quiz_api_client 4.3.0 → 4.5.1

data/spec/contracts/shared_banks_spec.rb

@@ -1,366 +0,0 @@
-PERMISSION_READ = 'read'.freeze
-PERMISSION_EDIT = 'edit'.freeze
-PERMISSION_REMOVED_ACCESS = 'removed_access'.freeze
-
-# These uuids are defined on the shared_provider_states.rb file in the quiz_api repo
-USER_1_UUID_FROM_QUIZ_API = 'd4614a35-a951-46e7-9b5e-48dbadc60158'.freeze
-USER_2_UUID_FROM_QUIZ_API = 'a51c9338-b5ee-4417-aaec-2561cb42f92e'.freeze
-USER_3_UUID_FROM_QUIZ_API = '71bf7db1-46bc-4769-a015-fa10819a2807'.freeze
-
-describe QuizApiClient::Services::SharedBanks, :pact do
-  include PactHelper
-
-  #
-  ## GET REQUESTS
-  #
-
-  # Owner of the bank, not shared calling GET shared_banks API
-  it_behaves_like 'a http get request to quiz_api collection endpoint' do
-    let(:service_name) { :shared_banks }
-    let(:request_description) { 'a request to retrieve the list of shared banks' }
-    let(:quizzes_api_path) { '/api/banks/1/shared_banks' }
-    let(:provider_state) { 'an user_1 item bank not shared' }
-    let(:scope) { 'quiz.build' }
-    let(:user) { USER_1_UUID_FROM_QUIZ_API }
-    let(:params) { { bank_id: 1 } }
-    # Returns an empty array
-    let(:response_body) { [] }
-  end
-
-  # Owner of the bank, shared with uuid_2, calling GET shared_bank API
-  it_behaves_like 'a http get request to quiz_api collection endpoint' do
-    let(:service_name) { :shared_banks }
-    let(:request_description) { 'a request to get shared banks by bank owner' }
-    let(:provider_state) { 'an user_1 item bank shared with user_2' }
-    let(:quizzes_api_path) { '/api/banks/1/shared_banks' }
-    let(:scope) { 'quiz.build' }
-    let(:user) { USER_1_UUID_FROM_QUIZ_API }
-    let(:params) { { bank_id: 1 } }
-    let(:response_body) do
-      Pact.each_like(
-        id: Pact.like('1'),
-        bank_id: Pact.like('1'),
-        user_uuid: Pact.like(USER_2_UUID_FROM_QUIZ_API),
-        permission: PERMISSION_EDIT
-      )
-    end
-  end
-
-  # Not owner of the bank calling GET shared_bank API
-  it_behaves_like 'a http get request to quiz_api collection endpoint' do
-    let(:service_name) { :shared_banks }
-    let(:request_description) { 'a request to get shared banks by shared user' }
-    let(:provider_state) { 'an user_1 item bank shared with user_2' }
-    let(:quizzes_api_path) { '/api/banks/1/shared_banks' }
-    let(:scope) { 'quiz.build' }
-    let(:user) { USER_2_UUID_FROM_QUIZ_API }
-    let(:params) { { bank_id: 1 } }
-    let(:response_body) do
-      Pact.each_like(
-        id: Pact.like('1'),
-        bank_id: Pact.like('1'),
-        user_uuid: Pact.like(USER_2_UUID_FROM_QUIZ_API),
-        permission: PERMISSION_EDIT
-      )
-    end
-  end
-
-  # User without permission on bank calling GET shared_bank API
-  it_behaves_like 'a http get request to quiz_api collection endpoint' do
-    let(:service_name) { :shared_banks }
-    let(:request_description) { 'a request to get shared banks by an user without permissions' }
-    let(:provider_state) { 'an user_1 item bank shared with user_2' }
-    let(:quizzes_api_path) { '/api/banks/1/shared_banks' }
-    let(:scope) { 'quiz.build' }
-    let(:status) { 401 }
-    let(:user) { USER_3_UUID_FROM_QUIZ_API }
-    let(:params) { { bank_id: 1 } }
-    let(:response_body) { nil }
-  end
-
-  # Authorized user requesting an invalid bank
-  it_behaves_like 'a http get request to quiz_api collection endpoint' do
-    let(:service_name) { :shared_banks }
-    let(:request_description) { 'a request to get shared banks of an invalid bank by an user' }
-    let(:provider_state) { 'an user_1 item bank shared with user_2' }
-    let(:quizzes_api_path) { '/api/banks/22222/shared_banks' }
-    let(:scope) { 'quiz.build' }
-    let(:status) { 401 }
-    let(:user) { USER_2_UUID_FROM_QUIZ_API }
