Release v21.12.2023

Release v21.12.2023

Author: tuanle03

Gemfile

@@ -62,6 +62,8 @@ gem 'blazer'
 
 gem 'rack-cors'
 
+gem 'friendly_id'
+
 # Use Sass to process CSS
 # gem "sassc-rails"
 

Gemfile.lock

@@ -135,6 +135,8 @@ GEM
       railties (>= 5.0.0)
     faker (3.2.2)
       i18n (>= 1.8.11, < 2)
+    friendly_id (5.5.1)
+      activerecord (>= 4.0.0)
     globalid (1.2.1)
       activesupport (>= 6.1)
     grape (2.0.0)
@@ -329,6 +331,7 @@ DEPENDENCIES
   devise-jwt
   factory_bot_rails
   faker
+  friendly_id
   grape
   grape-swagger
   grape_logging

app/api/web/discussions_api.rb

@@ -6,6 +6,7 @@ def format_discussion(discussion)
         {
           id: discussion.id,
           title: discussion.title,
+          slug: discussion.slug,
           content: discussion.content,
           total_comments: discussion.total_comments,
           created_at: discussion.created_at.to_fs(:ymd_hms),
@@ -71,10 +72,10 @@ def format_comment(comment)
 
       desc 'Get a discussion'
       params do
-        requires :id, type: Integer, desc: 'Discussion id'
+        requires :id, type: String, desc: 'Discussion :id/:slug'
       end
       get ':id' do
-        discussion = Discussion.find(params[:id])
+        discussion = Discussion.friendly.find(params[:id])
         if discussion
           status 200
           {
@@ -93,10 +94,11 @@ def format_comment(comment)
         security: [access_token: {}]
       params do
         requires :content, type: String, desc: 'Discussion content', allow_blank: false
+        requires :title, type: String, desc: 'Discussion title', allow_blank: false
       end
       post do
         authenticate_user!
-        discussion = current_user.discussions.new(content: params[:content], status: 'approved')
+        discussion = current_user.discussions.new(content: params[:content], status: 'approved', title: params[:title])
         if discussion.save
           status 200
           {
@@ -115,12 +117,12 @@ def format_comment(comment)
       desc 'Update a discussion',
         security: [access_token: {}]
       params do
-        requires :id, type: Integer, desc: 'Discussion id'
+        requires :id, type: String, desc: 'Discussion :id/:slug'
         requires :content, type: String, desc: 'Discussion content', allow_blank: false
       end
       put ':id' do
         authenticate_user!
-        discussion = current_user.discussions.find_by(id: params[:id])
+        discussion = current_user.discussions.friendly.find(params[:id])
         if discussion.update(content: params[:content])
           status 200
           {
@@ -139,11 +141,15 @@ def format_comment(comment)
       desc 'Reject a discussion',
         security: [access_token: {}]
       params do
-        requires :id, type: Integer, desc: 'Discussion id'
+        requires :id, type: String, desc: 'Discussion :id/:slug'
       end
       put ':id/reject' do
         authenticate_user!
-        discussion = current_user.discussions.approved.find_by(id: params[:id])
+        if current_user.admin?
+          discussion = Discussion.friendly.find(params[:id])
+        else
+          discussion = current_user.discussions.friendly.find(params[:id])
+        end
         if discussion.update(status: 'rejected')
           status 200
           {
@@ -162,12 +168,17 @@ def format_comment(comment)
       desc 'Delete a discussion',
         security: [access_token: {}]
       params do
-        requires :id, type: Integer, desc: 'Discussion id'
+        requires :id, type: String, desc: 'Discussion :id/:slug'
       end
       delete ':id' do
         authenticate_user!
-        discussion = current_user.discussions.find_by(id: params[:id])
-        if discussion.destroy
+        if current_user.admin?
+          discussion = Discussion.friendly.find_by(id: params[:id]) || Discussion.friendly.find_by(slug: params[:id])
+        else
+          discussion = current_user.discussions.friendly.find_by(id: params[:id]) || current_user.discussions.friendly.find_by(slug: params[:id])
+        end
+        if discussion
+          discussion.destroy
           status 200
           {
             success: true,
@@ -177,17 +188,17 @@ def format_comment(comment)
           status 400
           {
             success: false,
-            errors: discussion.errors.full_messages
+            error: 'Discussion not found'
           }
         end
       end
 
