Merge branch 'dev' of https://github.com/hngprojects/hng_boilerplate_…

…php_laravel_web into fix/google-auth-reamend

app/Http/Controllers/Api/V1/CommentController.php

@@ -5,6 +5,7 @@
 use App\Http\Controllers\Controller;
 use App\Models\Blog;
 use App\Models\Comment;
+use Illuminate\Database\Eloquent\ModelNotFoundException;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Str;
@@ -37,7 +38,7 @@ public function createComment(Request $request, $blogId)
             ], 201);
         } catch (\Exception $e) {
             Log::error('Error creating reply comment:', ['exception' => $e->getMessage()]);
-       
+
             return response()->json([
                 'status' => 500,
                 'message' => 'Failed to create comment',
@@ -52,7 +53,7 @@ public function replyComment(Request $request, $commentId)
         try {
             Log::info('Reached the replyComment method');
             Log::info('Request data:', $request->all());
-            
+
             $user = auth('api')->user();
             $request->validate([
                 'content' => 'required|string'
@@ -78,7 +79,7 @@ public function replyComment(Request $request, $commentId)
             \Exception  $e
         ) {
             Log::error('Error creating reply comment:', ['exception' => $e->getMessage()]);
-       
+
             return response()->json([
                 'status' => 500,
                 'message' => 'Failed to create reply',
@@ -183,10 +184,17 @@ public function deleteComment($commentId)
                 'message' => 'Comment deleted successfully',
             ], 200);
        } catch (\Exception $e) {
-            return response()->json([
-                'status' => 500,
-                'message' => 'Failed to delete comment',
-            ], 500);
+
+            if($e instanceof ModelNotFoundException) {
+                return response()->json([
+                    'status' => 404,
+                    'message' => 'Comment not found',
+                ], 404);
+            }
+           return response()->json([
+               'status' => 500,
+               'message' => 'Failed to delete comment',
+           ], 500);
        }
     }
 

app/Http/Controllers/Api/V1/PreferenceController.php

@@ -7,11 +7,11 @@
 use App\Http\Requests\Preference\StorePreferenceRequest;
 use App\Http\Requests\Preference\UpdatePreferenceRequest;
 use App\Http\Requests\Preference\SavePreferencesRequest;
+use App\Models\Preference;
+use App\Models\Region;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Log;
-
-use App\Models\Preference;
 use App\Models\Profile;
 
 class PreferenceController extends Controller
@@ -30,7 +30,7 @@ public function index()
         Log::info('Preferences retrieved', ['user_id' => Auth::id(), 'preferences' => $preferences]);
         return response()->json([
             'status_code' => 200,
-            'message' => 'Languages fetched successfully',
+            'message' => 'Preferences fetched successfully',
             'preferences' => $preferences
         ], 200);
     }
@@ -138,6 +138,8 @@ public function delete(DeletePreferenceRequest $request, $id)
     {
         $preference = Auth::user()->preferences()->find($id);
 
+
+
         if (!$preference) {
             return response()->json([
                 'status_code' => 404,
@@ -179,4 +181,31 @@ public function showRegion($user_id)
             ], 404);
         }
     }
+
+    //update the regionsss
+    public function updateRegion(Request $request, $user_id){
+        $request->validate([
+            'region_id' => 'required|uuid|exists:regions,id'
+        ]);
+
+        $preference = Preference::where('user_id', $user_id)->first();
+
+        if(!$preference){
+            return response()->json([
+                'status'=> 404,
+                'message'=> 'Preference not found for user'
+            ], 404);
+        }
+
+        $preference->region_id = $request->input('region_id');
+        $preference->save();
+
+        return response()->json([
+            'status' => 200,
+            'message' => 'Region updated successfully',
+            'data' => [
+                'region' => $preference->region,
+            ],
+        ]);
+    }
 }

app/Http/Controllers/Api/V1/SqueezePageCoontroller.php

@@ -4,6 +4,7 @@
 
 use App\Http\Controllers\Controller;
 use App\Http\Requests\FilterSqueezeRequest;
+use App\Http\Requests\DeleteSqueezeRequest;
 use App\Models\SqueezePage;
 use Illuminate\Http\Request;
 use Illuminate\Http\Response;
@@ -74,9 +75,20 @@ public function update(Request $request, string $id)
     /**
      * Remove the specified resource from storage.
      */
-    public function destroy(string $id)
+    public function destroy(DeleteSqueezeRequest $request, string $squeeze_page)
     {
-        //
+        try {
+            SqueezePage::findOrFail($squeeze_page)->delete();
+            return response()->json([
+                'message' => 'Squeeze Page deleted successfully',
+                'status' => Response::HTTP_OK,
+            ]);
+        } catch (\Exception $e) {
+            return response()->json([
+                'message' => 'Internal server error',
+                'status' => Response::HTTP_INTERNAL_SERVER_ERROR
+            ], Response::HTTP_INTERNAL_SERVER_ERROR);
+        }
     }
 
     public function search(Request $request)

app/Http/Requests/DeleteSqueezeRequest.php

@@ -0,0 +1,35 @@
+<?php
+
+namespace App\Http\Requests;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class DeleteSqueezeRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     */
+    public function authorize(): bool
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
+     */
+    public function rules(): array
+    {
+        return [
+            'squeeze_page' => 'required|string|exists:squeeze_pages,id'
+        ];
+    }
+
+    protected function prepareForValidation()
+    {
+        $this->merge([
+            'squeeze_page' => $this->route('squeeze_page'),
+        ]);
+    }
+}

app/Models/Language.php

@@ -15,6 +15,8 @@ class Language extends Model
     // Set the key type to string
     protected $keyType = 'string';
 
