Hynes/Void-Homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(api): spaces routes

Browse Source 
Add lib/api/routes/spaces.js: list, create, get-by-id, get-by-slug,
patch, delete. Mounted under /api/spaces. Server smoke restored.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
root
2026-05-31 16:38:23 +10:00
parent 75afedaef0
commit ebb1e836ca
4 changed files with 158 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/api/index.js
View File

@@ -1,12 +1,13 @@
import { Router } from 'express'; import { Router } from 'express';
import { ownerOnly } from '../auth/owner.js'; import { ownerOnly } from '../auth/owner.js';
import { errorMiddleware, NotFoundError } from './errors.js'; import { errorMiddleware, NotFoundError } from './errors.js';
import { router as spacesRouter } from './routes/spaces.js';
export function mountApi(app) { export function mountApi(app) {
const api = Router(); const api = Router();
api.use(ownerOnly); api.use(ownerOnly);
// route modules registered here as Plan 2 progresses api.use('/spaces', spacesRouter);
api.use((_req, _res, next) => next(new NotFoundError('route not found'))); api.use((_req, _res, next) => next(new NotFoundError('route not found')));

70
lib/api/routes/spaces.js Normal file
View File

@@ -0,0 +1,70 @@
import { Router } from 'express';
import { z } from 'zod';
import * as repo from '../../db/repos/spaces.js';
import { validate } from '../validate.js';
import { NotFoundError, asyncWrap } from '../errors.js';
const createSchema = z.object({
slug: z.string().min(1).max(64).regex(/^[a-z0-9-]+$/),
name: z.string().min(1).max(200),
description: z.string().optional(),
theme: z.string().optional()
});
const patchSchema = z.object({
slug: z.string().min(1).max(64).regex(/^[a-z0-9-]+$/).optional(),
name: z.string().min(1).max(200).optional(),
description: z.string().nullable().optional(),
theme: z.string().nullable().optional()
});
const uuidParams = z.object({ id: z.string().uuid() });
export const router = Router();
router.get('/', asyncWrap(async (_req, res) => {
res.json(await repo.list());
}));
router.post('/',
validate({ body: createSchema }),
asyncWrap(async (req, res) => {
const row = await repo.create(req.body, req.actor);
res.status(201).json(row);
})
);
router.get('/by-slug/:slug', asyncWrap(async (req, res) => {
const row = await repo.getBySlug(req.params.slug);
if (!row) throw new NotFoundError('space not found');
res.json(row);
}));
router.get('/:id',
validate({ params: uuidParams }),
asyncWrap(async (req, res) => {
const row = await repo.getById(req.params.id);
if (!row) throw new NotFoundError('space not found');
res.json(row);
})
);
router.patch('/:id',
validate({ params: uuidParams, body: patchSchema }),
asyncWrap(async (req, res) => {
const existing = await repo.getById(req.params.id);
if (!existing) throw new NotFoundError('space not found');
const row = await repo.update(req.params.id, req.body, req.actor);
res.json(row);
})
);
router.delete('/:id',
validate({ params: uuidParams }),
asyncWrap(async (req, res) => {
const existing = await repo.getById(req.params.id);
if (!existing) throw new NotFoundError('space not found');
await repo.del(req.params.id, req.actor);
res.status(204).end();
})
);

78
tests/api/spaces.test.js Normal file
View File

@@ -0,0 +1,78 @@
import { describe, it, expect, beforeAll } from 'vitest';
import request from 'supertest';
import { setup } from './helpers.js';
import { pool } from '../../lib/db/pool.js';
let app, ownerHeaders;
beforeAll(async () => { ({ app, ownerHeaders } = await setup()); });
describe('spaces routes', () => {
it('GET /api/spaces empty returns []', async () => {
const res = await request(app).get('/api/spaces').set(ownerHeaders);
expect(res.status).toBe(200);
expect(res.body).toEqual([]);
});
it('GET /api/spaces without auth → 401', async () => {
const res = await request(app).get('/api/spaces');
expect(res.status).toBe(401);
});
it('POST /api/spaces creates 201 and persists', async () => {
const res = await request(app).post('/api/spaces').set(ownerHeaders)
.send({ slug: 'home', name: 'Home' });
expect(res.status).toBe(201);
expect(res.body.slug).toBe('home');
expect(res.body.id).toBeDefined();
const { rows } = await pool.query('SELECT slug FROM spaces WHERE id=$1', [res.body.id]);
expect(rows[0].slug).toBe('home');
});
it('POST /api/spaces with bad slug → 400 with details', async () => {
const res = await request(app).post('/api/spaces').set(ownerHeaders)
.send({ slug: 'Bad Slug!', name: 'X' });
expect(res.status).toBe(400);
expect(res.body.error.code).toBe('validation_failed');
expect(Array.isArray(res.body.error.details)).toBe(true);
});
it('GET /api/spaces/:id returns the row', async () => {
const created = await request(app).post('/api/spaces').set(ownerHeaders)
.send({ slug: 'getme', name: 'Get Me' });
const res = await request(app).get(`/api/spaces/${created.body.id}`).set(ownerHeaders);
expect(res.status).toBe(200);
expect(res.body.id).toBe(created.body.id);
});
it('GET /api/spaces/by-slug/:slug returns the row', async () => {
await request(app).post('/api/spaces').set(ownerHeaders)
.send({ slug: 'lookup', name: 'Lookup' });
const res = await request(app).get('/api/spaces/by-slug/lookup').set(ownerHeaders);
expect(res.status).toBe(200);
expect(res.body.slug).toBe('lookup');
});
it('GET unknown id → 404', async () => {
const res = await request(app)
.get('/api/spaces/00000000-0000-0000-0000-000000000000').set(ownerHeaders);
expect(res.status).toBe(404);
});
it('PATCH updates fields', async () => {
const created = await request(app).post('/api/spaces').set(ownerHeaders)
.send({ slug: 'patch', name: 'Patch' });
const res = await request(app).patch(`/api/spaces/${created.body.id}`).set(ownerHeaders)
.send({ name: 'Patched' });
expect(res.status).toBe(200);
expect(res.body.name).toBe('Patched');
});
it('DELETE returns 204 then GET 404', async () => {
const created = await request(app).post('/api/spaces').set(ownerHeaders)
.send({ slug: 'del', name: 'Del' });
const del = await request(app).delete(`/api/spaces/${created.body.id}`).set(ownerHeaders);
expect(del.status).toBe(204);
const get = await request(app).get(`/api/spaces/${created.body.id}`).set(ownerHeaders);
expect(get.status).toBe(404);
});
});

8
tests/server.test.js
View File

@@ -25,6 +25,14 @@ describe('server', () => {
expect(res.status).toBe(401); expect(res.status).toBe(401);
}); });
it('GET /api/spaces with token returns 200 and empty array', async () => {
const res = await request(app)
.get('/api/spaces')
.set('Authorization', 'Bearer test-token');
expect(res.status).toBe(200);
expect(res.body).toEqual([]);
});
it('unknown /api route returns 404 with structured error', async () => { it('unknown /api route returns 404 with structured error', async () => {
const res = await request(app).get('/api/nope').set('Authorization', 'Bearer test-token'); const res = await request(app).get('/api/nope').set('Authorization', 'Bearer test-token');
expect(res.status).toBe(404); expect(res.status).toBe(404);