Commit f0aa3a22bada04b54a72dd16d717e0afdb3a433c
1 parent
c09da346
Exists in
staging
and in
4 other branches
adding enterprise article endpoint
Showing
2 changed files
with
167 additions
and
2 deletions
 
Show diff stats
lib/api/v1/articles.rb
| @@ -99,8 +99,6 @@ module API | @@ -99,8 +99,6 @@ module API | ||
| 99 | present article, :with => Entities::Article | 99 | present article, :with => Entities::Article | 
| 100 | end | 100 | end | 
| 101 | 101 | ||
| 102 | - # Example Request: | ||
| 103 | - # POST api/v1/communites/:person_id/articles?private_toke=234298743290432&article[name]=title&article[body]=body | ||
| 104 | post do | 102 | post do | 
| 105 | person = environment.people.find(params[:person_id]) | 103 | person = environment.people.find(params[:person_id]) | 
| 106 | return forbidden! unless current_person.can_post_content?(person) | 104 | return forbidden! unless current_person.can_post_content?(person) | 
| @@ -124,6 +122,45 @@ module API | @@ -124,6 +122,45 @@ module API | ||
| 124 | 122 | ||
| 125 | end | 123 | end | 
| 126 | 124 | ||
| 125 | + resource :enterprises do | ||
| 126 | + segment '/:enterprise_id' do | ||
| 127 | + resource :articles do | ||
| 128 | + get do | ||
| 129 | + enterprise = environment.enterprises.find(params[:enterprise_id]) | ||
| 130 | + articles = select_filtered_collection_of(enterprise, 'articles', params) | ||
| 131 | + articles = articles.display_filter(current_person, enterprise) | ||
| 132 | + present articles, :with => Entities::Article | ||
| 133 | + end | ||
| 134 | + | ||
| 135 | + get ':id' do | ||
| 136 | + enterprise = environment.enterprises.find(params[:enterprise_id]) | ||
| 137 | + article = find_article(enterprise.articles, params[:id]) | ||
| 138 | + present article, :with => Entities::Article | ||
| 139 | + end | ||
| 140 | + | ||
| 141 | + post do | ||
| 142 | + enterprise = environment.enterprises.find(params[:enterprise_id]) | ||
| 143 | + return forbidden! unless current_person.can_post_content?(enterprise) | ||
| 144 | + | ||
| 145 | + klass_type= params[:content_type].nil? ? 'TinyMceArticle' : params[:content_type] | ||
| 146 | + return forbidden! unless ARTICLE_TYPES.include?(klass_type) | ||
| 147 | + | ||
| 148 | + article = klass_type.constantize.new(params[:article]) | ||
| 149 | + article.last_changed_by = current_person | ||
| 150 | + article.created_by= current_person | ||
| 151 | + article.profile = enterprise | ||
| 152 | + | ||
| 153 | + if !article.save | ||
| 154 | + render_api_errors!(article.errors.full_messages) | ||
| 155 | + end | ||
| 156 | + present article, :with => Entities::Article | ||
| 157 | + end | ||
| 158 | + | ||
| 159 | + end | ||
| 160 | + end | ||
| 161 | + | ||
| 162 | + end | ||
| 163 | + | ||
| 127 | 164 | ||
| 128 | end | 165 | end | 
| 129 | end | 166 | end | 
test/unit/api/articles_test.rb
| @@ -314,5 +314,133 @@ class ArticlesTest < ActiveSupport::TestCase | @@ -314,5 +314,133 @@ class ArticlesTest < ActiveSupport::TestCase | ||
| 314 | assert_equal user.person, Article.last.last_changed_by | 314 | assert_equal user.person, Article.last.last_changed_by | 
| 315 | end | 315 | end | 
| 316 | 316 | ||
| 317 | + ############################# | ||
| 318 | + # Enterprise Articles # | ||
| 319 | + ############################# | ||
| 320 | + | ||
| 321 | + should 'return article by enterprise' do | ||
| 322 | + enterprise = fast_create(Enterprise) | ||
| 323 | + article = fast_create(Article, :profile_id => enterprise.id, :name => "Some thing") | ||
| 324 | + get "/api/v1/enterprises/#{enterprise.id}/articles/#{article.id}?#{params.to_query}" | ||
| 325 | + json = JSON.parse(last_response.body) | ||
| 326 | + assert_equal article.id, json["article"]["id"] | ||
| 327 | + end | ||
| 328 | + | ||
| 329 | + should 'not return article by enterprise if user has no permission to view it' do | ||
| 330 | + enterprise = fast_create(Enterprise) | ||
| 331 | + article = fast_create(Article, :profile_id => enterprise.id, :name => "Some thing", :published => false) | ||
| 332 | + assert !article.published? | ||
| 333 | + | ||
| 334 | + get "/api/v1/enterprises/#{enterprise.id}/articles/#{article.id}?#{params.to_query}" | ||
| 335 | + assert_equal 403, last_response.status | ||
| 336 | + end | ||
| 337 | + | ||
| 338 | + should 'not list forbidden article when listing articles by enterprise' do | ||
| 339 | + enterprise = fast_create(Enterprise) | ||
| 340 | + article = fast_create(Article, :profile_id => enterprise.id, :name => "Some thing", :published => false) | ||
| 341 | + assert !article.published? | ||
| 342 | + | ||
| 343 | + get "/api/v1/enterprises/#{enterprise.id}/articles?#{params.to_query}" | ||
| 344 | + json = JSON.parse(last_response.body) | ||
| 345 | + assert_not_includes json['articles'].map {|a| a['id']}, article.id | ||
