adding people articles endpoint

Leandro Santos · Rodrigo Souto
1 parent 518e6a90
Showing 2 changed files with 151 additions and 0 deletions Show diff stats
lib/api/v1/articles.rb
test/unit/api/articles_test.rb
@@ -83,6 +83,48 @@ module API
       end
+      resource :people do
+        segment '/:person_id' do
+          resource :articles do
+            get do
+              person = environment.people.find(params[:person_id])
+              articles = select_filtered_collection_of(person, 'articles', params)
+              articles = articles.display_filter(current_person, person)
+              present articles, :with => Entities::Article
+            end
+
+            get ':id' do
+              person = environment.people.find(params[:person_id])
+              article = find_article(person.articles, params[:id])
+              present article, :with => Entities::Article
+            end
+
+            # Example Request:
+            #  POST api/v1/communites/:person_id/articles?private_toke=234298743290432&article[name]=title&article[body]=body
+            post do
+              person = environment.people.find(params[:person_id])
+              return forbidden! unless current_person.can_post_content?(person)
+
+              klass_type= params[:content_type].nil? ? 'TinyMceArticle' : params[:content_type]
+              return forbidden! unless ARTICLE_TYPES.include?(klass_type)
+
+              article = klass_type.constantize.new(params[:article])
+              article.last_changed_by = current_person
+              article.created_by= current_person
+              article.profile = person
+
+              if !article.save
+                render_api_errors!(article.errors.full_messages)
+              end
+              present article, :with => Entities::Article
+            end
+
+          end
+        end
+
+      end
+
+
     end
   end
 end
@@ -82,6 +82,10 @@ class ArticlesTest &lt; ActiveSupport::TestCase
     assert_not_includes json['articles'].map {|a| a['id']}, child.id
   end
+  #############################
+  #     Community Articles    #
+  #############################
+
   should 'return article by community' do
     community = fast_create(Community)
     article = fast_create(Article, :profile_id => community.id, :name => "Some thing")
@@ -206,4 +210,109 @@ class ArticlesTest &lt; ActiveSupport::TestCase
     assert_equal user.person, Article.last.last_changed_by
   end
+  #############################
+  #       Person Articles     #
+  #############################
+
+  should 'return article by person' do
+    person = fast_create(Person)
+    article = fast_create(Article, :profile_id => person.id, :name => "Some thing")
+    get "/api/v1/people/#{person.id}/articles/#{article.id}?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_equal article.id, json["article"]["id"]
+  end
+
+  should 'not return article by person if user has no permission to view it' do
+    person = fast_create(Person)
+    article = fast_create(Article, :profile_id => person.id, :name => "Some thing", :published => false)
+    assert !article.published?
+
+    get "/api/v1/people/#{person.id}/articles/#{article.id}?#{params.to_query}"
+    assert_equal 403, last_response.status
+  end
+
+  should 'not list forbidden article when listing articles by person' do
+    person = fast_create(Person)
+    article = fast_create(Article, :profile_id => person.id, :name => "Some thing", :published => false)
+    assert !article.published?
