parent
9b2458c23c
commit
441735fb4f
@ -0,0 +1,52 @@ |
||||
#-- copyright |
||||
# OpenProject is a project management system. |
||||
# Copyright (C) 2012-2018 the OpenProject Foundation (OPF) |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License version 3. |
||||
# |
||||
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows: |
||||
# Copyright (C) 2006-2017 Jean-Philippe Lang |
||||
# Copyright (C) 2010-2013 the ChiliProject Team |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License |
||||
# as published by the Free Software Foundation; either version 2 |
||||
# of the License, or (at your option) any later version. |
||||
# |
||||
# This program is distributed in the hope that it will be useful, |
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
# GNU General Public License for more details. |
||||
# |
||||
# You should have received a copy of the GNU General Public License |
||||
# along with this program; if not, write to the Free Software |
||||
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
||||
# |
||||
# See docs/COPYRIGHT.rdoc for more details. |
||||
#++ |
||||
|
||||
module API |
||||
module V3 |
||||
module Attachments |
||||
class AttachmentsByPostAPI < ::API::OpenProjectAPI |
||||
resources :attachments do |
||||
helpers API::V3::Attachments::AttachmentsByContainerAPI::Helpers |
||||
|
||||
helpers do |
||||
def container |
||||
post |
||||
end |
||||
|
||||
def get_attachment_self_path |
||||
api_v3_paths.attachments_by_post(container.id) |
||||
end |
||||
end |
||||
|
||||
get &API::V3::Attachments::AttachmentsByContainerAPI.read |
||||
post &API::V3::Attachments::AttachmentsByContainerAPI.create(%i[edit_messages add_messages]) |
||||
end |
||||
end |
||||
end |
||||
end |
||||
end |
@ -0,0 +1,71 @@ |
||||
#-- copyright |
||||
# OpenProject is a project management system. |
||||
# Copyright (C) 2012-2018 the OpenProject Foundation (OPF) |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License version 3. |
||||
# |
||||
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows: |
||||
# Copyright (C) 2006-2017 Jean-Philippe Lang |
||||
# Copyright (C) 2010-2013 the ChiliProject Team |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License |
||||
# as published by the Free Software Foundation; either version 2 |
||||
# of the License, or (at your option) any later version. |
||||
# |
||||
# This program is distributed in the hope that it will be useful, |
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
# GNU General Public License for more details. |
||||
# |
||||
# You should have received a copy of the GNU General Public License |
||||
# along with this program; if not, write to the Free Software |
||||
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
||||
# |
||||
# See docs/COPYRIGHT.rdoc for more details. |
||||
#++ |
||||
|
||||
module API |
||||
module V3 |
||||
module Posts |
||||
class PostRepresenter < ::API::Decorators::Single |
||||
include API::Decorators::LinkedResource |
||||
|
||||
self_link title_getter: ->(*) { nil } |
||||
|
||||
link :attachments do |
||||
{ |
||||
href: api_v3_paths.attachments_by_post(represented.id) |
||||
} |
||||
end |
||||
|
||||
link :addAttachment do |
||||
next unless current_user_allowed_to(:edit_messages, context: represented.project) || |
||||
current_user_allowed_to(:add_messages, context: represented.project) |
||||
|
||||
{ |
||||
href: api_v3_paths.attachments_by_post(represented.id), |
||||
method: :post |
||||
} |
||||
end |
||||
|
||||
property :id |
||||
|
||||
property :subject |
||||
|
||||
associated_resource :project, |
||||
link: ->(*) do |
||||
{ |
||||
href: api_v3_paths.project(represented.project.id), |
||||
title: represented.project.name |
||||
} |
||||
end |
||||
|
||||
def _type |
||||
'Post' |
||||
end |
||||
end |
||||
end |
||||
end |
||||
end |
@ -0,0 +1,53 @@ |
||||
#-- copyright |
||||
# OpenProject is a project management system. |
||||
# Copyright (C) 2012-2018 the OpenProject Foundation (OPF) |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License version 3. |
||||
# |
||||
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows: |
