[CHE-58] Create Forums API

server/controllers/forumController.ts

@@ -0,0 +1,136 @@
+import Forum from "../models/forumModel";
+import Thread from "../models/threadModel";
+import { Request, Response, NextFunction } from "express";
+
+// ENDPOINT  POST api/forums
+// PURPOSE   Create a new forum
+// ACCESS    Admin
+const addForum = async (req: Request, res: Response, next: NextFunction) => {
+  const { title, description } = req.body;
+
+  try {
+    //TODO add auth check for admin status
+
+    const forum = await Forum.create({
+      title,
+      description,
+    });
+
+    res.status(201).json(forum);
+  } catch (error) {
+    next({
+      log: `Express error in addForum controller: ${error}`,
+      status: 500,
+      message: { err: "Server error creating forum" },
+    });
+  }
+};
+
+// ENDPOINT  GET api/forums
+// PURPOSE   Retrieve a list of all forums
+// ACCESS    all users
+const getAllForums = async (
+  req: Request,
+  res: Response,
+  next: NextFunction
+) => {
+  try {
+    const forums = await Forum.find({});
+    res.status(200).json(forums);
+  } catch (error) {
+    next({
+      log: `Express error in getAllForums controller: ${error}`,
+      status: 500,
+      message: { err: "Server error fetching forums" },
+    });
+  }
+};
+
+// ENDPOINT  GET api/forums/:forumId
+// PURPOSE   Retrieve a list of all forums
+// ACCESS    all users
+const getForumById = async (
+  req: Request,
+  res: Response,
+  next: NextFunction
+) => {
+  const { forumId } = req.params;
+
+  try {
+    const forum = await Forum.findById(forumId);
+    if (!forum) {
+      return res.status(404).json({ message: "Forum not found" });
+    }
+
+    const threads = await Thread.find({ forum: forumId }).populate(
+      "user",
+      "firstName lastName"
+    );
+
+    res.status(200).json({ forum, threads });
+  } catch (error) {
+    next({
+      log: `Express error in getForumById controller: ${error}`,
+      status: 500,
+      message: { err: "Server error fetching forum details" },
+    });
+  }
+};
+
+// ENDPOINT  PUT api/forums/:forumId
+// PURPOSE   Update title/description of forum
+// ACCESS    Admin
+const updateForum = async (req: Request, res: Response, next: NextFunction) => {
+  const { forumId } = req.params;
+  const { title, description } = req.body;
+
+  try {
+    //TODO add auth check for admin status
+
+    const forum = await Forum.findByIdAndUpdate(
+      forumId,
+      { $set: { title, description } },
+      { new: true }
+    );
+
+    if (!forum) {
+      return res.status(404).json({ message: "Forum not found" });
+    }
+
+    res.status(200).json(forum);
+  } catch (error) {
+    next({
+      log: `Express error in updateForum controller: ${error}`,
+      status: 500,
+      message: { err: "Server error updating forum details" },
+    });
+  }
+};
+
+// ENDPOINT  DELETE api/forums/:forumId
+// PURPOSE   Delete a forum
+// ACCESS    Admin
+const deleteForum = async (req: Request, res: Response, next: NextFunction) => {
+  const { forumId } = req.params;
+
+  try {
+    //TODO add auth check for admin status
+
+    const deletedForum = await Forum.findByIdAndDelete(forumId);
+    console.log("deletedForum", deletedForum);
+
+    if (!deletedForum) {
+      return res.status(404).json({ message: "Forum not found" });
+    }
+
+    res.status(200).json({ message: "Forum deleted successfully" });
+  } catch (error) {
+    next({
+      log: `Express error in deleteForum controller: ${error}`,
+      status: 500,
+      message: { err: "Server error deleting forum" },
+    });
+  }
+};
+
+export { addForum, getAllForums, getForumById, updateForum, deleteForum };

