Merge branch 'main' into 89-backend---add-new-endpoints-for-comment-functionality

Author: reduan-azouaghe

exercise.tests/Helpers/UserTestCases.cs

@@ -1,17 +1,23 @@
-using NUnit.Framework;
-using System.Collections.Generic;
-
 namespace exercise.tests.Helpers
 {
+    /// <summary>
+    /// Provides reusable user-centric <see cref="TestCaseData"/> scenarios for integration tests.
+    /// </summary>
     public static class UserTestCases
     {
+        /// <summary>
+        /// Supplies registration payloads that should produce successful responses.
+        /// </summary>
         public static IEnumerable<TestCaseData> ValidRegisterCases()
         {
             yield return new TestCaseData("validuser", "valid@email.com", "ValidPass1!");
             yield return new TestCaseData("user-name", "user1@example.com", "SecurePass9#");
             yield return new TestCaseData("user1name", "user2@example.com", "StrongPass$1");
         }
 
+        /// <summary>
+        /// Supplies registration payloads that should fail validation.
+        /// </summary>
         public static IEnumerable<TestCaseData> InvalidRegisterCases()
         {
             yield return new TestCaseData("validuser", "plainaddress", "ValidPass1!").SetName("Invalid: Invalid email format (register)");
@@ -22,6 +28,9 @@ public static IEnumerable<TestCaseData> InvalidRegisterCases()
             yield return new TestCaseData("validuser", "valid@email.com", "NoSpecialChar1").SetName("Invalid: Missing special character (register)");
         }
 
+        /// <summary>
+        /// Supplies credential pairs that represent successful login attempts.
+        /// </summary>
         public static IEnumerable<TestCaseData> ValidLoginCases()
         {
             yield return new TestCaseData("oyvind.perez1@example.com", "SuperHash!4");
@@ -30,6 +39,9 @@ public static IEnumerable<TestCaseData> ValidLoginCases()
             //yield return new TestCaseData("nigel.nowak2@example.com", "ValidPass1!");
         }
 
+        /// <summary>
+        /// Supplies credential pairs that should fail authentication.
+        /// </summary>
         public static IEnumerable<TestCaseData> InvalidLoginCases()
         {
             yield return new TestCaseData("valid@email.com", "short1!").SetName("Invalid: Password too short (login)");
@@ -40,4 +52,4 @@ public static IEnumerable<TestCaseData> InvalidLoginCases()
             yield return new TestCaseData("user@domain.c", "ValidPass1!").SetName("Invalid: Invalid email domain (login)");
         }
     }
-}
+}

exercise.tests/Helpers/UsernameValidationCases.cs

@@ -1,14 +1,17 @@
-using NUnit.Framework;
-using System;
-using System.Collections.Generic;
-using System.Net;
+using System.Net;
 
 namespace exercise.tests.Helpers
 {
+    /// <summary>
+    /// Centralises username validation scenarios for reuse across integration tests.
+    /// </summary>
     public static class UsernameValidationTestData
     {
+        /// <summary>
+        /// Yields username samples alongside the expected message outcome for each endpoint.
+        /// </summary>
         public static IEnumerable<TestCaseData> UsernameValidationMessageCases()
-        { 
+        {
             string[] endpoints = new string[]
             {
                 "username",
@@ -56,6 +59,9 @@ public static IEnumerable<TestCaseData> UsernameValidationMessageCases()
             }
 
         }
+        /// <summary>
+        /// Yields username samples alongside the expected status code for each endpoint.
+        /// </summary>
         public static IEnumerable<TestCaseData> UsernameValidationStatusCases()
         {
             string[] endpoints = new string[]
@@ -103,6 +109,6 @@ public static IEnumerable<TestCaseData> UsernameValidationStatusCases()
                 }
             }
         }
-    
+
     }
 }

exercise.tests/IntegrationTests/EndpointStatusTest.cs

@@ -1,14 +1,14 @@
-using exercise.wwwapi.DTOs.Login;
-using exercise.wwwapi.DTOs.Register;
-using Microsoft.AspNetCore.Http;
-using Microsoft.AspNetCore.Mvc.Testing;
+using Microsoft.AspNetCore.Mvc.Testing;
 using System.Net;
 using System.Text;
 using System.Text.Json;
 using System.Text.Json.Nodes;
 
 namespace exercise.tests.IntegrationTests
 {
+    /// <summary>
+    /// Integration smoke tests that ensure unexpected endpoints return consistent error responses.
+    /// </summary>
     [TestFixture]
     public class EndpointStatusTest
     {
@@ -30,11 +30,15 @@ public void TearDown()
             _factory.Dispose();
         }
 
-        [Test] 
+        /// <summary>
+        /// Verifies POST requests to unknown routes return a 404 with the canonical payload.
+        /// </summary>
+        [Test]
         public async Task PostCheckInvalidEndpoint()
         {
-            var body = new { 
-                email= $"myemailVery@gmail.com",
+            var body = new
+            {
+                email = $"myemailVery@gmail.com",
                 password = "someR21!password"
             };
             var json = JsonSerializer.Serialize(body);
@@ -59,6 +63,9 @@ public async Task PostCheckInvalidEndpoint()
             Assert.That(message?["message"]?.GetValue<string>(), Is.EqualTo("Endpoint not found"));
         }
 
