HyperSpaceOut/jackboxpartypack-gamepicker
3
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add PUT and DELETE /api/sessions/:id/notes endpoints

Browse Source 
Made-with: Cursor
This commit is contained in:
cottongin
2026-03-23 00:13:09 -04:00
parent ce3347d0b1
commit b9206b6cfe
2 changed files with 154 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

112
tests/api/session-notes.test.js
View File

@@ -145,3 +145,115 @@ describe('GET /api/sessions/:id notes visibility', () => {
expect(res.body.notes_preview).toBeNull();
});
});
describe('PUT /api/sessions/:id/notes', () => {
beforeEach(() => {
cleanDb();
});
test('updates notes when authenticated', async () => {
const session = seedSession({ notes: 'Old notes' });
const res = await request(app)
.put(`/api/sessions/${session.id}/notes`)
.set('Authorization', getAuthHeader())
.send({ notes: 'New notes here' });
expect(res.status).toBe(200);
expect(res.body.notes).toBe('New notes here');
});
test('overwrites notes completely (no merge)', async () => {
const session = seedSession({ notes: 'Original notes' });
const res = await request(app)
.put(`/api/sessions/${session.id}/notes`)
.set('Authorization', getAuthHeader())
.send({ notes: 'Replacement' });
expect(res.status).toBe(200);
expect(res.body.notes).toBe('Replacement');
});
test('returns 404 for nonexistent session', async () => {
const res = await request(app)
.put('/api/sessions/99999/notes')
.set('Authorization', getAuthHeader())
.send({ notes: 'test' });
expect(res.status).toBe(404);
});
test('returns 401 without auth header', async () => {
const session = seedSession({});
const res = await request(app)
.put(`/api/sessions/${session.id}/notes`)
.send({ notes: 'test' });
expect(res.status).toBe(401);
});
test('returns 403 with invalid token', async () => {
const session = seedSession({});
const res = await request(app)
.put(`/api/sessions/${session.id}/notes`)
.set('Authorization', 'Bearer invalid-token')
.send({ notes: 'test' });
expect(res.status).toBe(403);
});
});
describe('DELETE /api/sessions/:id/notes', () => {
beforeEach(() => {
cleanDb();
});
test('clears notes when authenticated', async () => {
const session = seedSession({ notes: 'Some notes' });
const res = await request(app)
.delete(`/api/sessions/${session.id}/notes`)
.set('Authorization', getAuthHeader());
expect(res.status).toBe(200);
expect(res.body.success).toBe(true);
// Verify notes are actually cleared
const check = await request(app)
.get(`/api/sessions/${session.id}`)
.set('Authorization', getAuthHeader());
expect(check.body.notes).toBeNull();
expect(check.body.has_notes).toBe(false);
});
test('returns 404 for nonexistent session', async () => {
const res = await request(app)
.delete('/api/sessions/99999/notes')
.set('Authorization', getAuthHeader());
expect(res.status).toBe(404);
});
test('returns 401 without auth header', async () => {
const session = seedSession({ notes: 'test' });
const res = await request(app)
.delete(`/api/sessions/${session.id}/notes`);
expect(res.status).toBe(401);
});
test('returns 403 with invalid token', async () => {
const session = seedSession({ notes: 'test' });
const res = await request(app)
.delete(`/api/sessions/${session.id}/notes`)
.set('Authorization', 'Bearer invalid-token');
expect(res.status).toBe(403);
});
});