add user registration

Leandro Santos · Rodrigo Souto
1 parent 8373e2f6
Showing 3 changed files with 64 additions and 99 deletions Show diff stats
lib/api/helpers.rb
lib/api/session.rb
lib/api/v1/users.rb
@@ -13,7 +13,7 @@ module API
       @current_user = nil
     end
  
-
+#FIXME see if its needed
 #    def paginate(relation)
 #      per_page  = params[:per_page].to_i
 #      paginated = relation.page(params[:page]).per(per_page)
@@ -26,16 +26,19 @@ module API
       unauthorized! unless current_user
     end
  
+#FIXME see if its needed
 #    def authenticated_as_admin!
 #      forbidden! unless current_user.is_admin?
 #    end
 #
+#FIXME see if its needed
 #    def authorize! action, subject
 #      unless abilities.allowed?(current_user, action, subject)
 #        forbidden!
 #      end
 #    end
 #
+#FIXME see if its needed
 #    def can?(object, action, subject)
 #      abilities.allowed?(object, action, subject)
 #    end
@@ -51,6 +54,17 @@ module API
       end
     end
  
+    # Checks the occurrences of uniqueness of attributes, each attribute must be present in the params hash
+    # or a Bad Request error is invoked.
+    #
+    # Parameters:
+    #   keys (unique) - A hash consisting of keys that must be unique
+    def unique_attributes!(obj, keys)
+      keys.each do |key|
+        cant_be_saved_request!(key) if obj.send("find_by_#{key.to_s}", params[key])
+      end
+    end
+
     def attributes_for_keys(keys)
       attrs = {}
       keys.each do |key|
@@ -60,49 +74,36 @@ module API
     end
  
     # error helpers
-
     def forbidden!
       render_api_error!('403 Forbidden', 403)
     end
  
+    def cant_be_saved_request!(attribute)
+      message = _("(Invalid request) #{attribute} can't be saved")
+      render_api_error!(message, 400)
+    end
+
     def bad_request!(attribute)
-      message = ["400 (Bad request)"]
-      message << "\"" + attribute.to_s + "\" not given"
-      render_api_error!(message.join(' '), 400)
+      message = _("(Bad request) #{attribute} not given")
+      render_api_error!(message, 400)
     end
  
-    def not_found!(resource = nil)
-      message = ["404"]
-      message << resource if resource
-      message << "Not Found"
-      render_api_error!(message.join(' '), 404)
+    def something_wrong!
+      message = _("Something wrong happened")
+      render_api_error!(message, 400)
     end
  
     def unauthorized!
-      render_api_error!('401 Unauthorized', 401)
+      render_api_error!(_('Unauthorized'), 401)
     end
  
     def not_allowed!
-      render_api_error!('Method Not Allowed', 405)
+      render_api_error!(_('Method Not Allowed'), 405)
     end
  
     def render_api_error!(message, status)
-      error!({'message' => message}, status)
+      error!({'message' => message, :code => status}, status)
     end
  
-#    private
-#
-#    def add_pagination_headers(paginated, per_page)
-#      request_url = request.url.split('?').first
-#
-#      links = []
-#      links << %(<#{request_url}?page=#{paginated.current_page - 1}&per_page=#{per_page}>; rel="prev") unless paginated.first_page?
-#      links << %(<#{request_url}?page=#{paginated.current_page + 1}&per_page=#{per_page}>; rel="next") unless paginated.last_page?
-#      links << %(<#{request_url}?page=1&per_page=#{per_page}>; rel="first")
-#      links << %(<#{request_url}?page=#{paginated.total_pages}&per_page=#{per_page}>; rel="last")
-#
-#      header 'Link', links.join(', ')
-#    end
-
   end
 end
 module API
  
-#   require 'api/validations/uniqueness'
-
-  # Users API
   class Session < Grape::API
-#params do
-#  requires :login, :uniqueness => true
-#end
  
     # Login to get token
     #
@@ -15,9 +9,8 @@ module API
     #   password (required) - user password
     #
     # Example Request:
-    #  POST /session
+    #  POST /login?login=some&password=pass
     get "/login" do
-#    post "/session" do
 environment = nil #FIXME load the correct environment create a method in helper
       user ||= User.authenticate(params[:login], params[:password], environment)
  
@@ -26,35 +19,26 @@ environment = nil #FIXME load the correct environment create a method in helper
       present user, :with => Entities::UserLogin
     end
  
