Merge branch 'api-article-permissions' into 'master'

api: return permissions for user in article entity See merge request !948

Merge branch 'api-article-permissions' into 'master'
api: return permissions for user in article entity See merge request !948
Leandro Santos
2 parents 14b34706 5850b93d
Showing 4 changed files with 20 additions and 3 deletions Show diff stats
app/api/entities.rb
app/api/helpers.rb
app/api/v1/articles.rb
test/api/articles_test.rb
@@ -202,12 +202,21 @@ module Api
       expose :accept_comments?, as: :accept_comments
     end
+    def self.permissions_for_entity(entity, current_person, *method_names)
+      method_names.map { |method| entity.send(method, current_person) ? method.to_s.gsub(/\?/,'') : nil }.compact
+    end
+
     class Article < ArticleBase
       root 'articles', 'article'
       expose :parent, :using => ArticleBase
       expose :children, :using => ArticleBase do |article, options|
         article.children.published.limit(V1::Articles::MAX_PER_PAGE)
       end
+      expose :permissions do |article, options|
+        Entities.permissions_for_entity(article, options[:current_person],
+          :allow_edit?, :allow_post_content?, :allow_delete?, :allow_create?,
+          :allow_publish_content?)
+      end
     end
     class User < Entity
@@ -121,7 +121,7 @@ module Api
     def present_article(asset)
       article = find_article(asset.articles, params[:id])
-      present_partial article, :with => Entities::Article, :params => params
+      present_partial article, with: Entities::Article, params: params, current_person: current_person
     end
     def present_articles_for_asset(asset, method = 'articles')
@@ -130,7 +130,7 @@ module Api
     end
     def present_articles(articles)
-      present_partial paginate(articles), :with => Entities::Article, :params => params
+      present_partial paginate(articles), :with => Entities::Article, :params => params, current_person: current_person
     end
     def find_articles(asset, method = 'articles')
@@ -273,7 +273,7 @@ module Api
                     article = forbidden!
                   end
-                  present_partial article, :with => Entities::Article
+                  present_partial article, :with => Entities::Article, current_person: current_person
                 else
                   present_articles_for_asset(profile)
@@ -786,4 +786,12 @@ class ArticlesTest &lt; ActiveSupport::TestCase
     assert_not_includes json['article']['children'].map {|a| a['id']}, child.id
   end
+  should 'list article permissions when get an article' do
+    community = fast_create(Community)
+    give_permission(person, 'post_content', community)
+    article = fast_create(Article, :profile_id => community.id)
+    get "/api/v1/articles/#{article.id}?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_includes json["article"]["permissions"], 'allow_post_content'
+  end
 end
	@@ -121,7 +121,7 @@ module Api		@@ -121,7 +121,7 @@ module Api
121		121
122	def present_article(asset)	122	def present_article(asset)
123	article = find_article(asset.articles, params[:id])	123	article = find_article(asset.articles, params[:id])
124	- present_partial article, :with => Entities::Article, :params => params	124	+ present_partial article, with: Entities::Article, params: params, current_person: current_person
125	end	125	end
126		126
127	def present_articles_for_asset(asset, method = 'articles')	127	def present_articles_for_asset(asset, method = 'articles')
	@@ -130,7 +130,7 @@ module Api		@@ -130,7 +130,7 @@ module Api
130	end	130	end
131		131
132	def present_articles(articles)	132	def present_articles(articles)
133	- present_partial paginate(articles), :with => Entities::Article, :params => params	133	+ present_partial paginate(articles), :with => Entities::Article, :params => params, current_person: current_person
134	end	134	end
135		135
136	def find_articles(asset, method = 'articles')	136	def find_articles(asset, method = 'articles')
	@@ -273,7 +273,7 @@ module Api		@@ -273,7 +273,7 @@ module Api
273	article = forbidden!	273	article = forbidden!
274	end	274	end
275		275
276	- present_partial article, :with => Entities::Article	276	+ present_partial article, :with => Entities::Article, current_person: current_person
277	else	277	else
278		278
279	present_articles_for_asset(profile)	279	present_articles_for_asset(profile)
	@@ -786,4 +786,12 @@ class ArticlesTest < ActiveSupport::TestCase		@@ -786,4 +786,12 @@ class ArticlesTest < ActiveSupport::TestCase
786	assert_not_includes json['article']['children'].map {\|a\| a['id']}, child.id	786	assert_not_includes json['article']['children'].map {\|a\| a['id']}, child.id
787	end	787	end
788		788
		789	+ should 'list article permissions when get an article' do
		790	+ community = fast_create(Community)
		791	+ give_permission(person, 'post_content', community)
		792	+ article = fast_create(Article, :profile_id => community.id)
		793	+ get "/api/v1/articles/#{article.id}?#{params.to_query}"
		794	+ json = JSON.parse(last_response.body)
		795	+ assert_includes json["article"]["permissions"], 'allow_post_content'
		796	+ end
789	end	797	end