Stage 5

2026-04-21 10:15:17 +03:00
parent 19f82768e4
commit ee8928fa5f
13 changed files with 1472 additions and 1 deletions
--- a/test/core_review_tests.erl
+++ b/test/core_review_tests.erl
@@ -0,0 +1,131 @@
+-module(core_review_tests).
+-include_lib("eunit/include/eunit.hrl").
+-include("records.hrl").
+
+setup() ->
+  mnesia:start(),
+  mnesia:create_table(review, [
+    {attributes, record_info(fields, review)},
+    {ram_copies, [node()]}
+  ]),
+  ok.
+
+cleanup(_) ->
+  mnesia:delete_table(review),
+  mnesia:stop(),
+  ok.
+
+core_review_test_() ->
+  {foreach,
+    fun setup/0,
+    fun cleanup/1,
+    [
+      {"Create review test", fun test_create_review/0},
+      {"Get review by id test", fun test_get_by_id/0},
+      {"List reviews by target test", fun test_list_by_target/0},
+      {"List reviews by user test", fun test_list_by_user/0},
+      {"Update review test", fun test_update_review/0},
+      {"Delete review test", fun test_delete_review/0},
+      {"Hide/unhide review test", fun test_hide_unhide/0},
+      {"Average rating test", fun test_average_rating/0},
+      {"Has user reviewed test", fun test_has_user_reviewed/0}
+    ]}.
+
+test_create_review() ->
+  UserId = <<"user123">>,
+  TargetType = event,
+  TargetId = <<"event123">>,
+  Rating = 5,
+  Comment = <<"Great event!">>,
+
+  {ok, Review} = core_review:create(UserId, TargetType, TargetId, Rating, Comment),
+
+  ?assertEqual(UserId, Review#review.user_id),
+  ?assertEqual(TargetType, Review#review.target_type),
+  ?assertEqual(TargetId, Review#review.target_id),
+  ?assertEqual(Rating, Review#review.rating),
+  ?assertEqual(Comment, Review#review.comment),
+  ?assertEqual(visible, Review#review.status),
+  ?assert(is_binary(Review#review.id)).
+
+test_get_by_id() ->
+  UserId = <<"user123">>,
+  {ok, Review} = core_review:create(UserId, event, <<"ev1">>, 4, <<"Good">>),
+
+  {ok, Found} = core_review:get_by_id(Review#review.id),
+  ?assertEqual(Review#review.id, Found#review.id),
+
+  {error, not_found} = core_review:get_by_id(<<"nonexistent">>).
+
+test_list_by_target() ->
+  UserId1 = <<"user1">>,
+  UserId2 = <<"user2">>,
+  EventId = <<"event123">>,
+
+  {ok, _} = core_review:create(UserId1, event, EventId, 5, <<"Awesome">>),
+  {ok, _} = core_review:create(UserId2, event, EventId, 3, <<"Okay">>),
+  {ok, _} = core_review:create(UserId1, calendar, <<"cal1">>, 4, <<"Nice">>),
+
+  {ok, Reviews} = core_review:list_by_target(event, EventId),
+  ?assertEqual(2, length(Reviews)).
+
+test_list_by_user() ->
+  UserId1 = <<"user1">>,
+  UserId2 = <<"user2">>,
+
+  {ok, _} = core_review:create(UserId1, event, <<"ev1">>, 5, <<"">>),
+  {ok, _} = core_review:create(UserId1, event, <<"ev2">>, 4, <<"">>),
+  {ok, _} = core_review:create(UserId2, event, <<"ev3">>, 3, <<"">>),
+
+  {ok, Reviews} = core_review:list_by_user(UserId1),
+  ?assertEqual(2, length(Reviews)).
+
+test_update_review() ->
+  UserId = <<"user123">>,
+  {ok, Review} = core_review:create(UserId, event, <<"ev1">>, 3, <<"Old">>),
+
+  timer:sleep(2000),
+  Updates = [{rating, 5}, {comment, <<"Updated!">>}],
+  {ok, Updated} = core_review:update(Review#review.id, Updates),
+
+  ?assertEqual(5, Updated#review.rating),
+  ?assertEqual(<<"Updated!">>, Updated#review.comment),
+  ?assert(Updated#review.updated_at > Review#review.updated_at).
