Merge branch 'api-article-permissions' into 'master'

api: return permissions for user in article entity See merge request !948

Merge branch 'api-article-permissions' into 'master'
api: return permissions for user in article entity See merge request !948
Leandro Santos
2 parents 14b34706 5850b93d
Showing 4 changed files with 20 additions and 3 deletions Show diff stats
app/api/entities.rb
app/api/helpers.rb
app/api/v1/articles.rb
test/api/articles_test.rb
@@ -202,12 +202,21 @@ module Api
       expose :accept_comments?, as: :accept_comments
     end
  
+    def self.permissions_for_entity(entity, current_person, *method_names)
+      method_names.map { |method| entity.send(method, current_person) ? method.to_s.gsub(/\?/,'') : nil }.compact
+    end
+
     class Article < ArticleBase
       root 'articles', 'article'
       expose :parent, :using => ArticleBase
       expose :children, :using => ArticleBase do |article, options|
         article.children.published.limit(V1::Articles::MAX_PER_PAGE)
       end
+      expose :permissions do |article, options|
+        Entities.permissions_for_entity(article, options[:current_person],
+          :allow_edit?, :allow_post_content?, :allow_delete?, :allow_create?,
+          :allow_publish_content?)
+      end
     end
  
     class User < Entity
@@ -121,7 +121,7 @@ module Api
  
     def present_article(asset)
       article = find_article(asset.articles, params[:id])
-      present_partial article, :with => Entities::Article, :params => params
+      present_partial article, with: Entities::Article, params: params, current_person: current_person
     end
  
     def present_articles_for_asset(asset, method = 'articles')
@@ -130,7 +130,7 @@ module Api
     end
  
     def present_articles(articles)
-      present_partial paginate(articles), :with => Entities::Article, :params => params
+      present_partial paginate(articles), :with => Entities::Article, :params => params, current_person: current_person
     end
  
     def find_articles(asset, method = 'articles')
@@ -273,7 +273,7 @@ module Api
                     article = forbidden!
                   end
  
-                  present_partial article, :with => Entities::Article
+                  present_partial article, :with => Entities::Article, current_person: current_person
                 else
  
                   present_articles_for_asset(profile)
@@ -786,4 +786,12 @@ class ArticlesTest &lt; ActiveSupport::TestCase
     assert_not_includes json['article']['children'].map {|a| a['id']}, child.id
   end
  
+  should 'list article permissions when get an article' do
+    community = fast_create(Community)
+    give_permission(person, 'post_content', community)
+    article = fast_create(Article, :profile_id => community.id)
+    get "/api/v1/articles/#{article.id}?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_includes json["article"]["permissions"], 'allow_post_content'
+  end
 end
...	...	@@ -202,12 +202,21 @@ module Api
202	202	expose :accept_comments?, as: :accept_comments
203	203	end
204	204
	205	+ def self.permissions_for_entity(entity, current_person, *method_names)
	206	+ method_names.map { \|method\| entity.send(method, current_person) ? method.to_s.gsub(/\?/,'') : nil }.compact
	207	+ end
	208	+
205	209	class Article < ArticleBase
206	210	root 'articles', 'article'
207	211	expose :parent, :using => ArticleBase
208	212	expose :children, :using => ArticleBase do \|article, options\|
209	213	article.children.published.limit(V1::Articles::MAX_PER_PAGE)
210	214	end
	215	+ expose :permissions do \|article, options\|
	216	+ Entities.permissions_for_entity(article, options[:current_person],
	217	+ :allow_edit?, :allow_post_content?, :allow_delete?, :allow_create?,
	218	+ :allow_publish_content?)
	219	+ end
211	220	end
212	221
213	222	class User < Entity
...	...
...	...	@@ -121,7 +121,7 @@ module Api
121	121
122	122	def present_article(asset)
123	123	article = find_article(asset.articles, params[:id])
124		- present_partial article, :with => Entities::Article, :params => params
	124	+ present_partial article, with: Entities::Article, params: params, current_person: current_person
125	125	end
126	126
127	127	def present_articles_for_asset(asset, method = 'articles')
...	...	@@ -130,7 +130,7 @@ module Api
130	130	end
131	131
132	132	def present_articles(articles)
133		- present_partial paginate(articles), :with => Entities::Article, :params => params
	133	+ present_partial paginate(articles), :with => Entities::Article, :params => params, current_person: current_person
134	134	end
135	135
136	136	def find_articles(asset, method = 'articles')
...	...
...	...	@@ -273,7 +273,7 @@ module Api
273	273	article = forbidden!
274	274	end
275	275
276		- present_partial article, :with => Entities::Article
	276	+ present_partial article, :with => Entities::Article, current_person: current_person
277	277	else
278	278
279	279	present_articles_for_asset(profile)
...	...
...	...	@@ -786,4 +786,12 @@ class ArticlesTest < ActiveSupport::TestCase
786	786	assert_not_includes json['article']['children'].map {\|a\| a['id']}, child.id
787	787	end
788	788
	789	+ should 'list article permissions when get an article' do
	790	+ community = fast_create(Community)
	791	+ give_permission(person, 'post_content', community)
	792	+ article = fast_create(Article, :profile_id => community.id)
	793	+ get "/api/v1/articles/#{article.id}?#{params.to_query}"
	794	+ json = JSON.parse(last_response.body)
	795	+ assert_includes json["article"]["permissions"], 'allow_post_content'
	796	+ end
789	797	end
...	...