||||
# Copyright (C) 2006-2017 Jean-Philippe Lang |
||||
# Copyright (C) 2010-2013 the ChiliProject Team |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License |
||||
# as published by the Free Software Foundation; either version 2 |
||||
# of the License, or (at your option) any later version. |
||||
# |
||||
# This program is distributed in the hope that it will be useful, |
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
# GNU General Public License for more details. |
||||
# |
||||
# You should have received a copy of the GNU General Public License |
||||
# along with this program; if not, write to the Free Software |
||||
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
||||
# |
||||
# See docs/COPYRIGHT.rdoc for more details. |
||||
#++ |
||||
|
||||
module API |
||||
module V3 |
||||
module Posts |
||||
class PostsAPI < ::API::OpenProjectAPI |
||||
resources :posts do |
||||
helpers do |
||||
def post |
||||
Message.visible(current_user).find(params[:id]) |
||||
end |
||||
end |
||||
|
||||
route_param :id do |
||||
get do |
||||
::API::V3::Posts::PostRepresenter.new(post, |
||||
current_user: current_user, |
||||
embed_links: true) |
||||
end |
||||
|
||||
mount ::API::V3::Attachments::AttachmentsByPostAPI |
||||
end |
||||
end |
||||
end |
||||
end |
||||
end |
||||
end |
@ -0,0 +1,104 @@ |
||||
#-- copyright |
||||
# OpenProject is a project management system. |
||||
# Copyright (C) 2012-2018 the OpenProject Foundation (OPF) |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License version 3. |
||||
# |
||||
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows: |
||||
# Copyright (C) 2006-2017 Jean-Philippe Lang |
||||
# Copyright (C) 2010-2013 the ChiliProject Team |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License |
||||
# as published by the Free Software Foundation; either version 2 |
||||
# of the License, or (at your option) any later version. |
||||
# |
||||
# This program is distributed in the hope that it will be useful, |
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
# GNU General Public License for more details. |
||||
# |
||||
# You should have received a copy of the GNU General Public License |
||||
# along with this program; if not, write to the Free Software |
||||
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
||||
# |
||||
# See docs/COPYRIGHT.rdoc for more details. |
||||
#++ |
||||
|
||||
require 'spec_helper' |
||||
|
||||
describe ::API::V3::Posts::PostRepresenter, 'rendering' do |
||||
include ::API::V3::Utilities::PathHelper |
||||
|
||||
let(:message) do |
||||
FactoryBot.build_stubbed(:message) do |wp| |
||||
allow(wp) |
||||
.to receive(:project) |
||||
.and_return(project) |
||||
end |
||||
end |
||||
let(:project) { FactoryBot.build_stubbed(:project) } |
||||
let(:user) { FactoryBot.build_stubbed(:user) } |
||||
let(:representer) do |
||||
described_class.create(message, current_user: user, embed_links: true) |
||||
end |
||||
let(:permissions) { all_permissions } |
||||
let(:all_permissions) { %i(edit_messages) } |
||||
|
||||
subject { representer.to_json } |
||||
|
||||
before do |
||||
allow(user) |
||||
.to receive(:allowed_to?) do |permission, project| |
||||
permissions.include?(permission) |
||||
end |
||||
end |
||||
|
||||
describe '_links' do |
||||
it_behaves_like 'has an untitled link' do |
||||
let(:link) { 'self' } |
||||
let(:href) { api_v3_paths.post message.id } |
||||
end |
||||
|
||||
it_behaves_like 'has an untitled link' do |
||||
let(:link) { :attachments } |
||||
let(:href) { api_v3_paths.attachments_by_post message.id } |
||||
end |
||||
|
||||
it_behaves_like 'has a titled link' do |
||||
let(:link) { :project } |
||||
let(:title) { project.name } |
||||
let(:href) { api_v3_paths.project project.id } |
||||
end |
||||
|
||||
it_behaves_like 'has an untitled action link' do |
||||
let(:link) { :addAttachment } |
||||
let(:href) { api_v3_paths.attachments_by_post message.id } |
||||
let(:method) { :post } |
||||
let(:permission) { :edit_messages } |
||||
end |
||||
end |
||||
|
||||
describe 'properties' do |
||||
it_behaves_like 'property', :_type do |
||||