+
+test_delete_review() ->
+  UserId = <<"user123">>,
+  {ok, Review} = core_review:create(UserId, event, <<"ev1">>, 4, <<"">>),
+
+  {ok, deleted} = core_review:delete(Review#review.id),
+  {error, not_found} = core_review:get_by_id(Review#review.id).
+
+test_hide_unhide() ->
+  UserId = <<"user123">>,
+  {ok, Review} = core_review:create(UserId, event, <<"ev1">>, 4, <<"">>),
+
+  {ok, Hidden} = core_review:hide(Review#review.id),
+  ?assertEqual(hidden, Hidden#review.status),
+
+  {ok, Unhidden} = core_review:unhide(Review#review.id),
+  ?assertEqual(visible, Unhidden#review.status).
+
+test_average_rating() ->
+  UserId1 = <<"user1">>,
+  UserId2 = <<"user2">>,
+  EventId = <<"event123">>,
+
+  {ok, _} = core_review:create(UserId1, event, EventId, 5, <<"">>),
+  {ok, _} = core_review:create(UserId2, event, EventId, 3, <<"">>),
+
+  {Avg, Count} = core_review:get_average_rating(event, EventId),
+  ?assertEqual(4.0, Avg),
+  ?assertEqual(2, Count).
+
+test_has_user_reviewed() ->
+  UserId = <<"user123">>,
+  EventId = <<"event123">>,
+
+  ?assertNot(core_review:has_user_reviewed(UserId, event, EventId)),
+
+  {ok, _} = core_review:create(UserId, event, EventId, 5, <<"">>),
+  ?assert(core_review:has_user_reviewed(UserId, event, EventId)).
--- a/test/logic_review_tests.erl
+++ b/test/logic_review_tests.erl
@@ -0,0 +1,161 @@
+-module(logic_review_tests).
+-include_lib("eunit/include/eunit.hrl").
+-include("records.hrl").
+
+setup() ->
+  mnesia:start(),
+  mnesia:create_table(user, [{attributes, record_info(fields, user)}, {ram_copies, [node()]}]),
+  mnesia:create_table(calendar, [{attributes, record_info(fields, calendar)}, {ram_copies, [node()]}]),
+  mnesia:create_table(event, [{attributes, record_info(fields, event)}, {ram_copies, [node()]}]),
+  mnesia:create_table(booking, [{attributes, record_info(fields, booking)}, {ram_copies, [node()]}]),
+  mnesia:create_table(review, [{attributes, record_info(fields, review)}, {ram_copies, [node()]}]),
+  ok.
+
+cleanup(_) ->
+  mnesia:delete_table(review),
+  mnesia:delete_table(booking),
+  mnesia:delete_table(event),
+  mnesia:delete_table(calendar),
+  mnesia:delete_table(user),
+  mnesia:stop(),
+  ok.
+
+logic_review_test_() ->
+  {foreach,
+    fun setup/0,
+    fun cleanup/1,
+    [
+      {"Create review for event", fun test_create_event_review/0},
+      {"Create review for calendar", fun test_create_calendar_review/0},
+      {"Cannot review without booking", fun test_cannot_review_without_booking/0},
+      {"Cannot review twice", fun test_cannot_review_twice/0},
+      {"Update own review", fun test_update_own_review/0},
+      {"Cannot update others review", fun test_cannot_update_others/0},
+      {"Delete own review", fun test_delete_own_review/0},
+      {"Admin can hide review", fun test_admin_hide_review/0},
+      {"Rating updates target", fun test_rating_updates_target/0}
+    ]}.
+
+create_test_user(Role) ->
+  UserId = base64:encode(crypto:strong_rand_bytes(16), #{mode => urlsafe, padding => false}),
+  User = #user{id = UserId, email = <<UserId/binary, "@test.com">>, password_hash = <<"hash">>,
+    role = Role, status = active, created_at = calendar:universal_time(), updated_at = calendar:universal_time()},
+  mnesia:dirty_write(User),
+  UserId.
