Skip to content

wattsworth / lumen-api

Go to a project
Commit cc0192b2 by John Doe
Options

added more end points for group management

parent a67b6dd3
Inline Side-by-side
Showing with 90 additions and 5 deletions
app/controllers/user_groups_controller.rb
......@@ -22,7 +22,16 @@ class UserGroupsController < ApplicationController
# POST /user_groups.json
def create
# TODO
@user_group = UserGroup.create(user_group_params)
@user_group.owner = current_user
@service = StubService.new
if @user_group.save
@service.add_notice('created new group')
render :show, status: :ok
else
@service.errors = @user_group.errors.full_messages
render :show, status: :unprocessable_entity
end
end
# PATCH/PUT /user_groups/1/add_member.json
......@@ -46,7 +55,9 @@ class UserGroupsController < ApplicationController
# DELETE /user_groups/1.json
def destroy
# TODO
@service = StubService.new
@user_group.destroy
@service.set_notice('removed group')
end
private
......
app/models/user_group.rb
......@@ -15,12 +15,11 @@ class UserGroup < ApplicationRecord
#---Associations----
has_and_belongs_to_many :users
belongs_to :owner, class_name: "User"
has_many :permissions
has_many :permissions, dependent: :destroy
has_many :nilms, through: :permissions
#---Validations-----
validates :name, :presence => true, :uniqueness => true
validates :description, :presence => true
validates :owner_id, :presence => true
......@@ -28,7 +27,7 @@ class UserGroup < ApplicationRecord
# :section: Class Methods
# ----------------------------------------
def self.json_keys #public attributes
[:id, :name]
[:id, :name, :description]
end
end
app/views/user_groups/destroy.json.jbuilder 0 → 100644
json.data do
# nothing here
end
json.partial! "helpers/messages", service: @service
spec/controllers/user_groups_controller_spec.rb
......@@ -153,4 +153,74 @@ end
end
end
end
describe 'POST create' do
context 'with authenticated user' do
it 'creates a group' do
@auth_headers = other_user.create_new_auth_token
post "/user_groups.json",
params: {name: 'test_group', description: 'some text'},
headers: @auth_headers
expect(response).to have_http_status(:ok)
expect(response).to have_notice_message
expect(UserGroup.find_by_name('test_group').owner).to eq other_user
#check to make sure JSON renders the members
body = JSON.parse(response.body)
# no members yet
expect(body['data']['members'].count).to eq 0
end
it 'returns error if unsuccesful' do
@auth_headers = other_user.create_new_auth_token
create(:user_group, name: 'CanOnlyBeOne')
post "/user_groups.json",
params: {name: 'CanOnlyBeOne', description: 'some text'},
headers: @auth_headers
# can't have duplicate name
expect(response).to have_http_status(:unprocessable_entity)
expect(response).to have_error_message(/Name/)
expect(UserGroup.where(name: 'CanOnlyBeOne').count).to eq 1
end
end
context 'without sign-in' do
it 'returns unauthorized' do
post "/user_groups.json",
params: { name: 'test', description: 'something'}
expect(response).to have_http_status(:unauthorized)
end
end
end
describe 'DELETE destroy' do
context 'with group owner' do
it 'removes the group and associated data' do
@auth_headers = owner.create_new_auth_token
nilm = create(:nilm, admins: [group])
pCount = Permission.count
delete "/user_groups/#{group.id}.json",
headers: @auth_headers
expect(response).to have_http_status(:ok)
expect(response).to have_notice_message
expect(UserGroup.exists?(group.id)).to be false
# make sure the associated permissions are destroyed
expect(Permission.count).to eq(pCount-1)
end
end
context 'with anybody else' do
it 'returns unauthorized' do
@auth_headers = member1.create_new_auth_token
delete "/user_groups/#{group.id}.json",
headers: @auth_headers
expect(response).to have_http_status(:unauthorized)
expect(UserGroup.exists?(group.id)).to be true
end
end
context 'without sign-in' do
it 'returns unauthorized' do
delete "/user_groups/#{group.id}.json"
expect(response).to have_http_status(:unauthorized)
expect(UserGroup.exists?(group.id)).to be true
end
end
end
end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment