Merge pull request #238 from Pocket/katerina/OSL-519

Author: katerinachinnappan

src/express.ts

@@ -11,6 +11,7 @@ import { getPublicContext, IPublicContext } from './public/context';
 import { getAdminContext, IAdminContext } from './admin/context';
 import { startAdminServer } from './admin/server';
 import deleteUserDataRouter from './public/routes/deleteUserData';
+import deleteShareableListItemsRouter from './public/routes/deleteShareableListItems';
 
 /**
  * Initialize an express server.
@@ -41,6 +42,8 @@ export async function startServer(port: number): Promise<{
   app.use(express.json());
   // Add route to delete user data
   app.use('/deleteUserData', deleteUserDataRouter);
+  // Add route to delete shareable list items for user
+  app.use('/deleteShareableListItems', deleteShareableListItemsRouter);
 
   // expose a health check url
   app.get('/.well-known/apollo/server-health', (req, res) => {

src/public/routes/deleteShareableListItems.integration.ts

@@ -0,0 +1,180 @@
+import { expect } from 'chai';
+import sinon from 'sinon';
+import request from 'supertest';
+import { ApolloServer } from '@apollo/server';
+import * as Sentry from '@sentry/node';
+import { PrismaClient } from '@prisma/client';
+import { startServer } from '../../express';
+import { IPublicContext } from '../context';
+import { client } from '../../database/client';
+import {
+  clearDb,
+  createShareableListHelper,
+  createShareableListItemHelper,
+  mockRedisServer,
+} from '../../test/helpers';
+import { getShareableListItemUrlsForUser } from './';
+import { batchDeleteAllListItemsForUser } from './deleteShareableListItems';
+
+describe('/deleteShareableListItems express endpoint', () => {
+  let app: Express.Application;
+  let server: ApolloServer<IPublicContext>;
+  let graphQLUrl: string;
+  let db: PrismaClient;
+  let sentryStub;
+  let list1;
+  let list2;
+  let list3;
+  let listItem1;
+  let listItem2;
+  const endpoint = 'deleteShareableListItems';
+
+  const headers = {
+    userId: '8009882300',
+  };
+
+  const headers2 = {
+    userId: '76543',
+  };
+
+  beforeAll(async () => {
+    mockRedisServer();
+    // port 0 tells express to dynamically assign an available port
+    ({
+      app,
+      publicServer: server,
+      publicUrl: graphQLUrl,
+    } = await startServer(0));
+    db = client();
+  });
+
+  afterAll(async () => {
+    await db.$disconnect();
+    await server.stop();
+  });
+
+  afterEach(() => {
+    sentryStub.restore();
+  });
+
+  beforeEach(async () => {
+    sentryStub = sinon.stub(Sentry, 'captureException').resolves();
+    await clearDb(db);
+
+    // Create a few Lists
+    list1 = await createShareableListHelper(db, {
+      userId: parseInt(headers.userId),
+      title: 'Simon Le Bon List',
+    });
+
+    list2 = await createShareableListHelper(db, {
+      userId: parseInt(headers.userId),
+      title: 'Bon Voyage List',
+    });
+
+    // Create a List for user 2
+    list3 = await createShareableListHelper(db, {
+      userId: parseInt(headers2.userId),
+      title: 'Rolling Stones List',
+    });
+
+    // then create ist items for each list
+    // list 1
+    listItem1 = await createShareableListItemHelper(db, {
+      list: list1,
+      url: 'https://divine-rose.com',
+    });
+    listItem2 = await createShareableListItemHelper(db, {
+      list: list1,
+      url: 'https://hangover-hotel.com',
+    });
+    // list 2
+    await createShareableListItemHelper(db, {
+      list: list2,
+      url: 'https://floral-street.com',
+    });
+    await createShareableListItemHelper(db, {
+      list: list2,
