gatherable 1.2.0 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 828a1fcd67fe3618315e17c81f7cd0906a7733a1
-  data.tar.gz: 3975e3ecdd2778d48040adc30eda40d5ef26cd7c
+  metadata.gz: b4cc971a909ed605b6e2438d967017cb5e8b0197
+  data.tar.gz: 3ab989877d63570afb2b91cf194814468c76f263
 SHA512:
-  metadata.gz: 61c15dbed0e1e948e6a7996f130163ca4cfbb3ab47b9ffc42dcc43b445e2e54e5919bf2c2073a77f12f5a7fa54fa31049f135183b23887061684af408903e56b
-  data.tar.gz: df294dd9354f40b269daf81e630ceb11cfce5f9982e3a3e35be159d70d336cabc671597dce1b2fd6e4ce523eeb61e0942e43c00ae4a4d0368811c7b891deb40a
+  metadata.gz: ed5f8b4d444fdf3cadc0fee9150f45da62c555b518ce6a2849862bb8ddc5470e49eab0da94383b777f2ab3e614cc2f92c4eb6afc9f41bef7709cb24cef068c97
+  data.tar.gz: 0950e67aa43118895f8fbd53f0b64d8bebd1c13fd1c4f964808524392dc01c96f34fec8ac1b693c325c54446a9d1ee855d40d4f0a8cdd2c6322539343276c3c0

data/app/controllers/gatherable/application_controller.rb

@@ -1,20 +1,21 @@
 module Gatherable
   class ApplicationController < ::ActionController::Base
-    before_action :authenticate, only: [:create]
+    before_action :set_gatherable_id
+    before_action :authenticate
 
     def index
-      render :json => model_class.where(global_identifier => global_identifier), :status => :found
+      render :json => model_class.where(global_id => global_id_val), :status => :found
     end
 
     def show
-      render :json => model_instance, :status => :found
+      render :json => model_class.find_by!(global_id => global_id_val, model_id => params[model_id]), :status => :found
     rescue ActiveRecord::RecordNotFound => e
       render :json => { :errors => e.message}, :status => :not_found
     end
 
     def create
       if data_table.new_record_strategy == :update
-        model = model_class.find_or_initialize_by(global_identifier => model_params[global_identifier])
+        model = model_class.find_or_initialize_by(global_id => global_id_val)
         model.update_attributes(model_params)
         render :json => model, :status => :ok
       else
@@ -44,11 +45,12 @@ module Gatherable
 
     def authenticate
       return unless Gatherable.config.auth_method == :session
-      head :unauthorized unless params[global_identifier] == session[global_identifier]
+      return unless requires_global_id_param?
+      head :unauthorized unless params[global_id] == session[global_id]
     end
 
     def model_instance
-      model_class.find_by!(params.slice(model_id, global_identifier))
+      model_class.find_by!(params.slice(model_id, global_id_val))
     end
 
     def model_class
@@ -73,16 +75,28 @@ module Gatherable
 
     def model_params
       params.require(model_name_as_var).permit(
-        *model_class.column_names
-      ).merge(global_identifier => params[global_identifier])
+        *model_class.column_names - [global_id]
+      ).merge(global_id => global_id_val)
     end
 
-    def global_identifier
+    def global_id
       Gatherable.config.global_identifier
     end
 
     def data_table
       DataTable.find_by_name(model_name_as_var)
     end
+
+    def set_gatherable_id
+      session[global_id] ||= SecureRandom.urlsafe_base64
+    end
+
+    def global_id_val
+      requires_global_id_param? ? params[global_id] : session[global_id]
+    end
+
+    def requires_global_id_param?
+      Gatherable.config.prefixed_resources.include? data_table.name
+    end
   end
 end

data/config/routes.rb

@@ -1,10 +1,23 @@
-Gatherable::Engine.routes.draw do
-  Gatherable.config.data_tables.each do |data_table|
-    scope :path => "/:#{Gatherable.config.global_identifier}" do
-      resources(data_table.name.to_s.pluralize.to_sym,
-                :only => data_table.allowed_controller_actions.map(&:to_sym),
-                :param => "#{data_table.name}_id"
-               )
+class Gatherable::RouteDrawer
+  def self.draw
+    Gatherable::Engine.routes.draw do
+      Gatherable.config.data_tables.each do |data_table|
+        if Gatherable.config.prefixed_resources.include? data_table.name
+          scope :path => "/:#{Gatherable.config.global_identifier}" do
+            resources(data_table.name.to_s.pluralize.to_sym,
+                      :only => data_table.allowed_controller_actions.map(&:to_sym),
+                      :param => "#{data_table.name}_id"
+                     )
+          end
+        else
+          resources(data_table.name.to_s.pluralize.to_sym,
+                    :only => data_table.allowed_controller_actions.map(&:to_sym),
+                    :param => "#{data_table.name}_id"
+                   )
+        end
+      end
     end
   end
 end
+
+Gatherable::RouteDrawer.draw

