#671: added #add_member action for platforms API, added new specs

This commit is contained in:
Vokhmin Alexey V 2012-10-09 20:23:48 +04:00
parent 9e6e2de955
commit 30909b281d
4 changed files with 83 additions and 12 deletions

View File

@ -21,4 +21,8 @@ class Api::V1::BaseController < ApplicationController
{:page => params[:page], :per_page => 20} {:page => params[:page], :per_page => 20}
end end
def validation_failed(subject)
{:message => "Validation Failed", :errors => subject.errors.messages}.to_json
end
end end

View File

@ -2,7 +2,7 @@
class Api::V1::PlatformsController < Api::V1::BaseController class Api::V1::PlatformsController < Api::V1::BaseController
before_filter :authenticate_user! before_filter :authenticate_user!
skip_before_filter :authenticate_user!, :only => [:show, :platforms_for_build] if APP_CONFIG['anonymous_access'] skip_before_filter :authenticate_user!, :only => [:show, :platforms_for_build, :members] if APP_CONFIG['anonymous_access']
load_and_authorize_resource load_and_authorize_resource
@ -28,11 +28,13 @@ class Api::V1::PlatformsController < Api::V1::BaseController
platform_params[:description] = p[:description] if p[:description] platform_params[:description] = p[:description] if p[:description]
if @platform.update_attributes(p) if @platform.update_attributes(p)
render :json => { render :json => {
:platform => {:id => @platform.id, :platform => {
:message => 'Platform has been updated successfully'} :id => @platform.id,
:message => 'Platform has been updated successfully'
}
}.to_json }.to_json
else else
render :json => {:message => "Validation Failed", :errors => @platform.errors.messages}.to_json, :status => 422 render :json => validation_failed(@platform), :status => 422
end end
end end
@ -40,4 +42,23 @@ class Api::V1::PlatformsController < Api::V1::BaseController
@members = @platform.members.order('name').paginate(paginate_params) @members = @platform.members.order('name').paginate(paginate_params)
end end
def add_member
if params[:type] == 'User'
member = User
elsif params[:type] == 'Group'
member = Group
end
member = member.where(:id => params[:member_id]).first if member
if member && @platform.add_member(member)
render :json => {
:platform => {
:id => @platform.id,
:message => "#{member.class.to_s} '#{member.id}' has been added to platform successfully"
}
}.to_json
else
render :json => validation_failed(@platform), :status => 422
end
end
end end

View File

@ -26,6 +26,7 @@ Rosa::Application.routes.draw do
} }
member { member {
get :members get :members
put :add_member
} }
end end
resources :repositories, :only => [:show] resources :repositories, :only => [:show]

View File

@ -8,7 +8,34 @@ shared_examples_for 'api platform user with reader rights' do
get :index, :format => :json get :index, :format => :json
response.should render_template(:index) response.should render_template(:index)
end end
end
shared_examples_for 'api platform user with update rights' do
before do
put :update, {:platform => {:description => 'new description'}, :id => @platform.id}, :format => :json
end
it 'should be able to perform update action' do
response.should be_success
end
it 'ensures that platform has been updated' do
@platform.reload
@platform.description.should == 'new description'
end
end
shared_examples_for 'api platform user without update rights' do
before do
put :update, {:platform => {:description => 'new description'}, :id => @platform.id}, :format => :json
end
it 'should not be able to perform update action' do
response.should_not be_success
end
it 'ensures that platform has not been updated' do
@platform.reload
@platform.description.should_not == 'new description'
end
end end
shared_examples_for 'api platform user with reader rights for hidden platform' do shared_examples_for 'api platform user with reader rights for hidden platform' do
@ -32,12 +59,19 @@ shared_examples_for "api platform user with show rights" do
get :show, :id => @platform.id, :format => :json get :show, :id => @platform.id, :format => :json
response.should render_template(:show) response.should render_template(:show)
end end
it 'should be able to perform platforms_for_build action' do
get :platforms_for_build, :format => :json
response.should render_template(:index)
end
end end
shared_examples_for "api platform user without show rights" do shared_examples_for "api platform user without show rights" do
it 'should not be able to perform show action' do [:show, :members].each do |action|
get :show, :id => @platform.id, :format => :json it "should not be able to perform #{ action } action" do
response.body.should == {"message" => "Access violation to this page!"}.to_json get action, :id => @platform.id, :format => :json
response.body.should == {"message" => "Access violation to this page!"}.to_json
end
end end
end end
@ -45,7 +79,7 @@ describe Api::V1::PlatformsController do
before do before do
stub_symlink_methods stub_symlink_methods
@platform = FactoryGirl.create(:platform) @platform = FactoryGirl.create(:platform, :visibility => 'open')
@personal_platform = FactoryGirl.create(:platform, :platform_type => 'personal') @personal_platform = FactoryGirl.create(:platform, :platform_type => 'personal')
@user = FactoryGirl.create(:user) @user = FactoryGirl.create(:user)
end end
@ -57,14 +91,21 @@ describe Api::V1::PlatformsController do
response.status.should == 401 response.status.should == 401
end end
it "should not be able to perform show action", :anonymous_access => false do [:show, :platforms_for_build].each do |action|
get :show, :id => @platform.id, :format => :json it "should not be able to perform #{ action } action", :anonymous_access => false do
response.status.should == 401 get action, :format => :json
response.status.should == 401
end
end
it 'should be able to perform members action', :anonymous_access => true do
get :members, :id => @platform.id, :format => :json
response.should render_template(:members)
end end
it_should_behave_like 'api platform user with show rights' if APP_CONFIG['anonymous_access'] it_should_behave_like 'api platform user with show rights' if APP_CONFIG['anonymous_access']
it_should_behave_like 'api platform user without reader rights for hidden platform' if APP_CONFIG['anonymous_access'] it_should_behave_like 'api platform user without reader rights for hidden platform' if APP_CONFIG['anonymous_access']
it_should_behave_like 'api platform user without update rights'
end end
context 'for global admin' do context 'for global admin' do
@ -76,6 +117,7 @@ describe Api::V1::PlatformsController do
it_should_behave_like 'api platform user with reader rights' it_should_behave_like 'api platform user with reader rights'
it_should_behave_like 'api platform user with reader rights for hidden platform' it_should_behave_like 'api platform user with reader rights for hidden platform'
it_should_behave_like 'api platform user with update rights'
end end
context 'for owner user' do context 'for owner user' do
@ -88,6 +130,7 @@ describe Api::V1::PlatformsController do
it_should_behave_like 'api platform user with reader rights' it_should_behave_like 'api platform user with reader rights'
it_should_behave_like 'api platform user with reader rights for hidden platform' it_should_behave_like 'api platform user with reader rights for hidden platform'
it_should_behave_like 'api platform user with update rights'
end end
context 'for reader user' do context 'for reader user' do
@ -111,6 +154,7 @@ describe Api::V1::PlatformsController do
it_should_behave_like 'api platform user with reader rights' it_should_behave_like 'api platform user with reader rights'
it_should_behave_like 'api platform user with reader rights for hidden platform' it_should_behave_like 'api platform user with reader rights for hidden platform'
it_should_behave_like 'api platform user without update rights'
end end
context 'for simple user' do context 'for simple user' do
@ -121,5 +165,6 @@ describe Api::V1::PlatformsController do
it_should_behave_like 'api platform user with reader rights' it_should_behave_like 'api platform user with reader rights'
it_should_behave_like 'api platform user without reader rights for hidden platform' it_should_behave_like 'api platform user without reader rights for hidden platform'
it_should_behave_like 'api platform user without update rights'
end end
end end