Update, Delete Reviews

Signed-off-by: Ashish0077 <ashish007722@gmail.com>

controllers/reviews.js

@@ -72,8 +72,67 @@ const addReview = asyncHandler(async (req, res, next) => {
   });
 });
 
+/* 
+    @desc    Update Review
+    @route   PUT /api/v1/reviews/:id
+    @access  Private
+*/
+const updateReview = asyncHandler(async (req, res, next) => {
+  let review = await Review.findById(req.params.id);
+
+  if (!review) {
+    return next(
+      new ErrorResponse(`Review not found with ID: ${req.params.id}`, 404)
+    );
+  }
+
+  // Make sure review belongs to User or user is admin
+  if (review.user != req.user.id && req.user.role != "admin") {
+    return next(new ErrorResponse(`Not Authorized to update this review`, 401));
+  }
+
+  review = await Review.findByIdAndUpdate(req.params.id, req.body, {
+    new: true,
+    runValidators: true
+  });
+
+  res.status(200).json({
+    success: true,
+    data: review
+  });
+});
+
+/* 
+    @desc    Delete Review
+    @route   Delete /api/v1/reviews/:id
+    @access  Private
+*/
+const deleteReview = asyncHandler(async (req, res, next) => {
+  const review = await Review.findById(req.params.id);
+
+  if (!review) {
+    return next(
+      new ErrorResponse(`Review not found with ID: ${req.params.id}`, 404)
+    );
+  }
+
+  // Make sure review belongs to User or user is admin
+  if (review.user != req.user.id && req.user.role != "admin") {
+    return next(new ErrorResponse(`Not Authorized to delete this review`, 401));
+  }
+
+  await review.remove();
+
+  res.status(200).json({
+    success: true,
+    data: {}
+  });
+});
+
 module.exports = {
   getAllReviews,
   getReview,
-  addReview
+  addReview,
+  updateReview,
+  deleteReview
 };

models/Review.js

@@ -36,4 +36,37 @@ const ReviewSchema = new mongoose.Schema({
 // preventing users from submitting one review per bootcamp
 ReviewSchema.index({ bootcamp: 1, user: 1 }, { unique: true });
 
+// calulates the average and updates the rating
+ReviewSchema.statics.getAverageRating = async function (bootcampId) {
+  const obj = await this.aggregate([
+    {
+      $match: { bootcamp: bootcampId }
+    },
+    {
+      $group: { _id: "$bootcamp", averageRating: { $avg: "$rating" } }
+    }
+  ]);
+
+  try {
+    const bootcamp = await this.model("Bootcamp").findByIdAndUpdate(
+      bootcampId,
+      {
+        averageRating: obj[0].averageRating
+      }
+    );
+  } catch (error) {
+    console.error(error);
+  }
+};
+
+// call getAverageCost after save
+ReviewSchema.post("save", async function () {
+  this.constructor.getAverageRating(this.bootcamp);
+});
+
+// call getAverageCost before remove
+ReviewSchema.pre("remove", async function () {
+  this.constructor.getAverageRating(this.bootcamp);
+});
+
 module.exports = mongoose.model("Review", ReviewSchema);

routes/reviews.js

@@ -6,7 +6,9 @@ const { protect, authenticateRoles } = require("../middleware/auth");
 const {
   getAllReviews,
   getReview,
-  addReview
+  addReview,
+  updateReview,
+  deleteReview
 } = require("../controllers/reviews");
 
 const router = express.Router({ mergeParams: true });
@@ -22,6 +24,10 @@ router
   )
   .post(protect, authenticateRoles("user", "admin"), addReview);
 
-router.route("/:id").get(getReview);
+router
+  .route("/:id")
+  .get(getReview)
+  .put(protect, authenticateRoles("user", "admin"), updateReview)
+  .delete(protect, authenticateRoles("user", "admin"), deleteReview);
 
 module.exports = router;