// DELETE /api/v0/hub
// Params: access_token, slug
func DeleteHub(w http.ResponseWriter, r *http.Request, c router.Context) error {
db, _ := c.Meta["db"].(*sqlx.DB)
userid := c.Meta["user_id"].(int64)
slug := r.FormValue("slug")
if slug == "" {
return res.BadRequest(w, res.ErrorMsg{"invalid_request", "slug required"})
}
h := data.Hub{}
if err := h.Get(db, slug); err != nil {
if e, ok := err.(*data.Error); ok {
return res.BadRequest(w, res.ErrorMsg{e.Code, e.Desc})
}
return err
}
if userid != h.UserID {
return res.BadRequest(w, res.ErrorMsg{"invalid_request", "user does not own hub"})
}
// Since all is well, delete hub from database
h = data.Hub{
Slug: slug,
}
if err := h.Delete(db); err != nil {
if e, ok := err.(*data.Error); ok {
return res.BadRequest(w, res.ErrorMsg{e.Code, e.Desc})
}
return err
}
return res.OK(w, h)
}
// POST /api/v0/hub
// Params: access_token, slug, (scope?)
func AddHub(w http.ResponseWriter, r *http.Request, c router.Context) error {
db, _ := c.Meta["db"].(*sqlx.DB)
slug := r.FormValue("slug")
if slug == "" {
return res.BadRequest(w, res.ErrorMsg{"invalid_request", "slug required"})
}
// Since all is well, add hub to database
h := data.Hub{
Slug: slug,
UserID: c.Meta["user_id"].(int64),
}
if err := h.Insert(db); err != nil {
if e, ok := err.(*data.Error); ok {
return res.BadRequest(w, res.ErrorMsg{e.Code, e.Desc})
}
return err
}
return res.OK(w, h)
}
func TestAddHub(t *testing.T) {
// setup DB
db := testhelpers.SetupDB(t)
defer db.Close()
// setup server
ts, err := setupServerHub(db, []byte("secret"))
if err != nil {
t.Fatal(err)
}
defer ts.Close()
// create a user
u := &data.User{
Username: "******",
Email: "*****@*****.**",
}
if err := u.EncryptPassword("password"); err != nil {
t.Fatal(err)
}
if err = u.Insert(db); err != nil {
t.Fatal(err)
}
// create a token for the user
tok := data.Token{
UserID: u.ID,
ExpiresIn: (30 * 24 * time.Hour).Nanoseconds(), // 30 days
}
if err := tok.Insert(db); err != nil {
t.Fatal(err)
}
// get the encoded JSON Web Token
jwt, err := tok.EncodeJWT([]byte("secret"))
if err != nil {
t.Fatal(err)
}
hub := data.Hub{
Slug: "1234",
UserID: u.ID,
}
if err := hub.Insert(db); err != nil {
t.Fatal(err)
}
type testCase struct {
path string
statusCode int
body string
}
// test when valid params are provided
spath := "?slug=abcd&access_token=" + jwt
res, err := http.Get(ts.URL + "/api/v0/hub" + spath)
if err != nil {
t.Fatal(err)
}
if res.StatusCode != http.StatusOK {
t.Errorf("%s - Expected status code %v, Got %v", spath, http.StatusOK, res.StatusCode)
}
b, err := ioutil.ReadAll(res.Body)
res.Body.Close()
if err != nil {
t.Fatal(err)
}
h := data.Hub{}
if err := json.Unmarshal(b, &h); err != nil {
t.Errorf("%s - Expected response body to be %+v, Got %s", spath, h, b)
}
tCases := []testCase{
// when slug param is missing
{"?access_token=" + jwt, http.StatusBadRequest, `{"error":"invalid_request","error_description":"slug required"}`},
// when access_token param is missing
{"?slug=abcd", http.StatusUnauthorized, `{"error":"invalid_token","error_description":"no token present in request"}`},
// when trying to add existing hub
{"?slug=1234&access_token=" + jwt, http.StatusBadRequest, `{"error":"unique_violation","error_description":"hub exists"}`},
}
for _, tc := range tCases {
res, err := http.Get(ts.URL + "/api/v0/hub" + tc.path)
if err != nil {
t.Fatal(err)
}
if res.StatusCode != tc.statusCode {
t.Errorf("%s - Expected status code %v, Got %v", tc.path, tc.statusCode, res.StatusCode)
}
b, err := ioutil.ReadAll(res.Body)
res.Body.Close()
if err != nil {
t.Fatal(err)
}
if body := string(b); body != tc.body {
t.Errorf("%s - Expected response body to be %v, Got %v", tc.path, tc.body, body)
}
}
}
func TestShowHub(t *testing.T) {
// setup DB
db := testhelpers.SetupDB(t)
defer db.Close()
// setup server
ts, err := setupServerHub(db, []byte("secret"))
if err != nil {
t.Fatal(err)
}
defer ts.Close()
// create a user
u := &data.User{
Username: "******",
Email: "*****@*****.**",
}
if err := u.EncryptPassword("password"); err != nil {
t.Fatal(err)
}
if err = u.Insert(db); err != nil {
t.Fatal(err)
}
// create a token for the user
tok := data.Token{
UserID: u.ID,
ExpiresIn: (30 * 24 * time.Hour).Nanoseconds(), // 30 days
}
if err := tok.Insert(db); err != nil {
t.Fatal(err)
}
// get the encoded JSON Web Token
jwt, err := tok.EncodeJWT([]byte("secret"))
if err != nil {
t.Fatal(err)
}
hub := data.Hub{
Slug: "abcd",
UserID: u.ID,
}
if err := hub.Insert(db); err != nil {
t.Fatal(err)
}
type testCase struct {
path string
statusCode int
body string
}
tCases := []testCase{
// when valid params are provided
{"?access_token=" + jwt, http.StatusOK, `{"hub":["abcd"]}`},
// when access_token param is missing
{"?" + jwt, http.StatusUnauthorized, `{"error":"invalid_token","error_description":"no token present in request"}`},
}
for _, tc := range tCases {
res, err := http.Post(ts.URL+"/api/v0/hub"+tc.path, "", nil)
if err != nil {
t.Fatal(err)
}
if res.StatusCode != tc.statusCode {
t.Errorf("%s - Expected status code %v, Got %v", tc.path, tc.statusCode, res.StatusCode)
}
b, err := ioutil.ReadAll(res.Body)
res.Body.Close()
if err != nil {
t.Fatal(err)
}
if body := string(b); body != tc.body {
t.Errorf("%s - Expected response body to be %v, Got %v", tc.path, tc.body, body)
}
}
}