Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
wattsworth
/
lumen-api
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Settings
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
7a7621f9
authored
Mar 08, 2017
by
John Doe
Browse files
Options
_('Browse Files')
Download
Email Patches
Plain Diff
added user creation for groups
parent
66c231f1
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
122 additions
and
0 deletions
app/controllers/user_groups_controller.rb
app/controllers/users_controller.rb
config/routes.rb
spec/controllers/user_groups_controller_spec.rb
app/controllers/user_groups_controller.rb
View file @
7a7621f9
...
...
@@ -4,11 +4,15 @@ class UserGroupsController < ApplicationController
before_action
:set_user_group
,
only:
[
:update
,
:remove_member
,
:invite_member
,
:create_member
,
:add_member
,
:destroy
]
before_action
:authorize_group_admin
,
only:
[
:update
,
:remove_member
,
:invite_member
,
:create_member
,
:add_member
,
:destroy
]
...
...
@@ -41,6 +45,32 @@ class UserGroupsController < ApplicationController
render
:show
,
status:
@service
.
success?
?
:
ok
:
:unprocessable_entity
end
# PATCH/PUT /user_groups/1/create_member.json
def
create_member
@service
=
StubService
.
new
user
=
User
.
new
(
user_params
)
unless
user
.
save
@service
.
errors
=
user
.
errors
.
full_messages
render
:show
,
status: :unprocessable_entity
return
end
@user_group
.
users
<<
user
@service
.
add_notice
(
'created user'
)
render
:show
end
# PATCH/PUT /user_groups/1/invite_member.json
def
invite_member
@service
=
InviteUser
.
new
@service
.
run
(
params
[
:email
])
if
@service
.
success?
@user_group
.
users
<<
@service
.
user
render
:show
else
render
:show
,
status: :unprocessable_entity
end
end
# PATCH/PUT /user_groups/1/remove_member.json
def
remove_member
@service
=
RemoveGroupMember
.
new
...
...
@@ -79,6 +109,11 @@ class UserGroupsController < ApplicationController
params
.
permit
(
:name
,
:description
)
end
def
user_params
params
.
permit
(
:first_name
,
:last_name
,
:email
,
:password
,
:password_confirmation
)
end
def
authorize_group_admin
head
:unauthorized
unless
@user_group
.
owner
==
current_user
end
...
...
app/controllers/users_controller.rb
View file @
7a7621f9
...
...
@@ -6,4 +6,22 @@ class UsersController < ApplicationController
@users
=
User
.
confirmed
end
# note: update is handled by devise
# POST /users.json
def
create
@service
=
StubService
.
new
end
private
# Never trust parameters from the scary internet, only allow the white list through.
def
nilm_params
params
.
permit
(
:first_name
,
:last_name
,
:email
,
:password
,
:password_confirmation
)
end
end
config/routes.rb
View file @
7a7621f9
...
...
@@ -13,7 +13,9 @@ Rails.application.routes.draw do
resources
:users
,
only:
[
:index
,
:create
,
:destroy
]
resources
:user_groups
,
only:
[
:index
,
:update
,
:create
,
:destroy
]
do
member
do
put
'create_member'
put
'add_member'
put
'invite_member'
put
'remove_member'
end
end
...
...
spec/controllers/user_groups_controller_spec.rb
View file @
7a7621f9
...
...
@@ -112,6 +112,73 @@ end
end
end
describe
'PUT create_member'
do
context
'with owner'
do
it
'creates a user and adds him to the group'
do
members
=
group
.
users
.
length
@auth_headers
=
owner
.
create_new_auth_token
put
"/user_groups/
#{
group
.
id
}
/create_member.json"
,
params:
{
first_name:
'bill'
,
last_name:
'will'
,
email:
'valid@url.com'
,
password:
'poorchoice'
,
password_confirmation:
'poorchoice'
},
headers:
@auth_headers
expect
(
response
).
to
have_http_status
(
:ok
)
expect
(
User
.
find_by_email
(
'valid@url.com'
)).
to_not
be
nil
expect
(
response
).
to
have_notice_message
#make sure response contains the new user
expect
(
response
.
header
[
'Content-Type'
]).
to
include
(
'application/json'
)
body
=
JSON
.
parse
(
response
.
body
)
expect
(
body
[
"data"
][
"members"
].
length
).
to
eq
(
members
+
1
)
end
it
'returns error message if user has errors'
do
@auth_headers
=
owner
.
create_new_auth_token
put
"/user_groups/
#{
group
.
id
}
/create_member.json"
,
params:
{
first_name:
'bill'
,
last_name:
'will'
,
email:
'valid@url.com'
,
password:
'poorchoice'
,
password_confirmation:
'nomatch'
},
headers:
@auth_headers
expect
(
response
).
to
have_http_status
(
:unprocessable_entity
)
expect
(
User
.
find_by_email
(
'valid@url.com'
)).
to
be
nil
expect
(
response
).
to
have_error_message
end
end
context
'with anyone else'
do
it
'returns unauthorized'
do
@auth_headers
=
member1
.
create_new_auth_token
put
"/user_groups/
#{
group
.
id
}
/create_member.json"
,
params:
{
first_name:
'bill'
,
last_name:
'will'
,
email:
'valid@url.com'
,
password:
'poorchoice'
,
password_confirmation:
'poorchoice'
},
headers:
@auth_headers
expect
(
response
).
to
have_http_status
(
:unauthorized
)
expect
(
User
.
find_by_email
(
'valid@url.com'
)).
to
be
nil
end
end
context
'without sigin'
do
it
'returns unauthorized'
do
put
"/user_groups/
#{
group
.
id
}
/create_member.json"
,
params:
{
first_name:
'bill'
,
last_name:
'will'
,
email:
'valid@url.com'
,
password:
'poorchoice'
,
password_confirmation:
'poorchoice'
}
expect
(
response
).
to
have_http_status
(
:unauthorized
)
expect
(
User
.
find_by_email
(
'valid@url.com'
)).
to
be
nil
end
end
end
describe
'PUT invite_member'
do
context
'with owner'
do
it
'invites a user and adds him to the group'
it
'adds existing members to the group'
end
context
'with anyone else'
do
it
'returns unauthorized'
end
context
'without sigin'
do
it
'returns unauthorized'
end
end
describe
'PUT remove_member'
do
context
'with owner'
do
it
'removes a member'
do
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment