Download as
Browse Code »

Commit adeac9bc4d203166de6229d11a0ecedec21935a7

Authored by Carlos Purificação
Committed by Leandro Santos
1 parent ecb1bf67
Exists in staging and in 31 other branches all_pending_tasks_api, api-articles-period, api_roles, comments_permissions, elasticsearch, elasticsearch_api, elasticsearch_categories, elasticsearch_filter, elasticsearch_sort, elasticsearch_to_merge, elasticsearch_view, environment-exposes-api, export-comment-api, export_data, external_followers, federation-webfinger, federation_followers, federation_followers_backend, federation_oauth_provider, federation_webfinger, fix_notification_email, follower_permition, master, master_profile_followers, oauth_external_login, oauth_login, private-scraps, private-scraps-rebase, production, profile_api_improvements, user_mention

Allowed settings for environments if user is admin

Showing 4 changed files with 37 additions and 2 deletions   Show diff stats
lib/noosfero/api/entities.rb
  Diff comments   View file @adeac9b
@@ -233,6 +233,7 @@ module Noosfero @@ -233,6 +233,7 @@ module Noosfero
233 expose :name 233 expose :name
234 expose :id 234 expose :id
235 expose :description 235 expose :description
  236 + expose :settings, if: lambda { |instance, options| options[:is_admin] }
236 end 237 end
237 238
238 class Tag < Entity 239 class Tag < Entity
lib/noosfero/api/helpers.rb
  Diff comments   View file @adeac9b
@@ -30,6 +30,11 @@ require_relative &#39;../../find_by_contents&#39; @@ -30,6 +30,11 @@ require_relative &#39;../../find_by_contents&#39;
30 current_user.person unless current_user.nil? 30 current_user.person unless current_user.nil?
31 end 31 end
32 32
  33 + def is_admin?(environment)
  34 + return false unless current_user
  35 + return current_person.is_admin?(environment)
  36 + end
  37 +
33 def logout 38 def logout
34 @current_user = nil 39 @current_user = nil
35 end 40 end
lib/noosfero/api/v1/environments.rb
  Diff comments   View file @adeac9b
@@ -19,7 +19,8 @@ module Noosfero @@ -19,7 +19,8 @@ module Noosfero
19 else 19 else
20 resultEnvironment = Environment.find(params[:id]) 20 resultEnvironment = Environment.find(params[:id])
21 end 21 end
22 - present resultEnvironment, :with => Entities::Environment 22 + is_admin = is_admin?(resultEnvironment)
  23 + present resultEnvironment, :with => Entities::Environment, :is_admin => is_admin?(resultEnvironment)
23 end 24 end
24 25
25 end 26 end
test/api/environment_test.rb
  Diff comments   View file @adeac9b
@@ -19,10 +19,38 @@ class EnvironmentTest &lt; ActiveSupport::TestCase @@ -19,10 +19,38 @@ class EnvironmentTest &lt; ActiveSupport::TestCase
19 get "/api/v1/environment/default" 19 get "/api/v1/environment/default"
20 json = JSON.parse(last_response.body) 20 json = JSON.parse(last_response.body)
21 assert_equal environment.id, json['id'] 21 assert_equal environment.id, json['id']
22 - puts "json: #{json}"  
23 assert_nil json['settings'] 22 assert_nil json['settings']
24 end 23 end
25 24
  25 + def create_admin_user(env)
  26 + admin_user = User.find_by(login: 'adminuser') || create_user('adminuser', :email => 'adminuser@noosfero.org', :password => 'adminuser', :password_confirmation => 'adminuser', :environment => env)
  27 + admin_role = Role.find_by(name: 'admin_role') || Role.create!(:name => 'admin_role', :permissions => ['view_environment_admin_panel','edit_environment_features', 'edit_environment_design', 'manage_environment_categories', 'manage_environment_roles', 'manage_environment_trusted_sites', 'manage_environment_validators', 'manage_environment_users', 'manage_environment_organizations', 'manage_environment_templates', 'manage_environment_licenses', 'edit_appearance'])
  28 + create(RoleAssignment, :accessor => admin_user.person, :role => admin_role, :resource => env) unless admin_user.person.role_assignments.map{|ra|[ra.role, ra.accessor, ra.resource]}.include?([admin_role, admin_user, env])
  29 + admin_user.activate
  30 + admin_user
  31 + end
  32 +
  33 + def login_admin
  34 + environment = Environment.default
  35 + admin_user = create_admin_user(environment)
  36 + params = {:login => "adminuser", :password => "adminuser"}
  37 + post "/api/v1/login?#{params.to_query}"
  38 + json = JSON.parse(last_response.body)
  39 + private_token = json['user']["private_token"]
  40 + assert !private_token.blank?
  41 + assert_equal admin_user.private_token, private_token
  42 + @params = {:private_token => private_token}
  43 + end
  44 +
  45 + should 'return the default environment settings for admin' do
  46 + login_admin
  47 + environment = Environment.default
  48 + get "/api/v1/environment/default?#{params.to_query}"
  49 + json = JSON.parse(last_response.body)
  50 + assert_equal environment.id, json['id']
  51 + assert_equal environment.settings, json['settings']
  52 + end
  53 +
26 should 'return the default environment description' do 54 should 'return the default environment description' do
27 environment = Environment.default 55 environment = Environment.default
28 get "/api/v1/environment/default" 56 get "/api/v1/environment/default"