feature #388 Adding validation to the AddProductReview endpoint (ma…

…mazu)

This PR was merged into the 1.0-dev branch.

Discussion
----------

In Sylius product reviews have to have a rating between 0 and 5. Anything else is out of range. I added validation. This should also close #160.

Commits
-------

5c4e67f Added validation for the add product view
227fbf8 Added validation for product review
243f349 Fixed tests
7641fb6 Fixed typos
aef4053 Merge branch 'master' into status
98932c7 Moved the tests to the correct controller
dc54ce5 Codestyle

src/Resources/config/validation/AddProductReviewByCodeRequest.xml

@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+
+ This file is part of the Sylius package.
+
+ (c) Paweł Jędrzejewski
+
+ For the full copyright and license information, please view the LICENSE
+ file that was distributed with this source code.
+
+-->
+
+<constraint-mapping xmlns="http://symfony.com/schema/dic/constraint-mapping"
+                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                    xsi:schemaLocation="http://symfony.com/schema/dic/constraint-mapping http://symfony.com/schema/dic/services/constraint-mapping-1.0.xsd">
+    <class name="Sylius\ShopApiPlugin\Request\AddProductReviewByCodeRequest">
+        <property name="title">
+            <constraint name="NotNull" />
+        </property>
+        <property name="rating">
+            <constraint name="Type">
+                <option name="type">integer</option>
+            </constraint>
+            <constraint name="Range">
+                <option name="min">0</option>
+                <option name="max">5</option>
+            </constraint>
+        </property>
+        <property name="email">
+            <constraint name="Email" />
+        </property>
+    </class>
+</constraint-mapping>

src/Resources/config/validation/AddProductReviewBySlugRequest.xml

@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+
+ This file is part of the Sylius package.
+
+ (c) Paweł Jędrzejewski
+
+ For the full copyright and license information, please view the LICENSE
+ file that was distributed with this source code.
+
+-->
+
+<constraint-mapping xmlns="http://symfony.com/schema/dic/constraint-mapping"
+                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                    xsi:schemaLocation="http://symfony.com/schema/dic/constraint-mapping http://symfony.com/schema/dic/services/constraint-mapping-1.0.xsd">
+    <class name="Sylius\ShopApiPlugin\Request\AddProductReviewBySlugRequest">
+        <property name="title">
+            <constraint name="NotNull" />
+        </property>
+        <property name="rating">
+            <constraint name="Type">
+                <option name="type">integer</option>
+            </constraint>
+            <constraint name="Range">
+                <option name="min">0</option>
+                <option name="max">5</option>
+            </constraint>
+        </property>
+        <property name="email">
+            <constraint name="Email" />
+        </property>
+    </class>
+</constraint-mapping>

tests/Controller/ProductAddReviewByCodeApiTest.php

@@ -18,7 +18,7 @@ public function it_adds_review_to_product()
         $this->loadFixturesFromFiles(['shop.yml']);
 
         $data =
-            <<<EOT
+<<<EOT
         {
             "title": "Awesome product",
             "rating": 5,
@@ -75,4 +75,52 @@ public function it_does_not_allow_to_add_product_review_by_code_in_non_existent_
 
