feat: add support for PATCH in /api/v1/users/[username]

Author: codigoisaac

models/user.js

@@ -3,65 +3,13 @@ import password from "models/password.js";
 import { ValidationError, NotFoundError } from "infra/errors.js";
 
 async function create(userInputValues) {
-  await validadeUniqueEmail(userInputValues.email);
   await validateUniqueUsername(userInputValues.username);
+  await validadeUniqueEmail(userInputValues.email);
   await hashPasswordInObject(userInputValues);
 
   const newUser = await runInsertQuery(userInputValues);
   return newUser;
 
-  async function validadeUniqueEmail(email) {
-    const result = await database.query({
-      text: `
-      SELECT
-        email
-      FROM
-        users
-      WHERE
-        LOWER(email) = LOWER($1)
-      LIMIT
-        1
-      ;`,
-      values: [email],
-    });
-
-    if (result.rowCount > 0) {
-      throw new ValidationError({
-        message: "The email address provided is already in use.",
-        action: "Please use a different email to create your account.",
-      });
-    }
-  }
-
-  async function validateUniqueUsername(username) {
-    const result = await database.query({
-      text: `
-      SELECT
-        username
-      FROM
-        users
-      WHERE
-        LOWER(username) = LOWER($1)
-      LIMIT
-        1
-      ;`,
-      values: [username],
-    });
-
-    if (result.rowCount > 0) {
-      throw new ValidationError({
-        message: "The username provided is already in use.",
-        action: "Please use a different username to create your account.",
-      });
-    }
-  }
-
-  async function hashPasswordInObject(userInputValues) {
-    const hashedPassword = await password.hash(userInputValues.password);
-
-    userInputValues.password = hashedPassword;
-  }
-
   async function runInsertQuery(userInputValues) {
     const result = await database.query({
       text: `
@@ -114,5 +62,106 @@ async function findOneByUsername(username) {
   }
 }
 
-const userModel = { create, findOneByUsername };
-export default userModel;
+async function update(username, userInputValues) {
+  const user = await findOneByUsername(username);
+
+  if ("username" in userInputValues) {
+    await validateUniqueUsername(userInputValues.username);
+  }
+
+  if ("email" in userInputValues) {
+    await validadeUniqueEmail(userInputValues.email);
+  }
+
+  if ("password" in userInputValues) {
+    await hashPasswordInObject(userInputValues);
+  }
+
+  const userWithNewValues = { ...user, ...userInputValues };
+
+  const updatedUser = await runUpdateQuery(userWithNewValues);
+
+  return updatedUser;
+
+  async function runUpdateQuery(userWithNewValues) {
+    const result = await database.query({
+      text: `
+        UPDATE
+          users
+        SET 
+          username = $2,
+          email = $3,
+          password = $4,
+          updated_at = timezone('utc', now())
+        WHERE
+          id = $1
+        RETURNING
+          *
+      `,
+      values: [
+        userWithNewValues.id,
+        userWithNewValues.username,
+        userWithNewValues.email,
+        userWithNewValues.password,
+      ],
+    });
+
+    return result.rows[0];
+  }
+}
+
+async function validateUniqueUsername(username) {
+  const result = await database.query({
+    text: `
+      SELECT
+        username
+      FROM
+        users
+      WHERE
+        LOWER(username) = LOWER($1)
+      LIMIT
+        1
+      ;`,
+    values: [username],
+  });
+
+  if (result.rowCount > 0) {
+    throw new ValidationError({
+      message: "The username provided is already in use.",
+      action: "Please use a different username.",
+    });
+  }
+}
+
+async function validadeUniqueEmail(email) {
+  const result = await database.query({
+    text: `
+      SELECT
+        email
+      FROM
+        users
+      WHERE
+        LOWER(email) = LOWER($1)
+      LIMIT
+        1
+      ;`,
+    values: [email],
+  });
+
+  if (result.rowCount > 0) {
+    throw new ValidationError({
+      message: "The email address provided is already in use.",
+      action: "Please use a different email.",
+    });
+  }
+}
+
+async function hashPasswordInObject(userInputValues) {
+  const hashedPassword = await password.hash(userInputValues.password);
+
+  userInputValues.password = hashedPassword;
+}
+
+const user = { create, findOneByUsername, update };
+
+export default user;

pages/api/v1/users/[username]/index.js

@@ -5,6 +5,7 @@ import user from "models/user.js";
 const router = createRouter();
 
 router.get(getHandler);
+router.patch(patchHandler);
 
 export default router.handler(controller.errorHandlers);
 
@@ -15,3 +16,12 @@ async function getHandler(request, response) {
 
   return response.status(200).json(userFound);
 }
+
+async function patchHandler(request, response) {
+  const { username } = request.query;
+  const userInputValues = request.body;
+
+  const updatedUser = await user.update(username, userInputValues);
+
+  return response.status(200).json(updatedUser);
+}

tests/integration/api/v1/users/[username]/get.test.js

@@ -79,7 +79,7 @@ describe("GET to api/v1/users/[username]", () => {
       expect(Date.parse(response2Body.updated_at)).not.toBeNaN();
     });
 
-    test("With nonexistent username", async () => {
+    test("With nonexistent 'username'", async () => {
       // Get user
       const response = await fetch(
         "http://localhost:3000/api/v1/users/usuario_inexistente",