server/controllers/postController.ts

@@ -0,0 +1,154 @@
+import Post from "../models/postModel";
+import Thread from "../models/threadModel";
+import { Request, Response, NextFunction } from "express";
+import { CustomRequest } from "../types/customRequest";
+
+// ENDPOINT  GET api/forums/:forumId/threads/:threadId/posts
+// PURPOSE   Retrieve all posts from a specific thread
+// ACCESS    Private
+const listPostsByThreadId = async (
+  req: Request,
+  res: Response,
+  next: NextFunction
+) => {
+  const { threadId } = req.params;
+
+  try {
+    const posts = await Post.find({ thread: threadId })
+      .populate("user", "firstName lastName")
+      .exec();
+
+    res.status(200).json(posts);
+  } catch (error) {
+    next({
+      log: `Express error in listPostsByThreadId controller: ${error}`,
+      status: 500,
+      message: { err: "Server error fetching posts" },
+    });
+  }
+};
+
+// ENDPOINT  POST api/forums/:forumId/threads/:threadId/posts
+// PURPOSE   Create a new post on thread
+// ACCESS    Private
+const createPost = async (
+  req: CustomRequest,
+  res: Response,
+  next: NextFunction
+) => {
+  const { threadId } = req.params;
+  const { content } = req.body;
+
+  if (!req.user || !req.user.id) {
+    return res.status(401).json({ message: "Not authenticated" });
+  }
+
+  try {
+    const threadExists = await Thread.findById(threadId);
+    if (!threadExists) {
+      return res.status(404).json({ message: "Thread not found" });
+    }
+
+    const newPost = await Post.create({
+      thread: threadId,
+      user: req.user.id,
+      content,
+    });
+
+    res.status(201).json(newPost);
+  } catch (error) {
+    next({
+      log: `Express error in createPost controller: ${error}`,
+      status: 500,
+      message: { err: "Server error creating post" },
+    });
+  }
+};
+
+// ENDPOINT  PUT api/forums/:forumId/threads/:threadId/:postId
+// PURPOSE   Update an existing post
+// ACCESS    Private
+const updatePost = async (
+  req: CustomRequest,
+  res: Response,
+  next: NextFunction
+) => {
+  const { postId } = req.params;
+  const { content } = req.body;
+
+  try {
+    const postToCheck = await Post.findById(postId).populate("user");
+    if (!postToCheck) {
+      return res.status(404).json({ message: "Post not found" });
+    }
+
+    if (!req.user || postToCheck.user._id.toString() !== req.user.id) {
+      return res
+        .status(403)
+        .json({ message: "Not authorized to update this post" });
+    }
+
+    const updatedPost = await Post.findByIdAndUpdate(
+      postId,
+      { $set: { content } },
+      { new: true, runValidators: true }
+    ).populate("user", "firstName lastName");
+
+    if (!updatedPost) {
+      return res
+        .status(404)
+        .json({ message: "Unable to update post or post not found" });
+    }
+
+    res.status(200).json(updatedPost);
+  } catch (error) {
+    next({
+      log: `Express error in updatePost controller: ${error}`,
+      status: 500,
+      message: { err: "Server error updating post" },
+    });
+  }
+};
+
+// ENDPOINT  DELETE api/forums/:forumId/threads/:threadId/:postId
+// PURPOSE   Delete an existing post
+// ACCESS    Private, Admin
+const deletePost = async (
+  req: CustomRequest,
+  res: Response,
+  next: NextFunction
+) => {
+  const { postId } = req.params;
+
+  try {
+    const postToCheck = await Post.findById(postId).populate("user");
+    if (!postToCheck) {
+      return res.status(404).json({ message: "Post not found" });
+    }
+
+    //TODO Add admin rights to delete posts for Jimmy
+    if (!req.user || postToCheck.user._id.toString() !== req.user.id) {
+      return res
+        .status(403)
+        .json({ message: "Not authorized to delete this post" });
+    }
+
+    const deletedPost = await Post.findByIdAndDelete(postId);
+
+    if (!deletedPost) {
+      return res
+        .status(404)
+        .json({ message: "Post not found or already deleted" });
+    }
+
+    res.status(200).json({ message: "Post deleted successfully" });
+  } catch (error) {
+    next({
+      log: `Express error in deletePost controller: ${error}`,
+      status: 500,
+      message: { err: "Server error deleting post" },
+    });
+  }
+};
+
+export { listPostsByThreadId, createPost, updatePost, deletePost };