Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
wattsworth
/
lumen-api
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Settings
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
9d33dd1d
authored
Mar 09, 2017
by
John Doe
Browse files
Options
_('Browse Files')
Download
Email Patches
Plain Diff
added end point for to create a user with permissions
parent
7a7621f9
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
102 additions
and
5 deletions
app/controllers/permissions_controller.rb
app/views/helpers/empty_response.json.jbuilder
config/routes.rb
spec/controllers/permissions_controller_spec.rb
app/controllers/permissions_controller.rb
View file @
9d33dd1d
...
...
@@ -30,6 +30,23 @@ class PermissionsController < ApplicationController
render
status:
@service
.
success?
?
:
ok
:
:unprocessable_entity
end
# PUT /permissions/create_user.json
def
create_user
@service
=
StubService
.
new
user
=
User
.
new
(
user_params
)
unless
user
.
save
@service
.
errors
=
user
.
errors
.
full_messages
render
'helpers/empty_response'
,
status: :unprocessable_entity
return
end
@service
=
CreatePermission
.
new
@service
.
run
(
@nilm
,
params
[
:role
],
'user'
,
user
.
id
)
@permission
=
@service
.
permission
@service
.
add_notice
(
'created user'
)
render
:create
,
status:
@service
.
success?
?
:
ok
:
:unprocessable_entity
end
private
def
set_nilm
...
...
@@ -37,6 +54,11 @@ class PermissionsController < ApplicationController
head
:not_found
unless
@nilm
end
def
user_params
params
.
permit
(
:first_name
,
:last_name
,
:email
,
:password
,
:password_confirmation
)
end
# authorization based on nilms
def
authorize_admin
head
:unauthorized
unless
current_user
.
admins_nilm?
(
@nilm
)
...
...
app/views/helpers/empty_response.json.jbuilder
0 → 100644
View file @
9d33dd1d
json.data do
#nothing
end
json.partial! "helpers/messages", service: @service
config/routes.rb
View file @
9d33dd1d
...
...
@@ -19,5 +19,10 @@ Rails.application.routes.draw do
put
'remove_member'
end
end
resources
:permissions
,
only:
[
:index
,
:create
,
:destroy
]
resources
:permissions
,
only:
[
:index
,
:create
,
:destroy
]
do
collection
do
put
'create_user'
put
'invite_user'
end
end
end
spec/controllers/permissions_controller_spec.rb
View file @
9d33dd1d
require
'rails_helper'
RSpec
.
describe
PermissionsController
,
type: :request
do
let
(
:john
)
{
create
(
:user
,
first_name:
'John'
)
}
let
(
:nicky
)
{
create
(
:user
,
first_name:
'Nicky'
)}
let
(
:steve
)
{
create
(
:user
,
first_name:
'Steve'
)
}
let
(
:pete
)
{
create
(
:user
,
first_name:
'Pete'
)
}
let
(
:john
)
{
create
(
:
confirmed_
user
,
first_name:
'John'
)
}
let
(
:nicky
)
{
create
(
:
confirmed_
user
,
first_name:
'Nicky'
)}
let
(
:steve
)
{
create
(
:
confirmed_
user
,
first_name:
'Steve'
)
}
let
(
:pete
)
{
create
(
:
confirmed_
user
,
first_name:
'Pete'
)
}
let
(
:john_nilm
)
{
create
(
:nilm
,
name:
"John's NILM"
,
admins:
[
john
],
owners:
[
nicky
],
...
...
@@ -102,6 +102,71 @@ RSpec.describe PermissionsController, type: :request do
end
end
describe
'PUT #create_user'
do
context
'with admin privileges'
do
it
'creates user with specified permission'
do
@auth_headers
=
john
.
create_new_auth_token
put
"/permissions/create_user.json"
,
params:
{
nilm_id:
john_nilm
.
id
,
role:
'viewer'
,
first_name:
'bill'
,
last_name:
'will'
,
email:
'valid@url.com'
,
password:
'poorchoice'
,
password_confirmation:
'poorchoice'
},
headers:
@auth_headers
expect
(
response
).
to
have_http_status
(
:ok
)
expect
(
response
).
to
have_notice_message
user
=
User
.
find_by_email
(
'valid@url.com'
)
expect
(
user
.
views_nilm?
(
john_nilm
)).
to
be
true
end
it
'returns error if user cannot be created'
do
#password does not match confirmation
@auth_headers
=
john
.
create_new_auth_token
put
"/permissions/create_user.json"
,
params:
{
nilm_id:
john_nilm
.
id
,
role:
'viewer'
,
first_name:
'bill'
,
last_name:
'will'
,
email:
'valid@url.com'
,
password:
'poorchoice'
,
password_confirmation:
'error'
},
headers:
@auth_headers
expect
(
response
).
to
have_http_status
(
:unprocessable_entity
)
expect
(
response
).
to
have_error_message
user
=
User
.
find_by_email
(
'valid@url.com'
)
expect
(
user
).
to
be
nil
end
end
context
'with anyone else'
do
it
'returns unauthorized'
do
#password does not match confirmation
@auth_headers
=
steve
.
create_new_auth_token
put
"/permissions/create_user.json"
,
params:
{
nilm_id:
john_nilm
.
id
,
role:
'viewer'
,
first_name:
'bill'
,
last_name:
'will'
,
email:
'valid@url.com'
,
password:
'poorchoice'
,
password_confirmation:
'error'
},
headers:
@auth_headers
expect
(
response
).
to
have_http_status
(
:unauthorized
)
user
=
User
.
find_by_email
(
'valid@url.com'
)
expect
(
user
).
to
be
nil
end
end
context
'without signin'
do
it
'returns unauthorized'
do
#password does not match confirmation
put
"/permissions/create_user.json"
,
params:
{
nilm_id:
john_nilm
.
id
,
role:
'viewer'
,
first_name:
'bill'
,
last_name:
'will'
,
email:
'valid@url.com'
,
password:
'poorchoice'
,
password_confirmation:
'error'
}
expect
(
response
).
to
have_http_status
(
:unauthorized
)
user
=
User
.
find_by_email
(
'valid@url.com'
)
expect
(
user
).
to
be
nil
end
end
end
describe
'DELETE #destroy'
do
# removes specified permission from nilm
context
'with admin privileges'
do
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment