
+        /// <value>Product visibility</value>
+        /// <example>true</example>
+        [Required]
+        public bool Visible { get; set; }
+
         /// <summary>
         /// Decides the user groups that can access the product.
         /// </summary>

diff --git a/coffeecard/CoffeeCard.Tests.Unit/Services/v2/ProductServiceTest.cs b/coffeecard/CoffeeCard.Tests.Unit/Services/v2/ProductServiceTest.cs
@@ -1,5 +1,5 @@
+using System;
 using System.Collections.Generic;
-using System.Collections.ObjectModel;
 using System.Linq;
 using System.Threading.Tasks;
 using CoffeeCard.Common.Configuration;
@@ -70,16 +70,15 @@ await productService.UpdateProduct(new UpdateProductRequest()
                 AllowedUserGroups = new List<UserGroup>() { UserGroup.Customer, UserGroup.Board }
             });
 
-            var expected = new List<UserGroup>
-            {
-                UserGroup.Customer, UserGroup.Board
-            };
-
             var result = await productService.GetProductAsync(1);
 
-            Assert.Collection<UserGroup>(expected,
-                e => e.Equals(UserGroup.Customer),
-                e => e.Equals(UserGroup.Board));
+            Assert.Collection<ProductUserGroup>(result.ProductUserGroup,
+                e => Assert.Equal(UserGroup.Customer, e.UserGroup),
+                e => Assert.Equal(UserGroup.Board, e.UserGroup));
+
+            // Explicitly check for exclusion of Barista and Manager, even though Assert.Collection implicitly covers it.
+            Assert.DoesNotContain(UserGroup.Barista, result.ProductUserGroup.Select(e => e.UserGroup));
+            Assert.DoesNotContain(UserGroup.Manager, result.ProductUserGroup.Select(e => e.UserGroup));
         }
 
         [Fact(DisplayName = "AddProduct adds only selected user groups")]
@@ -113,16 +112,132 @@ public async Task AddProduct_Sets_Correct_UserGroups()
 
             await productService.AddProduct(p);
 
-            var expected = new List<UserGroup>
+            var result = await productService.GetProductAsync(1);
+
+            Assert.Collection<ProductUserGroup>(result.ProductUserGroup,
+                e => Assert.Equal(UserGroup.Manager, e.UserGroup),
+                e => Assert.Equal(UserGroup.Board, e.UserGroup));
+        }
+
+        [Fact(DisplayName = "GetAllProducts shows non-visible products")]
+        public async Task GetAllProducts_Returns_Non_Visible_Products()
+        {
+            var builder = new DbContextOptionsBuilder<CoffeeCardContext>()
+                .UseInMemoryDatabase(nameof(GetAllProducts_Returns_Non_Visible_Products));
+
+            var databaseSettings = new DatabaseSettings
             {
-                UserGroup.Manager, UserGroup.Board
+                SchemaName = "test"
+            };
+            var environmentSettings = new EnvironmentSettings()
+            {
+                EnvironmentType = EnvironmentType.Test
             };
 