         $this->assertResponse($response, 'channel_has_not_been_found_response', Response::HTTP_NOT_FOUND);
     }
+
+    /**
+     * @test
+     */
+    public function it_does_not_allow_to_add_review_when_rating_is_out_of_bounds()
+    {
+        $this->loadFixturesFromFiles(['channel.yml', 'shop.yml']);
+
+        $data =
+<<<EOT
+        {
+            "comment": "Hello",
+            "rating": 100,
+            "email": "test@test.com",
+            "title": "Testing",
+            "code": "LOGAN_MUG_CODE"
+        }
+EOT;
+
+        $this->client->request('POST', '/shop-api/WEB_GB/products/LOGAN_MUG_CODE/reviews', [], [], self::$acceptAndContentTypeHeader, $data);
+
+        $response = $this->client->getResponse();
+        $this->assertResponse($response, 'reviews/add_review_failed_rating', Response::HTTP_BAD_REQUEST);
+    }
+
+    /**
+     * @test
+     */
+    public function it_does_not_allow_to_add_review_when_email_is_not_valid()
+    {
+        $this->loadFixturesFromFiles(['channel.yml', 'shop.yml']);
+
+        $data =
+<<<EOT
+        {
+            "comment": "Hello",
+            "rating": 4,
+            "email": "test.com",
+            "title": "Testing",
+            "code": "LOGAN_MUG_CODE"
+        }
+EOT;
+
+        $this->client->request('POST', '/shop-api/WEB_GB/products/LOGAN_MUG_CODE/reviews', [], [], self::$acceptAndContentTypeHeader, $data);
+
+        $response = $this->client->getResponse();
+        $this->assertResponse($response, 'reviews/add_review_failed_email', Response::HTTP_BAD_REQUEST);
+    }
 }

tests/Controller/ProductAddReviewBySlugApiTest.php

@@ -75,4 +75,50 @@ public function it_does_not_allow_to_add_product_review_by_slug_in_non_existent_
 
         $this->assertResponse($response, 'channel_has_not_been_found_response', Response::HTTP_NOT_FOUND);
     }
+
+    /**
+     * @test
+     */
+    public function it_does_not_allow_to_add_review_when_rating_is_out_of_bounds()
+    {
+        $this->loadFixturesFromFiles(['channel.yml', 'shop.yml']);
+
+        $data =
+<<<EOT
+        {
+            "comment": "Hello",
+            "rating": 100,
+            "email": "test@test.com",
+            "title": "Testing"
+        }
+EOT;
+
+        $this->client->request('POST', '/shop-api/WEB_GB/product-reviews-by-slug/mug', [], [], self::$acceptAndContentTypeHeader, $data);
+
+        $response = $this->client->getResponse();
+        $this->assertResponse($response, 'reviews/add_review_failed_rating', Response::HTTP_BAD_REQUEST);
+    }
+
+    /**
+     * @test
+     */
+    public function it_does_not_allow_to_add_review_when_rating_email_is_not_valid()
+    {
+        $this->loadFixturesFromFiles(['channel.yml', 'shop.yml']);
+
+        $data =
+<<<EOT
+        {
+            "comment": "Hello",
+            "rating": 4,
+            "email": "test.com",
+            "title": "Testing"
+        }
+EOT;
+
+        $this->client->request('POST', '/shop-api/WEB_GB/product-reviews-by-slug/mug', [], [], self::$acceptAndContentTypeHeader, $data);
+
+        $response = $this->client->getResponse();
+        $this->assertResponse($response, 'reviews/add_review_failed_email', Response::HTTP_BAD_REQUEST);
+    }
 }

tests/DependencyInjection/ConfigurationTest.php

@@ -63,7 +63,7 @@ public function it_has_view_classes(): void
                 'page_links' => View\PageLinksView::class,
                 'payment' => View\PaymentView::class,
                 'payment_method' => View\PaymentMethodView::class,
-		'placed_order' => View\PlacedOrderView::class,
+                'placed_order' => View\PlacedOrderView::class,
                 'price' => View\PriceView::class,
                 'product' => View\ProductView::class,
                 'product_attribute_value' => View\ProductAttributeValueView::class,

tests/Responses/Expected/reviews/add_review_failed_email.json

@@ -0,0 +1,9 @@
+{
+    "code": 400,
+    "message": "Validation failed",
+    "errors": {
+        "email": [
+            "This value is not a valid email address."
+        ]
+    }
+}

tests/Responses/Expected/reviews/add_review_failed_rating.json

@@ -0,0 +1,9 @@
+{
+    "code": 400,
+    "message": "Validation failed",
+    "errors": {
+        "rating": [
+            "This value should be 5 or less."
+        ]
+    }
+}