boolean-uk · thomamn · Oct 29, 2024 · Oct 30, 2024 · Oct 31, 2024 · Oct 31, 2024
diff --git a/docs/openapi.yml b/docs/openapi.yml
@@ -2,10 +2,10 @@ openapi: 3.0.3
 info:
   title: Team Dev Server API
   description: |-
-  version: "1.0"
+  version: '1.0'
 
 servers:
-  - url: "http://localhost:4000/"
+  - url: 'http://localhost:4000/'
 tags:
   - name: user
   - name: post
@@ -729,7 +729,7 @@ components:
                   format: date-time
                 profileImage:
                   type: string
-                  
+
     Error:
       type: object
       properties:

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -37,10 +37,10 @@
     "eslint-plugin-promise": "^5.1.0",
     "nodemon": "^2.0.15",
     "prettier": "^2.6.2",
-    "prisma": "^3.12.0"
+    "prisma": "^5.21.1"
   },
   "dependencies": {
-    "@prisma/client": "^3.12.0",
+    "@prisma/client": "^5.21.1",
     "bcrypt": "^5.0.1",
     "cors": "^2.8.5",
     "dotenv": "^16.0.0",

diff --git a/src/middleware/post.js b/src/middleware/post.js
@@ -20,3 +20,23 @@ export async function validatePostOwnership(req, res, next) {
     return sendDataResponse(res, 500, { content: 'Internal server error' })
   }
 }
+import { sendDataResponse } from '../utils/responses.js'
+
+export async function validatePostContent(req, res, next) {
+  const { content } = req.body
+  const maxLength = 200
+
+  if (!content || content.trim() === '') {
+    return sendDataResponse(res, 400, {
+      content: 'Content cannot be empty or null'
+    })
+  }
+
+  if (content.length > maxLength) {
+    return sendDataResponse(res, 400, {
+      content: `Content cannot exceed ${maxLength} characters`
+    })
+  }
+
+  next()
+}
diff --git a/src/routes/post.js b/src/routes/post.js
@@ -7,11 +7,14 @@ import {
   deleteById
 } from '../controllers/post.js'
 import { validateAuthentication } from '../middleware/auth.js'
-import { validatePostOwnership } from '../middleware/post.js'
+import {
+  validatePostOwnership,
+  validatePostContent
+} from '../middleware/post.js'
 
 const router = Router()
 
-router.post('/', validateAuthentication, create)
+router.post('/', validateAuthentication, validatePostContent, create)
 router.get('/', validateAuthentication, getAll)
 router.get('/:id', validateAuthentication, getById)
 router.patch('/:id', validateAuthentication, validatePostOwnership, updateById)