       desc 'Get all comments of a discussion'
       params do
-        requires :id, type: Integer, desc: 'Discussion id'
+        requires :id, type: String, desc: 'Discussion :id/:slug'
       end
       get ':id/comments' do
-        discussion = Discussion.approved.find_by(id: params[:id])
+        discussion = Discussion.approved.friendly.find(params[:id])
         if discussion
           status 200
           {
@@ -206,12 +217,12 @@ def format_comment(comment)
       desc 'Create a comment of a discussion',
         security: [access_token: {}]
       params do
-        requires :id, type: Integer, desc: 'Discussion id'
+        requires :id, type: String, desc: 'Discussion :id/:slug'
         requires :content, type: String, desc: 'Comment content', allow_blank: false
       end
       post ':id/comments' do
         authenticate_user!
-        discussion = Discussion.approved.find_by(id: params[:id])
+        discussion = Discussion.approved.friendly.find(params[:id])
         if discussion
           comment = discussion.comments.new(user: current_user, content: params[:content], status: 'approved')
           if comment.save
@@ -239,13 +250,13 @@ def format_comment(comment)
       desc 'Update a comment of a discussion',
         security: [access_token: {}]
       params do
-        requires :id, type: Integer, desc: 'Discussion id'
+        requires :id, type: String, desc: 'Discussion :id/:slug'
         requires :comment_id, type: Integer, desc: 'Comment id'
         requires :content, type: String, desc: 'Comment content', allow_blank: false
       end
       put ':id/comments/:comment_id' do
         authenticate_user!
-        discussion = Discussion.approved.find_by(id: params[:id])
+        discussion = Discussion.approved.friendly.find(params[:id])
         if discussion
           comment = discussion.comments.find_by(id: params[:comment_id])
           if comment.update(content: params[:content])
@@ -273,12 +284,12 @@ def format_comment(comment)
       desc 'Reject a comment of a discussion',
         security: [access_token: {}]
       params do
-        requires :id, type: Integer, desc: 'Discussion id'
+        requires :id, type: String, desc: 'Discussion :id/:slug'
         requires :comment_id, type: Integer, desc: 'Comment id'
       end
       put ':id/comments/:comment_id/reject' do
         authenticate_user!
-        discussion = Discussion.approved.find_by(id: params[:id])
+        discussion = Discussion.approved.friendly.find(params[:id])
         if discussion
           comment = discussion.comments.approved.find_by(id: params[:comment_id]).update(status: 'rejected')
           if comment
@@ -306,12 +317,12 @@ def format_comment(comment)
       desc 'Delete a comment of a discussion',
         security: [access_token: {}]
       params do
-        requires :id, type: Integer, desc: 'Discussion id'
+        requires :id, type: String, desc: 'Discussion :id/:slug'
         requires :comment_id, type: Integer, desc: 'Comment id'
       end
       delete ':id/comments/:comment_id' do
         authenticate_user!
-        discussion = Discussion.approved.find_by(id: params[:id])
+        discussion = Discussion.approved.friendly.find(params[:id])
         if discussion
           comment = discussion.comments.find_by(id: params[:comment_id])
           if comment.destroy

app/api/web/posts_api.rb

@@ -5,6 +5,7 @@ class Web::PostsAPI < Grape::API
       def format_post(post)
         {
           id: post.id,
+          slug: post.slug,
           title: post.title,
           body: post.body,
           total_view: post.total_view,
@@ -57,10 +58,10 @@ def format_post(post)
 
       desc 'Get a post'
       params do
-        requires :id, type: Integer, desc: 'Post id'
+        requires :id, type: String, desc: 'Post id/Post slug'
       end
       get ':id' do
-        post = Post.find_by(id: params[:id])
+        post = Post.friendly.find_by(id: params[:id]) || Post.friendly.find_by(slug: params[:id])
         if post
           post.update(total_view: post.total_view + 1)
           status 200
@@ -112,13 +113,19 @@ def format_post(post)
       desc 'Update a post',
         security: [access_token: {}]
       params do
-        requires :id, type: Integer, desc: 'Post id'
+        requires :id, type: String, desc: 'Post id/Post slug'
         optional :new_title, type: String, desc: 'New post title'
         optional :new_body, type: String, desc: 'New post body'
       end
       put ':id' do
         authenticate_user!
-        post = current_user.posts.find_by(id: params[:id])
+
+        if current_user.admin?
+          post = Post.friendly.find_by(id: params[:id]) || Post.friendly.find_by(slug: params[:id])
+        else
+          post = current_user.posts.friendly.find_by(id: params[:id]) || current_user.posts.friendly.find_by(slug: params[:id])
+        end
+
         if post
           post.update({
             title: params[:new_title],
@@ -133,26 +140,52 @@ def format_post(post)
           status 400
           {
             success: false,
-            error: 'Post cannot be updated'
+            error: 'You are not authorized'
+          }
+        end
+      end
+
+      desc 'Reject a post',
+        security: [access_token: {}]
+      params do
+        requires :id, type: String, desc: 'Post :id/:slug'
+      end
+      put '/:id/reject' do
+        authenticate_user!
+
+        post = current_user.posts.friendly.find_by(id: params[:id]) || current_user.posts.friendly.find_by(slug: params[:id])
+
+        if post
+          post.update(status: 'rejected')
+          status 200
+          {
+            success: true,
+            message: 'Post rejected successfully'
+          }
+        else
+          status 400
+          {
+            success: false,
+            error: 'Post cannot be rejected'
           }
         end
       end
 
