nomisRev · jetbrains-junie · May 22, 2025
diff --git a/src/test/kotlin/io/github/nomisrev/routes/ArticlesRouteSpec.kt b/src/test/kotlin/io/github/nomisrev/routes/ArticlesRouteSpec.kt
@@ -12,6 +12,7 @@ import io.kotest.core.spec.style.StringSpec
 import io.ktor.client.call.body
 import io.ktor.client.plugins.resources.get
 import io.ktor.client.plugins.resources.post
+import io.ktor.client.plugins.resources.delete
 import io.ktor.client.request.bearerAuth
 import io.ktor.client.request.setBody
 import io.ktor.http.ContentType
@@ -179,4 +180,93 @@ class ArticlesRouteSpec :
         assert(response.status == HttpStatusCode.UnprocessableEntity)
       }
     }
+
+  "Can delete an article by slug when authenticated as the author" {
+    withServer { dependencies ->
+      val article =
+        dependencies.articleService
+          .createArticle(
+            CreateArticle(userId, validTitle, validDescription, validBody, validTags)
+          )
+          .shouldBeRight()
+
+      val response =
+        delete(ArticlesResource.Slug(slug = article.slug)) {
+          bearerAuth(token.value)
+        }
+
+      assert(response.status == HttpStatusCode.OK)
+
+      // Verify the article is deleted by trying to get it
+      val getResponse = get(ArticlesResource.Slug(slug = article.slug))
+      assert(getResponse.status == HttpStatusCode.UnprocessableEntity)
+      assert(
+        getResponse.body<GenericErrorModel>().errors.body == 
+          listOf("Article by slug ${article.slug} not found")
+      )
+    }
+  }
+
+  "Cannot delete an article when not authenticated" {
+    withServer { dependencies ->
+      val article =
+        dependencies.articleService
+          .createArticle(
+            CreateArticle(userId, validTitle, validDescription, validBody, validTags)
+          )
+          .shouldBeRight()
+
+      val response = delete(ArticlesResource.Slug(slug = article.slug))
+
+      assert(response.status == HttpStatusCode.Unauthorized)
+
+      // Verify the article still exists
+      val getResponse = get(ArticlesResource.Slug(slug = article.slug))
+      assert(getResponse.status == HttpStatusCode.OK)
+      assert(getResponse.body<SingleArticleResponse>().article.slug == article.slug)
+    }
+  }
+
+  "Cannot delete another user's article" {
+    withServer { dependencies ->
+      // Create another user
+      val otherUsername = "otheruser"
+      val otherEmail = "other@domain.com"
+      val otherPw = "123456789"
+
+      dependencies.userService
+        .register(RegisterUser(otherUsername, otherEmail, otherPw))
+        .shouldBeRight()
+
+      val otherToken =
+        dependencies.userService
+          .login(Login(otherEmail, otherPw))
+          .shouldBeRight()
+          .first
+
+      val otherUserId = dependencies.jwtService.verifyJwtToken(otherToken).shouldBeRight()
+
+      // Create an article as the other user
+      val article =
+        dependencies.articleService
+          .createArticle(
+            CreateArticle(otherUserId, validTitle, validDescription, validBody, validTags)
+          )
+          .shouldBeRight()
+
+      // Try to delete the article as the original user
+      val response =
+        delete(ArticlesResource.Slug(slug = article.slug)) {
+          bearerAuth(token.value)
+        }
+
+      // Should fail with 422 Unprocessable Entity
+      assert(response.status == HttpStatusCode.UnprocessableEntity)
+
+      // Verify the article still exists
+      val getResponse = get(ArticlesResource.Slug(slug = article.slug))
+      assert(getResponse.status == HttpStatusCode.OK)
+      assert(getResponse.body<SingleArticleResponse>().article.slug == article.slug)
+    }
+  }
   })