-    let(:params) { { bank_id: '22222' } }
-    let(:response_body) { nil }
-  end
-
-  # an authorized user using an deleted item bank ID,
-  it_behaves_like 'a http get request to quiz_api collection endpoint' do
-    let(:service_name) { :shared_banks }
-    let(:request_description) { 'a request to get shared banks of a deleted bank by an authorized user' }
-    let(:provider_state) { 'an user_1 item bank shared with user_2, then deleted the bank' }
-    let(:quizzes_api_path) { '/api/banks/1/shared_banks' }
-    let(:scope) { 'quiz.build' }
-    let(:status) { 401 }
-    let(:user) { USER_2_UUID_FROM_QUIZ_API }
-    let(:params) { { bank_id: '1' } }
-    let(:response_body) { nil }
-  end
-
-  # an user that is no longer active (commented out as there's currently no way of deactivating an user in quiz_api)
-  # it_behaves_like 'a http get request to quiz_api collection endpoint' do
-  #   let(:service_name) { :shared_banks }
-  #   let(:request_description) { 'a request to get shared banks of a deactivated user' }
-  #   let(:provider_state) { 'an user_1 item bank shared with user_2, then deactivated the user_2' }
-  #   let(:quizzes_api_path) { '/api/banks/1/shared_banks' }
-  #   let(:scope) { 'quiz.build' }
-  #   let(:status) { 403 }  # Changed as per conversation with @jcrystal
-  #   let(:user) { USER_2_UUID_FROM_QUIZ_API }
-  #   let(:params) { { bank_id: '1' } }
-  #   let(:response_body) { nil }
-  # end
-
-  #
-  ## POST REQUESTS
-  #
-
-  # Owner of the bank shares the bank with user_2
-  it_behaves_like 'a http post request to quiz_api' do
-    let(:service_name) { :shared_banks }
-    let(:request_description) { 'a request to add an user to a shared bank' }
-    let(:provider_state) { 'an user_1 item bank not shared' }
-    let(:quizzes_api_path) { '/api/banks/1/shared_banks' }
-    let(:scope) { 'quiz.build' }
-    let(:user) { USER_1_UUID_FROM_QUIZ_API }
-    params = {
-      id: 1,
-      bank_id: 1,
-      user_uuid: USER_2_UUID_FROM_QUIZ_API,
-      permission: PERMISSION_EDIT
-    }
-    let(:params) do
-      params
-    end
-    let(:body) do
-      params
-    end
-    let(:response_body) do
-      {
-        id: Pact.like('1'),
-        bank_id: Pact.like('1'),
-        user_uuid: Pact.like(USER_2_UUID_FROM_QUIZ_API),
-        permission: PERMISSION_EDIT
-      }
-    end
-  end
-
-  # attempt to use an invalid permssion
-  it_behaves_like 'a http post request to quiz_api' do
-    let(:service_name) { :shared_banks }
-    let(:request_description) { 'a request to add an user to a shared bank by a user with invalid permissions' }
-    let(:provider_state) { 'an user_1 item bank not shared' }
-    let(:quizzes_api_path) { '/api/banks/1/shared_banks' }
-    let(:scope) { 'quiz.build' }
-    let(:status) { 422 }
-    let(:user) { USER_1_UUID_FROM_QUIZ_API }
-    params = {
-      id: 1,
-      bank_id: 1,
-      user_uuid: USER_2_UUID_FROM_QUIZ_API,
-      permission: 'THIS_IS_INVALID'
-    }
-    let(:params) do
-      params
-    end
-    let(:body) do
-      params
-    end
-    let(:response_body) do
-      {
-        error: 'Validation failed: Permission is not included in the list',
-        errors: Pact.each_like(
-          error_type: Pact.like(''),
-          message: Pact.like('')
-        )
-      }
-    end
-  end
-
-  # User without permissions attempts to update the bank
-  it_behaves_like 'a http post request to quiz_api' do
-    let(:service_name) { :shared_banks }
-    let(:request_description) { 'a request to add an user to a shared bank by a user without edit permissions' }
-    let(:provider_state) { 'an user_1 item bank not shared' }
-    let(:quizzes_api_path) { '/api/banks/1/shared_banks' }
-    let(:scope) { 'quiz.build' }
-    let(:status) { 401 }
-    let(:user) { USER_2_UUID_FROM_QUIZ_API }
-    params = {