+    get "/api/v1/people/#{person.id}/articles?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_not_includes json['articles'].map {|a| a['id']}, article.id
+  end
+
+  should 'create article in a person' do
+    params[:article] = {:name => "Title"}
+    post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_equal "Title", json["article"]["title"]
+  end
+
+  should 'person do not create article if user has no permission to post content' do
+    person = fast_create(Person)
+    params[:article] = {:name => "Title"}
+    post "/api/v1/people/#{person.id}/articles?#{params.to_query}"
+    assert_equal 403, last_response.status
+  end
+
+  should 'person create article with parent' do
+    article = fast_create(Article)
+
+    params[:article] = {:name => "Title", :parent_id => article.id}
+    post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_equal article.id, json["article"]["parent"]["id"]
+  end
+
+  should 'person create article with content type passed as parameter' do
+    Article.delete_all
+    params[:article] = {:name => "Title"}
+    params[:content_type] = 'TextArticle'
+    post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    
+    assert_kind_of TextArticle, Article.last
+  end
+  
+  should 'person create article of TinyMceArticle type if no content type is passed as parameter' do
+    params[:article] = {:name => "Title"}
+    post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    
+    assert_kind_of TinyMceArticle, Article.last
+  end
+
+  should 'person not create article with invalid article content type' do
+    params[:article] = {:name => "Title"}
+    params[:content_type] = 'Person'
+    post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    
+    assert_equal 403, last_response.status
+  end
+
+  should 'person create article defining the correct profile' do
+    params[:article] = {:name => "Title"}
+    post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    
+    assert_equal user.person, Article.last.profile
+  end
+
+  should 'person create article defining the created_by' do
+    params[:article] = {:name => "Title"}
+    post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    
+    assert_equal user.person, Article.last.created_by
+  end
+
+  should 'person create article defining the last_changed_by' do
+    params[:article] = {:name => "Title"}
+    post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    
+    assert_equal user.person, Article.last.last_changed_by
+  end
+
+
 end
	@@ -83,6 +83,48 @@ module API		@@ -83,6 +83,48 @@ module API
83		83
84	end	84	end
85		85
		86	+ resource :people do
		87	+ segment '/:person_id' do
		88	+ resource :articles do
		89	+ get do
		90	+ person = environment.people.find(params[:person_id])
		91	+ articles = select_filtered_collection_of(person, 'articles', params)
		92	+ articles = articles.display_filter(current_person, person)
		93	+ present articles, :with => Entities::Article
		94	+ end
		95	+
		96	+ get ':id' do
		97	+ person = environment.people.find(params[:person_id])
		98	+ article = find_article(person.articles, params[:id])
		99	+ present article, :with => Entities::Article
		100	+ end
		101	+
		102	+ # Example Request:
		103	+ # POST api/v1/communites/:person_id/articles?private_toke=234298743290432&article[name]=title&article[body]=body
		104	+ post do
		105	+ person = environment.people.find(params[:person_id])
		106	+ return forbidden! unless current_person.can_post_content?(person)
		107	+
		108	+ klass_type= params[:content_type].nil? ? 'TinyMceArticle' : params[:content_type]
		109	+ return forbidden! unless ARTICLE_TYPES.include?(klass_type)
		110	+
		111	+ article = klass_type.constantize.new(params[:article])
		112	+ article.last_changed_by = current_person
		113	+ article.created_by= current_person
		114	+ article.profile = person
		115	+
		116	+ if !article.save
		117	+ render_api_errors!(article.errors.full_messages)
		118	+ end
		119	+ present article, :with => Entities::Article
		120	+ end
		121	+
		122	+ end
		123	+ end
		124	+
		125	+ end
		126	+
		127	+
86	end	128	end
87	end	129	end
88	end	130	end
	@@ -82,6 +82,10 @@ class ArticlesTest < ActiveSupport::TestCase		@@ -82,6 +82,10 @@ class ArticlesTest < ActiveSupport::TestCase
82	assert_not_includes json['articles'].map {\|a\| a['id']}, child.id	82	assert_not_includes json['articles'].map {\|a\| a['id']}, child.id
83	end	83	end
84		84
		85	+ #############################
		86	+ # Community Articles #
		87	+ #############################
		88	+
85	should 'return article by community' do	89	should 'return article by community' do
86	community = fast_create(Community)	90	community = fast_create(Community)
87	article = fast_create(Article, :profile_id => community.id, :name => "Some thing")	91	article = fast_create(Article, :profile_id => community.id, :name => "Some thing")
	@@ -206,4 +210,109 @@ class ArticlesTest < ActiveSupport::TestCase		@@ -206,4 +210,109 @@ class ArticlesTest < ActiveSupport::TestCase
206	assert_equal user.person, Article.last.last_changed_by	210	assert_equal user.person, Article.last.last_changed_by
207	end	211	end
208		212
		213	+ #############################
		214	+ # Person Articles #
		215	+ #############################
		216	+
		217	+ should 'return article by person' do
		218	+ person = fast_create(Person)
		219	+ article = fast_create(Article, :profile_id => person.id, :name => "Some thing")
		220	+ get "/api/v1/people/#{person.id}/articles/#{article.id}?#{params.to_query}"
		221	+ json = JSON.parse(last_response.body)
		222	+ assert_equal article.id, json["article"]["id"]
		223	+ end
		224	+
		225	+ should 'not return article by person if user has no permission to view it' do
		226	+ person = fast_create(Person)
		227	+ article = fast_create(Article, :profile_id => person.id, :name => "Some thing", :published => false)
		228	+ assert !article.published?
