feat: add partner create endpoint (#21625)

2025-10-17 18:19:27 +00:00 · 2025-09-05 17:59:11 -04:00 · 2025-09-05 17:59:11 -04:00 · 5a7042364b
commit 5a7042364b
parent db0ea0f3a8
18 changed files with 477 additions and 75 deletions
--- a/server/src/controllers/partner.controller.spec.ts
+++ b/server/src/controllers/partner.controller.spec.ts
@ -0,0 +1,101 @@
+import { PartnerController } from 'src/controllers/partner.controller';
+import { LoggingRepository } from 'src/repositories/logging.repository';
+import { PartnerService } from 'src/services/partner.service';
+import request from 'supertest';
+import { errorDto } from 'test/medium/responses';
+import { factory } from 'test/small.factory';
+import { automock, ControllerContext, controllerSetup, mockBaseService } from 'test/utils';
+
+describe(PartnerController.name, () => {
+  let ctx: ControllerContext;
+  const service = mockBaseService(PartnerService);
+
+  beforeAll(async () => {
+    ctx = await controllerSetup(PartnerController, [
+      { provide: PartnerService, useValue: service },
+      { provide: LoggingRepository, useValue: automock(LoggingRepository, { strict: false }) },
+    ]);
+    return () => ctx.close();
+  });
+
+  beforeEach(() => {
+    service.resetAllMocks();
+    ctx.reset();
+  });
+
+  describe('GET /partners', () => {
+    it('should be an authenticated route', async () => {
+      await request(ctx.getHttpServer()).get('/partners');
+      expect(ctx.authenticate).toHaveBeenCalled();
+    });
+
+    it(`should require a direction`, async () => {
+      const { status, body } = await request(ctx.getHttpServer()).get(`/partners`).set('Authorization', `Bearer token`);
+      expect(status).toBe(400);
+      expect(body).toEqual(
+        errorDto.badRequest([
+          'direction should not be empty',
+          expect.stringContaining('direction must be one of the following values:'),
+        ]),
+      );
+    });
+
+    it(`should require direction to be an enum`, async () => {
+      const { status, body } = await request(ctx.getHttpServer())
+        .get(`/partners`)
+        .query({ direction: 'invalid' })
+        .set('Authorization', `Bearer token`);
+      expect(status).toBe(400);
+      expect(body).toEqual(
+        errorDto.badRequest([expect.stringContaining('direction must be one of the following values:')]),
+      );
+    });
+  });
+
+  describe('POST /partners', () => {
+    it('should be an authenticated route', async () => {
+      await request(ctx.getHttpServer()).post('/partners');
+      expect(ctx.authenticate).toHaveBeenCalled();
+    });
+
+    it(`should require sharedWithId to be a uuid`, async () => {
+      const { status, body } = await request(ctx.getHttpServer())
+        .post(`/partners`)
+        .send({ sharedWithId: 'invalid' })
+        .set('Authorization', `Bearer token`);
+      expect(status).toBe(400);
+      expect(body).toEqual(errorDto.badRequest([expect.stringContaining('must be a UUID')]));
+    });
+  });
+
+  describe('PUT /partners/:id', () => {
+    it('should be an authenticated route', async () => {
+      await request(ctx.getHttpServer()).put(`/partners/${factory.uuid()}`);
+      expect(ctx.authenticate).toHaveBeenCalled();
+    });
+
+    it(`should require id to be a uuid`, async () => {
+      const { status, body } = await request(ctx.getHttpServer())
+        .put(`/partners/invalid`)
+        .send({ inTimeline: true })
+        .set('Authorization', `Bearer token`);
+      expect(status).toBe(400);
+      expect(body).toEqual(errorDto.badRequest([expect.stringContaining('must be a UUID')]));
+    });
+  });
+
+  describe('DELETE /partners/:id', () => {
+    it('should be an authenticated route', async () => {
+      await request(ctx.getHttpServer()).delete(`/partners/${factory.uuid()}`);
+      expect(ctx.authenticate).toHaveBeenCalled();
+    });
+
+    it(`should require id to be a uuid`, async () => {
+      const { status, body } = await request(ctx.getHttpServer())
+        .delete(`/partners/invalid`)
+        .set('Authorization', `Bearer token`);
+      expect(status).toBe(400);
+      expect(body).toEqual(errorDto.badRequest([expect.stringContaining('must be a UUID')]));
+    });
+  });
+});
--- a/server/src/controllers/partner.controller.ts
+++ b/server/src/controllers/partner.controller.ts
@ -1,7 +1,8 @@
 import { Body, Controller, Delete, Get, HttpCode, HttpStatus, Param, Post, Put, Query } from '@nestjs/common';
 import { ApiTags } from '@nestjs/swagger';
+import { EndpointLifecycle } from 'src/decorators';
 import { AuthDto } from 'src/dtos/auth.dto';
-import { PartnerResponseDto, PartnerSearchDto, UpdatePartnerDto } from 'src/dtos/partner.dto';
+import { PartnerCreateDto, PartnerResponseDto, PartnerSearchDto, PartnerUpdateDto } from 'src/dtos/partner.dto';
 import { Permission } from 'src/enum';
 import { Auth, Authenticated } from 'src/middleware/auth.guard';
 import { PartnerService } from 'src/services/partner.service';
@ -18,10 +19,17 @@ export class PartnerController {
    return this.service.search(auth, dto);
  }

