Merge pull request #38 from GTBitsOfGood/davidgu/CreateUnallocatedItemRequestMutation

kavinphan · web-flow · commit 1e16bce7aa6e · 2025-02-20T01:51:02.000-05:00
Finished the unallocated item partner mutation
diff --git a/src/app/api/unallocatedItems/route.test.ts b/src/app/api/unallocatedItems/route.test.ts
@@ -0,0 +1,180 @@
+import { testApiHandler } from "next-test-api-route-handler";
+import * as appHandler from "./route";
+import { expect, test } from "@jest/globals";
+import { validateSession, invalidateSession } from "@/test/util/authMockUtils";
+import { dbMock } from "@/test/dbMock";
+import { createUnclaimedItem } from "@/test/util/dbMockUtils";
+
+/**
+ * Form data: {
+ *   unallocatedItemId: "1",
+ *   quantity: "1",
+ *   comment: "comment"
+ * }
+ * @returns FormData with good data by default, but can be modified
+ */
+function getFormData({
+  unallocatedItemId = "1",
+  quantity = "1",
+  comment = "comment",
+}: {
+  unallocatedItemId?: string;
+  quantity?: string;
+  comment?: string;
+} = {}) {
+  const formData = new FormData();
+  formData.append("unallocatedItemId", unallocatedItemId);
+  formData.append("quantity", quantity);
+  formData.append("comment", comment);
+  return formData;
+}
+
+test("Should return 401 for invalid session", async () => {
+  await testApiHandler({
+    appHandler,
+    async test({ fetch }) {
+      invalidateSession();
+
+      const res = await fetch({ method: "POST" });
+      expect(res.status).toBe(401);
+      const json = await res.json();
+      expect(json).toEqual({ message: "Session required" });
+    },
+  });
+});
+
+test("Should return 403 if not a partner", async () => {
+  await testApiHandler({
+    appHandler,
+    async test({ fetch }) {
+      validateSession("STAFF");
+
+      const res = await fetch({ method: "POST" });
+      expect(res.status).toBe(403);
+      const json = await res.json();
+      expect(json).toEqual({ message: "Unauthorized" });
+    },
+  });
+});
+
+test("Should return 404 if unallocated item not found", async () => {
+  await testApiHandler({
+    appHandler,
+    async test({ fetch }) {
+      validateSession("PARTNER");
+
+      dbMock.item.findUnique.mockResolvedValue(null);
+
+      const res = await fetch({ method: "POST", body: getFormData() });
+      expect(res.status).toBe(404);
+      const json = await res.json();
+      expect(json).toEqual({ message: "Unallocated item not found" });
+    },
+  });
+});
+
+test("Should return 400 for bad form data", async () => {
+  await testApiHandler({
+    appHandler,
+    async test({ fetch }) {
+      validateSession("PARTNER");
+
+      const badFormData = new FormData();
+      badFormData.append("unallocatedItemIdBad", "1");
+      badFormData.append("quantity", "1");
+      badFormData.append("comment", "comment");
+
+      const res = await fetch({ method: "POST", body: badFormData });
+      expect(res.status).toBe(400);
+      const json = await res.json();
+      expect(json).toEqual({ message: "Invalid form data" });
+    },
+  });
+});
+
+test("Should return 400 for too low quantity", async () => {
+  await testApiHandler({
+    appHandler,
+    async test({ fetch }) {
+      validateSession("PARTNER");
+
+      const res = await fetch({
+        method: "POST",
+        body: getFormData({ quantity: "0" }),
+      });
+      expect(res.status).toBe(400);
+      const json = await res.json();
+      expect(json).toEqual({ message: "Invalid form data" });
+    },
+  });
+});
+
+test("Should return 400 for requesting too many items", async () => {
+  await testApiHandler({
+    appHandler,
+    async test({ fetch }) {
+      validateSession("PARTNER");
+
+      dbMock.item.findUnique.mockResolvedValue(
+        await createUnclaimedItem({ id: 1, quantity: 1 })
+      );
+
+      const res = await fetch({
+        method: "POST",
+        body: getFormData({ quantity: "2" }),
+      });
+      expect(res.status).toBe(400);
+      const json = await res.json();
+      expect(json).toEqual({ message: "Not enough items for request" });
+    },
+  });
+});
+
+test("Should return 200 for successful request", async () => {
+  await testApiHandler({
+    appHandler,
+    async test({ fetch }) {
+      validateSession("PARTNER");
+
+      dbMock.item.findUnique.mockResolvedValue(
+        await createUnclaimedItem({ id: 1, quantity: 2 })
+      );
+
+      const res = await fetch({ method: "POST", body: getFormData() });
+      expect(res.status).toBe(200);
+    },
+  });
+});
+
+test("Should create unallocated item request on success", async () => {
+  await testApiHandler({
+    appHandler,
+    async test({ fetch }) {
+      const session = await validateSession("PARTNER");
+
+      dbMock.item.findUnique.mockResolvedValue(
+        await createUnclaimedItem({ id: 1, quantity: 2 })
+      );
+
+      const res = await fetch({
+        method: "POST",
+        body: getFormData({
+          unallocatedItemId: "1",
+          quantity: "1",
+          comment: "comment",
+        }),
+      });
+      expect(res.status).toBe(200);
+
+      // For now, this is the only way I know to check if the create method was called
+      expect(dbMock.unallocatedItemRequest.create).toHaveBeenCalledWith({
+        data: {
+          itemId: 1,
+          partnerId: parseInt(session.user.id),
+          quantity: 1,
+          comments: "comment",
+        },
+      });
+    },
+  });
+});
diff --git a/src/app/api/unallocatedItems/route.ts b/src/app/api/unallocatedItems/route.ts
@@ -0,0 +1,64 @@
+import { auth } from "@/auth";
+import { db } from "@/db";
+import {
+  argumentError,
+  authenticationError,
+  authorizationError,
+  notFoundError,
+  ok,
+} from "@/util/responses";
+import { UserType } from "@prisma/client";
+import { z } from "zod";
+import { zfd } from "zod-form-data";
+
+const schema = zfd.formData({
+  unallocatedItemId: zfd.numeric(z.number().int()),
+  //   priority: zfd.numeric(),        Uncomment when priority is added to the schema
+  quantity: zfd.numeric(z.number().int().min(1)), // Requesting 0 items would be stupid
+  comment: zfd.text(),
+});
+
+/**
+ * Handles POST requests to create a new unallocated item request.
+ * Uses form data unallocatedItemId, quantity, and comment.
+ * @param req - the incoming request
+ * @returns 200 if the request is successful
+ * @returns 400 if the form data is invalid or there are not enough items for the request
+ * @returns 401 if the session is invalid
+ * @returns 403 if the user type isn't a partner
+ * @returns 404 if the unallocated item is not found
+ */
+export async function POST(req: Request) {
+  const session = await auth();
+  if (!session) return authenticationError("Session required");
+  if (!session?.user) return authenticationError("User not found");
+  if (session.user.type !== UserType.PARTNER)
+    return authorizationError("Unauthorized");
+
+  const parsed = schema.safeParse(await req.formData());
+  if (!parsed.success) return argumentError("Invalid form data");
+  //   const { unallocatedItemId, priority, quantity, comment } = parsed.data;
+  const { unallocatedItemId, quantity, comment } = parsed.data;
+
+  // Find unallocated item by id
+  const unallocatedItem = await db.item.findUnique({
+    where: { id: unallocatedItemId },
+  });
+  if (!unallocatedItem) return notFoundError("Unallocated item not found");
+
+  // Check if there are enough items to request
+  if (quantity > unallocatedItem.quantity)
+    return argumentError("Not enough items for request");
+
+  // Create unallocated item request
+  db.unallocatedItemRequest.create({
+    data: {
+      itemId: unallocatedItemId,
+      partnerId: parseInt(session.user.id),
+      quantity: quantity,
+      comments: comment,
+    },
+  });
+
+  return ok();
+}
diff --git a/src/test/util/authMockUtils.ts b/src/test/util/authMockUtils.ts
@@ -1,6 +1,5 @@
 import { authMock } from "@/test/authMock";
 import { UserType } from "@prisma/client";
-import { v4 as uuidv4 } from "uuid";
 