		229	+
		230	+ get "/api/v1/people/#{person.id}/articles/#{article.id}?#{params.to_query}"
		231	+ assert_equal 403, last_response.status
		232	+ end
		233	+
		234	+ should 'not list forbidden article when listing articles by person' do
		235	+ person = fast_create(Person)
		236	+ article = fast_create(Article, :profile_id => person.id, :name => "Some thing", :published => false)
		237	+ assert !article.published?
		238	+ get "/api/v1/people/#{person.id}/articles?#{params.to_query}"
		239	+ json = JSON.parse(last_response.body)
		240	+ assert_not_includes json['articles'].map {\|a\| a['id']}, article.id
		241	+ end
		242	+
		243	+ should 'create article in a person' do
		244	+ params[:article] = {:name => "Title"}
		245	+ post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
		246	+ json = JSON.parse(last_response.body)
		247	+ assert_equal "Title", json["article"]["title"]
		248	+ end
		249	+
		250	+ should 'person do not create article if user has no permission to post content' do
		251	+ person = fast_create(Person)
		252	+ params[:article] = {:name => "Title"}
		253	+ post "/api/v1/people/#{person.id}/articles?#{params.to_query}"
		254	+ assert_equal 403, last_response.status
		255	+ end
		256	+
		257	+ should 'person create article with parent' do
		258	+ article = fast_create(Article)
		259	+
		260	+ params[:article] = {:name => "Title", :parent_id => article.id}
		261	+ post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
		262	+ json = JSON.parse(last_response.body)
		263	+ assert_equal article.id, json["article"]["parent"]["id"]
		264	+ end
		265	+
		266	+ should 'person create article with content type passed as parameter' do
		267	+ Article.delete_all
		268	+ params[:article] = {:name => "Title"}
		269	+ params[:content_type] = 'TextArticle'
		270	+ post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
		271	+ json = JSON.parse(last_response.body)
		272	+
		273	+ assert_kind_of TextArticle, Article.last
		274	+ end
		275	+
		276	+ should 'person create article of TinyMceArticle type if no content type is passed as parameter' do
		277	+ params[:article] = {:name => "Title"}
		278	+ post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
		279	+ json = JSON.parse(last_response.body)
		280	+
		281	+ assert_kind_of TinyMceArticle, Article.last
		282	+ end
		283	+
		284	+ should 'person not create article with invalid article content type' do
		285	+ params[:article] = {:name => "Title"}
		286	+ params[:content_type] = 'Person'
		287	+ post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
		288	+ json = JSON.parse(last_response.body)
		289	+
		290	+ assert_equal 403, last_response.status
		291	+ end
		292	+
		293	+ should 'person create article defining the correct profile' do
		294	+ params[:article] = {:name => "Title"}
		295	+ post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
		296	+ json = JSON.parse(last_response.body)
		297	+
		298	+ assert_equal user.person, Article.last.profile
		299	+ end
		300	+
		301	+ should 'person create article defining the created_by' do
		302	+ params[:article] = {:name => "Title"}
		303	+ post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
		304	+ json = JSON.parse(last_response.body)
		305	+
		306	+ assert_equal user.person, Article.last.created_by
		307	+ end
		308	+
		309	+ should 'person create article defining the last_changed_by' do
		310	+ params[:article] = {:name => "Title"}
		311	+ post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
		312	+ json = JSON.parse(last_response.body)
		313	+
		314	+ assert_equal user.person, Article.last.last_changed_by
		315	+ end
		316	+
		317	+
209	end	318	end