- Get logged in user profile #7

- Update logged in user profile #9

Author: joselfonseca

app/Entities/User.php

@@ -39,13 +39,18 @@ class User extends Authenticatable
     ];
 
     /**
-     * Set the user's password
-     *
-     * @param  string  $value
-     * @return void
+     * @param array $attributes
+     * @return \Illuminate\Database\Eloquent\Model
      */
-    public function setPasswordAttribute($value)
+    public static function create(array $attributes = [])
     {
-        $this->attributes['password'] = bcrypt($value);
+
+        if(array_key_exists('password', $attributes)) {
+            $attributes['password'] = bcrypt($attributes['password']);
+        }
+
+        $model = static::query()->create($attributes);
+
+        return $model;
     }
 }

app/Http/Controllers/Api/Users/ProfileController.php

@@ -0,0 +1,51 @@
+<?php
+
+namespace App\Http\Controllers\Api\Users;
+
+use Illuminate\Http\Request;
+use Dingo\Api\Routing\Helpers;
+use App\Http\Controllers\Controller;
+use Illuminate\Support\Facades\Auth;
+use App\Transformers\Users\UserTransformer;
+
+/**
+ * Class ProfileController
+ * @package App\Http\Controllers\Api\Users
+ */
+class ProfileController extends Controller
+{
+
+    use Helpers;
+
+    /**
+     * @return \Dingo\Api\Http\Response
+     */
+    public function index()
+    {
+        return $this->response->item(Auth::user(), new UserTransformer());
+    }
+
+    /**
+     * @param Request $request
+     * @return \Dingo\Api\Http\Response
+     */
+    public function update(Request $request)
+    {
+        $user = Auth::user();
+        $rules = [
+            'name' => 'required',
+            'email' => 'required|email|unique:users,email,'.$user->id,
+        ];
+        if($request->method() == "PATCH") {
+            $rules = [
+                'name' => 'sometimes|required',
+                'email' => 'sometimes|required|email|unique:users,email,'.$user->id,
+            ];
+        }
+        $this->validate($request, $rules);
+        // Except password as we don't want to let the users change a password from this endpoint
+        $user->update($request->except('_token', 'password'));
+        return $this->response->item($user->fresh(), new UserTransformer());
+    }
+
+}

