feat: add users controller with spec

app/controllers/users_controller.rb

@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+
+class UsersController < ApplicationController
+  skip_before_action :authorize_request, only: :create
+  before_action :find_user, except: %i[create index]
+
+  # GET /users
+  # @return [JSON, nil]
+  def index
+    @users = User.all
+    render json: @users, status: :ok
+  end
+
+  # GET /users/{username}
+  # @return [JSON, nil]
+  def show
+    render json: @user, status: :ok
+  end
+
+  # POST /users
+  # @return [JSON, nil]
+  def create
+    @user = User.new(user_params)
+    if @user.save
+      render json: @user, status: :created
+    else
+      render json: { errors: @user.errors.full_messages }, status: :unprocessable_entity
+    end
+  end
+
+  # PUT /users/1
+  # @return [JSON, nil]
+  def update
+    if @user.update(user_params)
+      render json: @user
+    else
+      render json: @user.errors, status: :unprocessable_entity
+    end
+  end
+
+  # DELETE /users/1
+  # @return [JSON, nil]
+  def destroy
+    @user.destroy
+  end
+
+  private
+
+  # @return [User, JSON, nil]
+  def find_user
+    @user = User.find(params[:id])
+  rescue ActiveRecord::RecordNotFound
+    render json: { errors: 'User not found' }, status: :not_found
+  end
+
+  # @return [ActionController::Parameters]
+  def user_params
+    params.permit(:email, :password)
+  end
+end

config/routes.rb

@@ -3,6 +3,7 @@
 require 'sidekiq/web'
 Rails.application.routes.draw do
   mount Sidekiq::Web => '/sidekiq'
+  resources :users
   resources :authors
   resources :books
   # For details on the DSL available within this file, see https://guides.rubyonrails.org/routing.html

spec/requests/users_spec.rb

@@ -0,0 +1,144 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe 'Users', type: :request do
+  let(:valid_attributes) do
+    {
+      email: '[email protected]',
+      password: 'password',
+    }
+  end
+
+  let(:invalid_attributes) do
+    {
+      email: 'fred',
+    }
+  end
+
+  let(:valid_user) do
+    User.create!(valid_attributes)
+  end
+
+  describe 'GET /index' do
+    let(:request_type) { :get }
+    let(:request_url) { users_url }
+
+    before { valid_user }
+
+    it_behaves_like 'a request that require authentication'
+
+    context 'when authenticated', :with_authenticated_headers do
+      it 'renders a successful response' do
+        request
+        expect(response).to be_successful
+      end
+    end
+  end
+
+  describe 'GET /show' do
+    let(:request_type) { :get }
+    let(:request_url) { user_url(valid_user) }
+
+    before { valid_user }
+
+    it_behaves_like 'a request that require authentication'
+
+    context 'when authenticated', :with_authenticated_headers do
+      it 'renders a successful response' do
+        request
+        expect(response).to have_http_status(:ok)
+        expect(JSON.parse(response.body)['id']).to eq valid_user.id
+      end
+    end
+  end
+
+  describe 'POST /create' do
+    let(:request_type) { :post }
+    let(:request_url) { users_url }
+
+    context 'with valid parameters' do
+      before { @params = valid_attributes }
+
+      it 'creates a new User' do
+        expect { request }.to change(User, :count).by(1)
+      end
+
+      it 'renders a JSON response with the new User' do
+        request
+        expect(response).to have_http_status(:created)
+        expect(response.content_type).to match(a_string_including('application/json'))
+        expect(JSON.parse(response.body)['email']).to eq '[email protected]'
+      end
+    end
+
+    context 'with invalid parameters' do
+      before { @params = invalid_attributes }
+
+      it 'does not create a new User' do
+        expect { request }.not_to change(User, :count)
+      end
+
+      it 'renders a JSON response with errors for the new User' do
+        request
+        expect(response).to have_http_status(:unprocessable_entity)
+        expect(response.content_type).to match(a_string_including('application/json'))
+      end
+    end
+  end
+
+  describe 'PATCH /update' do
+    let(:request_type) { :patch }
+    let(:request_url) { user_url(valid_user) }
+
+    before { valid_user }
+
+    it_behaves_like 'a request that require authentication'
+
+    context 'when authenticated', :with_authenticated_headers do
+      context 'with valid parameters' do
+        before { @params = { email: '[email protected]' } }
+
+        it 'updates the requested user' do
+          expect do
+            request
+            valid_user.reload
+          end.to change(valid_user, :email).from('[email protected]').to('[email protected]')
+        end
+
+        it 'renders a JSON response with the user' do
+          request
+          expect(response).to have_http_status(:ok)
+          expect(response.content_type).to match(a_string_including('application/json'))
+          expect(JSON.parse(response.body)['id']).to eq valid_user.id
+        end
+      end
+
+      context 'with invalid parameters' do
+        before { @params = { email: 'd' } }
+
+        it 'renders a JSON response with errors for the listing' do
+          request
+          expect(response).to have_http_status(:unprocessable_entity)
+          expect(response.content_type).to match(a_string_including('application/json'))
+        end
+      end
+    end
+  end
+
+  describe 'DELETE /destroy' do
+    let(:request_type) { :delete }
+    let(:request_url) { user_url(valid_user.id) }
+
+    it_behaves_like 'a request that require authentication'
+
+    context 'when authenticated', :with_authenticated_headers do
+      before { valid_user }
+
+      it 'destroys the requested User' do
+        expect { request }.to change(User, :count).by(-1)
+        expect { valid_user.reload }.to raise_error(ActiveRecord::RecordNotFound)
+      end
+    end
+  end
+end