amos 0.0.3 → 0.0.4
Sign up to get free protection for your applications and to get access to all the features.
- data/README.rdoc +20 -3
- data/app/controllers/amos_controller.rb +36 -1
- data/config/initializers/per_page.rb +5 -0
- data/config/routes.rb +1 -0
- data/lib/amos.rb +1 -0
- data/lib/amos/pagination.rb +18 -0
- data/spec/controllers/amos_controller_spec.rb +680 -0
- data/spec/factories.rb +13 -0
- data/spec/models/per_page_spec.rb +29 -0
- data/test/dummy/app/controllers/application_controller.rb +3 -0
- data/test/dummy/app/helpers/application_helper.rb +2 -0
- data/test/dummy/app/models/ability.rb +13 -0
- data/test/dummy/app/models/recipe.rb +3 -0
- data/test/dummy/app/models/user.rb +4 -0
- data/test/dummy/app/views/layouts/application.html.erb +14 -0
- data/test/dummy/config/application.rb +45 -0
- data/test/dummy/config/boot.rb +10 -0
- data/test/dummy/config/cucumber.yml +8 -0
- data/test/dummy/config/database.yml +25 -0
- data/test/dummy/config/environment.rb +5 -0
- data/test/dummy/config/environments/development.rb +26 -0
- data/test/dummy/config/environments/production.rb +49 -0
- data/test/dummy/config/environments/test.rb +35 -0
- data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
- data/test/dummy/config/initializers/inflections.rb +10 -0
- data/test/dummy/config/initializers/mime_types.rb +5 -0
- data/test/dummy/config/initializers/secret_token.rb +7 -0
- data/test/dummy/config/initializers/session_store.rb +8 -0
- data/test/dummy/config/locales/en.yml +5 -0
- data/test/dummy/config/routes.rb +2 -0
- data/test/dummy/db/migrate/20110930092258_create_user.rb +15 -0
- data/test/dummy/db/migrate/20111002092333_create_recipes.rb +16 -0
- data/test/dummy/db/migrate/20111003063458_add_user_id_to_recipe.rb +9 -0
- data/test/dummy/features/amos.feature +160 -0
- data/test/dummy/features/paginate.feature +119 -0
- data/test/dummy/features/security.feature +59 -0
- data/test/dummy/features/step_definitions/pickle_steps.rb +100 -0
- data/test/dummy/features/step_definitions/user_steps.rb +57 -0
- data/test/dummy/features/support/env.rb +50 -0
- data/test/dummy/features/support/pickle.rb +26 -0
- data/test/spec_helper.rb +37 -0
- data/test/support/integration_case.rb +5 -0
- data/test/test_helper.rb +17 -0
- metadata +74 -18
data/README.rdoc
CHANGED
@@ -52,7 +52,7 @@ disallows any access, so if you are getting authorisation errors you have not ov
|
|
52
52
|
Cancan also needs access to a method called current_user in the controllers. If you are using devise or similar
|
53
53
|
this should automatically be available.
|
54
54
|
|
55
|
-
If not you will need to define the following in your
|
55
|
+
If not you will need to define the following in your ApplicationController class:
|
56
56
|
|
57
57
|
class ApplicationController < ActionController::Base
|
58
58
|
def current_user
|
@@ -75,12 +75,29 @@ Your models should now be available on /recipe etc.
|
|
75
75
|
Take a look at spec/controllers/amos_controller_spec.rb and test/dummy/features/amos.feature for some examples of accessing
|
76
76
|
the data and what is returned.
|
77
77
|
|
78
|
+
If you want to have the index and dynamic finder results paginated include this at the top of your model:
|
78
79
|
|
79
|
-
|
80
|
+
User < ActiveRecord::Base
|
81
|
+
paginate_results
|
82
|
+
|
83
|
+
.... your code ....
|
84
|
+
|
85
|
+
end
|
86
|
+
|
87
|
+
This will use will_paginate to paginate the results.
|
88
|
+
|
89
|
+
== Things to to
|
80
90
|
* More tests against a javascriptMVC application
|
81
|
-
* Add code to support rails dynamic finders.
|
82
91
|
|
83
92
|
== Change list
|
93
|
+
=== Edge
|
94
|
+
In progress
|
95
|
+
|
96
|
+
=== 0.0.4
|
97
|
+
Added test and spec files to gemspec
|
98
|
+
Added functionality to allow use of rails dynamic finders
|
99
|
+
Added ability to paginate index and dynamic finder results
|
100
|
+
|
84
101
|
=== 0.0.3
|
85
102
|
Fixed problem with incomplete file list in gemspec.
|
86
103
|
Fixed problem with cancan methods not being found when using gem in a rails app.
