api: pass current_person in boxes endpoint

Victor Costa
1 parent e73ac0c3
Showing 2 changed files with 13 additions and 2 deletions Show diff stats
app/api/v1/boxes.rb
test/api/boxes_test.rb
@@ -13,7 +13,7 @@ module Api
               get do
                 profile = environment.send(kind.pluralize).find(params["#{kind}_id"])
                 return forbidden! unless profile.display_info_to?(current_person)
-                present profile.boxes, :with => Entities::Box
+                present profile.boxes, with: Entities::Box, current_person: current_person
               end
             end
           end
@@ -33,7 +33,7 @@ module Api
                 else
                   env = Environment.find(params[:environment_id])
                 end
-                present env.boxes, :with => Entities::Box
+                present env.boxes, with: Entities::Box, current_person: current_person
               end
             end
           end
@@ -70,6 +70,17 @@ class BoxesTest &lt; ActiveSupport::TestCase
     assert_equal [], json["boxes"].first["blocks"].map {|b| b['id']}
   end
+  should 'list a block with logged in display_user for a logged user' do
+    profile = fast_create(Profile)
+    box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)
+    block = fast_create(Block, box_id: box.id)
+    block.display_user = 'logged'
+    block.save!
+    get "/api/v1/profiles/#{profile.id}/boxes?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_equal [block.id], json["boxes"].first["blocks"].map {|b| b['id']}
+  end
+
   should 'not list boxes for user without permission' do
     profile = fast_create(Profile, public_profile: false)
     box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)
	@@ -13,7 +13,7 @@ module Api		@@ -13,7 +13,7 @@ module Api
13	get do	13	get do
14	profile = environment.send(kind.pluralize).find(params["#{kind}_id"])	14	profile = environment.send(kind.pluralize).find(params["#{kind}_id"])
15	return forbidden! unless profile.display_info_to?(current_person)	15	return forbidden! unless profile.display_info_to?(current_person)
16	- present profile.boxes, :with => Entities::Box	16	+ present profile.boxes, with: Entities::Box, current_person: current_person
17	end	17	end
18	end	18	end
19	end	19	end
	@@ -33,7 +33,7 @@ module Api		@@ -33,7 +33,7 @@ module Api
33	else	33	else
34	env = Environment.find(params[:environment_id])	34	env = Environment.find(params[:environment_id])
35	end	35	end
36	- present env.boxes, :with => Entities::Box	36	+ present env.boxes, with: Entities::Box, current_person: current_person
37	end	37	end
38	end	38	end
39	end	39	end
	@@ -70,6 +70,17 @@ class BoxesTest < ActiveSupport::TestCase		@@ -70,6 +70,17 @@ class BoxesTest < ActiveSupport::TestCase
70	assert_equal [], json["boxes"].first["blocks"].map {\|b\| b['id']}	70	assert_equal [], json["boxes"].first["blocks"].map {\|b\| b['id']}
71	end	71	end
72		72
		73	+ should 'list a block with logged in display_user for a logged user' do
		74	+ profile = fast_create(Profile)
		75	+ box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)
		76	+ block = fast_create(Block, box_id: box.id)
		77	+ block.display_user = 'logged'
		78	+ block.save!
		79	+ get "/api/v1/profiles/#{profile.id}/boxes?#{params.to_query}"
		80	+ json = JSON.parse(last_response.body)
		81	+ assert_equal [block.id], json["boxes"].first["blocks"].map {\|b\| b['id']}
		82	+ end
		83	+
73	should 'not list boxes for user without permission' do	84	should 'not list boxes for user without permission' do
74	profile = fast_create(Profile, public_profile: false)	85	profile = fast_create(Profile, public_profile: false)
75	box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)	86	box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)