let(:value) { 'Post' } |
||||
end |
||||
|
||||
it_behaves_like 'property', :id do |
||||
let(:value) { message.id } |
||||
end |
||||
|
||||
it_behaves_like 'property', :subject do |
||||
let(:value) { message.subject } |
||||
end |
||||
end |
||||
|
||||
describe '_embedded' do |
||||
it 'has project embedded' do |
||||
expect(subject) |
||||
.to be_json_eql(project.name.to_json) |
||||
.at_path('_embedded/project/name') |
||||
end |
||||
end |
||||
end |
@ -0,0 +1,148 @@ |
||||
#-- copyright |
||||
# OpenProject is a project management system. |
||||
# Copyright (C) 2012-2018 the OpenProject Foundation (OPF) |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License version 3. |
||||
# |
||||
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows: |
||||
# Copyright (C) 2006-2017 Jean-Philippe Lang |
||||
# Copyright (C) 2010-2013 the ChiliProject Team |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License |
||||
# as published by the Free Software Foundation; either version 2 |
||||
# of the License, or (at your option) any later version. |
||||
# |
||||
# This program is distributed in the hope that it will be useful, |
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
# GNU General Public License for more details. |
||||
# |
||||
# You should have received a copy of the GNU General Public License |
||||
# along with this program; if not, write to the Free Software |
||||
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
||||
# |
||||
# See docs/COPYRIGHT.rdoc for more details. |
||||
#++ |
||||
|
||||
require 'spec_helper' |
||||
require 'rack/test' |
||||
|
||||
describe 'API v3 Attachments by post resource', type: :request do |
||||
include Rack::Test::Methods |
||||
include API::V3::Utilities::PathHelper |
||||
include FileHelpers |
||||
|
||||
let(:current_user) do |
||||
FactoryBot.create(:user, |
||||
member_in_project: project, |
||||
member_through_role: role) |
||||
end |
||||
let(:project) { FactoryBot.create(:project) } |
||||
let(:role) { FactoryBot.create(:role, permissions: permissions) } |
||||
let(:permissions) { [:view_messages] } |
||||
let(:board) { FactoryBot.create(:board, project: project) } |
||||
let(:board_message) { FactoryBot.create(:message, board: board) } |
||||
|
||||
subject(:response) { last_response } |
||||
|
||||
before do |
||||
allow(User).to receive(:current).and_return current_user |
||||
end |
||||
|
||||
describe '#get' do |
||||
let(:get_path) { api_v3_paths.attachments_by_post board_message.id } |
||||
|
||||
before do |
||||
FactoryBot.create_list(:attachment, 2, container: board_message) |
||||
get get_path |
||||
end |
||||
|
||||
it 'should respond with 200' do |
||||
expect(subject.status).to eq(200) |
||||
end |
||||
|
||||
it_behaves_like 'API V3 collection response', 2, 2, 'Attachment' |
||||
end |
||||
|
||||
describe '#post' do |
||||
let(:permissions) { %i[view_messages edit_messages] } |
||||
|
||||
let(:request_path) { api_v3_paths.attachments_by_post board_message.id } |
||||
let(:request_parts) { { metadata: metadata, file: file } } |
||||
let(:metadata) { { fileName: 'cat.png' }.to_json } |
||||
let(:file) { mock_uploaded_file(name: 'original-filename.txt') } |
||||
let(:max_file_size) { 1 } # given in kiB |
||||
|
||||
before do |
||||
allow(Setting).to receive(:attachment_max_size).and_return max_file_size.to_s |
||||
post request_path, request_parts |
||||
end |
||||
|
||||
it 'should respond with HTTP Created' do |
||||
expect(subject.status).to eq(201) |
||||
end |
||||
|
||||
it 'should return the new attachment' do |
||||
expect(subject.body).to be_json_eql('Attachment'.to_json).at_path('_type') |
||||
end |
||||
|
||||
it 'ignores the original file name' do |
||||
expect(subject.body).to be_json_eql('cat.png'.to_json).at_path('fileName') |
||||
end |
||||
|
||||
context 'metadata section is missing' do |
||||
let(:request_parts) { { file: file } } |
||||
|
||||
it_behaves_like 'invalid request body', I18n.t('api_v3.errors.multipart_body_error') |
||||
end |
||||
|
||||
context 'file section is missing' do |
||||
# rack-test won't send a multipart request without a file being present |
||||
