Add API routes for section create/destroy (#6873)

Co-authored-by: Bruce Liu <[email protected]>

Changelog.md

@@ -3,6 +3,7 @@
 ## [unreleased]
 - Allow inactive groups in the graders table to be toggled for display (#6778)
 - Enable plotly rendering for jupyter notebooks (#6871)
+- Added new API routes for the `create` and `destroy` actions of SectionsController (#6873)
 
 ## [v2.4.1]
 - Internal changes only

app/controllers/api/sections_controller.rb

@@ -0,0 +1,35 @@
+module Api
+  # Api controller responsible for CRUD operations for the Section model
+  class SectionsController < MainApiController
+    def create
+      section = current_course.sections.new(section_params)
+      if section.save
+        render 'shared/http_status',
+               locals: { code: '201', message: HttpStatusHelper::ERROR_CODE['message']['201'] }, status: :created
+      else
+        render 'shared/http_status', locals: { code: '422', message:
+          HttpStatusHelper::ERROR_CODE['message']['422'] }, status: :unprocessable_entity
+      end
+    end
+
+    def destroy
+      @section = record
+
+      if @section.has_students?
+        render 'shared/http_status',
+               locals: { code: :conflict, message: t('sections.destroy.not_empty') },
+               status: :conflict
+      else
+        @section.assessment_section_properties.each(&:destroy)
+        @section.destroy
+        render 'shared/http_status',
+               locals: { code: '200', message: t('sections.destroy.success') },
+               status: :ok
+      end
+    end
+
+    def section_params
+      params.require(:section).permit(:name)
+    end
+  end
+end

config/routes.rb

@@ -85,6 +85,7 @@
           get 'download_entries'
         end
       end
+      resources :sections, only: [:create, :destroy]
     end
     # Return a 404 when no route is match
     match '*path', controller: 'main_api', action: 'page_not_found', via: :all

spec/controllers/api/sections_controller_spec.rb

@@ -0,0 +1,51 @@
+describe Api::SectionsController do
+  include AutomatedTestsHelper
+
+  let(:section) { create :section }
+  let(:instructor) { create :instructor }
+  let(:course) { section.course }
+
+  context 'An unauthorized attempt' do
+    it 'fails to delete section' do
+      delete :destroy, params: { course_id: course.id, id: section }
+      expect(response).to have_http_status(403)
+      expect(course.sections.exists?(section.id)).to be_truthy
+    end
+  end
+
+  context 'An authorized attempt' do
+    before :each do
+      instructor.reset_api_key
+      request.env['HTTP_AUTHORIZATION'] = "MarkUsAuth #{instructor.api_key.strip}"
+    end
+
+    context 'POST create' do
+      it 'should create a new section when given the correct params' do
+        post :create, params: { course_id: course.id, section: { name: 'LEC0301' } }
+        expect(response).to have_http_status(201)
+        expect(course.sections.find_by(name: 'LEC0301').name).to eq('LEC0301')
+      end
+
+      it 'should throw a 422 error and not create a section with when given an invalid param' do
+        post :create, params: { course_id: course.id, section: { name: '' } }
+        expect(response).to have_http_status(422)
+        expect(course.sections.find_by(name: '')).to be_nil
+      end
+    end
+
+    context 'DELETE destroy' do
+      it 'successfully deletes section' do
+        delete :destroy, params: { course_id: course.id, id: section }
+        expect(response).to have_http_status(:ok)
+        expect(course.sections.exists?(section.id)).to be_falsey
+      end
+      it 'does not delete section because the section is non-empty (has students), with 403 code' do
+        student = create(:student)
+        section.students = [student]
+        delete :destroy, params: { course_id: course.id, id: section }
+        expect(response).to have_http_status(:conflict)
+        expect(course.sections.exists?(section.id)).to be_truthy
+      end
+    end
+  end
+end