|
@@ -1,4 +1,5 @@
|
|
1
1
|
require 'cancan'
|
2
|
+
require 'ruby-debug'
|
2
3
|
|
3
4
|
class AmosController < ApplicationController
|
4
5
|
|
@@ -6,10 +7,16 @@
|
|
6
7
|
|
7
8
|
before_filter :set_model
|
8
9
|
before_filter :set_current_record, :only => [:show, :update, :destroy]
|
10
|
+
before_filter :should_paginate
|
9
11
|
|
10
12
|
def index
|
11
13
|
@the_fields = process_field_names([], params[:fields])
|
12
|
-
|
14
|
+
if @paginate_flag
|
15
|
+
records = self.instance_eval("#{@model}.paginate(:page => params[:page], :per_page => ActiveRecord::Base.per_page)")
|
16
|
+
else
|
17
|
+
records = self.instance_eval("#{@model}.all")
|
18
|
+
end
|
19
|
+
|
13
20
|
result_records = []
|
14
21
|
records.each{|rec|
|
15
22
|
if @the_fields.count == 0
|
@@ -22,6 +29,30 @@
|
|
22
29
|
render :json => result_records
|
23
30
|
end
|
24
31
|
|
32
|
+
def find
|
33
|
+
@the_fields = process_field_names([], params[:fields])
|
34
|
+
terms = params[:term].split(',').collect{|t| "'#{t}'"}.join(',')
|
35
|
+
|
36
|
+
if @paginate_flag
|
37
|
+
records = eval("#{@model}.scoped_#{params[:query]}(#{terms})").paginate(:page => params[:page], :per_page => ActiveRecord::Base.per_page)
|
38
|
+
else
|
39
|
+
query = "#{@model}.find_#{params[:query]}(:all, #{terms})"
|
40
|
+
records = self.instance_eval("#{@model}.find_all_#{params[:query]}(#{terms})")
|
41
|
+
end
|
42
|
+
records = [] if records.nil?
|
43
|
+
|
44
|
+
result_records = []
|
45
|
+
records.each{|rec|
|
46
|
+
if @the_fields.count == 0
|
47
|
+
result = filter_record rec
|
48
|
+
else
|
49
|
+
result = select_fields rec, @the_fields
|
50
|
+
end
|
51
|
+
result_records << result
|
52
|
+
} unless records.nil?
|
53
|
+
render :json => result_records
|
54
|
+
end
|
55
|
+
|
25
56
|
def show
|
26
57
|
@the_fields = process_field_names([], params[:fields])
|
27
58
|
if @the_fields.count == 0
|
@@ -135,5 +166,9 @@
|
|
135
166
|
def render_authorized
|
136
167
|
render :json => {:error => "You are not authorized to access this data"}, :status => 401
|
137
168
|
end
|
169
|
+
|
170
|
+
def should_paginate
|
171
|
+
@paginate_flag = self.instance_eval("#{@model}.paginate_actions").include?(params[:action])
|
172
|
+
end
|
138
173
|
end
|
139
174
|
|
data/config/routes.rb
CHANGED
@@ -1,5 +1,6 @@
|
|
1
1
|
Rails.application.routes.draw do
|
2
2
|
# match 'with_id/:model/:id' => 'amos/amos#with_id'
|
3
|
+
match ":model/find/:query" => "amos#find", :constraints => { :model => /.*/ }
|
3
4
|
match ":model/:id" => "amos#show", :constraints => { :model => /.*/ }, :via => :get
|
4
5
|
match ":model/:id" => "amos#destroy", :constraints => { :model => /.*/ }, :via => :delete
|
5
6
|
match ":model/:id" => "amos#update", :constraints => { :model => /.*/ }, :via => :put
|
data/lib/amos.rb
CHANGED
@@ -0,0 +1,18 @@
|
|
1
|
+
module AmosPagination
|
2
|
+
def self.included(base)
|
3
|
+
base.extend(ClassMethods)
|
4
|
+
end
|
5
|
+
|
6
|
+
module ClassMethods
|
7
|
+
def paginate_results
|
8
|
+
@paginate_actions = ['index', 'find']
|
9
|
+
end
|
10
|
+
|
11
|
+
def paginate_actions
|
12
|
+
@paginate_actions ||= []
|
13
|
+
end
|
14
|
+
|
15
|
+
end
|
16
|
+
|
17
|
+
end
|
18
|
+
|
@@ -0,0 +1,680 @@
|
|
1
|
+
require File.expand_path(File.dirname(__FILE__) + '/../../test/spec_helper')
|
2
|
+
require 'factory_girl'
|
3
|
+
|
4
|
+
describe AmosController do
|
5
|
+
|
6
|
+
let(:user) {FactoryGirl.build(:user)}
|
7
|
+
let(:recipe) {Factory.build(:recipe, :name => 'Boiled eggs', :description => 'Grab an egg', :user => user)}
|
8
|
+
|
9
|
+
describe "routes" do
|
10
|
+
it "routes /user to the index action" do
|
11
|
+
{ :get => "/user" }.
|
12
|
+
should route_to(:controller => "amos", :action => "index", :model => 'user')
|
13
|
+
end
|
14
|
+
|
15
|
+
it "routes /user/query to the query action" do
|
16
|
+
{ :get => "/user/find/by_name" }.
