Commit c89d93a4e112713fe02a8fcc366b3fcc0a9134c7
1 parent
d6081ef0
Exists in
theme-brasil-digital-from-staging
and in
9 other branches
creating person endpoint
Showing
2 changed files
with
24 additions
and
0 deletions
Show diff stats
lib/noosfero/api/v1/people.rb
| ... | ... | @@ -48,6 +48,13 @@ module Noosfero |
| 48 | 48 | present person, :with => Entities::Person |
| 49 | 49 | end |
| 50 | 50 | |
| 51 | + desc "Update person information" | |
| 52 | + post ':id' do | |
| 53 | + return forbidden! if current_person.id.to_s != params[:id] | |
| 54 | + current_person.update_attributes!(params[:person]) | |
| 55 | + present current_person, :with => Entities::Person | |
| 56 | + end | |
| 57 | + | |
| 51 | 58 | # Example Request: |
| 52 | 59 | # POST api/v1/people?person[login]=some_login&person[password]=some_password&person[name]=Jack |
| 53 | 60 | desc "Create person" | ... | ... |
test/unit/api/people_test.rb
| ... | ... | @@ -148,4 +148,21 @@ class PeopleTest < ActiveSupport::TestCase |
| 148 | 148 | get "/api/v1/people/#{some_person.id}/permissions?#{params.to_query}" |
| 149 | 149 | assert_equal 403, last_response.status |
| 150 | 150 | end |
| 151 | + | |
| 152 | + should 'not update another person' do | |
| 153 | + person = fast_create(Person, :environment_id => environment.id) | |
| 154 | + post "/api/v1/people/#{person.id}?#{params.to_query}" | |
| 155 | + assert_equal 403, last_response.status | |
| 156 | + end | |
| 157 | + | |
| 158 | + should 'update yourself' do | |
| 159 | + another_name = 'Another Name' | |
| 160 | + params[:person] = {} | |
| 161 | + params[:person][:name] = another_name | |
| 162 | + assert_not_equal another_name, person.name | |
| 163 | + post "/api/v1/people/#{person.id}?#{params.to_query}" | |
| 164 | + person.reload | |
| 165 | + assert_equal another_name, person.name | |
| 166 | + end | |
| 167 | + | |
| 151 | 168 | end | ... | ... |