FEAT]: Endpoint to Implement Edit or Update of Comments

[BlessOnyi]

[FEAT]: Endpoint to Implement Edit or Update of Comments #1046

Description

This PR implements an endpoint that allows authenticated users to update their comments.

Acceptance Criteria

• PATCH /api/v1/comments/{id}
• The endpoint should be protected, requiring authentication.
• Users should be able to edit only their own comments.
• It should return an appropriate success message upon successful update.
• It should return an error message if:
  • The comment does not exist.
  • The user lacks permission to edit it.

Purpose

To allow users to update their own comments while ensuring proper access control and security.

Requirements

• Develop server-side logic to edit an existing comment based on the given criteria.
• Validate the comment ID before performing any operation.
• Implement authorization to ensure only the comment owner can edit it.
• Write unit tests to confirm correctness and accuracy.

Expected Outcome

• Users should be able to successfully update their own comments.
• Unauthorized updates should be prevented.

Tasks

• Create a PATCH endpoint /api/v1/comments/{id} to edit a comment.
• Validate the comment ID and ensure it exists before performing the update.
• Implement authentication and authorization checks.
• Write unit tests covering success and failure scenarios.

Example Requests [With Auth Token]

PATCH Request:

curl -X PATCH {rootdomain}/api/v1/comments/{id} \
     -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
     -H "Content-Type: application/json" \
     -d '{ "content": "Updated comment text" }'

Response (Success):

{
  "status_code": 200,
  "message": "Comment updated successfully",
  "comment_id": "123",
  "new_content": "Updated comment text"
}

Response (Error - Comment Not Found):

{
  "status_code": 404,
  "message": "Comment not found."
}

Response (Error - Forbidden: No Permission to Edit):

{
  "status_code": 403,
  "message": "You do not have permission to edit this comment."
}

Response (Error - Unauthorized Access: Missing or Invalid Token):

{
  "status_code": 401,
  "message": "Not authorized."
}

Testing

• Write unit tests to ensure users can edit their comments.
• Test authentication and authorization checks.
• Validate error handling for invalid comment IDs and unauthorized updates.

[samuelogboye]

Resolve conflict

[samuelogboye]

Commit messages not compliant

[samuelogboye]

Reduce this space here.

[samuelogboye]

The update_comments method in the service layer is very similar to the existing update method. Consider consolidating them or reusing the update method.