|
17
|
+
should route_to(:controller => "amos", :action => "find", :model => 'user', :query => 'by_name')
|
18
|
+
end
|
19
|
+
|
20
|
+
it "routes show /user/1 to the show action" do
|
21
|
+
{ :get => "/users/1" }.
|
22
|
+
should route_to(:controller => "amos", :action => "show", :model => 'users', :id => '1')
|
23
|
+
end
|
24
|
+
|
25
|
+
it "routes delete /user/1 to the destroy action" do
|
26
|
+
{ :delete => "/users/1" }.
|
27
|
+
should route_to(:controller => "amos", :action => "destroy", :model => 'users', :id => '1')
|
28
|
+
end
|
29
|
+
|
30
|
+
it "routes put /user/1 to the update action" do
|
31
|
+
{ :put => "/users/1" }.
|
32
|
+
should route_to(:controller => "amos", :action => "update", :model => 'users', :id => '1')
|
33
|
+
end
|
34
|
+
|
35
|
+
it "routes post /user to the create action" do
|
36
|
+
{ :post => "/users" }.
|
37
|
+
should route_to(:controller => "amos", :action => "create", :model => 'users')
|
38
|
+
end
|
39
|
+
|
40
|
+
end
|
41
|
+
|
42
|
+
describe 'GET /user' do
|
43
|
+
|
44
|
+
context 'successful operation' do
|
45
|
+
before(:each) do
|
46
|
+
setAbilityAuthorized
|
47
|
+
User.should_receive('all'){[user]}
|
48
|
+
end
|
49
|
+
|
50
|
+
it "selects the correct model" do
|
51
|
+
get :index, :model => 'user'
|
52
|
+
assigns[:model].should == 'User'
|
53
|
+
end
|
54
|
+
|
55
|
+
it "calls the correct method" do
|
56
|
+
get :index, :model => 'user'
|
57
|
+
end
|
58
|
+
|
59
|
+
it "returns the correct json data" do
|
60
|
+
get :index, :model => 'user'
|
61
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
62
|
+
ActiveSupport::JSON.decode([
|
63
|
+
{"name" => "J Smith", "email"=>"smith@smith.com"}
|
64
|
+
].to_json)
|
65
|
+
end
|
66
|
+
end
|
67
|
+
|
68
|
+
|
69
|
+
context 'failed authorization' do
|
70
|
+
before(:each) do
|
71
|
+
setAbilityUnauthorized
|
72
|
+
end
|
73
|
+
|
74
|
+
it "returns a 401 error code" do
|
75
|
+
get :index, :model => 'user'
|
76
|
+
response.status.should == 401
|
77
|
+
end
|
78
|
+
|
79
|
+
it "returns the correct json data" do
|
80
|
+
get :index, :model => 'user'
|
81
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
82
|
+
ActiveSupport::JSON.decode({"error" => "You are not authorized to access this data"}.to_json)
|
83
|
+
end
|
84
|
+
end
|
85
|
+
end
|
86
|
+
|
87
|
+
describe 'GET /user/find' do
|
88
|
+
|
89
|
+
context 'successful operation : single term' do
|
90
|
+
before(:each) do
|
91
|
+
setAbilityAuthorized
|
92
|
+
User.stub('find_all_by_name').with('J Smith'){[user]}
|
93
|
+
end
|
94
|
+
|
95
|
+
it "selects the correct model" do
|
96
|
+
get :find, :model => 'user', :query => 'by_name', :term => 'J Smith'
|
97
|
+
assigns[:model].should == 'User'
|
98
|
+
end
|
99
|
+
|
100
|
+
it "calls the correct method with no field filter" do
|
101
|
+
User.should_receive('find_all_by_name').with('J Smith'){[user]}
|
102
|
+
get :find, :model => 'user', :query => 'by_name',:term => 'J Smith'
|
103
|
+
end
|
104
|
+
|
105
|
+
it "returns the correct json data with no field filter" do
|
106
|
+
get :find, :model => 'user', :query =>'by_name',:term => 'J Smith'
|
107
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
108
|
+
ActiveSupport::JSON.decode([
|
109
|
+
{"name" => "J Smith", "email"=>"smith@smith.com"}
|
110
|
+
].to_json)
|
111
|
+
end
|
112
|
+
|
113
|
+
it "determines the correct fields with field filter" do
|
114
|
+
get :find, :model => 'user', :query =>'by_name',:term => 'J Smith', :fields => 'email'
|
115
|
+
assigns[:the_fields].should == ['email']
|
116
|
+
end
|
117
|
+
|
118
|
+
it "returns the correct json data with field filter" do
|
119
|
+
get :find, :model => 'user', :query =>'by_name',:term => 'J Smith', :fields => 'email'
|
120
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
121
|
+
ActiveSupport::JSON.decode([
|
122
|
+
{"email"=>"smith@smith.com"}