data/lib/gatherable/configuration.rb

@@ -21,7 +21,25 @@ module Gatherable
     end
 
     def auth_method
-      @auth_method
+      @auth_method || :session
+    end
+
+    def prefixed_resources
+      @prefixed_resources ||= []
+    end
+
+    def prefixed_resources=(resources)
+      all_table_names = DataTable.all.keys
+      @prefixed_resources = case resources
+      when String, Symbol, Array
+        Array(resources).map(&:to_sym) && all_table_names
+      when Hash
+        if resources.key?(:only)
+          Array(resources[:only]).map(&:to_sym) && all_table_names
+        elsif resources.key?(:except)
+          all_table_names - Array(resources[:except]).map(&:to_sym)
+        end
+      end
     end
   end
 end

data/lib/gatherable/version.rb

@@ -1,3 +1,3 @@
 module Gatherable
-  VERSION = "1.2.0"
+  VERSION = "2.0.0"
 end

data/lib/generators/gatherable/gatherable_generator.rb

@@ -1,6 +1,6 @@
 require 'rails/generators'
 class GatherableGenerator < Rails::Generators::NamedBase
-  source_root File.expand_path('../templates', __FILE__)
+  source_root File.expand_path('../../../../', __FILE__)
   def generate
     send "generate_#{file_name}"
   end
@@ -8,7 +8,8 @@ class GatherableGenerator < Rails::Generators::NamedBase
   private
 
   def generate_initializer
-    copy_file "gatherable.rb", "config/initializers/gatherable.rb"
+    copy_file "lib/generators/gatherable/templates/gatherable.rb",
+      "config/initializers/gatherable.rb"
   end
 
   def generate_migrations
@@ -25,7 +26,8 @@ class GatherableGenerator < Rails::Generators::NamedBase
   end
 
   def generate_controllers
-    copy_file 'application_controller.rb', 'app/controllers/gatherable/application_controller.rb'
+    copy_file 'app/controllers/gatherable/application_controller.rb',
+      'app/controllers/gatherable/application_controller.rb'
     Gatherable.config.data_tables.each do |data_table|
       ControllerWriter.new(data_table).write
     end

data/lib/generators/gatherable/templates/gatherable.rb

@@ -1,15 +1,15 @@
 Gatherable.configure do |c|
   c.global_identifier = :gatherable_id
 
- # c.data_point :data_point_name, :data_point_type, options - see README
+  # c.data_point :data_point_name, :data_point_type, options - see README
   c.data_point :price, :decimal
 
-  #c.data_table :table_name, { column_name: :column_type, column_name2: :column_type }, options - see README
+  # c.data_table :table_name, { column_name: :column_type, column_name2: :column_type }, options - see README
   c.data_table :requested_loan_amount, { requested_loan_amount: :decimal, total_cost: :decimal, monthly_repayment_amount: :decimal }
 
-  #  for both data tables and data points, you'll automatically get a primary key 'table_name_id',
-  #  an indexed global identifier, and timestamps
+  # for both data tables and data points, you'll automatically get a primary key 'table_name_id',
+  # an indexed global identifier, and timestamps
 
-  #If want your db schema to be something besides 'gatherable', uncomment the line below
-  #c.schema_name = 'foo_bar'
+  # If want your db schema to be something besides 'gatherable', uncomment the line below
+  # c.schema_name = 'foo_bar'
 end