docs/api/blueprint/dataStructures/users.apib

@@ -21,7 +21,6 @@
 
 ## User Update (object)
 - name: `Jhon Doe` (string, optional)
-- email: `[email protected]` (string, optional)
 
 ## User Update Full (object)
 - name: `Jhon Doe` (string, required)

docs/api/blueprint/routes/profile.apib

@@ -0,0 +1,80 @@
+## Users profile [/api/me]
+
+### Get logged in user profile [GET]
+
++ Request (application/vnd.api.v1+json)
+
+    + Headers
+                
+            Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjBlOGVhOGY0YWY2Yjg3NzU0YjZjZDBjNjdkNzBmMjdhYTZkMmRjNjU3YzIwYTU0MjQ3NWRlZGU4Y2VkNTc1N2IwZDcwMWFmNTAyMGU4MGE4In0.eyJhdWQiOiIxIiwianRpIjoiMGU4ZWE4ZjRhZjZiODc3NTRiNmNkMGM2N2Q3MGYyN2FhNmQyZGM2NTdjMjBhNTQyNDc1ZGVkZThjZWQ1NzU3YjBkNzAxYWY1MDIwZTgwYTgiLCJpYXQiOjE0NzYyOTk1NTQsIm5iZiI6MTQ3NjI5OTU1NCwiZXhwIjoxNDc3NTk1NTU0LCJzdWIiOiIxIiwic2NvcGVzIjpbXX0.gTOotTVp2eF_HvuW48ngGqdly4bocNMlvY0al0YmYPJ_tjBQYegE4AjtCH2bWUf9aUz8tQqhMr2UFae3JV6VDQC9VzoGK8gU_nulM0BkqaCCxadqrw_slcd4he9hT0FE3WshvdZKcmgaVovgrI2-sAnX3n749BiWtWLEpw6x-TdEHEVcW6uRfRWyrwKhPBfOk-hXpgbecgT8LYdBW531P1ryjSJzzi5zBEe0Ecbp9Lo-fV69AW8ZBnG1DBjzxW-hvE0rRLXXnI4-f9rbQfK6QUzfG3Dg2INexcKxu9sQ3Vn5wHhQyu4_nTNQh8rsgphdAqFnEo-FQZrRWejkKbOi_BcpQybaXNn7Qln-96QF6PAzT-2E08VmL4XeVNcSvmM1sPVwirnSXo4UIFSsHvvIdVfEYEXD8XDonlnVO74RgBDMXWs6xo7dmDNaqQxKt9J_s_xtmyM3w62C4QucKw7MY0zOqviEyXySbrYbgazO_Pl1--GXtksE8tVMW8OW6Y8fw0JE0GEd5hZVadR277A5164QAJhiGXI_mKNTtUZVNaj0JpKEQpu4tod_BJR_DxzvcpKHwc1YrfrPOul6mL4kZeafkehPe79jxrCXKgKEuGlgSFcyrXUNCtME9LxsMID6QpJ-tfx4i0jqjixd_smqpjPPYqhPuqhox3uMLcDgM6s
+
++ Response 200 (application/json)
+
+    + Attributes
+        + data (User Object)
+
++ Response 401 (application/json)
+
+    + Attributes (Error 401)
+
++ Response 403 (application/json)
+
+    + Attributes (Error 403)
+
++ Response 404 (application/json)
+
+    + Attributes (Error 404)
+    
+### Full update logged in user profile [PUT]
+
++ Request (application/vnd.api.v1+json)
+
+    + Headers
+                
+            Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjBlOGVhOGY0YWY2Yjg3NzU0YjZjZDBjNjdkNzBmMjdhYTZkMmRjNjU3YzIwYTU0MjQ3NWRlZGU4Y2VkNTc1N2IwZDcwMWFmNTAyMGU4MGE4In0.eyJhdWQiOiIxIiwianRpIjoiMGU4ZWE4ZjRhZjZiODc3NTRiNmNkMGM2N2Q3MGYyN2FhNmQyZGM2NTdjMjBhNTQyNDc1ZGVkZThjZWQ1NzU3YjBkNzAxYWY1MDIwZTgwYTgiLCJpYXQiOjE0NzYyOTk1NTQsIm5iZiI6MTQ3NjI5OTU1NCwiZXhwIjoxNDc3NTk1NTU0LCJzdWIiOiIxIiwic2NvcGVzIjpbXX0.gTOotTVp2eF_HvuW48ngGqdly4bocNMlvY0al0YmYPJ_tjBQYegE4AjtCH2bWUf9aUz8tQqhMr2UFae3JV6VDQC9VzoGK8gU_nulM0BkqaCCxadqrw_slcd4he9hT0FE3WshvdZKcmgaVovgrI2-sAnX3n749BiWtWLEpw6x-TdEHEVcW6uRfRWyrwKhPBfOk-hXpgbecgT8LYdBW531P1ryjSJzzi5zBEe0Ecbp9Lo-fV69AW8ZBnG1DBjzxW-hvE0rRLXXnI4-f9rbQfK6QUzfG3Dg2INexcKxu9sQ3Vn5wHhQyu4_nTNQh8rsgphdAqFnEo-FQZrRWejkKbOi_BcpQybaXNn7Qln-96QF6PAzT-2E08VmL4XeVNcSvmM1sPVwirnSXo4UIFSsHvvIdVfEYEXD8XDonlnVO74RgBDMXWs6xo7dmDNaqQxKt9J_s_xtmyM3w62C4QucKw7MY0zOqviEyXySbrYbgazO_Pl1--GXtksE8tVMW8OW6Y8fw0JE0GEd5hZVadR277A5164QAJhiGXI_mKNTtUZVNaj0JpKEQpu4tod_BJR_DxzvcpKHwc1YrfrPOul6mL4kZeafkehPe79jxrCXKgKEuGlgSFcyrXUNCtME9LxsMID6QpJ-tfx4i0jqjixd_smqpjPPYqhPuqhox3uMLcDgM6s
+    
+    + Attributes (User Update Full)
+    
++ Response 200 (application/json)
+
+    + Attributes
+        + data (User Object)
+
++ Response 401 (application/json)
+
+    + Attributes (Error 401)
+
++ Response 403 (application/json)
+
+    + Attributes (Error 403)
+
++ Response 404 (application/json)
+
+    + Attributes (Error 404)
+
+### Partial update logged in user profile [PATCH]
+
++ Request (application/vnd.api.v1+json)
+
+    + Headers
+                
+            Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjBlOGVhOGY0YWY2Yjg3NzU0YjZjZDBjNjdkNzBmMjdhYTZkMmRjNjU3YzIwYTU0MjQ3NWRlZGU4Y2VkNTc1N2IwZDcwMWFmNTAyMGU4MGE4In0.eyJhdWQiOiIxIiwianRpIjoiMGU4ZWE4ZjRhZjZiODc3NTRiNmNkMGM2N2Q3MGYyN2FhNmQyZGM2NTdjMjBhNTQyNDc1ZGVkZThjZWQ1NzU3YjBkNzAxYWY1MDIwZTgwYTgiLCJpYXQiOjE0NzYyOTk1NTQsIm5iZiI6MTQ3NjI5OTU1NCwiZXhwIjoxNDc3NTk1NTU0LCJzdWIiOiIxIiwic2NvcGVzIjpbXX0.gTOotTVp2eF_HvuW48ngGqdly4bocNMlvY0al0YmYPJ_tjBQYegE4AjtCH2bWUf9aUz8tQqhMr2UFae3JV6VDQC9VzoGK8gU_nulM0BkqaCCxadqrw_slcd4he9hT0FE3WshvdZKcmgaVovgrI2-sAnX3n749BiWtWLEpw6x-TdEHEVcW6uRfRWyrwKhPBfOk-hXpgbecgT8LYdBW531P1ryjSJzzi5zBEe0Ecbp9Lo-fV69AW8ZBnG1DBjzxW-hvE0rRLXXnI4-f9rbQfK6QUzfG3Dg2INexcKxu9sQ3Vn5wHhQyu4_nTNQh8rsgphdAqFnEo-FQZrRWejkKbOi_BcpQybaXNn7Qln-96QF6PAzT-2E08VmL4XeVNcSvmM1sPVwirnSXo4UIFSsHvvIdVfEYEXD8XDonlnVO74RgBDMXWs6xo7dmDNaqQxKt9J_s_xtmyM3w62C4QucKw7MY0zOqviEyXySbrYbgazO_Pl1--GXtksE8tVMW8OW6Y8fw0JE0GEd5hZVadR277A5164QAJhiGXI_mKNTtUZVNaj0JpKEQpu4tod_BJR_DxzvcpKHwc1YrfrPOul6mL4kZeafkehPe79jxrCXKgKEuGlgSFcyrXUNCtME9LxsMID6QpJ-tfx4i0jqjixd_smqpjPPYqhPuqhox3uMLcDgM6s
+    
+    + Attributes (User Update)
+    
++ Response 200 (application/json)
+
+    + Attributes
+        + data (User Object)
+
++ Response 401 (application/json)
+
+    + Attributes (Error 401)
+
++ Response 403 (application/json)
+
+    + Attributes (Error 403)
+
++ Response 404 (application/json)
+
+    + Attributes (Error 404)

