Description
Description
Create an API endpoint to update a blog post. This endpoint will handle the updating of blog post records by allowing the modification of the title and content. It ensures proper validation, authorization, and error handling.
Acceptance Criteria
API Endpoint Implementation:
- The endpoint should be accessible at api/v1/blog/{id}.
- The endpoint should accept HTTP PUT requests.
Data Validation and Authorization:
- The API should validate the blog ID to ensure it exists in the database.
- Only authenticated users with appropriate permissions (the author of the blog post or an admin) should be allowed to update blog posts.
Response:
- On success, the API should return a 200 OK status code with a success message and updated blog post details.
- On failure, the API should return 400 Bad Request status code if the request contains invalid data or missing required fields, 404 Not Found status code if the blog post with the provided ID does not exist, 401 Unauthorized status code if the authentication token is invalid and 403 Forbidden status code if the user does not have permission to update the blog post..
Request Example:
PUT /api/v1/blog/{id}
Successful Response:
{
"status_code": 200
"message": "Blog post updated successfully",
"data": {
"id": "7d1f89c2-3c24-7c3f-a8e5-9a8a3e6d2f7b",
"title": "Updated Title",
"content": "Updated content",
"author_id": "a7f6e0c1-52e5-4d30-8b27-f2be4d4d1c77"
}
}
Error Response:
If the request contains invalid data or missing required fields:
{
"detail": "Title and content cannot be empty",
"status_code": 400
}If the blog post with the provided ID does not exist:
{
"detail": "Post not Found",
"status_code": 404
}If the authentication token is invalid:
{
"detail": "Invalid authentication credentials",
"status_code": 401
}
If the user does not have permission to update the blog post:
{
"detail": "You do not have permission to update this post",
"status_code": 403
}
Purpose
Provides a backend service to update blog posts securely, ensuring only authorized users can perform this action.
Requirements
- Develop server-side logic to handle blog post update requests.
- Validate the blog ID before attempting to update the post.
- Implement authorization to ensure only the author or admin can update the blog post.
- Handle success and error responses appropriately.
Expected Outcome
API endpoint allows authenticated users with proper permissions to update blog posts securely, returning appropriate success and error responses.
Status Codes
- 200: Blog post was successfully updated.
- 400: Invalid request data or missing required fields.
- 404: Blog post not found.
- 401: Invalid authentication credentials.
- 403: Forbidden access due to insufficient permissions.
- 500: A server error occurred.
Testing
- Write unit tests to ensure the endpoint validates input correctly and handles updates.
- Perform load testing to ensure the endpoint can handle multiple requests.
- Test various scenarios for updating blog posts, including invalid data, non-existent blog posts, unauthorized access, and permission issues.