validation for material

api/material.yaml

@@ -140,6 +140,29 @@
       500:
         $ref: 'api.yaml#/components/responses/500'
 
+/material/validate/{id}:
+  parameters:
+    - $ref: 'api.yaml#/components/parameters/Id'
+  put:
+    summary: restore material
+    description: 'Auth: basic, levels: maintain, admin'
+    x-doc: status is set to 10
+    tags:
+      - /material
+    security:
+      - BasicAuth: []
+    responses:
+      200:
+        $ref: 'api.yaml#/components/responses/Ok'
+      401:
+        $ref: 'api.yaml#/components/responses/401'
+      403:
+        $ref: 'api.yaml#/components/responses/403'
+      404:
+        $ref: 'api.yaml#/components/responses/404'
+      500:
+        $ref: 'api.yaml#/components/responses/500'
+
 /material/new:
   post:
     summary: add material

src/routes/material.spec.ts

@@ -574,6 +574,61 @@ describe('/material', () => {
     });
   });
 
+  describe('PUT /material/validate/{id}', () => {
+    it('sets the status', done => {
+      TestHelper.request(server, done, {
+        method: 'put',
+        url: '/material/validate/100000000000000000000007',
+        auth: {basic: 'admin'},
+        httpStatus: 200,
+        req: {}
+      }).end((err, res) => {
+        if (err) return done (err);
+        should(res.body).be.eql({status: 'OK'});
+        MaterialModel.findById('100000000000000000000007').lean().exec((err, data: any) => {
+          if (err) return done(err);
+          should(data).have.property('status',globals.status.validated);
+          done();
+        });
+      });
+    });
+    it('rejects an API key', done => {
+      TestHelper.request(server, done, {
+        method: 'put',
+        url: '/material/validate/100000000000000000000007',
+        auth: {key: 'admin'},
+        httpStatus: 401,
+        req: {}
+      });
+    });
+    it('rejects a write user', done => {
+      TestHelper.request(server, done, {
+        method: 'put',
+        url: '/material/validate/100000000000000000000007',
+        auth: {basic: 'janedoe'},
+        httpStatus: 403,
+        req: {}
+      });
+    });
+    it('returns 404 for an unknown sample', done => {
+      TestHelper.request(server, done, {
+        method: 'put',
+        url: '/material/validate/000000000000000000000007',
+        auth: {basic: 'admin'},
+        httpStatus: 404,
+        req: {}
+      });
+    });
+    it('rejects unauthorized requests', done => {
+      TestHelper.request(server, done, {
+        method: 'put',
+        url: '/material/validate/100000000000000000000007',
+        httpStatus: 401,
+        req: {}
+      });
+    });
+  });
+
   describe('POST /material/new', () => {
     it('returns the right material', done => {
       TestHelper.request(server, done, {

src/routes/material.ts

@@ -111,14 +111,13 @@ router.delete('/material/' + IdValidate.parameter(), (req, res, next) => {
 router.put('/material/restore/' + IdValidate.parameter(), (req, res, next) => {
   if (!req.auth(res, ['maintain', 'admin'], 'basic')) return;
 
-  MaterialModel.findByIdAndUpdate(req.params.id, {status: globals.status.new}).lean().exec((err, data) => {
-    if (err) return next(err);
+  setStatus(globals.status.new, req, res, next);
+});
 
-    if (!data) {
-      return res.status(404).json({status: 'Not found'});
-    }
-    res.json({status: 'OK'});
-  });
+router.put('/material/validate/' + IdValidate.parameter(), (req, res, next) => {
+  if (!req.auth(res, ['maintain', 'admin'], 'basic')) return;
+
+  setStatus(globals.status.validated, req, res, next);
 });
 
 router.post('/material/new', async (req, res, next) => {
@@ -192,3 +191,14 @@ async function supplierResolve (material, next) {
   delete material.supplier;
   return material;
 }
+
+function setStatus (status, req, res, next) {  // set measurement status
+  MaterialModel.findByIdAndUpdate(req.params.id, {status: status}).lean().exec((err, data) => {
+    if (err) return next(err);
+
+    if (!data) {
+      return res.status(404).json({status: 'Not found'});
+    }
+    res.json({status: 'OK'});
+  });
+}