diff --git a/internal/api/api.go b/internal/api/api.go index ebae8648..27ee3a2f 100644 --- a/internal/api/api.go +++ b/internal/api/api.go @@ -36,6 +36,16 @@ func Mount(r chi.Router, pool *pgxpool.Pool, logger *slog.Logger, events *playev authed.Get("/search", h.handleSearch) authed.Get("/radio", h.handleRadio) authed.Post("/events", h.handleEvents) + authed.Post("/likes/tracks/{id}", h.handleLikeTrack) + authed.Delete("/likes/tracks/{id}", h.handleUnlikeTrack) + authed.Post("/likes/albums/{id}", h.handleLikeAlbum) + authed.Delete("/likes/albums/{id}", h.handleUnlikeAlbum) + authed.Post("/likes/artists/{id}", h.handleLikeArtist) + authed.Delete("/likes/artists/{id}", h.handleUnlikeArtist) + authed.Get("/likes/tracks", h.handleListLikedTracks) + authed.Get("/likes/albums", h.handleListLikedAlbums) + authed.Get("/likes/artists", h.handleListLikedArtists) + authed.Get("/likes/ids", h.handleGetLikedIDs) }) }) } diff --git a/internal/api/likes.go b/internal/api/likes.go new file mode 100644 index 00000000..3cb1c698 --- /dev/null +++ b/internal/api/likes.go @@ -0,0 +1,316 @@ +package api + +import ( + "encoding/json" + "errors" + "net/http" + + "github.com/go-chi/chi/v5" + "github.com/jackc/pgx/v5" + "github.com/jackc/pgx/v5/pgtype" + + "git.fabledsword.com/bvandeusen/minstrel/internal/auth" + "git.fabledsword.com/bvandeusen/minstrel/internal/db/dbq" +) + +type likedIDsResponse struct { + TrackIDs []string `json:"track_ids"` + AlbumIDs []string `json:"album_ids"` + ArtistIDs []string `json:"artist_ids"` +} + +func (h *handlers) handleLikeTrack(w http.ResponseWriter, r *http.Request) { + user, ok := auth.UserFromContext(r.Context()) + if !ok { + writeErr(w, http.StatusUnauthorized, "unauthorized", "authentication required") + return + } + id, ok := parseUUID(chi.URLParam(r, "id")) + if !ok { + writeErr(w, http.StatusBadRequest, "bad_request", "invalid track id") + return + } + q := dbq.New(h.pool) + if _, err := q.GetTrackByID(r.Context(), id); err != nil { + if errors.Is(err, pgx.ErrNoRows) { + writeErr(w, http.StatusNotFound, "not_found", "track not found") + return + } + h.logger.Error("api: like track lookup", "err", err) + writeErr(w, http.StatusInternalServerError, "server_error", "lookup failed") + return + } + if err := q.LikeTrack(r.Context(), dbq.LikeTrackParams{UserID: user.ID, TrackID: id}); err != nil { + h.logger.Error("api: like track insert", "err", err) + writeErr(w, http.StatusInternalServerError, "server_error", "insert failed") + return + } + w.WriteHeader(http.StatusNoContent) +} + +func (h *handlers) handleUnlikeTrack(w http.ResponseWriter, r *http.Request) { + user, ok := auth.UserFromContext(r.Context()) + if !ok { + writeErr(w, http.StatusUnauthorized, "unauthorized", "authentication required") + return + } + id, ok := parseUUID(chi.URLParam(r, "id")) + if !ok { + writeErr(w, http.StatusBadRequest, "bad_request", "invalid track id") + return + } + if err := dbq.New(h.pool).UnlikeTrack(r.Context(), dbq.UnlikeTrackParams{UserID: user.ID, TrackID: id}); err != nil { + h.logger.Error("api: unlike track", "err", err) + writeErr(w, http.StatusInternalServerError, "server_error", "delete failed") + return + } + w.WriteHeader(http.StatusNoContent) +} + +func (h *handlers) handleLikeAlbum(w http.ResponseWriter, r *http.Request) { + user, ok := auth.UserFromContext(r.Context()) + if !ok { + writeErr(w, http.StatusUnauthorized, "unauthorized", "authentication required") + return + } + id, ok := parseUUID(chi.URLParam(r, "id")) + if !ok { + writeErr(w, http.StatusBadRequest, "bad_request", "invalid album id") + return + } + q := dbq.New(h.pool) + if _, err := q.GetAlbumByID(r.Context(), id); err != nil { + if errors.Is(err, pgx.ErrNoRows) { + writeErr(w, http.StatusNotFound, "not_found", "album not found") + return + } + h.logger.Error("api: like album