-      id: 1,
-      bank_id: 1,
-      user_uuid: USER_2_UUID_FROM_QUIZ_API,
-      permission: PERMISSION_EDIT
-    }
-    let(:params) do
-      params
-    end
-    let(:body) do
-      params
-    end
-    let(:response_body) { nil }
-  end
-
-  # user_2 with edit permissions shares the bank
-  it_behaves_like 'a http post request to quiz_api' do
-    let(:service_name) { :shared_banks }
-    let(:request_description) { 'a request to add an user to a shared bank by a user with edit permissions' }
-    let(:provider_state) { 'an user_1 item bank shared with user_2' }
-    let(:quizzes_api_path) { '/api/banks/1/shared_banks' }
-    let(:scope) { 'quiz.build' }
-    let(:user) { USER_2_UUID_FROM_QUIZ_API }
-    params = {
-      id: 1,
-      bank_id: 1,
-      user_uuid: USER_3_UUID_FROM_QUIZ_API,
-      permission: PERMISSION_EDIT
-    }
-    let(:params) do
-      params
-    end
-    let(:body) do
-      params
-    end
-    let(:response_body) do
-      {
-        id: Pact.like('1'),
-        bank_id: Pact.like('1'),
-        user_uuid: Pact.like(USER_2_UUID_FROM_QUIZ_API),
-        permission: PERMISSION_EDIT
-      }
-    end
-  end
-
-  # user_2 with edit permissions on one bank attempts to add themself to another bank
-  it_behaves_like 'a http post request to quiz_api' do
-    let(:service_name) { :shared_banks }
-    let(:request_description) { 'a req to add an user to a bank by a user with edit permissions on a different bank' }
-    let(:provider_state) { 'an user_1 item bank shared with user_2, user_3 with own bank' }
-    let(:quizzes_api_path) { '/api/banks/2/shared_banks' }
-    let(:scope) { 'quiz.build' }
-    let(:status) { 401 }
-    let(:user) { USER_2_UUID_FROM_QUIZ_API }
-    params = {
-      id: 1,
-      bank_id: 2,
-      user_uuid: USER_2_UUID_FROM_QUIZ_API,
-      permission: PERMISSION_EDIT
-    }
-    let(:params) do
-      params
-    end
-    let(:body) do
-      params
-    end
-    let(:response_body) { nil }
-  end
-
-  #
-  ## PUT REQUESTS
-  #
-
-  # a user removing permissions
-  it_behaves_like 'a http put request to quiz_api' do
-    let(:service_name) { :shared_banks }
-    let(:request_description) { 'a request to update a shared bank' }
-    let(:provider_state) { 'an user_1 item bank shared with user_2' }
-    let(:quizzes_api_path) { '/api/banks/1/shared_banks/1' }
-    let(:scope) { 'quiz.build' }
-    let(:user) { USER_1_UUID_FROM_QUIZ_API }
-    params = {
-      bank_id: 1,
-      shared_bank_id: 1,
-      user_uuid: USER_2_UUID_FROM_QUIZ_API,
-      permission: PERMISSION_REMOVED_ACCESS
-    }
-    let(:params) do
-      params
-    end
-    let(:body) do
-      tmp_body = params.clone
-      # shared_bank_id is not really a parameter so remove it
-      tmp_body.delete(:shared_bank_id)
-      tmp_body
-    end
-    let(:response_body) do
-      {
-        id: Pact.like('1'),
-        bank_id: Pact.like('1'),
-        user_uuid: Pact.like(USER_2_UUID_FROM_QUIZ_API),
-        permission: PERMISSION_REMOVED_ACCESS
-      }
-    end
-  end
-
-  # a user uses an invalid permission
-  it_behaves_like 'a http put request to quiz_api' do
-    let(:service_name) { :shared_banks }
-    let(:request_description) { 'a request to update a shared bank with invalid permission' }
-    let(:provider_state) { 'an user_1 item bank shared with user_2' }
-    let(:quizzes_api_path) { '/api/banks/1/shared_banks/1' }
-    let(:scope) { 'quiz.build' }
-    let(:status) { 422 }
-    let(:user) { USER_1_UUID_FROM_QUIZ_API }
-    params = {
-      bank_id: 1,
-      shared_bank_id: 1,
-      user_uuid: USER_2_UUID_FROM_QUIZ_API,
-      permission: 'THIS_IS_INVALID'
-    }
-    let(:params) do
-      params
-    end
-    let(:body) do
-      tmp_body = params.clone
-      # shared_bank_id is not really a parameter so remove it
