Commit 020591c2c4710835d7c1cc2a485f13991a5e87f2
Exists in
fix_sign_up_form
Merge branch 'api_task_param' into 'master'
api: accept parameters to update a task when accept/reject See merge request !984
Showing
2 changed files
with
25 additions
and
2 deletions
Show diff stats
app/api/v1/tasks.rb
| @@ -31,8 +31,13 @@ module Api | @@ -31,8 +31,13 @@ module Api | ||
| 31 | desc "#{action.capitalize} a task" | 31 | desc "#{action.capitalize} a task" |
| 32 | put ":id/#{action}" do | 32 | put ":id/#{action}" do |
| 33 | task = find_task(current_person, Task.to(current_person), params[:id]) | 33 | task = find_task(current_person, Task.to(current_person), params[:id]) |
| 34 | - task.send(action, current_person) if (task.status == Task::Status::ACTIVE) | ||
| 35 | - present_partial task, :with => Entities::Task | 34 | + begin |
| 35 | + task.update(params[:task]) | ||
| 36 | + task.send(action, current_person) if (task.status == Task::Status::ACTIVE) | ||
| 37 | + present_partial task, :with => Entities::Task | ||
| 38 | + rescue Exception => ex | ||
| 39 | + render_api_error!(ex.message, 500) | ||
| 40 | + end | ||
| 36 | end | 41 | end |
| 37 | end | 42 | end |
| 38 | end | 43 | end |
test/api/task_test.rb
| @@ -204,6 +204,24 @@ class TasksTest < ActiveSupport::TestCase | @@ -204,6 +204,24 @@ class TasksTest < ActiveSupport::TestCase | ||
| 204 | assert_nil task.reload.closed_by_id | 204 | assert_nil task.reload.closed_by_id |
| 205 | assert_equal Task::Status::ACTIVE, task.status | 205 | assert_equal Task::Status::ACTIVE, task.status |
| 206 | end | 206 | end |
| 207 | + | ||
| 208 | + should "person be able to #{action} a task with parameters" do | ||
| 209 | + person1 = fast_create(Person) | ||
| 210 | + task = create(Task, :requestor => person1, :target => person) | ||
| 211 | + params[:task] = {reject_explanation: "reject explanation"} | ||
| 212 | + put "/api/v1/tasks/#{task.id}/#{action}?#{params.to_query}" | ||
| 213 | + assert_equal "Task::Status::#{task_actions_state[action]}".constantize, task.reload.status | ||
| 214 | + assert_equal "reject explanation", task.reload.reject_explanation | ||
| 215 | + end | ||
| 216 | + | ||
| 217 | + should "not update a forbidden parameter when #{action} a task" do | ||
| 218 | + person1 = fast_create(Person) | ||
| 219 | + person2 = fast_create(Person) | ||
| 220 | + task = create(Task, :requestor => person1, :target => person) | ||
| 221 | + params[:task] = { requestor: {id: person2.id} } | ||
| 222 | + put "/api/v1/tasks/#{task.id}/#{action}?#{params.to_query}" | ||
| 223 | + assert_equal 500, last_response.status | ||
| 224 | + end | ||
| 207 | end | 225 | end |
| 208 | 226 | ||
| 209 | ################################################# | 227 | ################################################# |