Commit c4505a85da6c1623eca925c0ce53b5b3a0a4ae45

Authored by Victor Costa
1 parent 2af0cb9b

api: expose block permissions

app/api/entities.rb
... ... @@ -88,6 +88,9 @@ module Api
88 88 expose :id, :type, :settings, :position, :enabled
89 89 expose :mirror, :mirror_block_id, :title
90 90 expose :api_content, if: lambda { |object, options| options[:display_api_content] || object.display_api_content_by_default? }
  91 + expose :permissions do |block, options|
  92 + Entities.permissions_for_entity(block, options[:current_person], :allow_edit?)
  93 + end
91 94 end
92 95  
93 96 class Box < Entity
... ...
app/api/v1/blocks.rb
... ... @@ -6,14 +6,14 @@ module Api
6 6 get ':id' do
7 7 block = Block.find(params["id"])
8 8 return forbidden! unless block.visible_to_user?(current_person)
9   - present block, :with => Entities::Block, display_api_content: true
  9 + present block, :with => Entities::Block, display_api_content: true, current_person: current_person
10 10 end
11 11  
12 12 post ':id' do
13 13 block = Block.find(params["id"])
14 14 return forbidden! unless block.allow_edit?(current_person)
15 15 block.update_attributes!(params[:block])
16   - present block, :with => Entities::Block, display_api_content: true
  16 + present block, :with => Entities::Block, display_api_content: true, current_person: current_person
17 17 end
18 18 end
19 19 end
... ...
test/api/blocks_test.rb
... ... @@ -122,4 +122,13 @@ class BlocksTest &lt; ActiveSupport::TestCase
122 122 assert_equal 201, last_response.status
123 123 assert_equal 'block content', json['block']['api_content']['html']
124 124 end
  125 +
  126 + should 'list block permissions when get a block' do
  127 + box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)
  128 + block = fast_create(Block, box_id: box.id)
  129 + give_permission(person, 'edit_profile_design', profile)
  130 + get "/api/v1/blocks/#{block.id}?#{params.to_query}"
  131 + json = JSON.parse(last_response.body)
  132 + assert_includes json["block"]["permissions"], 'allow_edit'
  133 + end
125 134 end
... ...