-  @Post(':id')
+  @Post()
  @Authenticated({ permission: Permission.PartnerCreate })
-  createPartner(@Auth() auth: AuthDto, @Param() { id }: UUIDParamDto): Promise<PartnerResponseDto> {
-    return this.service.create(auth, id);
+  createPartner(@Auth() auth: AuthDto, @Body() dto: PartnerCreateDto): Promise<PartnerResponseDto> {
+    return this.service.create(auth, dto);
+  }
+
+  @Post(':id')
+  @EndpointLifecycle({ deprecatedAt: 'v1.141.0' })
+  @Authenticated({ permission: Permission.PartnerCreate })
+  createPartnerDeprecated(@Auth() auth: AuthDto, @Param() { id }: UUIDParamDto): Promise<PartnerResponseDto> {
+    return this.service.create(auth, { sharedWithId: id });
  }

  @Put(':id')
@ -29,7 +37,7 @@ export class PartnerController {
  updatePartner(
    @Auth() auth: AuthDto,
    @Param() { id }: UUIDParamDto,
-    @Body() dto: UpdatePartnerDto,
+    @Body() dto: PartnerUpdateDto,
  ): Promise<PartnerResponseDto> {
    return this.service.update(auth, id, dto);
  }
--- a/server/src/dtos/partner.dto.ts
+++ b/server/src/dtos/partner.dto.ts
@ -1,9 +1,14 @@
 import { IsNotEmpty } from 'class-validator';
 import { UserResponseDto } from 'src/dtos/user.dto';
 import { PartnerDirection } from 'src/repositories/partner.repository';
-import { ValidateEnum } from 'src/validation';
+import { ValidateEnum, ValidateUUID } from 'src/validation';

-export class UpdatePartnerDto {
+export class PartnerCreateDto {
+  @ValidateUUID()
+  sharedWithId!: string;
+}
+
+export class PartnerUpdateDto {
  @IsNotEmpty()
  inTimeline!: boolean;
 }
--- a/server/src/services/partner.service.spec.ts
+++ b/server/src/services/partner.service.spec.ts
@ -53,7 +53,7 @@ describe(PartnerService.name, () => {
      mocks.partner.get.mockResolvedValue(void 0);
      mocks.partner.create.mockResolvedValue(partner);

-      await expect(sut.create(auth, user2.id)).resolves.toBeDefined();
+      await expect(sut.create(auth, { sharedWithId: user2.id })).resolves.toBeDefined();

      expect(mocks.partner.create).toHaveBeenCalledWith({
        sharedById: partner.sharedById,
@ -69,7 +69,7 @@ describe(PartnerService.name, () => {

      mocks.partner.get.mockResolvedValue(partner);

-      await expect(sut.create(auth, user2.id)).rejects.toBeInstanceOf(BadRequestException);
+      await expect(sut.create(auth, { sharedWithId: user2.id })).rejects.toBeInstanceOf(BadRequestException);

      expect(mocks.partner.create).not.toHaveBeenCalled();
    });
--- a/server/src/services/partner.service.ts
+++ b/server/src/services/partner.service.ts
@ -1,7 +1,7 @@
 import { BadRequestException, Injectable } from '@nestjs/common';
 import { Partner } from 'src/database';
 import { AuthDto } from 'src/dtos/auth.dto';
-import { PartnerResponseDto, PartnerSearchDto, UpdatePartnerDto } from 'src/dtos/partner.dto';
+import { PartnerCreateDto, PartnerResponseDto, PartnerSearchDto, PartnerUpdateDto } from 'src/dtos/partner.dto';
 import { mapUser } from 'src/dtos/user.dto';
 import { Permission } from 'src/enum';
 import { PartnerDirection, PartnerIds } from 'src/repositories/partner.repository';
@ -9,7 +9,7 @@ import { BaseService } from 'src/services/base.service';

@Injectable()
 export class PartnerService extends BaseService {
-  async create(auth: AuthDto, sharedWithId: string): Promise<PartnerResponseDto> {
+  async create(auth: AuthDto, { sharedWithId }: PartnerCreateDto): Promise<PartnerResponseDto> {
    const partnerId: PartnerIds = { sharedById: auth.user.id, sharedWithId };
    const exists = await this.partnerRepository.get(partnerId);
    if (exists) {
@ -39,7 +39,7 @@ export class PartnerService extends BaseService {
      .map((partner) => this.mapPartner(partner, direction));
  }

-  async update(auth: AuthDto, sharedById: string, dto: UpdatePartnerDto): Promise<PartnerResponseDto> {
+  async update(auth: AuthDto, sharedById: string, dto: PartnerUpdateDto): Promise<PartnerResponseDto> {
    await this.requireAccess({ auth, permission: Permission.PartnerUpdate, ids: [sharedById] });
    const partnerId: PartnerIds = { sharedById, sharedWithId: auth.user.id };