diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index dc76c27..853908d 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -13,7 +13,7 @@ module API @current_user = nil end - +#FIXME see if its needed # def paginate(relation) # per_page = params[:per_page].to_i # paginated = relation.page(params[:page]).per(per_page) @@ -26,16 +26,19 @@ module API unauthorized! unless current_user end +#FIXME see if its needed # def authenticated_as_admin! # forbidden! unless current_user.is_admin? # end # +#FIXME see if its needed # def authorize! action, subject # unless abilities.allowed?(current_user, action, subject) # forbidden! # end # end # +#FIXME see if its needed # def can?(object, action, subject) # abilities.allowed?(object, action, subject) # end @@ -51,6 +54,17 @@ module API end end + # Checks the occurrences of uniqueness of attributes, each attribute must be present in the params hash + # or a Bad Request error is invoked. + # + # Parameters: + # keys (unique) - A hash consisting of keys that must be unique + def unique_attributes!(obj, keys) + keys.each do |key| + cant_be_saved_request!(key) if obj.send("find_by_#{key.to_s}", params[key]) + end + end + def attributes_for_keys(keys) attrs = {} keys.each do |key| @@ -60,49 +74,36 @@ module API end # error helpers - def forbidden! render_api_error!('403 Forbidden', 403) end + def cant_be_saved_request!(attribute) + message = _("(Invalid request) #{attribute} can't be saved") + render_api_error!(message, 400) + end + def bad_request!(attribute) - message = ["400 (Bad request)"] - message << "\"" + attribute.to_s + "\" not given" - render_api_error!(message.join(' '), 400) + message = _("(Bad request) #{attribute} not given") + render_api_error!(message, 400) end - def not_found!(resource = nil) - message = ["404"] - message << resource if resource - message << "Not Found" - render_api_error!(message.join(' '), 404) + def something_wrong! + message = _("Something wrong happened") + render_api_error!(message, 400) end def unauthorized! - render_api_error!('401 Unauthorized', 401) + render_api_error!(_('Unauthorized'), 401) end def not_allowed! - render_api_error!('Method Not Allowed', 405) + render_api_error!(_('Method Not Allowed'), 405) end def render_api_error!(message, status) - error!({'message' => message}, status) + error!({'message' => message, :code => status}, status) end -# private -# -# def add_pagination_headers(paginated, per_page) -# request_url = request.url.split('?').first -# -# links = [] -# links << %(<#{request_url}?page=#{paginated.current_page - 1}&per_page=#{per_page}>; rel="prev") unless paginated.first_page? -# links << %(<#{request_url}?page=#{paginated.current_page + 1}&per_page=#{per_page}>; rel="next") unless paginated.last_page? -# links << %(<#{request_url}?page=1&per_page=#{per_page}>; rel="first") -# links << %(<#{request_url}?page=#{paginated.total_pages}&per_page=#{per_page}>; rel="last") -# -# header 'Link', links.join(', ') -# end - end end diff --git a/lib/api/session.rb b/lib/api/session.rb index ffbab2a..c00486d 100644 --- a/lib/api/session.rb +++ b/lib/api/session.rb @@ -1,12 +1,6 @@ module API -# require 'api/validations/uniqueness' - - # Users API class Session < Grape::API -#params do -# requires :login, :uniqueness => true -#end # Login to get token # @@ -15,9 +9,8 @@ module API # password (required) - user password # # Example Request: - # POST /session + # POST /login?login=some&password=pass get "/login" do -# post "/session" do environment = nil #FIXME load the correct environment create a method in helper user ||= User.authenticate(params[:login], params[:password], environment) @@ -26,35 +19,26 @@ environment = nil #FIXME load the correct environment create a method in helper present user, :with => Entities::UserLogin end - # Create user. - # - # Parameters: - # email (required) - Email - # password (required) - Password - # name - Name - # Example Request: - # POST /users -# post do - get "register" do - required_attributes! [:email, :login, :password] - attrs = attributes_for_keys [:email, :login, :password] - attrs[:password_confirmation] = attrs[:password] - user = User.new(attrs) -begin - if user.save - present user, :with => Entities::User - else - not_found! - end -rescue -# not_found! -#FIXME See why notfound is not working -{} -end -# user + # Create user. + # + # Parameters: + # email (required) - Email + # password (required) - Password + # login - login + # Example Request: + # POST /register?email=some@mail.com&password=pas&login=some + post "register" do + required_attributes! [:email, :login, :password] + unique_attributes! User, [:email, :login] + attrs = attributes_for_keys [:email, :login, :password] + attrs[:password_confirmation] = attrs[:password] + user = User.new(attrs) + if user.save + present user, :with => Entities::User + else + something_wrong! end - - + end end end diff --git a/lib/api/v1/users.rb b/lib/api/v1/users.rb index bcbbb87..f284f94 100644 --- a/lib/api/v1/users.rb +++ b/lib/api/v1/users.rb @@ -1,43 +1,23 @@ module API module V1 - class Users < Grape::API - - before { authenticate! } - - resource :users do - - #FIXME make the pagination - #FIXME put it on environment context -# get do -# Users.all -# end - - get ":id" do - present Article.find(params[:id]).comments.find(params[:comment_id]), :with => Entities::User - end - - # Create user. - # - # Parameters: - # email (required) - Email - # password (required) - Password - # name - Name - # Example Request: - # POST /users -# post do - get do -# authenticated_as_admin! - required_attributes! [:email, :login, :password] - attrs = attributes_for_keys [:email, :login, :password] - user = User.new(attrs) - if user.save - present user, :with => Entities::User - else - not_found! + class Users < Grape::API + + before { authenticate! } + + resource :users do + + #FIXME make the pagination + #FIXME put it on environment context + get do + Users.all + end + + get ":id" do + present Article.find(params[:id]).comments.find(params[:comment_id]), :with => Entities::User end + end + end - - end end end -- libgit2 0.21.2