data/spec/controllers/gatherable/application_controller_spec.rb

@@ -1,64 +1,88 @@
 require 'rails_helper'
-describe 'Gatherable::PricesController' do
-  before(:all) do
-    @controller = Gatherable::PricesController.new
-    Gatherable::ApplicationController.skip_before_action :check_controller_action
+
+describe 'Gatherable::PricesController', :type => :request do
+
+  let(:data_table) { Gatherable.config.data_tables.first }
+  let(:model_name) { data_table.name }
+  let(:model_class) { data_table.classify }
+  let(:controller_class) { data_table.controllerify }
+  let(:global_id) { 'session_id123' }
+  let(:id) { 1 }
+
+  let(:params_prefix) { prefix.blank? ? { "session_id" => global_id } : {} }
+
+  let(:index) { get "/gatherable/#{prefix}#{model_name.to_s.pluralize}.json" }
+
+  let(:show) do
+    get "/gatherable/#{prefix}#{model_name.to_s.pluralize}/#{id}.json"
+  end
+
+  let(:create) do
+    post "/gatherable/#{prefix}#{model_name.to_s.pluralize}.json", params
+  end
+
+  let(:update) do
+    put "/gatherable/#{prefix}#{model_name.to_s.pluralize}/#{id}.json", params
+  end
+
+  let(:destroy) do
+    delete "/gatherable/#{prefix}#{model_name.to_s.pluralize}/#{id}.json"
   end
 
   let(:json_response) { JSON.parse(response.body) }
-  let(:model_name) { :price }
-  let(:data_table) { DataTable.find_by_name(model_name) }
-  let(:model_class) { data_table.classify }
 
-  describe '#index', :type => :request do
-    def get_index
-      get '/gatherable/session_id123/prices.json'
-    end
+  before do
+    allow(SecureRandom).to receive(:urlsafe_base64) { global_id }
+    allow(data_table).to receive(:allowed_controller_actions) { [:show, :index, :create, :update, :destroy] }
+    @controller = controller_class.new
+  end
 
+  shared_examples "#index" do
     context 'successful request' do
-      let(:model_params) { { "price" => "3.0"} }
-      let(:price) { model_class.new(model_params.merge(:session_id => 'session_id123')) }
+      let(:instance) { model_class.new(model_params) }
+      let(:model_params) { { "#{model_name}_id" => 0, model_name.to_s => "3.0"} }
 
       before do
-        allow(model_class).to receive(:where) { [price] }
+        allow(model_class).to receive(:where) { [instance] }
       end
 
-      it 'returns a 201 response code' do
-        get_index
+      it 'returns a 302 response code' do
+        index
         expect(response.status).to eql 302
       end
 
       it 'returns a json array' do
-        get_index
-        expect(json_response).to include({"price_id"=>nil, "price"=>"3.0", "session_id"=>"session_id123", "created_at"=>nil})
+        index
+        expect(json_response).to match([a_hash_including(model_params)])
       end
     end
 
     context 'unsuccesful request' do
-      let(:perform_request) { lambda { get_index } }
+      context 'no results found' do
+        it 'returns an empty json response' do
+          index
+          expect(json_response).to be_empty
+        end
+      end
     end
   end
 
-  describe '#show', :type => :request do
-    let(:price) { Gatherable::Price.new(:price => 3.0) }
+  shared_examples '#show' do
+    let(:instance) { model_class.new(model_params) }
+    let(:model_params) { { model_name.to_s => "3.0", "#{model_name}_id" => id} }
 
     before do
-      allow(model_class).to receive(:find_by!).with(:price_id => '1', :session_id => 'session_id123').and_return(price)
-      allow(model_class).to receive(:find_by!).with(:price_id => '0', :session_id => 'session_id123').and_raise(ActiveRecord::RecordNotFound)
-    end
-
-    def do_get(price_id)
-      get "/gatherable/session_id123/prices/#{price_id}.json"
+      allow(model_class).to receive(:find_by!).with("#{model_name}_id" => id.to_s, :session_id => global_id).and_return(instance)
+      allow(model_class).to receive(:find_by!).with("#{model_name}_id" => '0', :session_id => global_id).and_raise(ActiveRecord::RecordNotFound)
     end
 
     context 'record found' do
       before do
-        do_get(1)
+        show
       end
 
       it 'returns the record' do
-        expect(json_response).to eql \
-          ({"price_id"=>nil, "price"=>"3.0", "session_id" => nil, "created_at"=>nil})
+        expect(json_response).to include(model_params)
       end
 
       specify 'the response code is 302' do
@@ -67,8 +91,9 @@ describe 'Gatherable::PricesController' do
     end
 
     context 'record not found' do
+      let(:id) { 0 }
       before do
-        do_get(0)
+        show
       end
 
       specify 'the response code is 404' do
@@ -81,60 +106,58 @@ describe 'Gatherable::PricesController' do
     end
   end
 