|
123
|
+
].to_json)
|
124
|
+
end
|
125
|
+
|
126
|
+
end
|
127
|
+
|
128
|
+
context 'successful operation : multiple terms' do
|
129
|
+
before(:each) do
|
130
|
+
setAbilityAuthorized
|
131
|
+
User.stub('find_all_by_name_and_email').with('J Smith', 'smith@smith.com'){[user]}
|
132
|
+
end
|
133
|
+
|
134
|
+
it "calls the correct method with no field filter" do
|
135
|
+
User.should_receive('find_all_by_name_and_email').with('J Smith', 'smith@smith.com'){[user]}
|
136
|
+
get :find, :model => 'user', :query => 'by_name_and_email',:term => 'J Smith,smith@smith.com'
|
137
|
+
end
|
138
|
+
|
139
|
+
it "returns the correct json data with no field filter" do
|
140
|
+
get :find, :model => 'user', :query => 'by_name_and_email',:term => 'J Smith,smith@smith.com'
|
141
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
142
|
+
ActiveSupport::JSON.decode([
|
143
|
+
{"name" => "J Smith", "email"=>"smith@smith.com"}
|
144
|
+
].to_json)
|
145
|
+
end
|
146
|
+
end
|
147
|
+
|
148
|
+
|
149
|
+
context 'failed authorization' do
|
150
|
+
before(:each) do
|
151
|
+
setAbilityUnauthorized
|
152
|
+
end
|
153
|
+
|
154
|
+
it "returns a 401 error code" do
|
155
|
+
get :find, :model => 'user', :query =>'by_name',:term => 'J Smith'
|
156
|
+
response.status.should == 401
|
157
|
+
end
|
158
|
+
|
159
|
+
it "returns the correct json data" do
|
160
|
+
get :find, :model => 'user', :query =>'by_name',:term => 'J Smith'
|
161
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
162
|
+
ActiveSupport::JSON.decode({"error" => "You are not authorized to access this data"}.to_json)
|
163
|
+
end
|
164
|
+
end
|
165
|
+
end
|
166
|
+
|
167
|
+
|
168
|
+
describe 'GET /user?fields=' do
|
169
|
+
|
170
|
+
context 'successful operation' do
|
171
|
+
before(:each) do
|
172
|
+
setAbilityAuthorized
|
173
|
+
User.should_receive('all'){[user, user]}
|
174
|
+
end
|
175
|
+
|
176
|
+
it "selects the correct model" do
|
177
|
+
get :index, :model => 'user', :fields => 'email'
|
178
|
+
assigns[:model].should == 'User'
|
179
|
+
end
|
180
|
+
|
181
|
+
it "calls the correct method" do
|
182
|
+
get :index, :model => 'user', :fields => 'email'
|
183
|
+
end
|
184
|
+
|
185
|
+
it "determines the correct fields" do
|
186
|
+
get :index, :model => 'user', :fields => 'email'
|
187
|
+
assigns[:the_fields].should == ['email']
|
188
|
+
end
|
189
|
+
|
190
|
+
it "returns the correct json data" do
|
191
|
+
get :index, :model => 'user', :fields => 'email'
|
192
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
193
|
+
ActiveSupport::JSON.decode([
|
194
|
+
{"email"=>"smith@smith.com"},
|
195
|
+
{"email"=>"smith@smith.com"}
|
196
|
+
].to_json)
|
197
|
+
end
|
198
|
+
end
|
199
|
+
end
|
200
|
+
|
201
|
+
|
202
|
+
describe 'GET /user/:id' do
|
203
|
+
context 'successful operation' do
|
204
|
+
before(:each) do
|
205
|
+
setAbilityAuthorized
|
206
|
+
User.should_receive('find').with(1){user}
|
207
|
+
end
|
208
|
+
|
209
|
+
it "selects the correct model" do
|
210
|
+
get :show, :model => 'users', :id => '1'
|
211
|
+
assigns[:model].should == 'User'
|
212
|
+
end
|
213
|
+
|
214
|
+
it "calls the correct method" do
|
215
|
+
get :show, :model => 'users', :id => '1'
|
216
|
+
end
|
217
|
+
|
218
|
+
it "returns the correct json data" do
|
219
|
+
get :show, :model => 'users', :id => '1'
|
220
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
221
|
+
ActiveSupport::JSON.decode(
|
222
|
+
{"name"=>"J Smith", "email"=>"smith@smith.com"}.to_json)
|
223
|
+
end
|
224
|
+
end
|
225
|
+
|
226
|
+
context 'failed operation' do
|
227
|
+
before(:each) do
|
228
|
+
setAbilityAuthorized
|
229
|
+
User.should_receive('find').with(1).and_raise(ActiveRecord::RecordNotFound)
|
230
|
+
end
|
231
|
+
|
232
|
+
it "returns the correct json data" do
|
233
|
+
get :show, :model => 'users', :id => '1'
|
234
