adds endpoints to create & destroy categories from a post (#12)

app/controllers/v1/post_categories_controller.rb

@@ -0,0 +1,64 @@
+# frozen_string_literal: true
+
+class V1::PostCategoriesController < ApplicationController
+  before_action :authorize_request
+  before_action :can_add_category_to_post, only: %[create]
+  before_action :is_post_owner, only: %[destroy]
+
+  # POST /post_categories/
+  def create
+    new_obj = PostCategory.new(post_category_params)
+    if new_obj.save
+      render json: new_obj, status: :ok
+    else
+      render json: new_obj.errors, status: :unprocessable_entity
+    end
+  end
+
+  # GET /post_categories/{_post_id}/
+  def show
+    categories = PostCategory.where(post_id: params[:_post_id])
+    render json: categories.as_json(
+      include: { category: { only: [:verbose, :slug ] } },
+      except: [:post_id, :id, :updated_at]
+    ), status: :ok
+  end
+
+  # DELETE /post_categories/{_post_id}/?category_id=<category_id>
+  def destroy
+    if params[:category_id]
+      post_categories = PostCategory.where(
+        post_id: params[:_post_id],
+        category_id: params[:category_id]
+      )
+      if not post_categories.exists?
+        return render json: { errors: "Post doesn't belong to the given category" }, status: :not_found
+      end
+    else
+      post_categories = PostCategory.where(post_id: params[:_post_id])
+    end
+    post_categories.destroy_all
+    render json: {}, status: :no_content
+  end
+
+  private
+    def can_add_category_to_post
+      post = Post.find_by_id!(post_category_params[:post_id])
+      if post.user_id != @current_user.id
+        render json: { errors: "Action not allowed" }, status: :forbidden
+      end
+    rescue ActiveRecord::RecordNotFound
+      render json: { errors: "Post not found" }, status: :not_found
+    end
+    def is_post_owner
+      post = Post.find_by_id!(params[:_post_id])
+      if post.user_id != @current_user.id
+        render json: { errors: "Action not allowed" }, status: :forbidden
+      end
+    rescue ActiveRecord::RecordNotFound
+      render json: { errors: "Post not found" }, status: :not_found
+    end
+    def post_category_params
+      params.permit(:post_id, :category_id)
+    end
+end

app/models/post.rb

@@ -6,7 +6,6 @@ class Post < ApplicationRecord
   validates :image, presence: true
 
   belongs_to :user
-  has_many :categories, through: :post_categories
   has_many :post_comments, dependent: :destroy
   has_many :post_user_actions, dependent: :destroy
   has_one_attached :image

app/models/post_category.rb

@@ -1,6 +1,8 @@
 # frozen_string_literal: true
 
 class PostCategory < ApplicationRecord
+  validates :category, uniqueness: { scope: :post }
+
   belongs_to :post
   belongs_to :category
 end

config/routes.rb

@@ -15,6 +15,7 @@
     resources :post_user_actions, param: :_post_id
     resources :post_comments, param: :_id
     resources :post_comment_likes, param: :_post_comment_id
+    resources :post_categories, param: :_post_id
 
     # additional resource actions
     get "posts/:_id/publish/", to: "posts#publish"

test/controllers/v1/post_categories_controller_test.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require "test_helper"
+
+class V1::PostCategoriesControllerTest < ActionDispatch::IntegrationTest
+  # test "the truth" do
+  #   assert true
+  # end
+end