mod common; use axum::http::StatusCode; use serde_json::{json, Value}; use sqlx::PgPool; use tower::ServiceExt; use uuid::Uuid; use common::MultipartBuilder; async fn genre_id_named(app: &axum::Router, name: &str) -> String { let resp = app .clone() .oneshot(common::get("/api/v1/genres")) .await .unwrap(); assert_eq!(resp.status(), StatusCode::OK); let body = common::body_json(resp).await; body.as_array() .unwrap() .iter() .find(|g| g["name"].as_str() == Some(name)) .and_then(|g| g["id"].as_str().map(str::to_string)) .unwrap_or_else(|| panic!("expected seeded genre {name}")) } async fn create_manga( app: &axum::Router, cookie: &str, metadata: Value, ) -> Value { let resp = app .clone() .oneshot(common::post_multipart_with_cookie( "/api/v1/mangas", MultipartBuilder::new().add_json("metadata", metadata), cookie, )) .await .unwrap(); assert_eq!( resp.status(), StatusCode::CREATED, "create_manga failed: {:?}", resp.status() ); common::body_json(resp).await } fn id_of(body: &Value) -> Uuid { Uuid::parse_str(body["id"].as_str().unwrap()).unwrap() } #[sqlx::test(migrations = "./migrations")] async fn create_returns_enriched_detail_with_defaults(pool: PgPool) { let h = common::harness(pool); let (_, cookie) = common::register_user(&h.app).await; let body = create_manga(&h.app, &cookie, json!({ "title": "Solo Manga" })).await; assert_eq!(body["title"], "Solo Manga"); assert_eq!(body["status"], "ongoing"); assert_eq!(body["alt_titles"], json!([])); assert_eq!(body["authors"], json!([])); assert_eq!(body["genres"], json!([])); assert_eq!(body["tags"], json!([])); } #[sqlx::test(migrations = "./migrations")] async fn create_with_full_metadata_roundtrips(pool: PgPool) { let h = common::harness(pool); let (_, cookie) = common::register_user(&h.app).await; let action_id = genre_id_named(&h.app, "Action").await; let fantasy_id = genre_id_named(&h.app, "Fantasy").await; let body = create_manga( &h.app, &cookie, json!({ "title": "Berserk", "status": "completed", "authors": ["Kentaro Miura", "Studio Gaga"], "alt_titles": ["ベルセルク"], "genre_ids": [action_id, fantasy_id], "description": "Guts wields a big sword." }), ) .await; assert_eq!(body["status"], "completed"); assert_eq!(body["alt_titles"], json!(["ベルセルク"])); let authors: Vec<&str> = body["authors"] .as_array() .unwrap() .iter() .map(|a| a["name"].as_str().unwrap()) .collect(); assert_eq!(authors, vec!["Kentaro Miura", "Studio Gaga"]); let genres: Vec<&str> = body["genres"] .as_array() .unwrap() .iter() .map(|g| g["name"].as_str().unwrap()) .collect(); assert_eq!(genres, vec!["Action", "Fantasy"]); // GET /mangas/:id returns the same shape. let id = id_of(&body); let resp = h .app .oneshot(common::get(&format!("/api/v1/mangas/{id}"))) .await .unwrap(); let detail = common::body_json(resp).await; assert_eq!(detail["status"], "completed"); assert_eq!(detail["authors"].as_array().unwrap().len(), 2); } #[sqlx::test(migrations = "./migrations")] async fn invalid_status_rejected_with_422(pool: PgPool) { let h = common::harness(pool); let (_, cookie) = common::register_user(&h.app).await; let resp = h .app .oneshot(common::post_multipart_with_cookie( "/api/v1/mangas", MultipartBuilder::new() .add_json("metadata", json!({ "title": "Foo", "status": "hiatus" })), &cookie, )) .await .unwrap(); assert_eq!(resp.status(), StatusCode::UNPROCESSABLE_ENTITY); let body = common::body_json(resp).await; assert_eq!(body["error"]["code"], "validation_failed"); assert!