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
235
|
+
ActiveSupport::JSON.decode(
|
236
|
+
{"error"=>"Record 1 not found"}.to_json)
|
237
|
+
end
|
238
|
+
|
239
|
+
it "returns a 400 error code" do
|
240
|
+
get :show, :model => 'users', :id => '1'
|
241
|
+
response.status.should == 400
|
242
|
+
end
|
243
|
+
end
|
244
|
+
end
|
245
|
+
|
246
|
+
describe 'GET /user/:id?fields=' do
|
247
|
+
|
248
|
+
context 'successful operation' do
|
249
|
+
before(:each) do
|
250
|
+
setAbilityAuthorized
|
251
|
+
User.should_receive('find').with(1){user}
|
252
|
+
end
|
253
|
+
|
254
|
+
it "selects the correct model" do
|
255
|
+
get :show, :model => 'users', :id => '1', :fields => 'email'
|
256
|
+
assigns[:model].should == 'User'
|
257
|
+
end
|
258
|
+
|
259
|
+
it "calls the correct method" do
|
260
|
+
get :show, :model => 'users', :id => '1', :fields => 'email'
|
261
|
+
end
|
262
|
+
|
263
|
+
it "determines the correct fields" do
|
264
|
+
get :show, :model => 'users', :id => '1', :fields => 'email'
|
265
|
+
assigns[:the_fields].should == ['email']
|
266
|
+
end
|
267
|
+
|
268
|
+
it "returns the correct json data" do
|
269
|
+
get :show, :model => 'users', :id => '1', :fields => 'email'
|
270
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
271
|
+
ActiveSupport::JSON.decode({"email"=>"smith@smith.com"}.to_json)
|
272
|
+
end
|
273
|
+
end
|
274
|
+
end
|
275
|
+
|
276
|
+
describe 'DELETE /user/:id' do
|
277
|
+
|
278
|
+
context 'successful operation' do
|
279
|
+
before(:each) do
|
280
|
+
setAbilityAuthorized
|
281
|
+
User.should_receive('find').with(1){user}
|
282
|
+
user.should_receive('destroy')
|
283
|
+
end
|
284
|
+
|
285
|
+
it "selects the correct model" do
|
286
|
+
delete :destroy, :model => 'users', :id => '1'
|
287
|
+
assigns[:model].should == 'User'
|
288
|
+
end
|
289
|
+
|
290
|
+
it "calls the correct method" do
|
291
|
+
delete :destroy, :model => 'users', :id => '1'
|
292
|
+
end
|
293
|
+
|
294
|
+
it "returns a success response" do
|
295
|
+
delete :destroy, :model => 'users', :id => '1'
|
296
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
297
|
+
ActiveSupport::JSON.decode(
|
298
|
+
{"success"=>"true"}.to_json)
|
299
|
+
end
|
300
|
+
end
|
301
|
+
|
302
|
+
context 'failed operation' do
|
303
|
+
before(:each) do
|
304
|
+
setAbilityAuthorized
|
305
|
+
User.should_receive('find').with(1).and_raise(ActiveRecord::RecordNotFound)
|
306
|
+
end
|
307
|
+
it "returns a fail response" do
|
308
|
+
delete :destroy, :model => 'users', :id => '1'
|
309
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
310
|
+
ActiveSupport::JSON.decode(
|
311
|
+
{"error"=>"Record 1 not found"}.to_json)
|
312
|
+
end
|
313
|
+
|
314
|
+
it "returns a 400 error code" do
|
315
|
+
delete :destroy, :model => 'users', :id => '1'
|
316
|
+
response.status.should == 400
|
317
|
+
end
|
318
|
+
end
|
319
|
+
|
320
|
+
context 'failed authorization' do
|
321
|
+
before(:each) do
|
322
|
+
setAbilityUnauthorizedUser
|
323
|
+
User.stub('find').with(1){user}
|
324
|
+
end
|
325
|
+
|
326
|
+
it "returns a 401 error code" do
|
327
|
+
delete :destroy, :model => 'users', :id => '1'
|
328
|
+
response.status.should == 401
|
329
|
+
end
|
330
|
+
|
331
|
+
it "returns the correct json data" do
|
332
|
+
delete :destroy, :model => 'users', :id => '1'
|
333
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
334
|
+
ActiveSupport::JSON.decode({"error" => "You are not authorized to access this data"}.to_json)
|
335
|
+
end
|
336
|
+
end
|
337
|
+
|
338
|
+
end
|
339
|
+
|
340
|
+
describe 'PUT /user/:id' do
|
341
|
+
context 'successful operation' do
|
342
|
+
before(:each) do
|
343
|
+
setAbilityAuthorized
|
344
|
+
User.should_receive('find').with(1){user}
|
345
|
+
user.should_receive('update_attributes').with('name' => 'fred', 'email' => 'smith'){true}
|
346
|
+
end
