msw/crate: Add PATCH /api/v1/crates/:name request handler

Author: Turbo87

packages/crates-io-msw/handlers/crates.js

@@ -5,6 +5,7 @@ import followCrate from './crates/follow.js';
 import following from './crates/following.js';
 import getCrate from './crates/get.js';
 import listCrates from './crates/list.js';
+import patchCrate from './crates/patch.js';
 import removeOwners from './crates/remove-owners.js';
 import reverseDependencies from './crates/reverse-dependencies.js';
 import teamOwners from './crates/team-owners.js';
@@ -14,6 +15,7 @@ import userOwners from './crates/user-owners.js';
 export default [
   listCrates,
   getCrate,
+  patchCrate,
   deleteCrate,
   following,
   followCrate,

packages/crates-io-msw/handlers/crates/patch.js

@@ -0,0 +1,30 @@
+import { http, HttpResponse } from 'msw';
+
+import { db } from '../../index.js';
+import { serializeCrate } from '../../serializers/crate.js';
+import { getSession } from '../../utils/session.js';
+
+export default http.patch('/api/v1/crates/:name', async ({ request, params }) => {
+  let { user } = getSession();
+  if (!user) {
+    return HttpResponse.json({ errors: [{ detail: 'must be logged in to perform that action' }] }, { status: 403 });
+  }
+
+  let crate = db.crate.findFirst({ where: { name: { equals: params.name } } });
+  if (!crate) {
+    return HttpResponse.json({ errors: [{ detail: `crate \`${params.name}\` does not exist` }] }, { status: 404 });
+  }
+
+  let body = await request.json();
+
+  if (body.crate?.trustpub_only != null) {
+    crate = db.crate.update({
+      where: { id: { equals: crate.id } },
+      data: {
+        trustpubOnly: body.crate.trustpub_only,
+      },
+    });
+  }
+
+  return HttpResponse.json({ crate: serializeCrate(crate) });
+});

packages/crates-io-msw/handlers/crates/patch.test.js

@@ -0,0 +1,52 @@
+import { assert, test } from 'vitest';
+
+import { db } from '../../index.js';
+
+test('returns 403 if unauthenticated', async function () {
+  let response = await fetch('/api/v1/crates/foo', {
+    method: 'PATCH',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({ crate: { trustpub_only: true } }),
+  });
+  assert.strictEqual(response.status, 403);
+  assert.deepEqual(await response.json(), {
+    errors: [{ detail: 'must be logged in to perform that action' }],
+  });
+});
+
+test('returns 404 for unknown crates', async function () {
+  let user = db.user.create();
+  db.mswSession.create({ user });
+
+  let response = await fetch('/api/v1/crates/foo', {
+    method: 'PATCH',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({ crate: { trustpub_only: true } }),
+  });
+  assert.strictEqual(response.status, 404);
+  assert.deepEqual(await response.json(), { errors: [{ detail: 'crate `foo` does not exist' }] });
+});
+
+test('updates trustpub_only flag', async function () {
+  let user = db.user.create();
+  db.mswSession.create({ user });
+
+  let crate = db.crate.create({ name: 'foo', trustpubOnly: false });
+  assert.strictEqual(crate.trustpubOnly, false);
+
+  db.version.create({ crate, num: '1.0.0' });
+  db.crateOwnership.create({ crate, user });
+
+  let response = await fetch('/api/v1/crates/foo', {
+    method: 'PATCH',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({ crate: { trustpub_only: true } }),
+  });
+  assert.strictEqual(response.status, 200);
+
+  let json = await response.json();
+  assert.strictEqual(json.crate.trustpub_only, true);
+
+  let updatedCrate = db.crate.findFirst({ where: { name: { equals: 'foo' } } });
+  assert.strictEqual(updatedCrate.trustpubOnly, true);
+});