diff --git a/app/controllers/api/v1/platforms_controller.rb b/app/controllers/api/v1/platforms_controller.rb index 630395a07..a676ff89e 100644 --- a/app/controllers/api/v1/platforms_controller.rb +++ b/app/controllers/api/v1/platforms_controller.rb @@ -43,13 +43,7 @@ class Api::V1::PlatformsController < Api::V1::BaseController end def add_member - if params[:type] == 'User' - member = User - elsif params[:type] == 'Group' - member = Group - end - member = member.where(:id => params[:member_id]).first if member - if member && @platform.add_member(member) + if member.present? && @platform.add_member(member) render :json => { :platform => { :id => @platform.id, @@ -61,4 +55,30 @@ class Api::V1::PlatformsController < Api::V1::BaseController end end + def remove_member + if member.present? && @platform.remove_member(member) + render :json => { + :platform => { + :id => @platform.id, + :message => "#{member.class.to_s} '#{member.id}' has been removed from platform successfully" + } + }.to_json + else + render :json => validation_failed(@platform), :status => 422 + end + end + + private + + def member + return @member if @member + if params[:type] == 'User' + member = User + elsif params[:type] == 'Group' + member = Group + end + @member = member.where(:id => params[:member_id]).first if member + @member ||= '' + end + end diff --git a/config/routes.rb b/config/routes.rb index e9fe3826b..c87672d5e 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -27,6 +27,7 @@ Rosa::Application.routes.draw do member { get :members put :add_member + delete :remove_member } end resources :repositories, :only => [:show] diff --git a/spec/controllers/api/v1/platforms_controller_spec.rb b/spec/controllers/api/v1/platforms_controller_spec.rb index 1af389736..24d6d358d 100644 --- a/spec/controllers/api/v1/platforms_controller_spec.rb +++ b/spec/controllers/api/v1/platforms_controller_spec.rb @@ -37,7 +37,7 @@ shared_examples_for 'api platform user with writer rights' do put :add_member, {:member_id => member.id, :type => 'User', :id => @platform.id}, :format => :json end - it 'should be able to perform update action' do + it 'should be able to perform add_member action' do response.should be_success end it 'ensures that new member has been added to platform' do @@ -45,6 +45,21 @@ shared_examples_for 'api platform user with writer rights' do end end + context 'api platform user with remove_member rights' do + let(:member) { FactoryGirl.create(:user) } + before do + @platform.add_member(member) + delete :remove_member, {:member_id => member.id, :type => 'User', :id => @platform.id}, :format => :json + end + + it 'should be able to perform update action' do + response.should be_success + end + it 'ensures that member has been removed from platform' do + @platform.members.should_not include(member) + end + end + end shared_examples_for 'api platform user without writer rights' do @@ -69,13 +84,29 @@ shared_examples_for 'api platform user without writer rights' do put :add_member, {:member_id => member.id, :type => 'User', :id => @platform.id}, :format => :json end - it 'should not be able to perform update action' do + it 'should not be able to perform add_member action' do response.should_not be_success end it 'ensures that new member has not been added to platform' do @platform.members.should_not include(member) end end + + context 'api platform user without remove_member rights' do + let(:member) { FactoryGirl.create(:user) } + before do + @platform.add_member(member) + delete :remove_member, {:member_id => member.id, :type => 'User', :id => @platform.id}, :format => :json + end + + it 'should be able to perform update action' do + response.should_not be_success + end + it 'ensures that member has not been removed from platform' do + @platform.members.should include(member) + end + end + end shared_examples_for 'api platform user with reader rights for hidden platform' do