(body["error"]["details"]["status"].is_string()); } #[sqlx::test(migrations = "./migrations")] async fn unknown_genre_id_rejected_with_422(pool: PgPool) { let h = common::harness(pool); let (_, cookie) = common::register_user(&h.app).await; let unknown = Uuid::new_v4(); let resp = h .app .oneshot(common::post_multipart_with_cookie( "/api/v1/mangas", MultipartBuilder::new().add_json( "metadata", json!({ "title": "Foo", "genre_ids": [unknown.to_string()] }), ), &cookie, )) .await .unwrap(); assert_eq!(resp.status(), StatusCode::UNPROCESSABLE_ENTITY); let body = common::body_json(resp).await; assert_eq!(body["error"]["code"], "validation_failed"); } #[sqlx::test(migrations = "./migrations")] async fn author_dedups_case_insensitively(pool: PgPool) { let h = common::harness(pool); let (_, cookie) = common::register_user(&h.app).await; let a = create_manga( &h.app, &cookie, json!({ "title": "Berserk", "authors": ["Kentaro Miura"] }), ) .await; let b = create_manga( &h.app, &cookie, json!({ "title": "Berserk Prelude", "authors": ["kentaro miura"] }), ) .await; // Both mangas resolve the same author id even though the casing differed. let id_a = a["authors"][0]["id"].as_str().unwrap(); let id_b = b["authors"][0]["id"].as_str().unwrap(); assert_eq!(id_a, id_b); } #[sqlx::test(migrations = "./migrations")] async fn filter_by_status_returns_only_matches(pool: PgPool) { let h = common::harness(pool); let (_, cookie) = common::register_user(&h.app).await; let _ongoing = create_manga(&h.app, &cookie, json!({ "title": "Ongoing One" })).await; let _done = create_manga( &h.app, &cookie, json!({ "title": "Wrapped Up", "status": "completed" }), ) .await; let resp = h .app .oneshot(common::get("/api/v1/mangas?status=completed")) .await .unwrap(); let body = common::body_json(resp).await; let titles: Vec<&str> = body["items"] .as_array() .unwrap() .iter() .map(|m| m["title"].as_str().unwrap()) .collect(); assert_eq!(titles, vec!["Wrapped Up"]); assert_eq!(body["page"]["total"], 1); } #[sqlx::test(migrations = "./migrations")] async fn filter_by_multiple_genres_is_and(pool: PgPool) { let h = common::harness(pool); let (_, cookie) = common::register_user(&h.app).await; let action = genre_id_named(&h.app, "Action").await; let fantasy = genre_id_named(&h.app, "Fantasy").await; let comedy = genre_id_named(&h.app, "Comedy").await; let _both = create_manga( &h.app, &cookie, json!({ "title": "Action+Fantasy", "genre_ids": [action.clone(), fantasy.clone()] }), ) .await; let _action_only = create_manga( &h.app, &cookie, json!({ "title": "Action Only", "genre_ids": [action.clone()] }), ) .await; let _other = create_manga( &h.app, &cookie, json!({ "title": "Comedy Only", "genre_ids": [comedy] }), ) .await; let url = format!("/api/v1/mangas?genre_id={action},{fantasy}"); let resp = h.app.oneshot(common::get(&url)).await.unwrap(); let body = common::body_json(resp).await; let titles: Vec<&str> = body["items"] .as_array() .unwrap() .iter() .map(|m| m["title"].as_str().unwrap()) .collect(); // Only the manga tagged with BOTH genres matches — pure AND. assert_eq!(titles, vec!["Action+Fantasy"]); } #[sqlx::test(migrations = "./migrations")] async fn filter_by_author_id_matches_only_works_by_that_author(pool: PgPool) { let h = common::harness(pool); let (_, cookie) = common::register_user(&h.app).await; let miura_manga = create_manga( &h.app, &cookie, json!({ "title": "Berserk", "authors": ["Kentaro Miura"] }), ) .await; let miura_id = miura_manga["authors"][0]["id"].as_str().unwrap(); let _oda = create_manga( &h.app, &cookie, json!({ "title": "One Piece", "authors": ["Eiichiro Oda"] }), ) .await; let resp = h .app .oneshot(common::get(&format!