From c5dc4fec4cf7222e79f306e9be78d8942197f310 Mon Sep 17 00:00:00 2001
From: Son NK <nguyenkims@hotmail.com>
Date: Wed, 5 Feb 2020 18:28:54 +0700
Subject: [PATCH] add POST /api/aliases/:alias_id/toggle endpoint

---
 README.md               | 17 +++++++++++++++++
 app/api/views/alias.py  | 26 ++++++++++++++++++++++++++
 tests/api/test_alias.py | 22 ++++++++++++++++++++++
 3 files changed, 65 insertions(+)

diff --git a/README.md b/README.md
index d09b0c8d..efdf8285 100644
--- a/README.md
+++ b/README.md
@@ -793,6 +793,23 @@ If success, 200.
 }
 ```
 
+#### POST /api/aliases/:alias_id/toggle
+
+Enable/disable alias
+
+Input:
+- `Authentication` header that contains the api key
+- `alias_id` in url. 
+
+Output:
+If success, 200 along with the new alias status:
+
+```json
+{
+    "enabled": false
+}
+```
+
 
 ### Database migration
 
diff --git a/app/api/views/alias.py b/app/api/views/alias.py
index dd3a1273..f2088988 100644
--- a/app/api/views/alias.py
+++ b/app/api/views/alias.py
@@ -77,3 +77,29 @@ def delete_alias(alias_id):
     db.session.commit()
 
     return jsonify(deleted=True), 200
+
+
+@api_bp.route("/aliases/<int:alias_id>/toggle", methods=["POST"])
+@cross_origin()
+@verify_api_key
+def toggle_alias(alias_id):
+    """
+    Enable/disable alias
+    Input:
+        alias_id: in url
+    Output:
+        200 along with new status:
+        - enabled
+
+
+    """
+    user = g.user
+    gen_email: GenEmail = GenEmail.get(alias_id)
+
+    if gen_email.user_id != user.id:
+        return jsonify(error="Forbidden"), 403
+
+    gen_email.enabled = not gen_email.enabled
+    db.session.commit()
+
+    return jsonify(enabled=gen_email.enabled), 200
diff --git a/tests/api/test_alias.py b/tests/api/test_alias.py
index b790a83b..2708e3a4 100644
--- a/tests/api/test_alias.py
+++ b/tests/api/test_alias.py
@@ -76,3 +76,25 @@ def test_delete_alias(flask_client):
 
     assert r.status_code == 200
     assert r.json == {"deleted": True}
+
+
+def test_toggle_alias(flask_client):
+    user = User.create(
+        email="a@b.c", password="password", name="Test User", activated=True
+    )
+    db.session.commit()
+
+    # create api_key
+    api_key = ApiKey.create(user.id, "for test")
+    db.session.commit()
+
+    gen_email = GenEmail.create_new_random(user.id)
+    db.session.commit()
+
+    r = flask_client.post(
+        url_for("api.toggle_alias", alias_id=gen_email.id),
+        headers={"Authentication": api_key.code},
+    )
+
+    assert r.status_code == 200
+    assert r.json == {"enabled": False}