lookup", "err", err) + writeErr(w, http.StatusInternalServerError, "server_error", "lookup failed") + return + } + if err := q.LikeAlbum(r.Context(), dbq.LikeAlbumParams{UserID: user.ID, AlbumID: id}); err != nil { + h.logger.Error("api: like album insert", "err", err) + writeErr(w, http.StatusInternalServerError, "server_error", "insert failed") + return + } + w.WriteHeader(http.StatusNoContent) +} + +func (h *handlers) handleUnlikeAlbum(w http.ResponseWriter, r *http.Request) { + user, ok := auth.UserFromContext(r.Context()) + if !ok { + writeErr(w, http.StatusUnauthorized, "unauthorized", "authentication required") + return + } + id, ok := parseUUID(chi.URLParam(r, "id")) + if !ok { + writeErr(w, http.StatusBadRequest, "bad_request", "invalid album id") + return + } + if err := dbq.New(h.pool).UnlikeAlbum(r.Context(), dbq.UnlikeAlbumParams{UserID: user.ID, AlbumID: id}); err != nil { + h.logger.Error("api: unlike album", "err", err) + writeErr(w, http.StatusInternalServerError, "server_error", "delete failed") + return + } + w.WriteHeader(http.StatusNoContent) +} + +func (h *handlers) handleLikeArtist(w http.ResponseWriter, r *http.Request) { + user, ok := auth.UserFromContext(r.Context()) + if !ok { + writeErr(w, http.StatusUnauthorized, "unauthorized", "authentication required") + return + } + id, ok := parseUUID(chi.URLParam(r, "id")) + if !ok { + writeErr(w, http.StatusBadRequest, "bad_request", "invalid artist id") + return + } + q := dbq.New(h.pool) + if _, err := q.GetArtistByID(r.Context(), id); err != nil { + if errors.Is(err, pgx.ErrNoRows) { + writeErr(w, http.StatusNotFound, "not_found", "artist not found") + return + } + h.logger.Error("api: like artist lookup", "err", err) + writeErr(w, http.StatusInternalServerError, "server_error", "lookup failed") + return + } + if err := q.LikeArtist(r.Context(), dbq.LikeArtistParams{UserID: user.ID, ArtistID: id}); err != nil { + h.logger.Error("api: like artist insert", "err", err) + writeErr(w, http.StatusInternalServerError, "server_error", "insert failed") + return + } + w.WriteHeader(http.StatusNoContent) +} + +func (h *handlers) handleUnlikeArtist(w http.ResponseWriter, r *http.Request) { + user, ok := auth.UserFromContext(r.Context()) + if !ok { + writeErr(w, http.StatusUnauthorized, "unauthorized", "authentication required") + return + } + id, ok := parseUUID(chi.URLParam(r, "id")) + if !ok { + writeErr(w, http.StatusBadRequest, "bad_request", "invalid artist id") + return + } + if err := dbq.New(h.pool).UnlikeArtist(r.Context(), dbq.UnlikeArtistParams{UserID: user.ID, ArtistID: id}); err != nil { + h.logger.Error("api: unlike artist", "err", err) + writeErr(w, http.StatusInternalServerError, "server_error", "delete failed") + return + } + w.WriteHeader(http.StatusNoContent) +} + +func (h *handlers) handleListLikedTracks(w http.ResponseWriter, r *http.Request) { + user, ok := auth.UserFromContext(r.Context()) + if !ok { + writeErr(w, http.StatusUnauthorized, "unauthorized", "authentication required") + return + } + limit, offset, err := parsePaging(r.URL.Query()) + if err != nil { + writeErr(w, http.StatusBadRequest, "bad_request", err.Error()) + return + } + q := dbq.New(h.pool) + rows, err := q.ListLikedTrackRows(r.Context(), dbq.ListLikedTrackRowsParams{ + UserID: user.ID, Limit: int32(limit), Offset: int32(offset), + }) + if err != nil { + h.logger.Error("api: list liked tracks", "err", err) + writeErr(w, http.StatusInternalServerError, "server_error", "list failed") + return + } + total, err := q.CountLikedTracks(r.Context(), user.ID) + if err != nil { + h.logger.Error("api: count liked tracks", "err", err) + writeErr(w, http.StatusInternalServerError, "server_error", "count failed") + return + } + items, err := h.resolveTrackRefs(r.Context(), q, rows) + if err != nil { + writeErr(w, http.StatusInternalServerError, "server_error", "list failed") + return + } + writeJSON(w, http.StatusOK, Page[TrackRef]{Items: items, Total: int(total), Limit: limit, Offset: offset}) +} + +func (h *handlers) handleListLikedAlbums(w http.ResponseWriter, r *http.Request) { + user, ok := auth.UserFromContext(r.Context()) + if !ok { + writeErr(w, http.StatusUnauthorized, "unauthorized", "authentication required") + return + } + limit, offset, err := parsePaging(r.URL.Query()) + if err != nil { + writeErr(w, http.StatusBadRequest, "bad_request", err.Error()) + return + } + q := dbq.New(h.pool) + rows, err := q.ListLikedAlbumRows(r.Context(), dbq.ListLikedAlbumRowsParams{ + UserID: user.ID, Limit: int32(limit), Offset: int32(offset), + }) + if err != nil { + h.logger.Error("api: list liked albums", "err", err) + writeErr(w, http.StatusInternalServerError, "server_error", "list failed") + return + } + total, err := q.CountLikedAlbums(r.Context(), user.ID) + if err != nil { + h.logger.Error("api: count liked albums", "err", err) + writeErr(w, http.StatusInternalServerError, "server_error", "count failed") + return + } + items, err := h.resolveAlbumRefs(r.Context(), q, rows) + if err != nil { + writeErr(w, http.StatusInternalServerError, "server_error", "list failed") + return + } + writeJSON(w, http.StatusOK, Page[AlbumRef]{Items: items, Total: int(total), Limit: limit, Offset: offset}) +} + +func (h *handlers) handleListLikedArtists(w http.ResponseWriter, r *http.Request) { + user, ok := auth.UserFromContext(r.Context()) + if !ok { + writeErr(w, http.StatusUnauthorized, "unauthorized", "authentication required") + return + } + limit, offset, err := parsePaging(r.URL.Query()) + if err != nil { + writeErr(w, http.StatusBadRequest, "bad_request", err.Error()) + return + } + q := dbq.New(h.pool) + rows, err := q.ListLikedArtistRows(r.Context(), dbq.ListLikedArtistRowsParams{ + UserID: user.ID, Limit: int32(limit), Offset: int32(offset), + }) + if err != nil { + h.logger.Error("api: list liked artists", "err", err) + writeErr(w, http.StatusInternalServerError, "server_error", "list failed") + return + } + total, err := q.CountLikedArtists(r.Context(), user.ID) + if err != nil { + h.logger.Error("api: count liked artists", "err", err) + writeErr(w, http.StatusInternalServerError, "server_error", "count failed") + return + } + items := make([]ArtistRef, 0, len(rows)) + for _, a := range rows { + albums, aerr := q.ListAlbumsByArtist(r.Context(), a.ID) + if aerr != nil { + h.logger.Error("api: list albums for artist", "err", aerr) + writeErr(w, http.StatusInternalServerError, "server_error", "list failed") + return + } + items = append(items, artistRefFrom(a, len(albums))) + } + writeJSON(w, http.StatusOK, Page[ArtistRef]{Items: items, Total: int(total), Limit: limit, Offset: offset}) +} + +func (h *handlers) handleGetLikedIDs(w http.ResponseWriter, r *http.Request) { + user, ok := auth.UserFromContext(r.Context()) + if !ok { + writeErr(w, http.StatusUnauthorized, "unauthorized", "authentication required") + return + } + q := dbq.New(h.pool) + trackIDs, err := q.ListLikedTrackIDs(r.Context(), user.ID) + if err != nil { + h.logger.Error("api: list liked track ids", "err", err) + writeErr(w, http.StatusInternalServerError, "server_error", "list failed") + return + } + albumIDs, err := q.ListLikedAlbumIDs(r.Context(), user.ID) + if err != nil { + h.logger.Error("api: list liked album ids", "err", err) + writeErr(w, http.StatusInternalServerError, "server_error", "list failed") + return + } + artistIDs, err := q.ListLikedArtistIDs(r.Context(), user.ID) + if err != nil { + h.logger.Error("api: list liked artist ids", "err", err) + writeErr(w, http.StatusInternalServerError, "server_error", "list failed") + return + } + resp := likedIDsResponse{ + TrackIDs: uuidsToStrings(trackIDs), + AlbumIDs: uuidsToStrings(albumIDs), + ArtistIDs: uuidsToStrings(artistIDs), + } + writeJSON(w, http.StatusOK, resp) +} + +func