+
+create_test_calendar(OwnerId) ->
+  {ok, Calendar} = core_calendar:create(OwnerId, <<"Test">>, <<"">>, manual),
+  Calendar#calendar.id.
+
+create_test_event(CalendarId) ->
+  {ok, Event} = core_event:create(CalendarId, <<"Event">>, {{2026, 6, 1}, {10, 0, 0}}, 60),
+  Event#event.id.
+
+create_booking(UserId, EventId) ->
+  {ok, Booking} = core_booking:create(EventId, UserId),
+  core_booking:update_status(Booking#booking.id, confirmed),
+  Booking#booking.id.
+
+test_create_event_review() ->
+  OwnerId = create_test_user(user),
+  ParticipantId = create_test_user(user),
+  CalendarId = create_test_calendar(OwnerId),
+  EventId = create_test_event(CalendarId),
+  create_booking(ParticipantId, EventId),
+
+  {ok, Review} = logic_review:create_review(ParticipantId, event, EventId, 5, <<"Great!">>),
+  ?assertEqual(5, Review#review.rating),
+
+  % Проверяем, что рейтинг события обновился
+  {ok, Event} = core_event:get_by_id(EventId),
+  ?assertEqual(5.0, Event#event.rating_avg),
+  ?assertEqual(1, Event#event.rating_count).
+
+test_create_calendar_review() ->
+  OwnerId = create_test_user(user),
+  ReviewerId = create_test_user(user),
+  CalendarId = create_test_calendar(OwnerId),
+
+  {ok, Review} = logic_review:create_review(ReviewerId, calendar, CalendarId, 4, <<"Nice">>),
+  ?assertEqual(4, Review#review.rating).
+
+test_cannot_review_without_booking() ->
+  OwnerId = create_test_user(user),
+  UserId = create_test_user(user),
+  CalendarId = create_test_calendar(OwnerId),
+  EventId = create_test_event(CalendarId),
+
+  {error, cannot_review} = logic_review:create_review(UserId, event, EventId, 5, <<"">>).
+
+test_cannot_review_twice() ->
+  OwnerId = create_test_user(user),
+  ParticipantId = create_test_user(user),
+  CalendarId = create_test_calendar(OwnerId),
+  EventId = create_test_event(CalendarId),
+  create_booking(ParticipantId, EventId),
+
+  {ok, _} = logic_review:create_review(ParticipantId, event, EventId, 5, <<"">>),
+  {error, already_reviewed} = logic_review:create_review(ParticipantId, event, EventId, 4, <<"">>).
+
+test_update_own_review() ->
+  OwnerId = create_test_user(user),
+  ParticipantId = create_test_user(user),
+  CalendarId = create_test_calendar(OwnerId),
+  EventId = create_test_event(CalendarId),
+  create_booking(ParticipantId, EventId),
+
+  {ok, Review} = logic_review:create_review(ParticipantId, event, EventId, 3, <<"">>),
+  {ok, Updated} = logic_review:update_review(ParticipantId, Review#review.id, [{rating, 5}]),
+  ?assertEqual(5, Updated#review.rating).
+
+test_cannot_update_others() ->
+  OwnerId = create_test_user(user),
+  ParticipantId = create_test_user(user),
+  OtherId = create_test_user(user),
+  CalendarId = create_test_calendar(OwnerId),
+  EventId = create_test_event(CalendarId),
+  create_booking(ParticipantId, EventId),
+
+  {ok, Review} = logic_review:create_review(ParticipantId, event, EventId, 3, <<"">>),
+  {error, access_denied} = logic_review:update_review(OtherId, Review#review.id, [{rating, 5}]).
+
+test_delete_own_review() ->
+  OwnerId = create_test_user(user),
+  ParticipantId = create_test_user(user),
+  CalendarId = create_test_calendar(OwnerId),
+  EventId = create_test_event(CalendarId),
+  create_booking(ParticipantId, EventId),
+
+  {ok, Review} = logic_review:create_review(ParticipantId, event, EventId, 3, <<"">>),
+  {ok, deleted} = logic_review:delete_review(ParticipantId, Review#review.id).