-  describe '#create', :type => :request do
-    def do_post(params)
-      post "/gatherable/session_id123/prices.json", params
-    end
+  shared_examples '#create' do
 
     shared_examples 'successful object creation' do
+      let(:params) {{ model_name => model_params }}
       before do
-        model_params.merge!('session_id' => 'session_id123')
+        model_params.merge!('session_id' => global_id)
       end
 
       it 'creates an object' do
         expect(model_class).to receive(:create!).with(model_params)
-        do_post({:price => model_params })
+        create
       end
 
       it "contains all attributes of the model" do
-        do_post(passed_params)
+        create
         model_class.column_names.each do |attr|
           expect(json_response.keys).to include(attr)
         end
       end
 
       it "returns the saved values of the created model" do
-        do_post(passed_params)
-        model_params.each do |(attr, val)|
+        create
+        model_params.stringify_keys.each do |(attr, val)|
           expect(json_response[attr]).to eql val
         end
       end
 
       it 'adds a timestamp to the record' do
-        do_post(passed_params)
+        create
         expect(json_response['created_at']).to_not be_nil
       end
 
       specify 'the object created is valid' do
-        do_post(passed_params)
-        expect(price).to be_valid
+        create
+        expect(instance).to be_valid
       end
 
       specify 'status is 201' do
-        do_post(passed_params)
+        create
         expect(response.status).to eql 201
       end
 
       context 'new_record_strategy = :update' do
         before do
-          allow(DataTable.find_by_name(model_name)).to receive(:new_record_strategy).and_return :update
+          allow(data_table).to receive(:new_record_strategy).and_return :update
         end
 
         context 'updating existing record' do
           let!(:existing_record) { model_class.create(model_name => '76', :session_id => 'session_id123') }
 
           it 'sets correct values' do
-            do_post(passed_params)
+            create
             existing_record.reload
             model_params.each do |(attr, val)|
               expect(existing_record.send(attr).to_s).to eql val
@@ -142,126 +165,135 @@ describe 'Gatherable::PricesController' do
           end
 
           it 'does not create a new record' do
-            expect{do_post(passed_params)}.to_not change{model_class.count}
+            expect{create}.to_not change{model_class.count}
           end
         end
 
         context 'creating new record' do
           it 'creates a valid record' do
-            expect{do_post(passed_params)}.to change{model_class.count}.by 1
+            expect{create}.to change{model_class.count}.by 1
           end
         end
 
         specify 'status is 200' do
-          do_post(passed_params)
+          create
           expect(response.status).to eql 200
         end
       end
     end
 
     context 'correct param format' do
-      let(:model_params) { { "price" => "3.0"} }
-      let(:passed_params) { {:price => model_params} }
-      let(:price) { model_class.new(model_params.merge(:session_id => 'session_id123')) }
+      let(:model_params) { { model_name => "3.0"} }
+      let(:instance) { model_class.new(model_params) }
       it_behaves_like 'successful object creation'
     end
 
-    context 'auth_method set' do
-      let(:model_params) { { "price" => "3.0"} }
-      let(:passed_params) { {:price => model_params} }
-      let(:model_name) { :price }
-      context 'session identifier matches passed identifier' do
-        before do
-          allow(Gatherable.config).to receive(:auth_method) { :session }
-          session[:session_id] = 'session_id123'
-          allow_any_instance_of(@controller.class).to receive(:session) { session } #boo any_instance
-        end
-        let(:price) { model_class.new(model_params.merge(:session_id => 'session_id123')) }
-        it_behaves_like 'successful object creation'
-      end
-
-      context 'session identifier does not match passed identifier' do
-        before do
-          allow(Gatherable.config).to receive(:auth_method) { :session }
-          do_post(passed_params)
-        end
-
-        it 'returns an empty response body' do
-          expect(response.body).to be_empty
-        end
-
-        it 'gives an unauthorized response status' do
-          expect(response.status).to eql 401
-        end
-
-        it 'does not create an object' do
-          expect(model_class).to_not receive(:create!)
-          do_post(passed_params)
-        end
-      end
-    end
 
     context 'incorrect param format' do
       context 'required params not given' do
+        let(:params) { { :yolo => 'swag' } }
         specify 'the response status is 422' do
-          do_post( { :yolo => 'swag' } )
+          create
           expect(response.status).to eql 422
         end
       end
 
       context 'required params + junk params given' do
-        let(:model_params) { { "price" => "3.0"} }
+        let(:model_params) { { model_name => "3.0"} }
         let(:junk_params) { { 'yolo' => 'swag' } }
-        let(:passed_params) { {:price => model_params.merge(junk_params)}.merge(junk_params) }
-        let(:price) { model_class.new(model_params.merge(:session_id => 'session_id123')) }
+        let(:params) { { model_name => model_params.merge(junk_params)}.merge(junk_params) }
+        let(:instance) { model_class.new(model_params.merge(:session_id => 'session_id123')) }
         it_behaves_like 'successful object creation'
       end
     end
   end
 