("/api/v1/mangas?author_id={miura_id}"))) .await .unwrap(); let body = common::body_json(resp).await; let titles: Vec<&str> = body["items"] .as_array() .unwrap() .iter() .map(|m| m["title"].as_str().unwrap()) .collect(); assert_eq!(titles, vec!["Berserk"]); } #[sqlx::test(migrations = "./migrations")] async fn patch_updates_status_authors_and_genres(pool: PgPool) { let h = common::harness(pool); let (_, cookie) = common::register_user(&h.app).await; let drama = genre_id_named(&h.app, "Drama").await; let created = create_manga( &h.app, &cookie, json!({ "title": "WIP", "authors": ["Old Name"] }), ) .await; let id = id_of(&created); let resp = h .app .oneshot(common::patch_json_with_cookie( &format!("/api/v1/mangas/{id}"), json!({ "status": "completed", "authors": ["Old Name", "New Coauthor"], "genre_ids": [drama] }), &cookie, )) .await .unwrap(); assert_eq!(resp.status(), StatusCode::OK); let body = common::body_json(resp).await; assert_eq!(body["status"], "completed"); let names: Vec<&str> = body["authors"] .as_array() .unwrap() .iter() .map(|a| a["name"].as_str().unwrap()) .collect(); assert_eq!(names, vec!["Old Name", "New Coauthor"]); assert_eq!(body["genres"][0]["name"], "Drama"); } #[sqlx::test(migrations = "./migrations")] async fn patch_404_on_unknown_id(pool: PgPool) { let h = common::harness(pool); let (_, cookie) = common::register_user(&h.app).await; let resp = h .app .oneshot(common::patch_json_with_cookie( &format!("/api/v1/mangas/{}", Uuid::new_v4()), json!({ "status": "completed" }), &cookie, )) .await .unwrap(); assert_eq!(resp.status(), StatusCode::NOT_FOUND); } #[sqlx::test(migrations = "./migrations")] async fn filter_by_unknown_uuid_returns_empty_not_error(pool: PgPool) { let h = common::harness(pool); let (_, cookie) = common::register_user(&h.app).await; let _ = create_manga(&h.app, &cookie, json!({ "title": "Anything" })).await; let unknown = Uuid::new_v4(); let resp = h .app .oneshot(common::get(&format!("/api/v1/mangas?genre_id={unknown}"))) .await .unwrap(); assert_eq!(resp.status(), StatusCode::OK); let body = common::body_json(resp).await; assert_eq!(body["items"], json!([])); assert_eq!(body["page"]["total"], 0); } #[sqlx::test(migrations = "./migrations")] async fn filter_combining_status_author_genre_and_tag_is_and(pool: PgPool) { let h = common::harness(pool); let (_, cookie) = common::register_user(&h.app).await; let action = genre_id_named(&h.app, "Action").await; // The "winner" matches every facet; the other rows each miss at // least one so the combined filter must reject them. let winner = create_manga( &h.app, &cookie, json!({ "title": "Winner", "status": "completed", "authors": ["Solo Author"], "genre_ids": [action.clone()], }), ) .await; let solo_author_id = winner["authors"][0]["id"].as_str().unwrap().to_string(); let winner_id = id_of(&winner); let _missing_status = create_manga( &h.app, &cookie, json!({ "title": "Wrong Status", "authors": ["Solo Author"], "genre_ids": [action.clone()], }), ) .await; let _missing_author = create_manga( &h.app, &cookie, json!({ "title": "Wrong Author", "status": "completed", "authors": ["Other"], "genre_ids": [action.clone()], }), ) .await; let _missing_genre = create_manga( &h.app, &cookie, json!({ "title": "Missing Genre", "status": "completed", "authors": ["Solo Author"], }), ) .await; // Attach a tag to the winner so we can hit all four facets at once. let tag_attach = h .app .clone() .oneshot(common::post_json_with_cookie( &format!("/api/v1/mangas/{winner_id}/tags"), json!({ "name": "Pinned" }), &cookie, )) .await .unwrap(); let tag_id = common::body_json(tag_attach).await["id"].as_str().unwrap().to_string(); let url = format!