+
+test_admin_hide_review() ->
+  OwnerId = create_test_user(user),
+  ParticipantId = create_test_user(user),
+  AdminId = create_test_user(admin),
+  CalendarId = create_test_calendar(OwnerId),
+  EventId = create_test_event(CalendarId),
+  create_booking(ParticipantId, EventId),
+
+  {ok, Review} = logic_review:create_review(ParticipantId, event, EventId, 3, <<"Bad">>),
+  {ok, Hidden} = logic_review:hide_review(AdminId, Review#review.id),
+  ?assertEqual(hidden, Hidden#review.status).
+
+test_rating_updates_target() ->
+  OwnerId = create_test_user(user),
+  P1 = create_test_user(user),
+  P2 = create_test_user(user),
+  CalendarId = create_test_calendar(OwnerId),
+  EventId = create_test_event(CalendarId),
+  create_booking(P1, EventId),
+  create_booking(P2, EventId),
+
+  {ok, _} = logic_review:create_review(P1, event, EventId, 5, <<"">>),
+  {ok, Event1} = core_event:get_by_id(EventId),
+  ?assertEqual(5.0, Event1#event.rating_avg),
+  ?assertEqual(1, Event1#event.rating_count),
+
+  {ok, _} = logic_review:create_review(P2, event, EventId, 3, <<"">>),
+  {ok, Event2} = core_event:get_by_id(EventId),
+  ?assertEqual(4.0, Event2#event.rating_avg),
+  ?assertEqual(2, Event2#event.rating_count).
--- a/test/scripts/test_reviews_api.sh
+++ b/test/scripts/test_reviews_api.sh
@@ -0,0 +1,454 @@
+#!/bin/bash
+
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m'
+
+BASE_URL="http://localhost:8080"
+
+log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
+log_success() { echo -e "${GREEN}[SUCCESS]${NC} $1"; }
+log_error() { echo -e "${RED}[ERROR]${NC} $1"; }
+
+extract_json() {
+    echo "$1" | grep -o "\"$2\":\"[^\"]*\"" | head -1 | sed "s/\"$2\":\"//;s/\"$//"
+}
+
+extract_json_number() {
+    echo "$1" | grep -o "\"$2\":[0-9.]*" | head -1 | sed "s/\"$2\"://"
+}
+
+http_post() {
+    local url=$1; local data=$2; local token=$3
+    if [ -n "$token" ]; then
+        curl -s -X POST "$url" -H "Content-Type: application/json" -H "Authorization: Bearer $token" -d "$data"
+    else
+        curl -s -X POST "$url" -H "Content-Type: application/json" -d "$data"
+    fi
+}
+
+http_get() {
+    local url=$1; local token=$2
+    if [ -n "$token" ]; then
+        curl -s -X GET "$url" -H "Authorization: Bearer $token"
+    else
+        curl -s -X GET "$url"
+    fi
+}
+
+http_put() {
+    local url=$1; local data=$2; local token=$3
+    curl -s -X PUT "$url" -H "Content-Type: application/json" -H "Authorization: Bearer $token" -d "$data"
+}
+
+http_delete() {
+    local url=$1; local token=$2
+    curl -s -X DELETE "$url" -H "Authorization: Bearer $token"
+}
+
+echo "============================================================"
+echo "          EVENTHUB REVIEWS API TEST SCRIPT"
+echo "============================================================"
+echo ""
+
+log_info "Checking if server is running..."
+if ! curl -s "$BASE_URL/health" | grep -q "ok"; then
+    log_error "Server is not running"
+    exit 1
+fi
+log_success "Server is running"
+
+echo ""
+log_info "============================================================"
+log_info "STEP 1: Create test users"
+log_info "============================================================"
+
+# Админ (создаётся первым)
+ADMIN_EMAIL="admin_$(date +%s)@example.com"
+ADMIN_PASSWORD="admin123"
+
+log_info "Creating admin user (first user)..."