-  describe '#update', :type => :request do
-    let(:price) { model_class.new(model_params.merge(:session_id => 'session_id123')) }
-    let(:bad_params) { { 'price' => 'free' } }
-    let(:model_params) { { 'price' => '3.0' } }
+  shared_examples '#update' do
+    describe '#update' do
+      let(:model_params) { { model_name => '3.0', "#{model_name}_id" => id } }
+      let(:instance) { model_class.new(model_params) }
+      let(:params) { { model_name => { model_name => '4.0' } } }
 
-    def update(id, params)
-      put "/gatherable/session_id123/prices/#{id}.json", params
-    end
+      context 'successful request' do
+        before do
+          instance.save!
+          update
+        end
 
-    context 'successful request' do
-      before do
-        price.save!
-        update(price.reload.id, 'price' => {'price' => 11 })
+        it 'updates the record' do
+          expect(instance.reload.send(model_name.to_sym).to_s).to eql '4.0'
+        end
+
+        it 'renders an updated version of the record' do
+          expect(json_response).to include( {model_name.to_s => '4.0'} )
+        end
       end
 
-      it 'updates the record' do
-        expect(price.reload.price).to eql 11
+      context 'with invalid data' do
+        let(:params) { { model_name => Date.today } }
+
+        before do
+          allow(model_class).to receive(:find_by!).and_return(instance)
+          update
+        end
+
+        specify 'the response code is 422' do
+          expect(response.status).to eql 422
+        end
+
+        it 'returns errors' do
+          expect(json_response).to have_key('errors')
+        end
       end
 
-      it 'renders an updated version of the record' do
-        expect(json_response).to include( {"price_id"=>29, "price"=>"11.0", "session_id"=>"session_id123"} )
+      context 'record not found' do
+        let(:id) { 0 }
+        let(:params) { {} }
+        before do
+          update
+        end
+
+        specify 'the response code is 404' do
+          expect(response.status).to eql 404
+        end
+
+        it 'returns errors' do
+          expect(json_response).to eql({"errors"=>"Couldn't find Gatherable::#{model_name.to_s.classify}"})
+        end
       end
     end
+  end
 
-    context 'with invalid data' do
+  shared_examples '#destroy' do
+    let(:model_params) { { model_name => '3.0' } }
+    let(:instance) { model_class.new(model_params.merge(:session_id => 'session_id123')) }
+    let(:id) { instance.reload.id }
 
+    context 'successful request' do
       before do
-        allow(model_class).to receive(:find_by!).with(:price_id => '1', :session_id => 'session_id123').and_return(price)
-        update(1, bad_params)
+        instance.save!
+        id
+        destroy
       end
 
-      specify 'the response code is 422' do
-        expect(response.status).to eql 422
+      it 'deletes the record' do
+        expect(model_class.where("#{model_name}_id" => id)).to be_empty
       end
 
-      it 'returns errors' do
-        expect(json_response).to have_key('errors')
+      it 'renders nothing' do
+        expect(response.body).to be_empty
+      end
+
+      it 'has a successful response code' do
+        expect(response.status).to eql 204
       end
     end
 
     context 'record not found' do
+      let(:id) { 0 }
+
       before do
-        update(0, {})
+        destroy
       end
 
       specify 'the response code is 404' do
@@ -269,46 +301,128 @@ describe 'Gatherable::PricesController' do
       end
 
       it 'returns errors' do
-        expect(json_response).to eql({"errors"=>"Couldn't find Gatherable::Price"})
+        expect(json_response).to eql({"errors"=>"Couldn't find Gatherable::#{model_name.to_s.classify}"})
       end
     end
   end
 