( "/api/v1/mangas?status=completed&author_id={solo_author_id}&genre_id={action}&tag_id={tag_id}" ); let resp = h.app.oneshot(common::get(&url)).await.unwrap(); assert_eq!(resp.status(), StatusCode::OK); let body = common::body_json(resp).await; let titles: Vec<&str> = body["items"] .as_array() .unwrap() .iter() .map(|m| m["title"].as_str().unwrap()) .collect(); assert_eq!(titles, vec!["Winner"]); assert_eq!(body["page"]["total"], 1); } #[sqlx::test(migrations = "./migrations")] async fn duplicate_genre_ids_accepted_not_treated_as_unknown(pool: PgPool) { let h = common::harness(pool); let (_, cookie) = common::register_user(&h.app).await; let action = genre_id_named(&h.app, "Action").await; let body = create_manga( &h.app, &cookie, json!({ "title": "Dup Genres", "genre_ids": [action.clone(), action] }), ) .await; // The repeated id resolves to a single attachment (the join table // de-dupes via the composite PK + `ON CONFLICT DO NOTHING`), so // the response carries one genre, not two. let names: Vec<&str> = body["genres"] .as_array() .unwrap() .iter() .map(|g| g["name"].as_str().unwrap()) .collect(); assert_eq!(names, vec!["Action"]); } #[sqlx::test(migrations = "./migrations")] async fn patch_explicit_null_description_clears_it(pool: PgPool) { let h = common::harness(pool); let (_, cookie) = common::register_user(&h.app).await; let created = create_manga( &h.app, &cookie, json!({ "title": "With desc", "description": "Original" }), ) .await; let id = id_of(&created); assert_eq!(created["description"], "Original"); let resp = h .app .oneshot(common::patch_json_with_cookie( &format!("/api/v1/mangas/{id}"), json!({ "description": null }), &cookie, )) .await .unwrap(); assert_eq!(resp.status(), StatusCode::OK); let body = common::body_json(resp).await; assert!(body["description"].is_null(), "expected description cleared"); } #[sqlx::test(migrations = "./migrations")] async fn patch_omitting_description_leaves_it_alone(pool: PgPool) { let h = common::harness(pool); let (_, cookie) = common::register_user(&h.app).await; let created = create_manga( &h.app, &cookie, json!({ "title": "With desc", "description": "Keep me" }), ) .await; let id = id_of(&created); let resp = h .app .oneshot(common::patch_json_with_cookie( &format!("/api/v1/mangas/{id}"), json!({ "status": "completed" }), &cookie, )) .await .unwrap(); assert_eq!(resp.status(), StatusCode::OK); let body = common::body_json(resp).await; assert_eq!(body["description"], "Keep me"); assert_eq!(body["status"], "completed"); } #[sqlx::test(migrations = "./migrations")] async fn patch_empty_alt_titles_clears_them(pool: PgPool) { let h = common::harness(pool); let (_, cookie) = common::register_user(&h.app).await; let created = create_manga( &h.app, &cookie, json!({ "title": "Has alts", "alt_titles": ["a", "b"] }), ) .await; let id = id_of(&created); assert_eq!(created["alt_titles"], json!(["a", "b"])); let resp = h .app .oneshot(common::patch_json_with_cookie( &format!("/api/v1/mangas/{id}"), json!({ "alt_titles": [] }), &cookie, )) .await .unwrap(); let body = common::body_json(resp).await; assert_eq!(body["alt_titles"], json!([])); } #[sqlx::test(migrations = "./migrations")] async fn patch_requires_authentication(pool: PgPool) { let h = common::harness(pool); let (_, cookie) = common::register_user(&h.app).await; let created = create_manga(&h.app, &cookie, json!({ "title": "Auth Check" })).await; let id = id_of(&created); let resp = h .app .oneshot(common::patch_json( &format!("/api/v1/mangas/{id}"), json!({ "status": "completed" }), )) .await .unwrap(); assert_eq!(resp.status(), StatusCode::UNAUTHORIZED); }