+response=$(http_post "$BASE_URL/v1/register" "{\"email\":\"$ADMIN_EMAIL\",\"password\":\"$ADMIN_PASSWORD\"}" "")
+ADMIN_TOKEN=$(extract_json "$response" "token")
+ADMIN_ID=$(extract_json "$response" "id")
+log_success "Admin created: $ADMIN_EMAIL"
+
+# Владелец календаря
+OWNER_EMAIL="review_owner_$(date +%s)@example.com"
+OWNER_PASSWORD="owner123"
+
+log_info "Creating calendar owner..."
+response=$(http_post "$BASE_URL/v1/register" "{\"email\":\"$OWNER_EMAIL\",\"password\":\"$OWNER_PASSWORD\"}" "")
+OWNER_TOKEN=$(extract_json "$response" "token")
+OWNER_ID=$(extract_json "$response" "id")
+log_success "Owner created: $OWNER_EMAIL"
+
+# Участник 1
+PARTICIPANT1_EMAIL="review_p1_$(date +%s)@example.com"
+PARTICIPANT1_PASSWORD="p1_123"
+
+log_info "Creating participant 1..."
+response=$(http_post "$BASE_URL/v1/register" "{\"email\":\"$PARTICIPANT1_EMAIL\",\"password\":\"$PARTICIPANT1_PASSWORD\"}" "")
+PARTICIPANT1_TOKEN=$(extract_json "$response" "token")
+PARTICIPANT1_ID=$(extract_json "$response" "id")
+log_success "Participant 1 created"
+
+# Участник 2
+PARTICIPANT2_EMAIL="review_p2_$(date +%s)@example.com"
+PARTICIPANT2_PASSWORD="p2_123"
+
+log_info "Creating participant 2..."
+response=$(http_post "$BASE_URL/v1/register" "{\"email\":\"$PARTICIPANT2_EMAIL\",\"password\":\"$PARTICIPANT2_PASSWORD\"}" "")
+PARTICIPANT2_TOKEN=$(extract_json "$response" "token")
+PARTICIPANT2_ID=$(extract_json "$response" "id")
+log_success "Participant 2 created"
+
+# Сторонний пользователь (без бронирований)
+OTHER_EMAIL="review_other_$(date +%s)@example.com"
+OTHER_PASSWORD="other123"
+
+log_info "Creating other user (no bookings)..."
+response=$(http_post "$BASE_URL/v1/register" "{\"email\":\"$OTHER_EMAIL\",\"password\":\"$OTHER_PASSWORD\"}" "")
+OTHER_TOKEN=$(extract_json "$response" "token")
+OTHER_ID=$(extract_json "$response" "id")
+log_success "Other user created"
+
+echo ""
+log_info "============================================================"
+log_info "STEP 2: Create calendar and events"
+log_info "============================================================"
+
+log_info "Creating calendar..."
+response=$(http_post "$BASE_URL/v1/calendars" \
+    "{\"title\":\"Review Test Calendar\",\"description\":\"Calendar for review tests\"}" "$OWNER_TOKEN")
+CALENDAR_ID=$(extract_json "$response" "id")
+log_success "Calendar created: $CALENDAR_ID"
+
+log_info "Creating event..."
+EVENT_START="2026-06-01T10:00:00Z"
+response=$(http_post "$BASE_URL/v1/calendars/$CALENDAR_ID/events" \
+    "{\"title\":\"Test Event\",\"start_time\":\"$EVENT_START\",\"duration\":60,\"capacity\":10}" "$OWNER_TOKEN")
+EVENT_ID=$(extract_json "$response" "id")
+log_success "Event created: $EVENT_ID"
+
+log_info "Creating second event..."
+response=$(http_post "$BASE_URL/v1/calendars/$CALENDAR_ID/events" \
+    "{\"title\":\"Test Event 2\",\"start_time\":\"$EVENT_START\",\"duration\":60}" "$OWNER_TOKEN")
+EVENT2_ID=$(extract_json "$response" "id")
+log_success "Second event created: $EVENT2_ID"
+
+echo ""
+log_info "============================================================"
+log_info "STEP 3: Create bookings"
+log_info "============================================================"
+
+log_info "Participant 1 booking event..."
+response=$(http_post "$BASE_URL/v1/events/$EVENT_ID/bookings" "" "$PARTICIPANT1_TOKEN")
+BOOKING1_ID=$(extract_json "$response" "id")
+log_success "Booking created: $BOOKING1_ID"
+
+log_info "Owner confirming participant 1 booking..."