+        /// <summary>
+        /// Verifies GET requests to unknown routes return a 404 with the canonical payload.
+        /// </summary>
         [Test]
         public async Task GetCheckInvalidEndpoint()
         {

exercise.tests/IntegrationTests/PostTests.cs

@@ -1,24 +1,17 @@
 using exercise.wwwapi.DTOs.Login;
 using exercise.wwwapi.DTOs.Posts;
-using exercise.wwwapi.Models;
-using Microsoft.AspNetCore.Http;
-using Microsoft.AspNetCore.Http.HttpResults;
 using Microsoft.AspNetCore.Mvc.Testing;
-using Newtonsoft.Json.Linq;
-using System;
-using System.Collections.Generic;
-using System.ComponentModel.Design;
-using System.Linq;
 using System.Net;
 using System.Net.Http.Headers;
 using System.Text;
 using System.Text.Json;
 using System.Text.Json.Nodes;
-using System.Threading.Tasks;
-using static Microsoft.ApplicationInsights.MetricDimensionNames.TelemetryContext;
 
 namespace exercise.tests.IntegrationTests
 {
+    /// <summary>
+    /// Integration tests covering the lifecycle of posts via the public API endpoints.
+    /// </summary>
     [TestFixture]
     public class PostTests
     {

exercise.tests/IntegrationTests/UserTests.cs

@@ -1,8 +1,5 @@
-using exercise.wwwapi.DTOs;
-using exercise.wwwapi.DTOs.Login;
+using exercise.wwwapi.DTOs.Login;
 using exercise.wwwapi.DTOs.Register;
-using exercise.wwwapi.Models;
-using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc.Testing;
 using System.Net;
 using System.Text;
@@ -12,6 +9,9 @@
 
 namespace exercise.tests.IntegrationTests
 {
+    /// <summary>
+    /// Integration tests exercising the user management endpoints end-to-end via the API surface.
+    /// </summary>
     [TestFixture]
     public class UserTests
     {
@@ -33,15 +33,22 @@ public void TearDown()
             _factory.Dispose();
         }
 
-        // ad test cases for approved usernames, emails
-        [Test, TestCaseSource(typeof(UserTestCases), nameof(UserTestCases.ValidRegisterCases))] 
+        /// <summary>
+        /// Confirms that valid registration payloads yield an HTTP 201 Created response.
+        /// </summary>
+        /// <remarks>Test cases come from <see cref="UserTestCases.ValidRegisterCases"/> and are uniquified at runtime to avoid clashes.</remarks>
+        /// <param name="username">The base username supplied by the data source.</param>
+        /// <param name="email">The base email supplied by the data source.</param>
+        /// <param name="password">The password candidate to register with.</param>
+        [Test, TestCaseSource(typeof(UserTestCases), nameof(UserTestCases.ValidRegisterCases))]
         public async Task Register_success(string username, string email, string password)
         {
             var uniqueId = DateTime.UtcNow.ToString("yyMMddHHmmssffff");
 
             string uniqueUsername = username.Length > 0 ? username + uniqueId : "";
 
-            RegisterRequestDTO body = new RegisterRequestDTO {
+            RegisterRequestDTO body = new RegisterRequestDTO
+            {
                 email = $"{uniqueId}{email}",
                 password = password
             };
@@ -64,6 +71,13 @@ public async Task Register_success(string username, string email, string passwor
             Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.Created));
         }
 
+        /// <summary>
+        /// Verifies the registration endpoint rejects malformed payloads with non-Created responses.
+        /// </summary>
+        /// <remarks>Inputs are provided by <see cref="UserTestCases.InvalidRegisterCases"/>.</remarks>
+        /// <param name="username">The attempted username for registration.</param>
+        /// <param name="email">The attempted email for registration.</param>
+        /// <param name="password">The password candidate under test.</param>
         [Test, TestCaseSource(typeof(UserTestCases), nameof(UserTestCases.InvalidRegisterCases))]
         public async Task Register_Failure(string username, string email, string password)
         {
@@ -77,7 +91,7 @@ public async Task Register_Failure(string username, string email, string passwor
                 email = $"{uniqueId}{email}",
                 password = password
             };
-            
+
             var json = JsonSerializer.Serialize(body);
             var requestBody = new StringContent(json, Encoding.UTF8, "application/json");
 
@@ -98,6 +112,12 @@ public async Task Register_Failure(string username, string email, string passwor
         }
 