|
347
|
+
|
348
|
+
it "selects the correct model" do
|
349
|
+
put :update, :model => 'users', :id => '1', :name => 'fred', :email => 'smith'
|
350
|
+
assigns[:model].should == 'User'
|
351
|
+
end
|
352
|
+
|
353
|
+
it "calls the correct method" do
|
354
|
+
put :update, :model => 'users', :id => '1', :name => 'fred', :email => 'smith'
|
355
|
+
end
|
356
|
+
|
357
|
+
it "returns a success response" do
|
358
|
+
put :update, :model => 'users', :id => '1', :name => 'fred', :email => 'smith'
|
359
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
360
|
+
ActiveSupport::JSON.decode(
|
361
|
+
{'name' => 'fred', 'email' => 'smith'}.to_json)
|
362
|
+
end
|
363
|
+
end
|
364
|
+
|
365
|
+
context 'failed operation' do
|
366
|
+
before(:each) do
|
367
|
+
setAbilityAuthorized
|
368
|
+
User.should_receive('find').with(1){user}
|
369
|
+
user.should_receive('update_attributes').with('name' => 'fred', 'email' => ''){false}
|
370
|
+
user.should_receive('errors'){{:email => ["can't be blank"]}}
|
371
|
+
end
|
372
|
+
|
373
|
+
it "returns a fail response" do
|
374
|
+
put :update, :model => 'users', :id => '1', :name => 'fred', :email => ''
|
375
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
376
|
+
ActiveSupport::JSON.decode(
|
377
|
+
{"email"=>["can't be blank"]}.to_json)
|
378
|
+
end
|
379
|
+
|
380
|
+
it "returns a 400 error code" do
|
381
|
+
put :update, :model => 'users', :id => '1', :name => 'fred', :email => ''
|
382
|
+
response.status.should == 400
|
383
|
+
end
|
384
|
+
|
385
|
+
end
|
386
|
+
context 'failed authorization' do
|
387
|
+
before(:each) do
|
388
|
+
setAbilityUnauthorizedUser
|
389
|
+
User.stub('find').with(1){user}
|
390
|
+
end
|
391
|
+
|
392
|
+
it "returns a 401 error code" do
|
393
|
+
put :update, :model => 'users', :id => '1', :name => 'fred', :email => ''
|
394
|
+
response.status.should == 401
|
395
|
+
end
|
396
|
+
|
397
|
+
it "returns the correct json data" do
|
398
|
+
put :update, :model => 'users', :id => '1', :name => 'fred', :email => ''
|
399
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
400
|
+
ActiveSupport::JSON.decode({"error" => "You are not authorized to access this data"}.to_json)
|
401
|
+
end
|
402
|
+
end
|
403
|
+
end
|
404
|
+
|
405
|
+
describe 'POST /user' do
|
406
|
+
|
407
|
+
context 'successful operation' do
|
408
|
+
before(:each) do
|
409
|
+
setAbilityAuthorized
|
410
|
+
@auser = User.new(:name => 'J Smith', :email => 'smith@smith.com')
|
411
|
+
User.stub(:new){@auser}
|
412
|
+
user.should_receive('save'){true}
|
413
|
+
end
|
414
|
+
|
415
|
+
it "selects the correct model" do
|
416
|
+
post :create, :model => 'users', :name => 'J Smith', :email => 'smith@smith.com'
|
417
|
+
assigns[:model].should == 'User'
|
418
|
+
end
|
419
|
+
|
420
|
+
it "calls the correct method" do
|
421
|
+
User.should_receive(:new).with("name" => "J Smith", 'email' => 'smith@smith.com' ).and_return(user)
|
422
|
+
post :create, :model => 'users', :name => 'J Smith', :email => 'smith@smith.com'
|
423
|
+
end
|
424
|
+
|
425
|
+
it "returns a success response" do
|
426
|
+
post :create, :model => 'users', :name => 'J Smith', :email => 'smith@smith.com'
|
427
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
428
|
+
ActiveSupport::JSON.decode(
|
429
|
+
{"name"=>"J Smith", "email"=>"smith@smith.com"}.to_json)
|
430
|
+
end
|
431
|
+
end
|
432
|
+
|
433
|
+
context 'failed operation' do
|
434
|
+
it "returns a fail response" do
|
435
|
+
post :create, :model => 'users', :name => 'J Smith'
|
436
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
437
|
+
ActiveSupport::JSON.decode(
|
438
|
+
{"email"=>["can't be blank"]}.to_json)
|
439
|
+
end
|
440
|
+
|
441
|
+
it "returns a 400 error code" do
|
442
|
+
post :create, :model => 'users', :name => 'J Smith'
|
443
|
+
response.status.should == 400
|
444
|
+
end
|
445