+response=$(http_put "$BASE_URL/v1/bookings/$BOOKING1_ID" "{\"action\":\"confirm\"}" "$OWNER_TOKEN")
+log_success "Booking confirmed"
+
+log_info "Participant 2 booking event..."
+response=$(http_post "$BASE_URL/v1/events/$EVENT_ID/bookings" "" "$PARTICIPANT2_TOKEN")
+BOOKING2_ID=$(extract_json "$response" "id")
+log_success "Booking created: $BOOKING2_ID"
+
+log_info "Owner confirming participant 2 booking..."
+response=$(http_put "$BASE_URL/v1/bookings/$BOOKING2_ID" "{\"action\":\"confirm\"}" "$OWNER_TOKEN")
+log_success "Booking confirmed"
+
+echo ""
+log_info "============================================================"
+log_info "TEST 1: Create review for event (participant)"
+log_info "============================================================"
+
+log_info "Participant 1 creating review..."
+response=$(http_post "$BASE_URL/v1/reviews" \
+    "{\"target_type\":\"event\",\"target_id\":\"$EVENT_ID\",\"rating\":5,\"comment\":\"Excellent event!\"}" "$PARTICIPANT1_TOKEN")
+REVIEW1_ID=$(extract_json "$response" "id")
+
+if [ -n "$REVIEW1_ID" ]; then
+    log_success "Review created: $REVIEW1_ID"
+else
+    log_error "Failed to create review: $response"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 2: Create review for event (second participant)"
+log_info "============================================================"
+
+log_info "Participant 2 creating review..."
+response=$(http_post "$BASE_URL/v1/reviews" \
+    "{\"target_type\":\"event\",\"target_id\":\"$EVENT_ID\",\"rating\":3,\"comment\":\"It was okay\"}" "$PARTICIPANT2_TOKEN")
+REVIEW2_ID=$(extract_json "$response" "id")
+
+if [ -n "$REVIEW2_ID" ]; then
+    log_success "Review created: $REVIEW2_ID"
+else
+    log_error "Failed to create review: $response"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 3: Cannot review twice"
+log_info "============================================================"
+
+log_info "Participant 1 trying to review again..."
+response=$(http_post "$BASE_URL/v1/reviews" \
+    "{\"target_type\":\"event\",\"target_id\":\"$EVENT_ID\",\"rating\":4,\"comment\":\"Trying again\"}" "$PARTICIPANT1_TOKEN")
+
+if echo "$response" | grep -q "Already reviewed"; then
+    log_success "Duplicate review correctly rejected"
+else
+    log_error "Duplicate review not rejected: $response"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 4: Cannot review without booking"
+log_info "============================================================"
+
+log_info "Other user trying to review event..."
+response=$(http_post "$BASE_URL/v1/reviews" \
+    "{\"target_type\":\"event\",\"target_id\":\"$EVENT_ID\",\"rating\":5,\"comment\":\"Wasn't there\"}" "$OTHER_TOKEN")
+
+if echo "$response" | grep -q "Cannot review"; then
+    log_success "Review without booking correctly rejected"
+else
+    log_error "Review without booking not rejected: $response"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 5: Create review for calendar"
+log_info "============================================================"
+
+log_info "Other user creating calendar review..."
+response=$(http_post "$BASE_URL/v1/reviews" \
+    "{\"target_type\":\"calendar\",\"target_id\":\"$CALENDAR_ID\",\"rating\":4,\"comment\":\"Nice calendar!\"}" "$OTHER_TOKEN")
+CALENDAR_REVIEW_ID=$(extract_json "$response" "id")
+
+if [ -n "$CALENDAR_REVIEW_ID" ]; then
+    log_success "Calendar review created: $CALENDAR_REVIEW_ID"
+else
+    log_error "Failed to create calendar review: $response"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 6: Get reviews for event"
+log_info "============================================================"
+
+log_info "Getting reviews for event..."
