Download as
Browse Code »

Commit 56e31cdaf3dac1758e09e4e3c5db5d1511625fd5

Authored by Victor Costa
1 parent e73ac0c3
Exists in ratings_minor_fixes and in 3 other branches fix_sign_up_form, organization_ratings_improvements, profile_api_improvements

api: add endpoint to remove comments

Showing 2 changed files with 62 additions and 0 deletions   Show diff stats
app/api/v1/comments.rb
  Diff comments   View file @56e31cd
... ... @@ -42,6 +42,19 @@ module Api
42 42 end
43 43 present comment, :with => Entities::Comment, :current_person => current_person
44 44 end
  45 +
  46 + delete ":id/comments/:comment_id" do
  47 + article = find_article(environment.articles, params[:id])
  48 + comment = article.comments.find_by_id(params[:comment_id])
  49 + return not_found! if comment.nil?
  50 + return forbidden! unless comment.can_be_destroyed_by?(current_person)
  51 + begin
  52 + comment.destroy
  53 + present comment, with: Entities::Comment, :current_person => current_person
  54 + rescue => e
  55 + render_api_error!(e.message, 500)
  56 + end
  57 + end
45 58 end
46 59  
47 60 end
... ...
test/api/comments_test.rb
  Diff comments   View file @56e31cd
... ... @@ -186,4 +186,53 @@ class CommentsTest < ActiveSupport::TestCase
186 186 assert_equal [comment1.id], json["comments"].map { |c| c['id'] }
187 187 end
188 188  
  189 + should 'delete comment successfully' do
  190 + login_api
  191 + article = fast_create(Article, profile_id: person.id, name: "Some thing")
  192 + comment = article.comments.create!(body: "some comment", author: person)
  193 + delete "api/v1/articles/#{article.id}/comments/#{comment.id}?#{params.to_query}"
  194 + json = JSON.parse(last_response.body)
  195 + assert_equal 200, last_response.status
  196 + assert_equal comment.id, json['comment']['id']
  197 + assert_not_includes article.comments, comment
  198 + end
  199 +
  200 + should 'not delete a comment when user is not logged' do
  201 + article = fast_create(Article, profile_id: person.id, name: "Some thing")
  202 + comment = article.comments.create!(body: "some comment", author: person)
  203 + delete "api/v1/articles/#{article.id}/comments/#{comment.id}?#{params.to_query}"
  204 + json = JSON.parse(last_response.body)
  205 + assert_equal 403, last_response.status
  206 + assert_includes article.comments, comment
  207 + end
  208 +
  209 + should 'not delete a comment when user does not have permission' do
  210 + login_api
  211 + article = fast_create(Article, profile_id: @local_person.id, name: "Some thing")
  212 + comment = article.comments.create!(body: "some comment", author: @local_person)
  213 + delete "api/v1/articles/#{article.id}/comments/#{comment.id}?#{params.to_query}"
  214 + json = JSON.parse(last_response.body)
  215 + assert_equal 403, last_response.status
  216 + assert_includes article.comments, comment
  217 + end
  218 +
  219 + should 'return not found when delete a inexistent comment' do
  220 + article = fast_create(Article, profile_id: person.id, name: "Some thing")
  221 + comment = article.comments.create!(body: "some comment", author: person)
  222 + delete "api/v1/articles/#{article.id}/comments/0?#{params.to_query}"
  223 + json = JSON.parse(last_response.body)
  224 + assert_equal 404, last_response.status
  225 + assert_includes article.comments, comment
  226 + end
  227 +
  228 + should 'return error when failed to delete comment' do
  229 + login_api
  230 + article = fast_create(Article, profile_id: person.id, name: "Some thing")
  231 + comment = article.comments.create!(body: "some comment", author: person)
  232 + Comment.any_instance.expects(:destroy).raises(StandardError)
  233 + delete "api/v1/articles/#{article.id}/comments/#{comment.id}?#{params.to_query}"
  234 + json = JSON.parse(last_response.body)
  235 + assert_equal 500, last_response.status
  236 + assert_includes article.comments, comment
  237 + end
189 238 end
... ...