Add API endpoint for updating a user's profile
Closed this issue · 0 comments
timmyichen commented
Description
This issue adds an API endpoint for updating a user's profile.
Add an API endpoint:
PATCH /api/users/:id
This endpoint should allow the updating of data for the user's model, limited to the following fields:
bio
- social links added in #8
The endpoint should throw a ForbiddenError if it's called on any user except for the currently-authed user (i.e. people can only edit their own profiles)
Partial updates should be allowed; i.e. not every field above is required when calling this endpoint.
User-submitted data should be sanitized to not include markup (e.g. can't set your bio
to be <script>alert('hi')</script>
)
Acceptance Criteria
- API endpoint exists
- New acceptance tests exist and pass (covering edge cases)
- Existing tests pass