+response=$(http_get "$BASE_URL/v1/reviews?target_type=event&target_id=$EVENT_ID" "$PARTICIPANT1_TOKEN")
+REVIEW_COUNT=$(echo "$response" | grep -o "\"id\"" | wc -l)
+
+if [ "$REVIEW_COUNT" -eq 2 ]; then
+    log_success "Found $REVIEW_COUNT reviews for event"
+else
+    log_error "Expected 2 reviews, found $REVIEW_COUNT"
+fi
+
+sleep 1
+
+echo ""
+log_info "============================================================"
+log_info "TEST 7: Check event rating updated"
+log_info "============================================================"
+
+log_info "Checking event rating..."
+response=$(http_get "$BASE_URL/v1/events/$EVENT_ID" "$OWNER_TOKEN")
+RATING_AVG=$(extract_json_number "$response" "rating_avg")
+RATING_COUNT=$(extract_json_number "$response" "rating_count")
+
+if [ "$RATING_AVG" = "4.0" ] && [ "$RATING_COUNT" = "2" ]; then
+    log_success "Event rating updated: $RATING_AVG ($RATING_COUNT reviews)"
+else
+    log_error "Event rating incorrect: avg=$RATING_AVG, count=$RATING_COUNT"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 8: Update own review"
+log_info "============================================================"
+
+log_info "Participant 1 updating review..."
+response=$(http_put "$BASE_URL/v1/reviews/$REVIEW1_ID" \
+    "{\"rating\":4,\"comment\":\"Updated: Very good!\"}" "$PARTICIPANT1_TOKEN")
+
+if echo "$response" | grep -q "\"id\""; then
+    log_success "Review updated"
+else
+    log_error "Review update failed: $response"
+fi
+
+sleep 1
+
+log_info "Checking event rating after update..."
+response=$(http_get "$BASE_URL/v1/events/$EVENT_ID" "$OWNER_TOKEN")
+NEW_RATING_AVG=$(extract_json_number "$response" "rating_avg")
+
+if [ "$NEW_RATING_AVG" = "3.5" ]; then
+    log_success "Event rating updated to $NEW_RATING_AVG"
+else
+    log_error "Event rating incorrect: $NEW_RATING_AVG (expected 3.5)"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 9: Cannot update others review"
+log_info "============================================================"
+
+log_info "Participant 2 trying to update participant 1 review..."
+response=$(http_put "$BASE_URL/v1/reviews/$REVIEW1_ID" \
+    "{\"rating\":1,\"comment\":\"Hacked!\"}" "$PARTICIPANT2_TOKEN")
+
+if echo "$response" | grep -q "Access denied"; then
+    log_success "Update others review correctly rejected"
+else
+    log_error "Update others review not rejected: $response"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 10: Get user reviews"
+log_info "============================================================"
+
+log_info "Getting participant 1 reviews..."
+response=$(http_get "$BASE_URL/v1/user/reviews" "$PARTICIPANT1_TOKEN")
+USER_REVIEW_COUNT=$(echo "$response" | grep -o "\"id\"" | wc -l)
+
+if [ "$USER_REVIEW_COUNT" -ge 1 ]; then
+    log_success "Found $USER_REVIEW_COUNT reviews for user"
+else
+    log_error "User reviews not found"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 11: Admin hides review"
+log_info "============================================================"
+
+log_info "Admin   hiding review $REVIEW2_ID..."
+response=$(http_put "$BASE_URL/v1/admin/reviews/$REVIEW2_ID" \
+    "{\"action\":\"hide\"}" "$ADMIN_TOKEN")
+
+HIDDEN_STATUS=$(extract_json "$response" "status")
+if [ "$HIDDEN_STATUS" = "hidden" ]; then
+    log_success "Review hidden by admin"
+else
+    log_error "Failed to hide review: $response"
+fi
+
+log_info "Participant 1 getting event reviews (hidden should not appear)..."
+response=$(http_get "$BASE_URL/v1/reviews?target_type=event&target_id=$EVENT_ID" "$PARTICIPANT1_TOKEN")
+VISIBLE_COUNT=$(echo "$response" | grep -o "\"id\"" | wc -l)
+
+if [ "$VISIBLE_COUNT" -eq 1 ]; then
+    log_success "Only 1 review visible (hidden filtered out)"
+else
+    log_error "Expected 1 visible review, found $VISIBLE_COUNT"
+fi
+
+log_info "Admin getting event reviews (should see all)..."
