In completing this assignment you MAY use/access the following resources:
You may NOT use/access:
- Resources not expressly listed above, including, but not limited to,
the following ...
- Source code not provided as part of this assignment. (Obviously, this
includes, but is not limited to, source code written by other students
whether current or in the past).
- Code-generating tools (of which ChatGPT is one example).
- Any web sites not directly linked to from the homework assignment.
Failure to abide by these guidelines will result in a zero for the assignment
and the incident will be reported to the university provost as a violation of
the university academic integrity policy. A second incident of academic
dishonesty (whether from this course or another computer science course) will
result in an F in the course.
In this assignment you will be starting from a fresh/empty Laravel application.
When the assignment is finished you will not have a full fledged application.
Instead you will have implemented a REST API that will provide the endpoints
needed to support the database actions required by the book sellers application.
Begin by creating a new laravel application in the hw10 directory.
Then follow the steps presented in class and in the video
to provide the following endpoints for the Book Seller application we have
been writing for homework. NOTE: In order to facilitate grading you
need to use the following route names exactly:
- GET /api/books
- Return 200 status code along with a JSON array of book
objects with the following fields. The field names should match exactly, but the
order of the fields doesn't matter.
[
{
"book_id": 25,
"title": "Post Wins2!",
"condition": 2,
"price": "5.99",
"created_by": 1,
"name": "Fred",
"email": "fred@fun.com"
},
{
"book_id": 22,
"title": "Jo's Fun <Day>!",
"condition": 3,
"price": "19.99",
"created_by": 1,
"name": "Fred",
"email": "fred@fun.com"
}
]
The query to produce this list is:
SELECT book_id, title, condition, price, created_by, name, email
FROM books JOIN book_users ON (books.created_by=book_users.user_id)
- GET /api/books/{id}
- If provided id is invalid format or does
not match a book in the database return 400 status code with appropriate
error message. Otherwise, return 200 status code along with a single JSON book
object formatted as above. The query to extract a single book is the same
as above, but with with a where clause appended to it:
WHERE book_id=?
- POST /api/books
- This endpoint is used to add a new book to the database.
It requires fields for title, condition, and price that match requirements from
previous assignments. If validation for the various fields is passed then
the result is a 201 status code and an empty JSON object as the response
body. If the validation does not pass then we give a JSON response that
is generated by Laravel's validation function such as:
{
"message": "The given data was invalid.",
"errors": {
"title": [
"The title field is required."
]
}
}
The query to add a book:
INSERT INTO books (book_id, title, condition, price, created_by)
VALUES (default, ?, ?, ?, ?)
- PUT /api/books/id
- This endpoint is used to update/modify an
existing book in the database. It should perform the typical checks
on the book id with appropriate responses for invalid/non-existent book
id. It will also do the same validation/responses as when adding a new
book.
The query to modify a book:
UPDATE books SET title=?, condition=?, price=? WHERE book_id=?
- DELETE /api/books/id
- This endpoint is used to remove an
existing book from the database. It requires a valid book id that exists
in the database.
As before, a malformed or missing book id should return a 400 status code.
Valid requests provide a 204 status code and an empty JSON object as the
response. The query to delete a book:
DELETE FROM books WHERE book_id=?
Requests for routes that don't exist should return 404 status code with
an appropriate JSON-formatted error string. In the BookController, database
requests should be put in a try-catch block to handle unexpected database
errors. In the case of reaching the catch block we return a 503 status code
with an appropriate message.
Here is a summary of status code we'll be using for this assignment:
Code |
Phrase |
Meaning in our App |
200 |
OK |
successful get request or successful PUT request |
201 |
Object created |
successful post request |
204 |
No content |
successful delete request |
400 |
Bad request |
request failed validation or invalid book id given |
401 |
Unauthorized |
user not logged in |
403 |
Forbidden |
user logged in, but not allowed to perform this action |
404 |
Not found |
no endpoint for this request was found |
503 |
Service unavailable |
Unexpected database error |