# however as long as we depend on correctly named sections this test should do just fine |
||||
let(:request_parts) { { metadata: metadata, wrongFileSection: file } } |
||||
|
||||
it_behaves_like 'invalid request body', I18n.t('api_v3.errors.multipart_body_error') |
||||
end |
||||
|
||||
context 'metadata section is no valid JSON' do |
||||
let(:metadata) { '"fileName": "cat.png"' } |
||||
|
||||
it_behaves_like 'parse error' |
||||
end |
||||
|
||||
context 'metadata is missing the fileName' do |
||||
let(:metadata) { Hash.new.to_json } |
||||
|
||||
it_behaves_like 'constraint violation' do |
||||
let(:message) { "fileName #{I18n.t('activerecord.errors.messages.blank')}" } |
||||
end |
||||
end |
||||
|
||||
context 'file is too large' do |
||||
let(:file) { mock_uploaded_file(content: 'a' * 2.kilobytes) } |
||||
let(:expanded_localization) do |
||||
I18n.t('activerecord.errors.messages.file_too_large', count: max_file_size.kilobytes) |
||||
end |
||||
|
||||
it_behaves_like 'constraint violation' do |
||||
let(:message) { "File #{expanded_localization}" } |
||||
end |
||||
end |
||||
|
||||
context 'only allowed to add messages, but no edit permission' do |
||||
let(:permissions) { %i[view_messages add_messages] } |
||||
|
||||
it 'should respond with HTTP Created' do |
||||
expect(subject.status).to eq(201) |
||||
end |
||||
end |
||||
|
||||
context 'only allowed to view messages' do |
||||
let(:permissions) { [:view_messages] } |
||||
|
||||
it_behaves_like 'unauthorized access' |
||||
end |
||||
end |
||||
end |
@ -0,0 +1,82 @@ |
||||
#-- copyright |
||||
# OpenProject is a project management system. |
||||
# Copyright (C) 2012-2018 the OpenProject Foundation (OPF) |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License version 3. |
||||
# |
||||
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows: |
||||
# Copyright (C) 2006-2017 Jean-Philippe Lang |
||||
# Copyright (C) 2010-2013 the ChiliProject Team |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License |
||||
# as published by the Free Software Foundation; either version 2 |
||||
# of the License, or (at your option) any later version. |
||||
# |
||||
# This program is distributed in the hope that it will be useful, |
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
# GNU General Public License for more details. |
||||
# |
||||
# You should have received a copy of the GNU General Public License |
||||
# along with this program; if not, write to the Free Software |
||||
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
||||
# |
||||
# See docs/COPYRIGHT.rdoc for more details. |
||||
#++ |
||||
|
||||
require 'spec_helper' |
||||
require 'rack/test' |
||||
|
||||
describe 'API v3 posts resource', type: :request do |
||||
include Rack::Test::Methods |
||||
include API::V3::Utilities::PathHelper |
||||
|
||||
let(:current_user) do |
||||
FactoryBot.create(:user, member_in_project: project, member_through_role: role) |
||||
end |
||||
let(:board) { FactoryBot.create(:board, project: project) } |
||||
let(:message) { FactoryBot.create(:message, board: board) } |
||||
let(:project) { FactoryBot.create(:project) } |
||||
let(:role) { FactoryBot.create(:role, permissions: permissions) } |
||||
let(:permissions) { %i(view_messages) } |
||||
|
||||
subject(:response) { last_response } |
||||
|
||||
before do |
||||
login_as(current_user) |
||||
end |
||||
|
||||
describe 'GET /api/v3/posts/:id' do |
||||
let(:path) { api_v3_paths.post(message.id) } |
||||
|
||||
before do |
||||
get path |
||||
end |
||||
|
||||
it 'returns 200 OK' do |
||||
expect(subject.status) |
||||
.to eql(200) |
||||
end |
||||
|
||||
it 'returns the message page' do |
||||
expect(subject.body) |
||||
.to be_json_eql('Post'.to_json) |
||||
.at_path('_type') |
||||
|
||||
expect(subject.body) |
||||
.to be_json_eql(message.id.to_json) |
||||
.at_path('id') |
||||
end |
||||
|
||||
context 'when lacking permissions' do |
||||
let(:current_user) { FactoryBot.create(:user) } |
||||
|
||||
it 'returns 404 NOT FOUND' do |
||||
expect(subject.status) |
||||
.to eql(404) |
||||
end |
||||
end |
||||
end |
||||
end |
Loading…
Reference in new issue