+response=$(http_get "$BASE_URL/v1/reviews?target_type=event&target_id=$EVENT_ID" "$ADMIN_TOKEN")
+ADMIN_COUNT=$(echo "$response" | grep -o "\"id\"" | wc -l)
+
+if [ "$ADMIN_COUNT" -eq 2 ]; then
+    log_success "Admin sees all 2 reviews"
+else
+    log_error "Admin should see 2 reviews, found $ADMIN_COUNT"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 12: Admin unhides review"
+log_info "============================================================"
+
+log_info "Admin  unhiding review..."
+response=$(http_put "$BASE_URL/v1/admin/reviews/$REVIEW2_ID" \
+    "{\"action\":\"unhide\"}" "$ADMIN_TOKEN")
+
+UNHIDDEN_STATUS=$(extract_json "$response" "status")
+if [ "$UNHIDDEN_STATUS" = "visible" ]; then
+    log_success "Review unhidden by admin"
+else
+    log_error "Failed to unhide review: $response"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 13: Delete own review"
+log_info "============================================================"
+
+log_info "Participant 1 deleting review..."
+response=$(http_delete "$BASE_URL/v1/reviews/$REVIEW1_ID" "$PARTICIPANT1_TOKEN")
+
+if echo "$response" | grep -q "deleted"; then
+    log_success "Review deleted"
+else
+    log_error "Failed to delete review: $response"
+fi
+
+sleep 1
+
+log_info "Checking event rating after deletion..."
+response=$(http_get "$BASE_URL/v1/events/$EVENT_ID" "$OWNER_TOKEN")
+FINAL_RATING_AVG=$(extract_json_number "$response" "rating_avg")
+FINAL_RATING_COUNT=$(extract_json_number "$response" "rating_count")
+
+if [ "$FINAL_RATING_AVG" = "3.0" ] && [ "$FINAL_RATING_COUNT" = "1" ]; then
+    log_success "Event rating updated: $FINAL_RATING_AVG ($FINAL_RATING_COUNT review)"
+else
+    log_error "Event rating incorrect: avg=$FINAL_RATING_AVG, count=$FINAL_RATING_COUNT"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 14: Get deleted review (should fail)"
+log_info "============================================================"
+
+log_info "Trying to get deleted review..."
+response=$(http_get "$BASE_URL/v1/reviews/$REVIEW1_ID" "$PARTICIPANT1_TOKEN")
+
+if echo "$response" | grep -q "not found"; then
+    log_success "Deleted review not found"
+else
+    log_error "Deleted review still accessible: $response"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 15: Calendar rating updated"
+log_info "============================================================"
+
+log_info "Checking calendar rating..."
+response=$(http_get "$BASE_URL/v1/calendars/$CALENDAR_ID" "$OWNER_TOKEN")
+CAL_RATING_AVG=$(extract_json_number "$response" "rating_avg")
+CAL_RATING_COUNT=$(extract_json_number "$response" "rating_count")
+
+if [ "$CAL_RATING_AVG" = "4.0" ] && [ "$CAL_RATING_COUNT" = "1" ]; then
+    log_success "Calendar rating: $CAL_RATING_AVG ($CAL_RATING_COUNT review)"
+else
+    log_error "Calendar rating incorrect: avg=$CAL_RATING_AVG, count=$CAL_RATING_COUNT"
+fi
+
+echo ""
+echo "============================================================"
+log_success "REVIEWS API TESTS COMPLETED!"
+echo "============================================================"
+echo ""
+echo "Summary of created resources:"
+echo "  Admin: $ADMIN_EMAIL"
+echo "  Owner: $OWNER_EMAIL"
+echo "  Participant 1: $PARTICIPANT1_EMAIL"
+echo "  Participant 2: $PARTICIPANT2_EMAIL"
+echo "  Calendar: $CALENDAR_ID"
+echo "  Event: $EVENT_ID"
+echo ""