alkemyTech · ldato · Jun 11, 2022 · Jun 16, 2022 · maxxCeballos · Jun 15, 2022
diff --git a/controllers/comments.controller.js b/controllers/comments.controller.js
@@ -1,31 +1,71 @@
-const { request, response} = require('express');
-const { createComment } = require('../services/comment');
+const { request, response } = require('express');
+const { createComment, findId, deleteOne } = require('../services/comment');
 
-const getComments = ( req = request, res = response )=> {
+const getComments = (req = request, res = response) => {
 
-    res.status(200).json({ msg: 'getComments'});
+    res.status(200).json({ msg: 'getComments' });
 
 }
 
-const newComment = async(req = request, res = response ) => {
-    
+const newComment = async (req = request, res = response) => {
+
     const { post_id, user_id, body } = req.body;
 
     try {
-        const comment = await createComment({ post_id, user_id, body }) 
+        const comment = await createComment({ post_id, user_id, body })
 
-        res.json({ error: false, message: 'El comentario se ah creado exitosamente', comment});
+        res.json({ error: false, message: 'El comentario se ah creado exitosamente', comment });
 
     } catch (error) {
 
-        res.status(500).json({ error: true, message: 'Error en el servidor, Comuniquese con el administrador', comment: null});
+        res.status(500).json({ error: true, message: 'Error en el servidor, Comuniquese con el administrador', comment: null });
     }
 
 };
 
+const deleteComment = async (req, res) => {
+
+    const id = parseInt(req.params.id)
+    const user = req.user;
+
+    try {
+
+        const deletedComment = await deleteOne(user, id);
+        console.log("DeletedComment: " + deletedComment);
+
+        if (deletedComment == null) {
+            return res.status(400).json({
+                message: "No se encontro el comentario"
+            })
+        }
+
+        if (deletedComment != 1) {
+            return res.status(400).json({
+                message: deletedComment
+            })
+        }
+
+        return res.status(200).json({
+            message: "Deleted",
+            id: id
+        })
+
+    } catch (error) {
+
+        console.log(error)
+        return res.status(500).json({
+            error: true,
+            message: "An error has ocurred"
+        })
+
+    }
+
+}
+
 
 
 module.exports = {
     getComments,
     newComment,
+    deleteComment
 }
diff --git a/middleware/checkCommentOwner.js b/middleware/checkCommentOwner.js
@@ -0,0 +1,30 @@
+const getComment = require('../services/comment').findId;
+
+const checkCommentOwner = async (req, res, next) => {
+
+    const id = req.params.id;
+    const userId = req.user.id;
+    const userRoleId = req.user.roleId;
+
+    const comment = await getComment(id);
+    const commentUserId = comment.user_id;
+
+    // console.log("userId:" + userId);
+    // console.log("userRoleId:" + userRoleId);
+
+    if ((userId === commentUserId) || userRoleId === 1) {
+
+        return next();
+
+    } else {
+
+        return res.status(401).json({
+            error: true,
+            message: "Insufficient permissions",
+        });
+    }
+
+
+}
+
+module.exports = checkCommentOwner;
diff --git a/routes/comments.js b/routes/comments.js
@@ -2,13 +2,18 @@ const { Router } = require('express');
 const router = Router();
 
 const verifyToken = require('../middleware/verifyToken');
+const checkOwnership = require('../middleware/checkOwnership')
 const validatorHandler = require('../middleware/validatorHandler');
 const commentsFields = require('../helpers/checkCommentsFields');
-const { newComment } = require('../controllers/comments.controller');
+const { newComment, deleteComment } = require('../controllers/comments.controller');
 
 
 router.post('/', verifyToken, validatorHandler(commentsFields), newComment );
 
+router.delete('/:id',verifyToken, deleteComment );
+
+
+
 
 
 

diff --git a/services/comment.js b/services/comment.js
@@ -1,15 +1,50 @@
-const { Comment:DB } = require('../models')
+const { Comment: DB } = require('../models')
+const db = require('../models');
 
-const createComment = async( data ) => {
+const createComment = async (data) => {
 
-    const comment = new DB( data );
+    const comment = new DB(data);
 
     await comment.save();
 
     return comment;
 
 };
 
+const findId = async (id) => {
+
+    const comment = await db.Comment.findByPk(id);
+
+    return comment;
+
+}
+
+const deleteOne = async (user, id) => {
+
+    const commentUserId = await db.Comment.findByPk(id);
+
+    if (commentUserId === null) {
+        return null;
+    } else {
+        console.log("Existe el comentario");
+        console.log("idComment: " + commentUserId.dataValues.user_id)
+        console.log("idUser: " + user.roleId)
+
+        if (commentUserId.dataValues.user_id === user.id || user.roleId === 1) {
+
+        const comment = await db.Comment.destroy({ where: { id } });
+
+        return comment;
+
+    } else {
+        return "No tiene permisos para eliminar este comentario";
+    }
+}
+}
+
+
 module.exports = {
     createComment,
+    findId,
+    deleteOne
 }