working on update def

app/controllers/api/v1/records_controller.rb

@@ -1,5 +1,5 @@
 class Api::V1::RecordsController < ApplicationController
-  before_action :set_record, only: %i[show update destroy]
+  before_action :set_record, only: %i[show update]
   before_action :check_login
 
   def index
@@ -10,6 +10,23 @@ class Api::V1::RecordsController < ApplicationController
     render json: RecordSerializer.new(@record).serializable_hash.to_json
   end
   
+  def create
+    record = current_user.records.build(record_params)
+    record.task_id = params[:task_id]
+    if record.save
+      render json: RecordSerializer.new(record).serializable_hash.to_json, status: :created
+    else
+      render json: { errors: record.errors }, status: :unprocessable_entity
+    end
+  end
+
+  def update
+    if @record.update(handled_by_id = current_user.id)
+      render json: RecordSerializer.new(@record).serializable_hash.to_json, status: :ok
+    else
+      render json: @task.errors, status: :unprocessable_entity
+    end
+  end
 
   private
 
@@ -18,6 +35,10 @@ class Api::V1::RecordsController < ApplicationController
     params.require(:record).permit(:duration, :user_id, :task_id, :is_handled, :handled_by_id)
   end
 
+  # def record_params_update
+  #   params.require(:record).permit(:is_handled, :handled_by_id)
+  # end
+
   def set_record
     @record = Task.find(params[:task_id]).records.find(params[:id])
   end

test/controllers/api/v1/records_controller_test.rb

@@ -5,6 +5,7 @@ class Api::V1::RecordsControllerTest < ActionDispatch::IntegrationTest
     @record = records(:one)
     @activity = activities(:one)
     @task = tasks(:one)
+    @user_two = users(:two)
   end
 
   # INDEX
@@ -41,4 +42,31 @@ class Api::V1::RecordsControllerTest < ActionDispatch::IntegrationTest
     assert_response :forbidden
   end
 
+  # CREATE
+  test "should create task" do
+    assert_difference("Record.count") do
+      post api_v1_activity_task_records_url(@activity, @task),
+      params: { record: { duration: @record.duration, user_id: @record.user_id, task_id: @record.task_id } },
+      headers: { Authorization: JsonWebToken.encode(user_id: @record.user_id) },
+      as: :json
+    end
+    assert_response :created
+  end
+
+  test "should not create task" do
+    assert_no_difference("Record.count") do
+      post api_v1_activity_task_records_url(@activity, @task),
+      params: { record: { duration: @record.duration, user_id: @record.user_id, task_id: @record.task_id } },
+      as: :json
+    end
+    assert_response :forbidden
+  end
+
+  # UPDATE
+  test "should update task" do
+    patch api_v1_activity_task_record_url(@activity, @task, @record),
+    params: { task: { is_handled: true } },
+    headers: { Authorization: JsonWebToken.encode(user_id: @user_two.id) },
+    as: :json
+  end
 end