-            var result = await productService.GetProductAsync(1);
+            await using var context = new CoffeeCardContext(builder.Options, databaseSettings, environmentSettings);
+
+            using var productService = new ProductService(context);
+
+            var p1 = new AddProductRequest
+            {
+                Name = "Coffee",
+                Description = "Coffee Clip card",
+                NumberOfTickets = 10,
+                Price = 10,
+                Visible = true,
+                AllowedUserGroups = Enum.GetValues<UserGroup>()
+            };
+            await productService.AddProduct(p1);
+
+            var p2 = new AddProductRequest
+            {
+                Name = "Latte",
+                Description = "Fancy Drink Clip card",
+                NumberOfTickets = 10,
+                Price = 170,
+                Visible = false,
+                AllowedUserGroups = Enum.GetValues<UserGroup>()
+            };
+            await productService.AddProduct(p2);
+
+            var result = await productService.GetAllProductsAsync();
+
+            Assert.Collection(result,
+                e => e.Visible.Equals(true),
+                e => e.Visible.Equals(false));
+        }
+
+        [Fact(DisplayName = "GetAllProducts returns products from all user groups")]
+        public async Task GetAllProducts_Returns_Products_For_All_UserGroups()
+        {
+            var builder = new DbContextOptionsBuilder<CoffeeCardContext>()
+                .UseInMemoryDatabase(nameof(GetAllProducts_Returns_Products_For_All_UserGroups));
+
+            var databaseSettings = new DatabaseSettings
+            {
+                SchemaName = "test"
+            };
+            var environmentSettings = new EnvironmentSettings()
+            {
+                EnvironmentType = EnvironmentType.Test
+            };
+
+            await using var context = new CoffeeCardContext(builder.Options, databaseSettings, environmentSettings);
+
+            using var productService = new ProductService(context);
+
+            var p1 = new AddProductRequest
+            {
+                Name = "Coffee",
+                Description = "Coffee Clip card",
+                NumberOfTickets = 10,
+                Price = 10,
+                Visible = true,
+                AllowedUserGroups = new List<UserGroup> { UserGroup.Customer }
+            };
+            await productService.AddProduct(p1);
+
+            var p2 = new AddProductRequest
+            {
+                Name = "Latte",
+                Description = "Fancy Drink Clip card",
+                NumberOfTickets = 10,
+                Price = 170,
+                Visible = true,
+                AllowedUserGroups = new List<UserGroup> { UserGroup.Barista }
+            };
+            await productService.AddProduct(p2);
+
+            var p3 = new AddProductRequest
+            {
+                Name = "Frappuccino",
+                Description = "Blended ice with sugar",
+                NumberOfTickets = 1,
+                Price = 35,
+                Visible = true,
+                AllowedUserGroups = new List<UserGroup> { UserGroup.Manager }
+            };
+            await productService.AddProduct(p3);
+
+            var p4 = new AddProductRequest
+            {
+                Name = "Cortado",
+                Description = "Some spanish coffee",
+                NumberOfTickets = 1,
+                Price = 19,
+                Visible = true,
+                AllowedUserGroups = new List<UserGroup> { UserGroup.Board }
+            };
+            await productService.AddProduct(p4);
+
+            var result = await productService.GetAllProductsAsync();
 
-            Assert.Collection<UserGroup>(expected,
-                e => e.Equals(UserGroup.Customer),
-                e => e.Equals(UserGroup.Board));
+            Assert.Collection<Product>(result,
+                e => e.ProductUserGroup = new List<ProductUserGroup> { new ProductUserGroup { UserGroup = UserGroup.Customer } },
+                e => e.ProductUserGroup = new List<ProductUserGroup> { new ProductUserGroup { UserGroup = UserGroup.Barista } },
+                e => e.ProductUserGroup = new List<ProductUserGroup> { new ProductUserGroup { UserGroup = UserGroup.Manager } },
+                e => e.ProductUserGroup = new List<ProductUserGroup> { new ProductUserGroup { UserGroup = UserGroup.Board } }
+            );
         }
     }
 }
diff --git a/coffeecard/CoffeeCard.WebApi/Controllers/v2/ProductsController.cs b/coffeecard/CoffeeCard.WebApi/Controllers/v2/ProductsController.cs
@@ -91,8 +91,23 @@ private static ProductResponse MapProductToDto(Product product)
                 NumberOfTickets = product.NumberOfTickets,
                 Price = product.Price,
                 IsPerk = product.IsPerk(),
+                Visible = product.Visible,
                 AllowedUserGroups = product.ProductUserGroup.Select(e => e.UserGroup)
             };
         }
+
+        /// <summary>
+        /// Returns a list of all products
+        /// </summary>
+        /// <returns>List of all products</returns>
+        /// <response code="200">Successful request</response>
+        [HttpGet("all")]
+        [AuthorizeRoles(UserGroup.Board)]
+        [ProducesResponseType(typeof(IEnumerable<ProductResponse>), StatusCodes.Status200OK)]
+        public async Task<ActionResult<IEnumerable<ProductResponse>>> GetAllProducts()
+        {
+            IEnumerable<Product> products = await _productService.GetAllProductsAsync();
+            return Ok(products.Select(MapProductToDto).ToList());
+        }
     }
 }