+      url: 'https://hangover-hotel.com',
+    });
+    // list 3
+    await createShareableListItemHelper(db, {
+      list: list3,
+      url: 'https://hangover-hotel.com',
+    });
+  });
+
+  describe('should delete all shareable list items by url for userId', () => {
+    it('should not delete any list items for userId with no data and should not return error', async () => {
+      const result = await request(app)
+        .post(graphQLUrl + endpoint)
+        .set('Content-Type', 'application/json')
+        .send({ userId: '12345', url: 'https://fake-url.com' });
+      expect(result.body.status).to.equal('OK');
+      expect(result.body.message).to.contain(
+        `No shareable list items found for User ID: 12345`
+      );
+    });
+
+    it('should fail deleteShareableListItemData schema validation if bad userId', async () => {
+      const result = await request(app)
+        .post(graphQLUrl + endpoint)
+        .set('Content-Type', 'application/json')
+        .send({ userId: 'abc-12345', url: 'https://fake-url.com' });
+      expect(result.body.errors.length).to.equal(1);
+      expect(result.body.errors[0].msg).to.equal('Must provide valid userId');
+    });
+
+    it('should fail deleteShareableListItemData schema validation if bad url', async () => {
+      const result = await request(app)
+        .post(graphQLUrl + endpoint)
+        .set('Content-Type', 'application/json')
+        .send({ userId: '12345', url: 34678 });
+      expect(result.body.errors.length).to.equal(1);
+      expect(result.body.errors[0].msg).to.equal('Must provide valid url');
+    });
+
+    it('should successfully deleteShareableListItems by url for a userId', async () => {
+      // delete items for userId 8009882300
+      // this user has 2 lists and each list contains 1 listItem with url https://hangover-hotel.com
+      const result = await request(app)
+        .post(graphQLUrl + endpoint)
+        .set('Content-Type', 'application/json')
+        .send({ userId: headers.userId, url: 'https://hangover-hotel.com' });
+      expect(result.body.status).to.equal('OK');
+      expect(result.body.message).to.contain(
+        `Deleting shareable list items for User ID: ${headers.userId}`
+      );
+      // lets manually call getShareableListItemUrlsForUser to check there are no list items with https://hangover-hotel.com url for this user
+      const urls = await getShareableListItemUrlsForUser(
+        parseInt(headers.userId),
+        'https://hangover-hotel.com',
+        db
+      );
+      expect(urls.length).to.equal(0);
+    });
+  });
+
+  describe('batchDeleteAllListItemsForUser', () => {
+    it('should return count=0 for deleting 0 list items for user with no list items by url', async () => {
+      // userId 76543 has one list (list3) with 1 item hangover-hotel.com
+      // try to delete item divine-rose.com for this user
+      const count = await batchDeleteAllListItemsForUser(
+        parseInt(headers2.userId),
+        listItem1.url
+      );
+      // there should be no list items with this url found for list 3
+      expect(count).to.equal(0);
+    });
+    it('should return correct count of deleted list items for user with list items matching url', async () => {
+      // userId 8009882300 has two lists (list1, list2) and 2 list items per list
+      // delete list items by hangover-hotel.com (1 list item in each list with this url)
+      const count = await batchDeleteAllListItemsForUser(
+        parseInt(headers.userId),
+        listItem2.url
+      );
+      // there should be 2 total list items deleted
+      expect(count).to.equal(2);
+    });
+  });
+});