|
+
|
446
|
+
end
|
447
|
+
|
448
|
+
context 'failed authorization' do
|
449
|
+
before(:each) do
|
450
|
+
setAbilityUnauthorizedUser
|
451
|
+
User.stub('find').with(1){user}
|
452
|
+
end
|
453
|
+
|
454
|
+
it "returns a 401 error code" do
|
455
|
+
post :create, :model => 'users', :name => 'J Smith'
|
456
|
+
response.status.should == 401
|
457
|
+
end
|
458
|
+
|
459
|
+
it "returns the correct json data" do
|
460
|
+
post :create, :model => 'users', :name => 'J Smith'
|
461
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
462
|
+
ActiveSupport::JSON.decode({"error" => "You are not authorized to access this data"}.to_json)
|
463
|
+
end
|
464
|
+
end
|
465
|
+
|
466
|
+
end
|
467
|
+
|
468
|
+
describe 'handling associations' do
|
469
|
+
describe 'single association' do
|
470
|
+
before(:each) do
|
471
|
+
setAbilityAuthorized
|
472
|
+
User.should_receive('find').with(1){user}
|
473
|
+
user.stub('recipes'){[recipe, recipe]}
|
474
|
+
end
|
475
|
+
|
476
|
+
it 'assigns the correct association names' do
|
477
|
+
get :show, :model => 'users', :id => '1', :association => 'recipes'
|
478
|
+
assigns[:the_associations].should == ['recipes']
|
479
|
+
end
|
480
|
+
|
481
|
+
it 'fetches the correct association' do
|
482
|
+
user.should_receive('recipes')
|
483
|
+
get :show, :model => 'users', :id => '1', :association => 'recipes'
|
484
|
+
end
|
485
|
+
|
486
|
+
it "returns the correct json data" do
|
487
|
+
get :show, :model => 'users', :id => '1', :association => 'recipes'
|
488
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
489
|
+
ActiveSupport::JSON.decode(
|
490
|
+
{"name"=>"J Smith", "email"=>"smith@smith.com",
|
491
|
+
"recipes" => [
|
492
|
+
{'name' => 'Boiled eggs', 'description' => 'Grab an egg'},
|
493
|
+
{'name' => 'Boiled eggs', 'description' => 'Grab an egg'}
|
494
|
+
]
|
495
|
+
}.to_json)
|
496
|
+
end
|
497
|
+
end
|
498
|
+
|
499
|
+
describe 'multiple associations' do
|
500
|
+
before(:each) do
|
501
|
+
setAbilityAuthorized
|
502
|
+
User.should_receive('find').with(1){user}
|
503
|
+
user.stub('recipes'){[recipe, recipe]}
|
504
|
+
user.stub('shops'){[recipe, recipe]}
|
505
|
+
end
|
506
|
+
|
507
|
+
it 'assigns the correct association names' do
|
508
|
+
get :show, :model => 'users', :id => '1', :association => 'recipes,shops'
|
509
|
+
assigns[:the_associations].should == ['recipes', 'shops']
|
510
|
+
end
|
511
|
+
|
512
|
+
it 'fetches the correct associations' do
|
513
|
+
user.should_receive('recipes')
|
514
|
+
user.should_receive('shops')
|
515
|
+
get :show, :model => 'users', :id => '1', :association => 'recipes,shops'
|
516
|
+
end
|
517
|
+
|
518
|
+
it "returns the correct json data" do
|
519
|
+
get :show, :model => 'users', :id => '1', :association => 'recipes,shops'
|
520
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
521
|
+
ActiveSupport::JSON.decode(
|
522
|
+
{"name"=>"J Smith", "email"=>"smith@smith.com",
|
523
|
+
"recipes" => [
|
524
|
+
{'name' => 'Boiled eggs', 'description' => 'Grab an egg'},
|
525
|
+
{'name' => 'Boiled eggs', 'description' => 'Grab an egg'}
|
526
|
+
],
|
527
|
+
"shops" => [
|
528
|
+
{'name' => 'Boiled eggs', 'description' => 'Grab an egg'},
|
529
|
+
{'name' => 'Boiled eggs', 'description' => 'Grab an egg'}
|
530
|
+
]
|
531
|
+
}.to_json)
|
532
|
+
end
|
533
|
+
end
|
534
|
+
|
535
|
+
describe 'GET /user with pagination' do
|
536
|
+
|
537
|
+
context 'successful operation' do
|
538
|
+
before(:each) do
|
539
|
+
setAbilityAuthorized
|
540
|
+
User.paginate_results
|
541
|
+
User.stub('paginate'){[user,user,user]}
|
542
|
+
end
|
543
|
+
|
544
|
+
it "calls the correct method" do
|
545
|
+
User.should_receive('paginate').with(:page => 2, :per_page => 30){[user]}
|
546
|
+
get :index, :model => 'user', :page => 2
|
547
|
+
end
|
548
|
+
|
549
|
+
it "sets paginate flag" do
|
550