 
+        /// <summary>
+        /// Ensures valid credentials receive an HTTP 200 response and a token payload.
+        /// </summary>
+        /// <remarks>Credentials are sourced from <see cref="UserTestCases.ValidLoginCases"/>.</remarks>
+        /// <param name="email">The email address to authenticate with.</param>
+        /// <param name="password">The password paired with the supplied email.</param>
         [Test, TestCaseSource(typeof(UserTestCases), nameof(UserTestCases.ValidLoginCases))]
         public async Task Login_success(string email, string password)
         {
@@ -129,6 +149,12 @@ public async Task Login_success(string email, string password)
             Assert.That(message["data"]["token"], Is.Not.Null);
         }
 
+        /// <summary>
+        /// Asserts that invalid login attempts fail with the expected HTTP status and message.
+        /// </summary>
+        /// <remarks>Negative credential combinations come from <see cref="UserTestCases.InvalidLoginCases"/>.</remarks>
+        /// <param name="email">The incorrect email supplied to the login endpoint.</param>
+        /// <param name="password">The incorrect password paired with the email.</param>
         [Test, TestCaseSource(typeof(UserTestCases), nameof(UserTestCases.InvalidLoginCases))]
         public async Task Login_failure(string email, string password)
         {
@@ -163,6 +189,9 @@ public async Task Login_failure(string email, string password)
 
         }
 
+        /// <summary>
+        /// Validates that a PATCH with complete, valid fields updates an existing user successfully.
+        /// </summary>
         [Test]
         public async Task UpdateUserSuccess()
         {
@@ -183,20 +212,26 @@ public async Task UpdateUserSuccess()
             Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.OK));
         }
 
+        /// <summary>
+        /// Ensures PATCH requests with no mutable fields return a bad request response.
+        /// </summary>
         [Test]
-        public async Task UpdateUserNoContent()
+        public async Task UpdateUserNullFieldsOnly()
         {
-            var fieldsToUpdate = new Dictionary<string, object?>{};
+            var fieldsToUpdate = new Dictionary<string, object?> { };
 
             var json = JsonSerializer.Serialize(fieldsToUpdate);
             var content = new StringContent(json, Encoding.UTF8, "application/json");
 
             int userId = 1;
             var response = await _client.PatchAsync($"/users/{userId}", content);
 
-            Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.NoContent));
+            Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.BadRequest));
         }
 
+        /// <summary>
+        /// Confirms the API rejects usernames that violate allowed formatting rules.
+        /// </summary>
         [Test]
         public async Task UpdateUserInvalidUsername()
         {
@@ -214,6 +249,9 @@ public async Task UpdateUserInvalidUsername()
             Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.BadRequest));
         }
 
+        /// <summary>
+        /// Confirms GitHub username updates honor the same validation rules as the standalone validator.
+        /// </summary>
         [Test]
         public async Task UpdateUserInvalidGitHubUsername()
         {
@@ -231,6 +269,9 @@ public async Task UpdateUserInvalidGitHubUsername()
             Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.BadRequest));
         }
 
+        /// <summary>
+        /// Verifies email updates are blocked when the address fails format validation.
+        /// </summary>
         [Test]
         public async Task UpdateUserInvalidEmail()
         {
@@ -248,6 +289,9 @@ public async Task UpdateUserInvalidEmail()
             Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.BadRequest));
         }
 
+        /// <summary>
+        /// Confirms passwords that do not meet the complexity requirements are rejected on update.
+        /// </summary>
         [Test]
         public async Task UpdateUserInvalidPassword()
         {
@@ -265,6 +309,9 @@ public async Task UpdateUserInvalidPassword()
             Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.BadRequest));
         }
 
+        /// <summary>
+        /// Ensures role updates outside the defined enum range produce a bad request.
+        /// </summary>
         [Test]
         public async Task UpdateUserInvalidRole()
         {
@@ -282,6 +329,9 @@ public async Task UpdateUserInvalidRole()
             Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.BadRequest));
         }
 
+        /// <summary>
+        /// Verifies the API prevents changing a username to one that is already in use.
+        /// </summary>
         [Test]
         public async Task UpdateUserUsernameExists()
         {
@@ -299,6 +349,9 @@ public async Task UpdateUserUsernameExists()
             Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.BadRequest));
         }
 
+        /// <summary>
+        /// Verifies the API prevents reusing an existing GitHub username value.
+        /// </summary>
         [Test]
         public async Task UpdateUserGitHubUsernameExists()
         {
@@ -316,6 +369,9 @@ public async Task UpdateUserGitHubUsernameExists()
             Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.BadRequest));
         }
 
+        /// <summary>
+        /// Verifies the API prevents reusing an existing email address value.
+        /// </summary>
         [Test]
         public async Task UpdateUserEmailExists()
         {
@@ -333,6 +389,11 @@ public async Task UpdateUserEmailExists()
             Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.BadRequest));
         }
 
+        /// <summary>
+        /// Ensures retrieving users by id returns 200 for known users and 404 for missing ones.
+        /// </summary>
+        /// <param name="id">The user id sent to the endpoint.</param>
+        /// <param name="responseStatus">The expected HTTP status code.</param>
         [TestCase("1", HttpStatusCode.OK)]
         [TestCase("10000000", HttpStatusCode.NotFound)]
         public async Task GetUserByIdTest(string id, HttpStatusCode responseStatus)