Commit c9b346bb47a9a6d07905f8444aa687589f8bbc11
Committed by
Macartur Sousa
Macartur Sousa
1 parent
b4e7b4e5
Exists in
elasticsearch_api
api: return permissions for user in article entity
Showing
4 changed files
with
20 additions
and
3 deletions
Show diff stats
app/api/entities.rb
| ... | ... | @@ -202,12 +202,21 @@ module Api |
| 202 | 202 | expose :accept_comments?, as: :accept_comments |
| 203 | 203 | end |
| 204 | 204 | |
| 205 | + def self.permissions_for_entity(entity, current_person, *method_names) | |
| 206 | + method_names.map { |method| entity.send(method, current_person) ? method.to_s.gsub(/\?/,'') : nil }.compact | |
| 207 | + end | |
| 208 | + | |
| 205 | 209 | class Article < ArticleBase |
| 206 | 210 | root 'articles', 'article' |
| 207 | 211 | expose :parent, :using => ArticleBase |
| 208 | 212 | expose :children, :using => ArticleBase do |article, options| |
| 209 | 213 | article.children.published.limit(V1::Articles::MAX_PER_PAGE) |
| 210 | 214 | end |
| 215 | + expose :permissions do |article, options| | |
| 216 | + Entities.permissions_for_entity(article, options[:current_person], | |
| 217 | + :allow_edit?, :allow_post_content?, :allow_delete?, :allow_create?, | |
| 218 | + :allow_publish_content?) | |
| 219 | + end | |
| 211 | 220 | end |
| 212 | 221 | |
| 213 | 222 | class User < Entity | ... | ... |
app/api/helpers.rb
| ... | ... | @@ -121,7 +121,7 @@ module Api |
| 121 | 121 | |
| 122 | 122 | def present_article(asset) |
| 123 | 123 | article = find_article(asset.articles, params[:id]) |
| 124 | - present_partial article, :with => Entities::Article, :params => params | |
| 124 | + present_partial article, with: Entities::Article, params: params, current_person: current_person | |
| 125 | 125 | end |
| 126 | 126 | |
| 127 | 127 | def present_articles_for_asset(asset, method = 'articles') |
| ... | ... | @@ -130,7 +130,7 @@ module Api |
| 130 | 130 | end |
| 131 | 131 | |
| 132 | 132 | def present_articles(articles) |
| 133 | - present_partial paginate(articles), :with => Entities::Article, :params => params | |
| 133 | + present_partial paginate(articles), :with => Entities::Article, :params => params, current_person: current_person | |
| 134 | 134 | end |
| 135 | 135 | |
| 136 | 136 | def find_articles(asset, method = 'articles') | ... | ... |
app/api/v1/articles.rb
| ... | ... | @@ -273,7 +273,7 @@ module Api |
| 273 | 273 | article = forbidden! |
| 274 | 274 | end |
| 275 | 275 | |
| 276 | - present_partial article, :with => Entities::Article | |
| 276 | + present_partial article, :with => Entities::Article, current_person: current_person | |
| 277 | 277 | else |
| 278 | 278 | |
| 279 | 279 | present_articles_for_asset(profile) | ... | ... |
test/api/articles_test.rb
| ... | ... | @@ -786,4 +786,12 @@ class ArticlesTest < ActiveSupport::TestCase |
| 786 | 786 | assert_not_includes json['article']['children'].map {|a| a['id']}, child.id |
| 787 | 787 | end |
| 788 | 788 | |
| 789 | + should 'list article permissions when get an article' do | |
| 790 | + community = fast_create(Community) | |
| 791 | + give_permission(person, 'post_content', community) | |
| 792 | + article = fast_create(Article, :profile_id => community.id) | |
| 793 | + get "/api/v1/articles/#{article.id}?#{params.to_query}" | |
| 794 | + json = JSON.parse(last_response.body) | |
| 795 | + assert_includes json["article"]["permissions"], 'allow_post_content' | |
| 796 | + end | |
| 789 | 797 | end | ... | ... |