       desc 'Delete a post',
         security: [access_token: {}]
       params do
-        requires :id, type: Integer, desc: 'Post id'
+        requires :id, type: String, desc: 'Post :id/:slug'
       end
       delete ':id' do
         authenticate_user!
+
         if current_user.admin?
-          post = Post.find_by(id: params[:id])
+          post = Post.friendly.find_by(id: params[:id]) || Post.friendly.find_by(slug: params[:id])
         else
-          post = current_user.posts.find_by(id: params[:id])
+          return error!('You are not authorized', 400)
         end
 
-        if post
-          post.update(status: 'deleted')
+        if post.destroy
           status 200
           {
             success: true,
@@ -182,12 +215,14 @@ def format_post(post)
       desc 'Approve a post',
         security: [access_token: {}]
       params do
-        requires :id, type: Integer, desc: 'Post id'
+        requires :id, type: String, desc: 'Post :id/:slug'
       end
-      put '/approve/:id' do
+      put '/:id/approve' do
         authenticate_user!
+
         if current_user.admin?
-          post = Post.find_by(id: params[:id])
+          post = Post.friendly.find_by(id: params[:id]) || Post.friendly.find_by(slug: params[:id])
+
           if post
             post.update(status: 'approved')
             status 200
@@ -196,6 +231,7 @@ def format_post(post)
               message: 'Post approved successfully'
             }
           end
+
         else
           status 400
           {
@@ -207,11 +243,17 @@ def format_post(post)
 
       desc 'Get a list feedbacks of a post'
       params do
-        requires :id, type: Integer, desc: 'Post id'
+        requires :id, type: String, desc: 'Post :id/:slug'
       end
       get '/:id/feedbacks' do
-        feedbacks = Post.find_by(id: params[:id])&.feedbacks
-        return status 400 unless feedbacks
+        post = Post.friendly.find_by(id: params[:id]) || Post.friendly.find_by(slug: params[:id])
+
+        if post
+          feedbacks = post.feedbacks
+        else
+          return error!('Post not found', 400)
+        end
+
         status 200
         {
           success: true,
@@ -230,13 +272,13 @@ def format_post(post)
       desc 'Create a feedback for a post',
         security: [access_token: {}]
       params do
-        requires :id, type: Integer, desc: 'Post id'
+        requires :id, type: String, desc: 'Post :id/:slug'
         requires :content, type: String, desc: 'Feedback content', allow_blank: false
       end
       post '/:id/feedbacks' do
         authenticate_user!
-        post = Post.find_by(id: params[:id])
-        return status 400 unless post
+        post = Post.friendly.find_by(id: params[:id]) || Post.friendly.find_by(slug: params[:id])
+        return error!('Post not found', 400) unless post
         feedback = post.feedbacks.new({
           user_id: current_user.id,
           content: params[:content]

app/api/web/users_api.rb

@@ -32,6 +32,7 @@ class Web::UsersAPI < Grape::API
             {
               id: post.id,
               title: post.title,
+              slug: post.slug,
               total_views: post.total_view,
               created_at: post.created_at.to_fs(:ymd_hms),
             }

app/models/comment.rb

@@ -9,20 +9,4 @@ class Comment < ApplicationRecord
 
   scope :approved, -> { where(status: 'approved') }
 
-  def self.create_comment(user, linked_object, body)
-    comment = Comment.new
-    comment.user = user
-    comment.linked_object = linked_object
-    comment.body = body
-    comment.save
-    comment
-  end
-
-  def self.delete_comment(user, comment)
-    if user == comment.user
-      comment.destroy
-      return true
-    end
-    false
-  end
 end