Commit 247e46d392c82d48f7f6ecbbc8f092ccf3025f10
1 parent
1617e755
Exists in
staging
and in
9 other branches
refactoring task actions
Showing
2 changed files
with
30 additions
and
5 deletions
Show diff stats
app/api/v1/tasks.rb
| @@ -30,8 +30,7 @@ module Api | @@ -30,8 +30,7 @@ module Api | ||
| 30 | %w[finish cancel].each do |action| | 30 | %w[finish cancel].each do |action| |
| 31 | desc "#{action.capitalize} a task" | 31 | desc "#{action.capitalize} a task" |
| 32 | put ":id/#{action}" do | 32 | put ":id/#{action}" do |
| 33 | - authenticate! | ||
| 34 | - task = find_task(current_person, params[:id]) | 33 | + task = find_task(current_person, Task.to(current_person), params[:id]) |
| 35 | task.send(action, current_person) if (task.status == Task::Status::ACTIVE) | 34 | task.send(action, current_person) if (task.status == Task::Status::ACTIVE) |
| 36 | present_partial task, :with => Entities::Task | 35 | present_partial task, :with => Entities::Task |
| 37 | end | 36 | end |
test/api/task_test.rb
| @@ -50,7 +50,7 @@ class TasksTest < ActiveSupport::TestCase | @@ -50,7 +50,7 @@ class TasksTest < ActiveSupport::TestCase | ||
| 50 | task = create(Task, :requestor => person, :target => environment) | 50 | task = create(Task, :requestor => person, :target => environment) |
| 51 | 51 | ||
| 52 | get "/api/v1/tasks/#{task.id}?#{params.to_query}" | 52 | get "/api/v1/tasks/#{task.id}?#{params.to_query}" |
| 53 | - assert_equal 403, last_response.status | 53 | + assert_equal 404, last_response.status |
| 54 | end | 54 | end |
| 55 | 55 | ||
| 56 | should 'find the current user task even it is finished' do | 56 | should 'find the current user task even it is finished' do |
| @@ -161,7 +161,6 @@ class TasksTest < ActiveSupport::TestCase | @@ -161,7 +161,6 @@ class TasksTest < ActiveSupport::TestCase | ||
| 161 | task_actions_state={"finish"=>"FINISHED","cancel"=>"CANCELLED"} | 161 | task_actions_state={"finish"=>"FINISHED","cancel"=>"CANCELLED"} |
| 162 | task_actions.each do |action| | 162 | task_actions.each do |action| |
| 163 | should "person be able to #{action} his own task" do | 163 | should "person be able to #{action} his own task" do |
| 164 | - login_api | ||
| 165 | person1 = fast_create(Person) | 164 | person1 = fast_create(Person) |
| 166 | task = create(Task, :requestor => person1, :target => person) | 165 | task = create(Task, :requestor => person1, :target => person) |
| 167 | put "/api/v1/tasks/#{task.id}/#{action}?#{params.to_query}" | 166 | put "/api/v1/tasks/#{task.id}/#{action}?#{params.to_query}" |
| @@ -169,8 +168,35 @@ class TasksTest < ActiveSupport::TestCase | @@ -169,8 +168,35 @@ class TasksTest < ActiveSupport::TestCase | ||
| 169 | assert_equal "Task::Status::#{task_actions_state[action]}".constantize, task.reload.status | 168 | assert_equal "Task::Status::#{task_actions_state[action]}".constantize, task.reload.status |
| 170 | end | 169 | end |
| 171 | 170 | ||
| 171 | + should "person be able to #{action} environment task if it's admin user" do | ||
| 172 | + environment = Environment.default | ||
| 173 | + environment.add_admin(person) | ||
| 174 | + task = create(Task, :requestor => person, :target => environment) | ||
| 175 | + put "/api/v1/tasks/#{task.id}/#{action}?#{params.to_query}" | ||
| 176 | + assert_equal person.reload.id, task.reload.closed_by_id | ||
| 177 | + assert_equal "Task::Status::#{task_actions_state[action]}".constantize, task.reload.status | ||
| 178 | + end | ||
| 179 | + | ||
| 180 | + should "person be able to #{action} community task if it has permission on it" do | ||
| 181 | + community = fast_create(Community) | ||
| 182 | + community.add_member(person) | ||
| 183 | + give_permission(person, 'perform_task', community) | ||
| 184 | + task = create(Task, :requestor => person, :target => community) | ||
| 185 | + put "/api/v1/tasks/#{task.id}/#{action}?#{params.to_query}" | ||
| 186 | + assert_equal person.reload.id, task.reload.closed_by_id | ||
| 187 | + assert_equal "Task::Status::#{task_actions_state[action]}".constantize, task.reload.status | ||
| 188 | + end | ||
| 189 | + | ||
| 190 | + should "person not be able to #{action} community task if it has no permission on it" do | ||
| 191 | + community = fast_create(Community) | ||
| 192 | + community.add_member(person) | ||
| 193 | + task = create(Task, :requestor => person, :target => community) | ||
| 194 | + put "/api/v1/tasks/#{task.id}/#{action}?#{params.to_query}" | ||
| 195 | + assert_equal person.reload.id, task.reload.closed_by_id | ||
| 196 | + assert_equal "Task::Status::#{task_actions_state[action]}".constantize, task.reload.status | ||
| 197 | + end | ||
| 198 | + | ||
| 172 | should "person not be able to #{action} other person's task" do | 199 | should "person not be able to #{action} other person's task" do |
| 173 | - login_api | ||
| 174 | user = fast_create(User) | 200 | user = fast_create(User) |
| 175 | person1 = fast_create(Person, :user_id => user) | 201 | person1 = fast_create(Person, :user_id => user) |
| 176 | task = create(Task, :requestor => person, :target => person1) | 202 | task = create(Task, :requestor => person, :target => person1) |