-      # Create user.
-      #
-      # Parameters:
-      #   email (required)                  - Email
-      #   password (required)               - Password
-      #   name                              - Name
-      # Example Request:
-      #   POST /users
-#      post do
-      get "register" do
-        required_attributes! [:email, :login, :password]
-        attrs = attributes_for_keys [:email, :login, :password]
-        attrs[:password_confirmation] = attrs[:password]
-        user = User.new(attrs)
-begin
-        if user.save
-          present user, :with => Entities::User
-        else
-          not_found!
-        end
-rescue
-#          not_found!
-#FIXME See  why notfound is not working
-{}
-end
-#        user
+    # Create user.
+    #
+    # Parameters:
+    #   email (required)                  - Email
+    #   password (required)               - Password
+    #   login                             - login
+    # Example Request:
+    #   POST /register?email=some@mail.com&password=pas&login=some
+    post "register" do
+      required_attributes! [:email, :login, :password]
+      unique_attributes! User, [:email, :login]
+      attrs = attributes_for_keys [:email, :login, :password]
+      attrs[:password_confirmation] = attrs[:password]
+      user = User.new(attrs)
+      if user.save
+        present user, :with => Entities::User
+      else
+        something_wrong!
       end
-
-
+    end
  
   end
 end
 module API
   module V1
-  class Users < Grape::API
- 
-    before { authenticate! }
-
-    resource :users do
-
-      #FIXME make the pagination
-      #FIXME put it on environment context
-#      get do
-#        Users.all
-#      end
- 
-      get ":id" do
-        present Article.find(params[:id]).comments.find(params[:comment_id]), :with => Entities::User
-      end
-
-      # Create user.
-      #
-      # Parameters:
-      #   email (required)                  - Email
-      #   password (required)               - Password
-      #   name                              - Name
-      # Example Request:
-      #   POST /users
-#      post do
-      get do
-#        authenticated_as_admin!
-        required_attributes! [:email, :login, :password]
-        attrs = attributes_for_keys [:email, :login, :password]
-        user = User.new(attrs)
-        if user.save
-          present user, :with => Entities::User
-        else
-          not_found!
+    class Users < Grape::API
+   
+      before { authenticate! }
+  
+      resource :users do
+  
+        #FIXME make the pagination
+        #FIXME put it on environment context
+        get do
+          Users.all
+        end
+   
+        get ":id" do
+          present Article.find(params[:id]).comments.find(params[:comment_id]), :with => Entities::User
         end
+  
       end
+   
     end
- 
-  end
   end
 end
...	...	@@ -13,7 +13,7 @@ module API
13	13	@current_user = nil
14	14	end
15	15
16		-
	16	+#FIXME see if its needed
17	17	# def paginate(relation)
18	18	# per_page = params[:per_page].to_i
19	19	# paginated = relation.page(params[:page]).per(per_page)
...	...	@@ -26,16 +26,19 @@ module API
26	26	unauthorized! unless current_user
27	27	end
28	28
	29	+#FIXME see if its needed
29	30	# def authenticated_as_admin!
30	31	# forbidden! unless current_user.is_admin?
31	32	# end
32	33	#
	34	+#FIXME see if its needed
33	35	# def authorize! action, subject
34	36	# unless abilities.allowed?(current_user, action, subject)
35	37	# forbidden!
36	38	# end
37	39	# end
38	40	#
	41	+#FIXME see if its needed
39	42	# def can?(object, action, subject)
40	43	# abilities.allowed?(object, action, subject)
41	44	# end
...	...	@@ -51,6 +54,17 @@ module API
51	54	end
52	55	end
53	56
	57	+ # Checks the occurrences of uniqueness of attributes, each attribute must be present in the params hash
	58	+ # or a Bad Request error is invoked.
	59	+ #
	60	+ # Parameters:
	61	+ # keys (unique) - A hash consisting of keys that must be unique
	62	+ def unique_attributes!(obj, keys)
	63	+ keys.each do \|key\|
	64	+ cant_be_saved_request!(key) if obj.send("find_by_#{key.to_s}", params[key])
	65	+ end
	66	+ end
	67	+
54	68	def attributes_for_keys(keys)
55	69	attrs = {}
56	70	keys.each do \|key\|
...	...	@@ -60,49 +74,36 @@ module API
60	74	end
61	75
62	76	# error helpers
63		-
64	77	def forbidden!
65	78	render_api_error!('403 Forbidden', 403)
66	79	end
67	80
	81	+ def cant_be_saved_request!(attribute)
	82	+ message = _("(Invalid request) #{attribute} can't be saved")
	83	+ render_api_error!(message, 400)
	84	+ end
	85	+
68	86	def bad_request!(attribute)
69		- message = ["400 (Bad request)"]
70		- message << "\"" + attribute.to_s + "\" not given"
71		- render_api_error!(message.join(' '), 400)
	87	+ message = _("(Bad request) #{attribute} not given")
	88	+ render_api_error!(message, 400)
72	89	end
73	90