docs/api/blueprint/routes/users.apib

@@ -203,4 +203,5 @@ This endpoint will allow you to delete a user from the system
     + Attributes (Error 404)
 
 <!-- include(roles.apib) -->
-<!-- include(permissions.apib) -->
+<!-- include(permissions.apib) -->
+<!-- include(profile.apib) -->

resources/views/apidocs.blade.php

@@ -30,6 +30,12 @@
 
             $api->get('permissions', 'Api\Users\PermissionsController@index');
 
+            $api->group(['prefix' => 'me'], function($api) {
+                $api->get('/', 'Api\Users\ProfileController@index');
+                $api->put('/', 'Api\Users\ProfileController@update');
+                $api->patch('/', 'Api\Users\ProfileController@update');
+            });
+
         });
 
     });

routes/api.php

@@ -0,0 +1,95 @@
+<?php
+
+namespace Tests\Feature\Users;
+
+use Tests\TestCase;
+use App\Entities\User;
+use Laravel\Passport\Passport;
+use Illuminate\Foundation\Testing\DatabaseMigrations;
+
+class ProfileEndpointsTest extends TestCase
+{
+
+    use DatabaseMigrations;
+
+    function setUp()
+    {
+        parent::setUp();
+        $this->installApp();
+    }
+
+    function test_it_gets_user_profile()
+    {
+        Passport::actingAs(User::first());
+        $response = $this->json('GET', 'api/me');
+        $response->assertStatus(200);
+        $response->assertJson([
+            'data' => [
+                'name' => 'Jose Fonseca',
+                'email' => '[email protected]',
+                'roles' => []
+            ]
+        ]);
+    }
+
+    function test_it_can_update_logged_user_profile_all_entity()
+    {
+        Passport::actingAs(User::first());
+        $response = $this->json('PUT', '/api/me', [
+            'name' => 'Jose Fonseca Edited',
+            'email' => '[email protected]'
+        ]);
+        $response->assertStatus(200);
+        $this->assertDatabaseHas('users', [
+            'name' => 'Jose Fonseca Edited',
+            'email' => '[email protected]',
+        ]);
+        $response->assertJson([
+            'data' => [
+                'name' => 'Jose Fonseca Edited',
+                'email' => '[email protected]',
+                'roles' => []
+            ]
+        ]);
+    }
+
+    function test_it_can_update_profile_partial_entity()
+    {
+        Passport::actingAs(User::first());
+        $response = $this->json('PATCH', '/api/me', [
+            'name' => 'Jose Fonseca Edited'
+        ]);
+        $response->assertStatus(200);
+        $this->assertDatabaseHas('users', [
+            'name' => 'Jose Fonseca Edited',
+            'email' => '[email protected]',
+        ]);
+        $response->assertJson([
+            'data' => [
+                'name' => 'Jose Fonseca Edited',
+                'email' => '[email protected]',
+                'roles' => []
+            ]
+        ]);
+    }
+
+    function test_it_validates_input_for_update_profile()
+    {
+        Passport::actingAs(User::first());
+        $response = $this->json('PATCH', '/api/me', [
+            'name' => ''
+        ]);
+        $response->assertStatus(422);
+    }
+
+    function test_it_validates_input_for_email_on_update_profile()
+    {
+        Passport::actingAs(User::first());
+        $user = factory(User::class)->create();
+        $response = $this->json('PATCH', '/api/me', [
+            'email' => $user->email
+        ]);
+        $response->assertStatus(422);
+    }
+
+}