src/public/routes/deleteShareableListItems.ts

@@ -0,0 +1,95 @@
+import { Request, Response } from 'express';
+import { Router } from 'express';
+import { checkSchema, Schema } from 'express-validator';
+import * as Sentry from '@sentry/node';
+import { client } from '../../database/client';
+import { validate } from './';
+
+const router = Router();
+const db = client();
+
+const deleteShareableListItemDataSchema: Schema = {
+  userId: {
+    in: ['body'],
+    errorMessage: 'Must provide valid userId',
+    isInt: true,
+    toInt: true,
+  },
+  url: {
+    in: ['body'],
+    errorMessage: 'Must provide valid url',
+    isString: true,
+    notEmpty: true,
+  },
+};
+
+/**
+ * This method batch deletes shareable list items by url for a user
+ * @param userId
+ * @param url
+ */
+export async function batchDeleteAllListItemsForUser(
+  userId: number | bigint,
+  url: string
+): Promise<number> {
+  const batchResult = await db.listItem.deleteMany({
+    where: { url, list: { userId } },
+  });
+
+  return batchResult.count;
+}
+
+/**
+ * This method deletes all shareable list item data for a user by url
+ * @param userId
+ * @param url
+ */
+async function deleteShareableListItemUserData(
+  userId: number | bigint,
+  url: string
+): Promise<string> {
+  // Delete all list items if there are any for user
+  try {
+    const deletedListItemCount = await batchDeleteAllListItemsForUser(
+      userId,
+      url
+    );
+    if (deletedListItemCount === 0) {
+      return `No shareable list items found for User ID: ${userId}`;
+    }
+    return `Deleting shareable list items for User ID: ${userId}`;
+  } catch (error) {
+    // some unexpected DB error, log to Sentry, but don't halt program
+    Sentry.captureException('Failed to delete shareable list data: ', error);
+  }
+}
+
+router.post(
+  '/',
+  checkSchema(deleteShareableListItemDataSchema),
+  validate,
+  (req: Request, res: Response) => {
+    const userId = req.body.userId;
+    const url = req.body.url;
+
+    // Delete all shareable list items for userId by url from DB
+    deleteShareableListItemUserData(userId, url)
+      .then((result) => {
+        return res.send({
+          status: 'OK',
+          message: result,
+        });
+      })
+      .catch((e) => {
+        // In the unlikely event that an error is thrown,
+        // log to Sentry but don't halt program
+        Sentry.captureException(e);
+        return res.send({
+          status: 'BAD_REQUEST',
+          message: e,
+        });
+      });
+  }
+);
+
+export default router;

src/public/routes/deleteUserData.integration.ts

@@ -9,7 +9,6 @@ import { IPublicContext } from '../context';
 import { client } from '../../database/client';
 import {
   clearDb,
-  createPilotUserHelper,
   createShareableListHelper,
   createShareableListItemHelper,
   mockRedisServer,
@@ -29,11 +28,14 @@ describe('/deleteUserData express endpoint', () => {
   let list2;
   let list3;
 
-  let pilotUser2;
   const headers = {
     userId: '8009882300',
   };
 
+  const headers2 = {
+    userId: '76543',
+  };
+
   beforeAll(async () => {
     mockRedisServer();
     // port 0 tells express to dynamically assign an available port
@@ -58,15 +60,6 @@ describe('/deleteUserData express endpoint', () => {
     sentryStub = sinon.stub(Sentry, 'captureException').resolves();
     await clearDb(db);
 
-    // create pilot users
-    await createPilotUserHelper(db, {
-      userId: parseInt(headers.userId),
-    });
-
-    pilotUser2 = await createPilotUserHelper(db, {
-      userId: 76543,
-    });
-
     // Create a few Lists
     list1 = await createShareableListHelper(db, {
       userId: parseInt(headers.userId),
@@ -80,7 +73,7 @@ describe('/deleteUserData express endpoint', () => {
 
     // Create a List for user 2
     list3 = await createShareableListHelper(db, {
-      userId: pilotUser2.userId,
+      userId: parseInt(headers2.userId),
       title: 'Rolling Stones List',
     });
 
@@ -144,7 +137,7 @@ describe('/deleteUserData express endpoint', () => {
       expect(ids[1]).to.equal(parseInt(list2.id as unknown as string));
 
       // get listIds for another user
-      ids = await getAllShareableListIdsForUser(pilotUser2.userId);
+      ids = await getAllShareableListIdsForUser(parseInt(headers2.userId));
       expect(ids.length).to.equal(1);
       // check the returned ids are what we expect
       expect(ids[0]).to.equal(parseInt(list3.id as unknown as string));