| 346 | + end | ||
| 347 | + | ||
| 348 | + should 'create article in a enterprise' do | ||
| 349 | + enterprise = fast_create(Enterprise) | ||
| 350 | + give_permission(user.person, 'post_content', enterprise) | ||
| 351 | + params[:article] = {:name => "Title"} | ||
| 352 | + post "/api/v1/enterprises/#{enterprise.id}/articles?#{params.to_query}" | ||
| 353 | + json = JSON.parse(last_response.body) | ||
| 354 | + assert_equal "Title", json["article"]["title"] | ||
| 355 | + end | ||
| 356 | + | ||
| 357 | + should 'enterprise: do not create article if user has no permission to post content' do | ||
| 358 | + enterprise = fast_create(Enterprise) | ||
| 359 | + give_permission(user.person, 'invite_members', enterprise) | ||
| 360 | + params[:article] = {:name => "Title"} | ||
| 361 | + post "/api/v1/enterprises/#{enterprise.id}/articles?#{params.to_query}" | ||
| 362 | + assert_equal 403, last_response.status | ||
| 363 | + end | ||
| 364 | + | ||
| 365 | + should 'enterprise: create article with parent' do | ||
| 366 | + enterprise = fast_create(Enterprise) | ||
| 367 | + enterprise.add_member(user.person) | ||
| 368 | + article = fast_create(Article) | ||
| 369 | + | ||
| 370 | + params[:article] = {:name => "Title", :parent_id => article.id} | ||
| 371 | + post "/api/v1/enterprises/#{enterprise.id}/articles?#{params.to_query}" | ||
| 372 | + json = JSON.parse(last_response.body) | ||
| 373 | + assert_equal article.id, json["article"]["parent"]["id"] | ||
| 374 | + end | ||
| 375 | + | ||
| 376 | + should 'enterprise: create article with content type passed as parameter' do | ||
| 377 | + enterprise = fast_create(Enterprise) | ||
| 378 | + enterprise.add_member(user.person) | ||
| 379 | + | ||
| 380 | + Article.delete_all | ||
| 381 | + params[:article] = {:name => "Title"} | ||
| 382 | + params[:content_type] = 'TextArticle' | ||
| 383 | + post "/api/v1/enterprises/#{enterprise.id}/articles?#{params.to_query}" | ||
| 384 | + json = JSON.parse(last_response.body) | ||
| 385 | + | ||
| 386 | + assert_kind_of TextArticle, Article.last | ||
| 387 | + end | ||
| 388 | + | ||
| 389 | + should 'enterprise: create article of TinyMceArticle type if no content type is passed as parameter' do | ||
| 390 | + enterprise = fast_create(Enterprise) | ||
| 391 | + enterprise.add_member(user.person) | ||
| 392 | + | ||
| 393 | + params[:article] = {:name => "Title"} | ||
| 394 | + post "/api/v1/enterprises/#{enterprise.id}/articles?#{params.to_query}" | ||
| 395 | + json = JSON.parse(last_response.body) | ||
| 396 | + | ||
| 397 | + assert_kind_of TinyMceArticle, Article.last | ||
| 398 | + end | ||
| 399 | + | ||
| 400 | + should 'enterprise: not create article with invalid article content type' do | ||
| 401 | + enterprise = fast_create(Enterprise) | ||
| 402 | + enterprise.add_member(user.person) | ||
| 403 | + | ||
| 404 | + params[:article] = {:name => "Title"} | ||
| 405 | + params[:content_type] = 'Person' | ||
| 406 | + post "/api/v1/enterprises/#{enterprise.id}/articles?#{params.to_query}" | ||
| 407 | + json = JSON.parse(last_response.body) | ||
| 408 | + | ||
| 409 | + assert_equal 403, last_response.status | ||
| 410 | + end | ||
| 411 | + | ||
| 412 | + should 'enterprise: create article defining the correct profile' do | ||
| 413 | + enterprise = fast_create(Enterprise) | ||
| 414 | + enterprise.add_member(user.person) | ||
| 415 | + | ||
| 416 | + params[:article] = {:name => "Title"} | ||
| 417 | + post "/api/v1/enterprises/#{enterprise.id}/articles?#{params.to_query}" | ||
| 418 | + json = JSON.parse(last_response.body) | ||
| 419 | + | ||
| 420 | + assert_equal enterprise, Article.last.profile | ||
| 421 | + end | ||
| 422 | + | ||
| 423 | + should 'enterprise: create article defining the created_by' do | ||
| 424 | + enterprise = fast_create(Enterprise) | ||
| 425 | + enterprise.add_member(user.person) | ||
| 426 | + | ||
| 427 | + params[:article] = {:name => "Title"} | ||
| 428 | + post "/api/v1/enterprises/#{enterprise.id}/articles?#{params.to_query}" | ||
| 429 | + json = JSON.parse(last_response.body) | ||
| 430 | + | ||
| 431 | + assert_equal user.person, Article.last.created_by | ||
| 432 | + end | ||
| 433 | + | ||
| 434 | + should 'enterprise: create article defining the last_changed_by' do | ||
| 435 | + enterprise = fast_create(Enterprise) | ||
| 436 | + enterprise.add_member(user.person) | ||
| 437 | + | ||
| 438 | + params[:article] = {:name => "Title"} | ||
| 439 | + post "/api/v1/enterprises/#{enterprise.id}/articles?#{params.to_query}" | ||
| 440 | + json = JSON.parse(last_response.body) | ||
| 441 | + | ||
| 442 | + assert_equal user.person, Article.last.last_changed_by | ||
| 443 | + end | ||
| 444 | + | ||
| 317 | 445 | ||
| 318 | end | 446 | end |