-  describe '#delete', :type => :request do
-    let(:price) { model_class.new(model_params.merge(:session_id => 'session_id123')) }
-    let(:bad_params) { { 'price' => 'free' } }
-    let(:model_params) { { 'price' => '3.0' } }
+  shared_examples 'auth failed' do
+    let(:prefix) { "#{global_id}123/" }
 
-    def delete_price(id)
-      delete "/gatherable/session_id123/prices/#{id}.json"
+    before do
+      allow(Gatherable.config).to receive(:auth_method) { :session }
+      allow_any_instance_of(@controller.class).to receive(:session) { {:session_id => global_id } }
+      perform_request.call
     end
 
-    context 'successful request' do
-      before do
-        price.save!
+    it 'returns an empty body' do
+      expect(response.body).to be_empty
+    end
+
+    it 'returns a response status of unauthorized' do
+      expect(response.status).to eql 401
+    end
+  end
+
+  context 'unique identifier required in route' do
+    let(:prefix) { "#{global_id}/" }
+
+    before do
+      allow(Gatherable.config).to receive(:prefixed_resources) { [data_table.name] }
+      Gatherable::RouteDrawer.draw
+    end
+
+    it_behaves_like '#index' do
+      it_behaves_like 'auth failed' do
+        let(:perform_request) { Proc.new{index} }
       end
+    end
 
-      it 'deletes the record' do
-        delete_price(price.id)
-        expect(Gatherable::Price.where(price_id: price.id)).to be_empty
+    it_behaves_like '#show' do
+      it_behaves_like 'auth failed' do
+        let(:perform_request) { Proc.new{index} }
       end
+    end
 
-      it 'renders nothing' do
-        expect(response.body).to be_empty
+    it_behaves_like '#create' do
+      it_behaves_like 'auth failed' do
+        let(:perform_request) { Proc.new{ create } }
+        let(:params) { {} }
+
+        it 'does not create an object' do
+          expect{perform_request.call}.to_not change{model_class.count}
+        end
       end
     end
 
-    context 'record not found' do
+    it_behaves_like '#update' do
+      it_behaves_like 'auth failed' do
+        let(:perform_request) { Proc.new{ update } }
+        let(:params) { {} }
+        let(:instance) { model_class.new(model_name => '3.0', :session_id => global_id) }
+        let!(:id) { instance.save!; instance.reload.id }
+
+        before do
+          allow(model_class).to receive(:find_by!) { instance }
+        end
+
+        it 'does not update the instance' do
+          perform_request.call
+          expect(instance).to eql instance.reload
+        end
+      end
+    end
+
+    it_behaves_like '#destroy' do
+      it_behaves_like 'auth failed' do
+        let(:perform_request) { Proc.new{ destroy } }
+        let(:instance) { model_class.new(model_name => '3.0', :session_id => global_id) }
+        let!(:id) { instance.save!; instance.reload.id }
+
+        before do
+          allow(model_class).to receive(:find_by!) { instance }
+        end
+
+        it 'does not delete the instance' do
+          expect{perform_request.call}.to_not change{instance.persisted?}
+        end
+      end
+    end
+  end
+
+  context 'unique identifier not required in route' do
+    let(:prefix) { '' }
+
+    before do
+      allow(Gatherable.config).to receive(:prefixed_resources) { [] }
+      Gatherable::RouteDrawer.draw
+    end
+
+    it_behaves_like '#index'
+    it_behaves_like '#show'
+    it_behaves_like '#create'
+    it_behaves_like '#update'
+    it_behaves_like '#destroy'
+  end
+
+  [:index, :show, :create, :update, :destroy].each do |disallowed_action|
+    context "#{disallowed_action} not allowed" do
+      let(:all_actions) { [:index, :show, :create, :update, :destroy] }
+      let(:prefix) { }
+      let(:params) { {} }
+
       before do
-        delete_price(0)
+        allow(data_table).to receive(:allowed_controller_actions).and_return(all_actions - [disallowed_action])
+        Gatherable::RouteDrawer.draw
       end
 
-      specify 'the response code is 404' do
-        expect(response.status).to eql 404
+      specify "sending #{disallowed_action} raises error"  do
+        expect{send(disallowed_action)}.to raise_error(ActionController::RoutingError)
       end
 
-      it 'returns errors' do
-        expect(json_response).to eql({"errors"=>"Couldn't find Gatherable::Price"})
+      after do
+        allow(data_table).to receive(:allowed_controller_actions) { all_actions }
+        Gatherable::RouteDrawer.draw
       end
     end
   end