74		- def not_found!(resource = nil)
75		- message = ["404"]
76		- message << resource if resource
77		- message << "Not Found"
78		- render_api_error!(message.join(' '), 404)
	91	+ def something_wrong!
	92	+ message = _("Something wrong happened")
	93	+ render_api_error!(message, 400)
79	94	end
80	95
81	96	def unauthorized!
82		- render_api_error!('401 Unauthorized', 401)
	97	+ render_api_error!(_('Unauthorized'), 401)
83	98	end
84	99
85	100	def not_allowed!
86		- render_api_error!('Method Not Allowed', 405)
	101	+ render_api_error!(_('Method Not Allowed'), 405)
87	102	end
88	103
89	104	def render_api_error!(message, status)
90		- error!({'message' => message}, status)
	105	+ error!({'message' => message, :code => status}, status)
91	106	end
92	107
93		-# private
94		-#
95		-# def add_pagination_headers(paginated, per_page)
96		-# request_url = request.url.split('?').first
97		-#
98		-# links = []
99		-# links << %(<#{request_url}?page=#{paginated.current_page - 1}&per_page=#{per_page}>; rel="prev") unless paginated.first_page?
100		-# links << %(<#{request_url}?page=#{paginated.current_page + 1}&per_page=#{per_page}>; rel="next") unless paginated.last_page?
101		-# links << %(<#{request_url}?page=1&per_page=#{per_page}>; rel="first")
102		-# links << %(<#{request_url}?page=#{paginated.total_pages}&per_page=#{per_page}>; rel="last")
103		-#
104		-# header 'Link', links.join(', ')
105		-# end
106		-
107	108	end
108	109	end
...	...
1	1	module API
2	2
3		-# require 'api/validations/uniqueness'
4		-
5		- # Users API
6	3	class Session < Grape::API
7		-#params do
8		-# requires :login, :uniqueness => true
9		-#end
10	4
11	5	# Login to get token
12	6	#
...	...	@@ -15,9 +9,8 @@ module API
15	9	# password (required) - user password
16	10	#
17	11	# Example Request:
18		- # POST /session
	12	+ # POST /login?login=some&password=pass
19	13	get "/login" do
20		-# post "/session" do
21	14	environment = nil #FIXME load the correct environment create a method in helper
22	15	user \|\|= User.authenticate(params[:login], params[:password], environment)
23	16
...	...	@@ -26,35 +19,26 @@ environment = nil #FIXME load the correct environment create a method in helper
26	19	present user, :with => Entities::UserLogin
27	20	end
28	21
29		- # Create user.
30		- #
31		- # Parameters:
32		- # email (required) - Email
33		- # password (required) - Password
34		- # name - Name
35		- # Example Request:
36		- # POST /users
37		-# post do
38		- get "register" do
39		- required_attributes! [:email, :login, :password]
40		- attrs = attributes_for_keys [:email, :login, :password]
41		- attrs[:password_confirmation] = attrs[:password]
42		- user = User.new(attrs)
43		-begin
44		- if user.save
45		- present user, :with => Entities::User
46		- else
47		- not_found!
48		- end
49		-rescue
50		-# not_found!
51		-#FIXME See why notfound is not working
52		-{}
53		-end
54		-# user
	22	+ # Create user.
	23	+ #
	24	+ # Parameters:
	25	+ # email (required) - Email
	26	+ # password (required) - Password
	27	+ # login - login
	28	+ # Example Request:
	29	+ # POST /register?email=some@mail.com&password=pas&login=some
	30	+ post "register" do
	31	+ required_attributes! [:email, :login, :password]
	32	+ unique_attributes! User, [:email, :login]
	33	+ attrs = attributes_for_keys [:email, :login, :password]
	34	+ attrs[:password_confirmation] = attrs[:password]
	35	+ user = User.new(attrs)
	36	+ if user.save
	37	+ present user, :with => Entities::User
	38	+ else
	39	+ something_wrong!
55	40	end
56		-
57		-
	41	+ end
58	42
59	43	end
60	44	end
...	...
1	1	module API
2	2	module V1
3		- class Users < Grape::API
4		-
5		- before { authenticate! }
6		-
7		- resource :users do
8		-
9		- #FIXME make the pagination
10		- #FIXME put it on environment context
11		-# get do
12		-# Users.all
13		-# end
14		-
15		- get ":id" do
16		- present Article.find(params[:id]).comments.find(params[:comment_id]), :with => Entities::User
17		- end
18		-
19		- # Create user.
20		- #
21		- # Parameters:
22		- # email (required) - Email
23		- # password (required) - Password
24		- # name - Name
25		- # Example Request:
26		- # POST /users
27		-# post do
28		- get do
29		-# authenticated_as_admin!
30		- required_attributes! [:email, :login, :password]
31		- attrs = attributes_for_keys [:email, :login, :password]
32		- user = User.new(attrs)
33		- if user.save
34		- present user, :with => Entities::User
35		- else
36		- not_found!
	3	+ class Users < Grape::API
	4	+
	5	+ before { authenticate! }
	6	+
	7	+ resource :users do
	8	+
	9	+ #FIXME make the pagination
	10	+ #FIXME put it on environment context
	11	+ get do
	12	+ Users.all
	13	+ end
	14	+
	15	+ get ":id" do
	16	+ present Article.find(params[:id]).comments.find(params[:comment_id]), :with => Entities::User
37	17	end
	18	+
38	19	end
	20	+
39	21	end
40		-
41		- end
42	22	end
43	23	end
...	...