 // Helper util methods for testing
 
@@ -13,7 +12,7 @@ export async function invalidateSession() {
 
 /**
  * Helper method for validating a session
- * @param user Optional, default is { id: "1234", type: "ADMIN" }
+ * @param user Optional, default is { id: randomId, type: "ADMIN" }
  * @param expires Optional, default is a day from now
  * @returns A session object with the user and expires fields
  */
@@ -23,7 +22,7 @@ export async function validateSession(
 ) {
   const createdSession = {
     user: {
-      id: uuidv4(),
+      id: "" + Math.floor(Math.random() * 10000),
       type: userType,
     },
     expires: expires.toISOString(),
diff --git a/src/test/util/dbMockUtils.ts b/src/test/util/dbMockUtils.ts
@@ -89,3 +89,50 @@ export async function fillDbMockWithUnallocatedItemRequestsForPartnerIdFilter(
     unallocatedItemRequests
   );
 }
+
+/**
+ * Helper method for creating a single unclaimed item.
+ * Only the id and title are 100% untouchable by caller.
+ */
+export async function createUnclaimedItem({
+  id = Math.floor(Math.random() * 10000),
+  title = `Test Item ${id}`,
+  category = "Test Category",
+  quantity = 10,
+  expirationDate = new Date(Date.now() + Math.floor(Math.random() * 10000)),
+  unitSize = 1,
+  unitType = "Test Unit",
+  datePosted = new Date(),
+  lotNumber = Math.floor(Math.random() * 10000),
+  donorName = "Test Donor",
+  unitPrice = 0,
+  maxRequestLimit = "1",
+}: {
+  id?: number;
+  title?: string;
+  category?: string;
+  quantity?: number;
+  expirationDate?: Date;
+  unitSize?: number;
+  unitType?: string;
+  datePosted?: Date;
+  lotNumber?: number;
+  donorName?: string;
+  unitPrice?: number;
+  maxRequestLimit?: string;
+}): Promise<Item> {
+  return {
+    id,
+    title,
+    category,
+    quantity,
+    expirationDate,
+    unitSize,
+    unitType,
+    datePosted,
+    lotNumber,
+    donorName,
+    unitPrice,
+    maxRequestLimit,
+  };
+}