+    protected $fillable = ['language', 'code', 'description'];
+
     // Disable auto-incrementing IDs
     public $incrementing = false;
 

routes/api.php

@@ -280,6 +280,7 @@
 
         //region get and update
         Route::group(['middleware' => ['auth:api']], function () {
+            Route::put('/regions/{user_id}', [PreferenceController::class, 'updateRegion']);
             Route::get('/regions/{user_id}', [PreferenceController::class, 'showRegion']);
     });
     // Notification settings

tests/Feature/CommentControllerTest.php

@@ -7,8 +7,11 @@
 use App\Models\User;
 use App\Models\Blog;
 use App\Models\Comment;
+use Illuminate\Http\Response;
 use Tymon\JWTAuth\Facades\JWTAuth;
 
+use Illuminate\Support\Str;
+
 class CommentControllerTest extends TestCase
 {
     use RefreshDatabase;
@@ -125,6 +128,25 @@ public function testEditComment()
                 ]
             ]);
     }
+
+    public function testAnotherUserCantEditComment()
+    {
+        $user1 = User::factory()->create();
+        $user2 = User::factory()->create();
+        $comment = Comment::factory()->create(['user_id' => $user1->id]);
+        $token1 = JWTAuth::fromUser($user1);
+        $token2 = JWTAuth::fromUser($user2);
+
+        $response = $this->withHeaders(['Authorization' => "Bearer $token2"])
+            ->patchJson("/api/v1/comments/edit/{$comment->id}", [
+                'content' => 'Edited content'
+            ]);
+
+        $response->assertStatus(Response::HTTP_FORBIDDEN)->assertJsonStructure([
+                'message',
+            ]);
+    }
+
     public function testDeleteComment()
     {
         $user = User::factory()->create();
@@ -141,6 +163,23 @@ public function testDeleteComment()
             ]);
     }
 
+    public function testDeleteCommentThatDontExist()
+    {
+        $user = User::factory()->create();
+        $comment = Comment::factory()->create(['user_id' => $user->id]);
+        $token = JWTAuth::fromUser($user);
+
+        $uuid = Str::uuid();
+
+        $response = $this->withHeaders(['Authorization' => "Bearer $token"])
+            ->deleteJson("/api/v1/comments/{$uuid}");
+
+        $response->assertStatus(Response::HTTP_NOT_FOUND);
+        $this->assertDatabaseMissing('comments', [
+                'id' => $uuid,
+            ]);
+    }
+
 
     public function testGetCommentsForBlog()
     {

tests/Feature/DeleteSqueezeTest.php

@@ -0,0 +1,90 @@
+<?php
+
+namespace Tests\Feature;
+
+use Illuminate\Foundation\Testing\RefreshDatabase;
+use Tests\TestCase;
+use App\Models\User;
+use App\Models\SqueezePage;
+use Tymon\JWTAuth\Facades\JWTAuth;
+
+class DeleteSqueezeTest extends TestCase
+{
+    use RefreshDatabase;
+
+    private function getAuthenticatedUser(string $role)
+    {
+        $user = User::factory()->create([
+            'role' => $role,
+            'is_active' => true,
+        ]);
+
+        $token = JWTAuth::fromUser($user);
+
+        return [$user, $token];
+    }
+
+    /** @test */
+    public function admin_can_delete_a_squeeze_page()
+    {
+        [$admin, $token] = $this->getAuthenticatedUser('admin');
+
+        $squeezePage = SqueezePage::create([
+            'title' => 'Digital Marketing',
+            'slug' => 'digital-marketing',
+            'status' => 'online',
+            'activate' => true,
+            'headline' => 'Master Digital Marketing',
+            'sub_headline' => 'Unlock the Secrets of Online Success',
+            'hero_image' => 'digital_marketing.jpg',
+            'content' => 'Learn the best strategies to excel in digital marketing...',
+        ]);
+
+        $response = $this->withHeaders([
+            'Authorization' => 'Bearer ' . $token,
+            'Accept' => 'application/json',
+        ])->deleteJson(route('squeeze-pages.destroy', ['squeeze_page' => $squeezePage->id]));
+
+        $response->assertStatus(200)
+            ->assertJson([
+                'message' => 'Squeeze Page deleted successfully',
+                'status' => 200,
+            ]);
+
+        $this->assertDatabaseMissing('squeeze_pages', [
+            'id' => $squeezePage->id,
+        ]);
+    }
+
+    /** @test */
+    public function non_admin_cannot_delete_a_squeeze_page()
+    {
+        [$user, $token] = $this->getAuthenticatedUser('user');
+
+        $squeezePage = SqueezePage::create([
+            'title' => 'Digital Marketing',
+            'slug' => 'digital-marketing',
+            'status' => 'online',
+            'activate' => true,
+            'headline' => 'Master Digital Marketing',
+            'sub_headline' => 'Unlock the Secrets of Online Success',
+            'hero_image' => 'digital_marketing.jpg',
+            'content' => 'Learn the best strategies to excel in digital marketing...',
+        ]);
+
+        $response = $this->withHeaders([
+            'Authorization' => 'Bearer ' . $token,
+            'Accept' => 'application/json',
+        ])->deleteJson(route('squeeze-pages.destroy', ['squeeze_page' => $squeezePage->id]));
+
+        $response->assertStatus(401)
+            ->assertJson([
+                'status_code' => 401,
+                'message' => 'Unauthorized, admin access only',
+            ]);
+
+        $this->assertDatabaseHas('squeeze_pages', [
+            'id' => $squeezePage->id,
+        ]);
+    }
+}