Download as
Browse Code »

Commit 46af34c89aa189edb86cea304b6815208877a4c0

Authored by Leandro Santos
2 parents b896adbe 15cd9768
Exists in ratings_minor_fixes and in 3 other branches fix_sign_up_form, organization_ratings_improvements, profile_api_improvements

Merge branch 'remove-comments-api' into 'master' 

[API] Endpoit to remove comments

Also fix the post comment endpoint when article does not accept comments.

See merge request !930
Showing 2 changed files with 73 additions and 0 deletions   Show diff stats
app/api/v1/comments.rb
  Diff comments   View file @46af34c
@@ -34,6 +34,7 @@ module Api @@ -34,6 +34,7 @@ module Api
34 post ":id/comments" do 34 post ":id/comments" do
35 authenticate! 35 authenticate!
36 article = find_article(environment.articles, params[:id]) 36 article = find_article(environment.articles, params[:id])
  37 + return forbidden! unless article.accept_comments?
37 options = params.select { |key,v| !['id','private_token'].include?(key) }.merge(:author => current_person, :source => article) 38 options = params.select { |key,v| !['id','private_token'].include?(key) }.merge(:author => current_person, :source => article)
38 begin 39 begin
39 comment = Comment.create!(options) 40 comment = Comment.create!(options)
@@ -42,6 +43,19 @@ module Api @@ -42,6 +43,19 @@ module Api
42 end 43 end
43 present comment, :with => Entities::Comment, :current_person => current_person 44 present comment, :with => Entities::Comment, :current_person => current_person
44 end 45 end
  46 +
  47 + delete ":id/comments/:comment_id" do
  48 + article = find_article(environment.articles, params[:id])
  49 + comment = article.comments.find_by_id(params[:comment_id])
  50 + return not_found! if comment.nil?
  51 + return forbidden! unless comment.can_be_destroyed_by?(current_person)
  52 + begin
  53 + comment.destroy
  54 + present comment, with: Entities::Comment, :current_person => current_person
  55 + rescue => e
  56 + render_api_error!(e.message, 500)
  57 + end
  58 + end
45 end 59 end
46 60
47 end 61 end
test/api/comments_test.rb
  Diff comments   View file @46af34c
@@ -70,6 +70,16 @@ class CommentsTest < ActiveSupport::TestCase @@ -70,6 +70,16 @@ class CommentsTest < ActiveSupport::TestCase
70 assert_equal body, json['comment']['body'] 70 assert_equal body, json['comment']['body']
71 end 71 end
72 72
  73 + should 'not create comment when an article does not accept comments' do
  74 + login_api
  75 + article = fast_create(Article, :profile_id => @local_person.id, :name => "Some thing", accept_comments: false)
  76 + body = 'My comment'
  77 + params.merge!({:body => body})
  78 + post "/api/v1/articles/#{article.id}/comments?#{params.to_query}"
  79 + json = JSON.parse(last_response.body)
  80 + assert_equal 403, last_response.status
  81 + end
  82 +
73 should 'logged user not comment an archived article' do 83 should 'logged user not comment an archived article' do
74 login_api 84 login_api
75 article = fast_create(Article, :profile_id => user.person.id, :name => "Some thing", :archived => true) 85 article = fast_create(Article, :profile_id => user.person.id, :name => "Some thing", :archived => true)
@@ -186,4 +196,53 @@ class CommentsTest < ActiveSupport::TestCase @@ -186,4 +196,53 @@ class CommentsTest < ActiveSupport::TestCase
186 assert_equal [comment1.id], json["comments"].map { |c| c['id'] } 196 assert_equal [comment1.id], json["comments"].map { |c| c['id'] }
187 end 197 end
188 198
  199 + should 'delete comment successfully' do
  200 + login_api
  201 + article = fast_create(Article, profile_id: person.id, name: "Some thing")
  202 + comment = article.comments.create!(body: "some comment", author: person)
  203 + delete "api/v1/articles/#{article.id}/comments/#{comment.id}?#{params.to_query}"
  204 + json = JSON.parse(last_response.body)
  205 + assert_equal 200, last_response.status
  206 + assert_equal comment.id, json['comment']['id']
  207 + assert_not_includes article.comments, comment
  208 + end
  209 +
  210 + should 'not delete a comment when user is not logged' do
  211 + article = fast_create(Article, profile_id: person.id, name: "Some thing")
  212 + comment = article.comments.create!(body: "some comment", author: person)
  213 + delete "api/v1/articles/#{article.id}/comments/#{comment.id}?#{params.to_query}"
  214 + json = JSON.parse(last_response.body)
  215 + assert_equal 403, last_response.status
  216 + assert_includes article.comments, comment
  217 + end
  218 +
  219 + should 'not delete a comment when user does not have permission' do
  220 + login_api
  221 + article = fast_create(Article, profile_id: @local_person.id, name: "Some thing")
  222 + comment = article.comments.create!(body: "some comment", author: @local_person)
  223 + delete "api/v1/articles/#{article.id}/comments/#{comment.id}?#{params.to_query}"
  224 + json = JSON.parse(last_response.body)
  225 + assert_equal 403, last_response.status
  226 + assert_includes article.comments, comment
  227 + end
  228 +
  229 + should 'return not found when delete a inexistent comment' do
  230 + article = fast_create(Article, profile_id: person.id, name: "Some thing")
  231 + comment = article.comments.create!(body: "some comment", author: person)
  232 + delete "api/v1/articles/#{article.id}/comments/0?#{params.to_query}"
  233 + json = JSON.parse(last_response.body)
  234 + assert_equal 404, last_response.status
  235 + assert_includes article.comments, comment
  236 + end
  237 +
  238 + should 'return error when failed to delete comment' do
  239 + login_api
  240 + article = fast_create(Article, profile_id: person.id, name: "Some thing")
  241 + comment = article.comments.create!(body: "some comment", author: person)
  242 + Comment.any_instance.expects(:destroy).raises(StandardError)
  243 + delete "api/v1/articles/#{article.id}/comments/#{comment.id}?#{params.to_query}"
  244 + json = JSON.parse(last_response.body)
  245 + assert_equal 500, last_response.status
  246 + assert_includes article.comments, comment
  247 + end
189 end 248 end