|
+
get :index, :model => 'user', :page => 2
|
551
|
+
assigns[:paginate_flag].should == true
|
552
|
+
end
|
553
|
+
|
554
|
+
it "returns the correct json data" do
|
555
|
+
get :index, :model => 'user'
|
556
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
557
|
+
ActiveSupport::JSON.decode([
|
558
|
+
{"name" => "J Smith", "email"=>"smith@smith.com"},
|
559
|
+
{"name" => "J Smith", "email"=>"smith@smith.com"},
|
560
|
+
{"name" => "J Smith", "email"=>"smith@smith.com"}
|
561
|
+
].to_json)
|
562
|
+
end
|
563
|
+
end
|
564
|
+
|
565
|
+
end
|
566
|
+
|
567
|
+
describe 'GET /user/find with pagination' do
|
568
|
+
|
569
|
+
context 'successful operation : single term' do
|
570
|
+
before(:each) do
|
571
|
+
setAbilityAuthorized
|
572
|
+
User.paginate_results
|
573
|
+
result = []
|
574
|
+
User.stub('scoped_by_name').with('J Smith'){result}
|
575
|
+
result.stub('paginate'){[user, user, user]}
|
576
|
+
end
|
577
|
+
|
578
|
+
it "calls the correct method with no field filter" do
|
579
|
+
result = [user, user, user]
|
580
|
+
User.should_receive('scoped_by_name').with('J Smith'){result}
|
581
|
+
result.should_receive('paginate'){[user, user, user]}
|
582
|
+
get :find, :model => 'user', :query => 'by_name',:term => 'J Smith'
|
583
|
+
end
|
584
|
+
|
585
|
+
it "returns the correct json data with no field filter" do
|
586
|
+
get :find, :model => 'user', :query =>'by_name',:term => "J Smith"
|
587
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
588
|
+
ActiveSupport::JSON.decode([
|
589
|
+
{"name" => "J Smith", "email"=>"smith@smith.com"},
|
590
|
+
{"name" => "J Smith", "email"=>"smith@smith.com"},
|
591
|
+
{"name" => "J Smith", "email"=>"smith@smith.com"}
|
592
|
+
].to_json)
|
593
|
+
end
|
594
|
+
|
595
|
+
it "determines the correct fields with field filter" do
|
596
|
+
get :find, :model => 'user', :query =>'by_name',:term => 'J Smith', :fields => 'email'
|
597
|
+
assigns[:the_fields].should == ['email']
|
598
|
+
end
|
599
|
+
|
600
|
+
it "returns the correct json data with field filter" do
|
601
|
+
get :find, :model => 'user', :query =>'by_name',:term => 'J Smith', :fields => 'email'
|
602
|
+
ActiveSupport::JSON.decode(response.body).should ==
|
603
|
+
ActiveSupport::JSON.decode([
|
604
|
+
{"email"=>"smith@smith.com"},
|
605
|
+
{"email"=>"smith@smith.com"},
|
606
|
+
{"email"=>"smith@smith.com"}
|
607
|
+
].to_json)
|
608
|
+
end
|
609
|
+
|
610
|
+
end
|
611
|
+
|
612
|
+
end
|
613
|
+
|
614
|
+
end
|
615
|
+
|
616
|
+
|
617
|
+
def setAbilityAuthorized
|
618
|
+
eval <<-eos
|
619
|
+
class Ability
|
620
|
+
include CanCan::Ability
|
621
|
+
|
622
|
+
def initialize(user)
|
623
|
+
can :manage, :all
|
624
|
+
end
|
625
|
+
end
|
626
|
+
|
627
|
+
class ApplicationController < ActionController::Base
|
628
|
+
def current_user
|
629
|
+
nil
|
630
|
+
end
|
631
|
+
end
|
632
|
+
|
633
|
+
eos
|
634
|
+
|
635
|
+
end
|
636
|
+
|
637
|
+
def setAbilityUnauthorized
|
638
|
+
eval <<-eos
|
639
|
+
class Ability
|
640
|
+
include CanCan::Ability
|
641
|
+
|
642
|
+
def initialize(user)
|
643
|
+
cannot :manage, :all
|
644
|
+
end
|
645
|
+
end
|
646
|
+
|
647
|
+
class ApplicationController < ActionController::Base
|
648
|
+
def current_user
|
649
|
+
nil
|
650
|
+
end
|
651
|
+
end
|
652
|
+
|
653
|
+
eos
|
654
|
+
|
655
|
+
end
|
656
|
+
|
657
|
+
def setAbilityUnauthorizedUser
|
658
|
+
eval <<-eos
|
659
|
+
class Ability
|
660
|
+
include CanCan::Ability
|
661
|
+
|
662
|
+
def initialize(user)
|
663
|
+
can :read, User
|
664
|
+
cannot :delete, User
|
665
|
+
cannot :update, User
|
666
|
+
cannot :create, User
|
667
|
+
end
|
668
|
+
end
|
669
|
+
|
670
|
+
class ApplicationController < ActionController::Base
|
671
|
+
def current_user
|
672
|
+
nil
|
673
|
+
end
|
674
|
+
end
|
675
|
+
|
676
|
+
eos
|
677
|
+
|
678
|
+
end
|
679
|
+
|
680
|
+
end
|