diff --git a/crates/api/src/admin_objects.rs b/crates/api/src/admin_objects.rs index ce0b302..8d3229b 100644 --- a/crates/api/src/admin_objects.rs +++ b/crates/api/src/admin_objects.rs @@ -494,10 +494,15 @@ pub(crate) async fn create_field_definition( Ok((StatusCode::CREATED, Json(CreatedField { key: new.key }))) } - Err(err) if err.as_database_error().and_then(|e| e.code()).as_deref() == Some("23505") => { - Err(StatusCode::CONFLICT) + Err(err) => { + match err.as_database_error().and_then(|e| e.code()).as_deref() { + // Duplicate `key` violates the unique index. + Some("23505") => Err(StatusCode::CONFLICT), + // Referenced vocabulary doesn't exist — client error, not server fault. + Some("23503") => Err(StatusCode::UNPROCESSABLE_ENTITY), + _ => Err(StatusCode::INTERNAL_SERVER_ERROR), + } } - Err(_) => Err(StatusCode::INTERNAL_SERVER_ERROR), } } diff --git a/crates/api/tests/admin_fields.rs b/crates/api/tests/admin_fields.rs index e7675a1..a6a9fe0 100644 --- a/crates/api/tests/admin_fields.rs +++ b/crates/api/tests/admin_fields.rs @@ -7,6 +7,26 @@ use http_body_util::BodyExt; use sqlx::PgPool; use tower::ServiceExt; +async fn post_json( + app: &axum::Router, + cookie: &str, + uri: &str, + body: &str, +) -> axum::http::Response { + app.clone() + .oneshot( + Request::builder() + .method("POST") + .uri(uri) + .header(header::COOKIE, cookie) + .header(header::CONTENT_TYPE, "application/json") + .body(Body::from(body.to_owned())) + .unwrap(), + ) + .await + .unwrap() +} + fn state(pool: PgPool) -> AppState { AppState { db: db::Db::from_pool(pool), @@ -65,18 +85,7 @@ async fn login(app: &axum::Router, email: &str, password: &str) -> String { } async fn post_field(app: &axum::Router, cookie: &str, body: &str) -> axum::http::Response { - app.clone() - .oneshot( - Request::builder() - .method("POST") - .uri("/api/admin/field-definitions") - .header(header::COOKIE, cookie) - .header(header::CONTENT_TYPE, "application/json") - .body(Body::from(body.to_owned())) - .unwrap(), - ) - .await - .unwrap() + post_json(app, cookie, "/api/admin/field-definitions", body).await } #[sqlx::test(migrations = "../db/migrations")] @@ -194,3 +203,84 @@ async fn duplicate_key_is_409(pool: PgPool) { StatusCode::CONFLICT ); } + +#[sqlx::test(migrations = "../db/migrations")] +async fn create_term_field_with_valid_vocabulary(pool: PgPool) { + migrate_sessions(&db::Db::from_pool(pool.clone())) + .await + .unwrap(); + + seed_user(&pool, "ed@example.com", "pw-editor-123", Role::Editor).await; + + let app = build_app(state(pool)); + let cookie = login(&app, "ed@example.com", "pw-editor-123").await; + + let vocab_resp = post_json( + &app, + &cookie, + "/api/admin/vocabularies", + r#"{"key":"material"}"#, + ) + .await; + + assert_eq!(vocab_resp.status(), StatusCode::CREATED); + + let vocab_body: serde_json::Value = + serde_json::from_slice(&vocab_resp.into_body().collect().await.unwrap().to_bytes()) + .unwrap(); + + let vocab_id = vocab_body["id"].as_str().unwrap(); + + let resp = post_field( + &app, + &cookie, + &format!( + r#"{{"key":"material_ref","data_type":"term","vocabulary_id":"{vocab_id}","required":false,"labels":[{{"lang":"en","label":"Material"}}]}}"# + ), + ) + .await; + + assert_eq!(resp.status(), StatusCode::CREATED); +} + +#[sqlx::test(migrations = "../db/migrations")] +async fn term_with_nonexistent_vocabulary_is_422(pool: PgPool) { + migrate_sessions(&db::Db::from_pool(pool.clone())) + .await + .unwrap(); + + seed_user(&pool, "ed@example.com", "pw-editor-123", Role::Editor).await; + + let app = build_app(state(pool)); + let cookie = login(&app, "ed@example.com", "pw-editor-123").await; + + let resp = post_field( + &app, + &cookie, + r#"{"key":"bad_ref","data_type":"term","vocabulary_id":"00000000-0000-0000-0000-000000000000","required":false,"labels":[{"lang":"en","label":"Bad"}]}"#, + ) + .await; + + assert_eq!(resp.status(), StatusCode::UNPROCESSABLE_ENTITY); +} + +#[sqlx::test(migrations = "../db/migrations")] +async fn create_authority_field(pool: PgPool) { + migrate_sessions(&db::Db::from_pool(pool.clone())) + .await + .unwrap(); + + seed_user(&pool, "ed@example.com", "pw-editor-123", Role::Editor).await; + + let app = build_app(state(pool)); + let cookie = login(&app, "ed@example.com", "pw-editor-123").await; + + let resp = post_field( + &app, + &cookie, + r#"{"key":"maker_ref","data_type":"authority","authority_kind":"person","required":false,"labels":[{"lang":"en","label":"Maker"}]}"#, + ) + .await; + + assert_eq!(resp.status(), StatusCode::CREATED); +}