API: Let hide endpoint take payload as documented and act according to it

app/controllers/api/v1/post_interactions_controller.rb

@@ -24,9 +24,17 @@ module Api
       end
 
       def hide
+        return render_error(422, "Missing parameter") if params[:hide].nil?
+
         post = find_post
-        current_user.toggle_hidden_shareable(post)
+        hidden = current_user.is_shareable_hidden?(post)
-        head :no_content
+
+        if (params[:hide] && !hidden) || (!params[:hide] && hidden)
+          current_user.toggle_hidden_shareable(post)
+          head :no_content
+        else
+          render_error(params[:hide] ? 409 : 410, params[:hide] ? "Post already hidden" : "Post not hidden")
+        end
       end
 
       def mute

spec/integration/api/post_interactions_controller_spec.rb

@@ -25,6 +25,7 @@ describe Api::V1::PostInteractionsController do
   let!(:access_token_public_only) { auth_public_only.create_access_token.to_s }
   let!(:access_token_minimum_scopes) { auth_minimum_scopes.create_access_token.to_s }
   let(:invalid_token) { SecureRandom.hex(9) }
+  let(:headers) { {"Authorization" => "Bearer #{access_token}"} }
 
   before do
     @status = alice.post(
@@ -118,17 +119,42 @@ describe Api::V1::PostInteractionsController do
   end
 
   describe "#hide" do
+    def hidden_shareables_count
+      auth.user.reload.hidden_shareables.values.map(&:size).inject(0, :+)
+    end
+
     context "succeeds" do
       it "with proper guid and access token" do
-        hidden_count = auth.user.hidden_shareables.count
+        hidden_count = hidden_shareables_count
         post(
           api_v1_post_hide_path(@status.guid),
-          params: {
+          as:      :json,
-            access_token: access_token
+          headers: headers,
-          }
+          params:  {hide: true}
         )
         expect(response.status).to eq(204)
-        expect(auth.user.reload.hidden_shareables.count).to eq(hidden_count + 1)
+        expect(hidden_shareables_count).to eq(hidden_count + 1)
+      end
+
+      it "to unhide a post" do
+        hidden_count = hidden_shareables_count
+        post(
+          api_v1_post_hide_path(@status.guid),
+          as:      :json,
+          headers: headers,
+          params:  {hide: true}
+        )
+        expect(response.status).to eq(204)
+        expect(hidden_shareables_count).to eq(hidden_count + 1)
+
+        post(
+          api_v1_post_hide_path(@status.guid),
+          as:      :json,
+          headers: headers,
+          params:  {hide: false}
+        )
+        expect(response.status).to eq(204)
+        expect(hidden_shareables_count).to eq(hidden_count)
       end
     end
 
@@ -136,19 +162,56 @@ describe Api::V1::PostInteractionsController do
       it "with improper guid" do
         post(
           api_v1_post_hide_path("999_999_999"),
-          params: {
+          as:      :json,
-            access_token: access_token
+          headers: headers,
-          }
+          params:  {hide: true}
         )
         confirm_api_error(response, 404, "Post with provided guid could not be found")
       end
 
+      it "without hide param" do
+        post(
+          api_v1_post_hide_path(@status.guid),
+          as:      :json,
+          headers: headers
+        )
+        confirm_api_error(response, 422, "Missing parameter")
+      end
+
+      it "hiding already hidden post" do
+        post(
+          api_v1_post_hide_path(@status.guid),
+          as:      :json,
+          headers: headers,
+          params:  {hide: true}
+        )
+        expect(response.status).to eq(204)
+
+        post(
+          api_v1_post_hide_path(@status.guid),
+          as:      :json,
+          headers: headers,
+          params:  {hide: true}
+        )
+        confirm_api_error(response, 409, "Post already hidden")
+      end
+
+      it "unhiding not hidden post" do
+        post(
+          api_v1_post_hide_path(@status.guid),
+          as:      :json,
+          headers: headers,
+          params:  {hide: false}
+        )
+        confirm_api_error(response, 410, "Post not hidden")
+      end
+
       it "with insufficient token" do
         post(
           api_v1_post_hide_path(@status.guid),
-          params: {
+          as:      :json,
-            access_token: access_token_minimum_scopes
+          headers: {"Authorization" => "Bearer #{access_token_minimum_scopes}"},
-          }
+          params:  {hide: true}
         )
         expect(response.status).to eq(403)
       end
@@ -156,9 +219,9 @@ describe Api::V1::PostInteractionsController do
       it "on private post without private token" do
         post(
           api_v1_post_hide_path(@shared_post.guid),
-          params: {
+          as:      :json,
-            access_token: access_token_public_only
+          headers: {"Authorization" => "Bearer #{access_token_public_only}"},
-          }
+          params:  {hide: true}
         )
         expect(response.status).to eq(404)
       end
@@ -166,9 +229,9 @@ describe Api::V1::PostInteractionsController do
       it "with invalid token" do
         post(
           api_v1_post_hide_path(@status.guid),
-          params: {
+          as:      :json,
-            access_token: invalid_token
+          headers: {"Authorization" => "Bearer #{invalid_token}"},
-          }
+          params:  {hide: true}
         )
         expect(response.status).to eq(401)
       end