uuidsToStrings(ids []pgtype.UUID) []string { + out := make([]string, 0, len(ids)) + for _, id := range ids { + out = append(out, uuidToString(id)) + } + return out +} + +// Compile-time references so the json import is always live even when +// no handler in this file decodes a body. +var _ = json.Marshal diff --git a/internal/api/likes_test.go b/internal/api/likes_test.go new file mode 100644 index 00000000..e97a6a08 --- /dev/null +++ b/internal/api/likes_test.go @@ -0,0 +1,201 @@ +package api + +import ( + "context" + "encoding/json" + "net/http" + "net/http/httptest" + "testing" + + "github.com/go-chi/chi/v5" + + "git.fabledsword.com/bvandeusen/minstrel/internal/db/dbq" +) + +func callLike(h *handlers, user dbq.User, method, path string) *httptest.ResponseRecorder { + req := httptest.NewRequest(method, path, nil) + req = req.WithContext(context.WithValue(req.Context(), userCtxKeyForTest(), user)) + w := httptest.NewRecorder() + likesRouter(h).ServeHTTP(w, req) + return w +} + +// likesRouter matches the routes registered in Mount but without RequireUser +// so tests can inject the user via context directly. +func likesRouter(h *handlers) http.Handler { + r := chi.NewRouter() + r.Post("/api/likes/tracks/{id}", h.handleLikeTrack) + r.Delete("/api/likes/tracks/{id}", h.handleUnlikeTrack) + r.Post("/api/likes/albums/{id}", h.handleLikeAlbum) + r.Delete("/api/likes/albums/{id}", h.handleUnlikeAlbum) + r.Post("/api/likes/artists/{id}", h.handleLikeArtist) + r.Delete("/api/likes/artists/{id}", h.handleUnlikeArtist) + r.Get("/api/likes/tracks", h.handleListLikedTracks) + r.Get("/api/likes/albums", h.handleListLikedAlbums) + r.Get("/api/likes/artists", h.handleListLikedArtists) + r.Get("/api/likes/ids", h.handleGetLikedIDs) + return r +} + +func TestLikeTrack_Idempotent(t *testing.T) { + h, pool := testHandlers(t) + truncateLibrary(t, pool) + user := seedUser(t, pool, "alice", "x", false) + artist := seedArtist(t, pool, "Beatles") + album := seedAlbum(t, pool, artist.ID, "Abbey Road", 1969) + track := seedTrack(t, pool, album.ID, artist.ID, "Something", 3, 183_000) + + w := callLike(h, user, http.MethodPost, "/api/likes/tracks/"+uuidToString(track.ID)) + if w.Code != http.StatusNoContent { + t.Fatalf("first like: status = %d body=%s", w.Code, w.Body.String()) + } + w = callLike(h, user, http.MethodPost, "/api/likes/tracks/"+uuidToString(track.ID)) + if w.Code != http.StatusNoContent { + t.Errorf("second like (idempotent): status = %d", w.Code) + } + var count int + _ = pool.QueryRow(context.Background(), + "SELECT count(*) FROM general_likes WHERE user_id=$1", user.ID).Scan(&count) + if count != 1 { + t.Errorf("rows = %d, want 1", count) + } +} + +func TestLikeTrack_BadUUIDIs400(t *testing.T) { + h, pool := testHandlers(t) + user := seedUser(t, pool, "alice", "x", false) + w := callLike(h, user, http.MethodPost, "/api/likes/tracks/not-a-uuid") + if w.Code != http.StatusBadRequest { + t.Errorf("status = %d", w.Code) + } +} + +func TestLikeTrack_UnknownTrackIs404(t *testing.T) { + h, pool := testHandlers(t) + truncateLibrary(t, pool) + user := seedUser(t, pool, "alice", "x", false) + w := callLike(h, user, http.MethodPost, "/api/likes/tracks/00000000-0000-0000-0000-000000000000") + if w.Code != http.StatusNotFound { + t.Errorf("status = %d", w.Code) + } +} + +func TestUnlikeTrack_IdempotentEvenWhenAbsent(t *testing.T) { + h, pool := testHandlers(t) + truncateLibrary(t, pool) + user := seedUser(t, pool, "alice", "x", false) + artist := seedArtist(t, pool, "Beatles") + album := seedAlbum(t, pool, artist.ID, "Abbey Road", 1969) + track := seedTrack(t, pool, album.ID, artist.ID, "Something", 3, 183_000) + + w := callLike(h, user, http.MethodDelete, "/api/likes/tracks/"+uuidToString(track.ID)) + if w.Code != http.StatusNoContent { + t.Errorf("status = %d", w.Code) + } +} + +func TestListLikedTracks_PaginatedAndSortedDescByLikedAt(t *testing.T) { + h, pool := testHandlers(t) + truncateLibrary(t, pool) + user := seedUser(t, pool, "alice", "x", false) + artist := seedArtist(t, pool, "X") + album := seedAlbum(t, pool, artist.ID, "X", 1990) + t1 := seedTrack(t, pool, album.ID, artist.ID, "First", 1, 100_000) + t2 := seedTrack(t, pool, album.ID, artist.ID, "Second", 2, 100_000) + + // Like t1 then t2 — newest should come first. + _ = callLike(h, user, http.MethodPost, "/api/likes/tracks/"+uuidToString(t1.ID)) + _ = callLike(h, user, http.MethodPost, "/api/likes/tracks/"+uuidToString(t2.ID)) + + w := callLike(h, user, http.MethodGet, "/api/likes/tracks?limit=10&offset=0") + if w.Code != http.StatusOK { + t.Fatalf("status = %d body=%s", w.Code, w.Body.String()) + } + var resp struct { + Items []TrackRef `json:"items"` + Total int `json:"total"` + Limit int `json:"limit"` + Offset int `json:"offset"` + } + _ = json.Unmarshal(w.Body.Bytes(), &resp) + if resp.Total != 2 || len(resp.Items) != 2 { + t.Fatalf("shape: %+v", resp) + } + if resp.Items[0].Title != "Second" { + t.Errorf("first item = %q, want %q (most recent)", resp.Items[0].Title, "Second") + } +} + +func TestGetLikedIDs_ReturnsAllThreeArrays(t *testing.T) { + h, pool := testHandlers(t) + truncateLibrary(t, pool) + user := seedUser(t, pool, "alice", "x", false) + artist := seedArtist(t, pool, "X") + album := seedAlbum(t, pool, artist.ID, "X", 1990) + track := seedTrack(t, pool, album.ID, artist.ID, "T", 1, 100_000) + + _ = callLike(h, user, http.MethodPost, "/api/likes/tracks/"+uuidToString(track.ID)) + _ = callLike(h, user, http.MethodPost, "/api/likes/albums/"+uuidToString(album.ID)) + _ = callLike(h, user, http.MethodPost, "/api/likes/artists/"+uuidToString(artist.ID)) + + w := callLike(h, user, http.MethodGet, "/api/likes/ids") + if w.Code != http.StatusOK { + t.Fatalf("status = %d", w.Code) + } + var resp struct { + TrackIDs []string `json:"track_ids"` + AlbumIDs []string `json:"album_ids"` + ArtistIDs []string `json:"artist_ids"` + } + _ = json.Unmarshal(w.Body.Bytes(), &resp) + if len(resp.TrackIDs) != 1 || len(resp.AlbumIDs) != 1 || len(resp.ArtistIDs) != 1 { + t.Errorf("ids = %+v", resp) + } +} + +func TestGetLikedIDs_CrossUserIsolation(t *testing.T) { + h, pool := testHandlers(t) + truncateLibrary(t, pool) + alice := seedUser(t, pool, "alice", "x", false) + bob := seedUser(t, pool, "bob", "x", false) + artist := seedArtist(t, pool, "X") + album := seedAlbum(t, pool, artist.ID, "X", 1990) + track := seedTrack(t, pool, album.ID, artist.ID, "T", 1, 100_000) + + // Alice likes the track. + _ = callLike(h, alice, http.MethodPost, "/api/likes/tracks/"+uuidToString(track.ID)) + // Bob queries his ids — should be empty. + w := callLike(h, bob, http.MethodGet, "/api/likes/ids") + var resp struct { + TrackIDs []string `json:"track_ids"` + } + _ = json.Unmarshal(w.Body.Bytes(), &resp) + if len(resp.TrackIDs) != 0 { + t.Errorf("bob's track_ids should be empty, got %v", resp.TrackIDs) + } +} + +func TestLikeAlbumAndArtist_HappyPath(t *testing.T) { + h, pool := testHandlers(t) + truncateLibrary(t, pool) + user := seedUser(t, pool, "alice", "x", false) + artist := seedArtist(t, pool, "X") + album := seedAlbum(t, pool, artist.ID, "X", 1990) + + w := callLike(h, user, http.MethodPost, "/api/likes/albums/"+uuidToString(album.ID)) + if w.Code != http.StatusNoContent { + t.Errorf("album: status = %d", w.Code) + } + w = callLike(h, user, http.MethodPost, "/api/likes/artists/"+uuidToString(artist.ID)) + if w.Code != http.StatusNoContent { + t.Errorf("artist: status = %d", w.Code) + } + w = callLike(h, user, http.MethodGet, "/api/likes/albums?limit=10") + var resp struct { + Total int `json:"total"` + } + _ = json.Unmarshal(w.Body.Bytes(), &resp) + if resp.Total != 1 { + t.Errorf("album total = %d", resp.Total) + } +}