-      tmp_body.delete(:shared_bank_id)
-      tmp_body
-    end
-    let(:response_body) do
-      {
-        errors: {}
-      }
-    end
-  end
-
-  # a user with edit permissions on antoher bank try to update permissions
-  it_behaves_like 'a http put request to quiz_api' do
-    let(:service_name) { :shared_banks }
-    let(:request_description) { 'a request to update a shared bank by a user with permissions on a different bank' }
-    let(:provider_state) { 'an user_1 item bank shared with user_2, user_3 with own bank' }
-    let(:quizzes_api_path) { '/api/banks/2/shared_banks/2' }
-    let(:scope) { 'quiz.build' }
-    let(:status) { 401 }
-    let(:user) { USER_2_UUID_FROM_QUIZ_API }
-    params = {
-      bank_id: 2,
-      shared_bank_id: 2,
-      user_uuid: USER_2_UUID_FROM_QUIZ_API,
-      permission: PERMISSION_EDIT
-    }
-    let(:params) do
-      params
-    end
-    let(:body) do
-      tmp_body = params.clone
-      # shared_bank_id is not really a parameter so remove it
-      tmp_body.delete(:shared_bank_id)
-      tmp_body
-    end
-    let(:response_body) do
-      {
-        error: 'Invalid Auth Action: auth action failed user_can_edit_bank?',
-        errors: Pact.each_like(
-          error_type: Pact.like(''),
-          message: Pact.like('')
-        )
-      }
-    end
-  end
-end

data/spec/contracts/shared_examples/http_delete_example.rb

@@ -1,56 +0,0 @@
-shared_examples 'a http delete request to quiz_api' do
-  let(:quizzes_api_path) { raise 'Override in spec' }
-  let(:consumer_key) { 'consumer key' }
-  let(:consumer_request_id) { 'consumer request id' }
-  let(:host) { 'localhost:1234' }
-  let(:shared_secret) { 'secret' }
-  let(:scope) { raise 'Override in spec' }
-  let(:user) { nil }
-  let(:resource_id) { nil }
-  let(:response_body) { nil }
-  let(:service_name) { raise 'Override in spec' }
-  let(:status) { 204 }
-  let(:provider_state) { raise 'Override in spec' }
-  let(:params) { raise 'Override in spec' }
-  let(:request_description) { raise 'Override in spec (must be unique!)' }
-
-  let(:client) do
-    QuizApiClient::Client.new(
-      consumer_key: consumer_key,
-      consumer_request_id: consumer_request_id,
-      host: host,
-      shared_secret: shared_secret,
-      protocol: 'http'
-    )
-  end
-
-  context 'deleting a resource' do
-    let(:token) do
-      client.jwt_service.grant_permission(
-        exp: token_expiration_one_year,
-        scope: scope,
-        uuid: user,
-        resource_id: resource_id
-      )
-    end
-
-    before do
-      response = { status: status }
-      response[:body] = response_body if response_body
-      quiz_api
-        .given(provider_state)
-        .upon_receiving(request_description)
-        .with(
-          method: :delete,
-          path: quizzes_api_path,
-          headers: headers(token)
-        )
-        .will_respond_with(response)
-    end
-
-    it 'verifies the request is valid' do
-      result = client.send(service_name).destroy(token: token, params: params)
-      expect(result).to be_truthy
-    end
-  end
-end

data/spec/contracts/shared_examples/http_get_example.rb

@@ -1,139 +0,0 @@
-shared_context 'http get' do
-  let(:quizzes_api_path) { raise 'Override in spec' }
-  let(:consumer_key) { 'consumer key' }
-  let(:consumer_request_id) { 'consumer request id' }
-  let(:host) { 'localhost:1234' }
-  let(:shared_secret) { 'secret' }
-  let(:scope) { raise 'Override in spec' }
-  let(:resource_id) { nil }
-  let(:response_headers) { { 'Content-Type' => 'application/json; charset=utf-8' } }
-  let(:response_body) { raise 'Override in spec' }
-  let(:service_name) { raise 'Override in spec' }
-  let(:status) { 200 }
-  let(:provider_state) { raise 'Override in spec' }
-  let(:user) { nil }
-  let(:params) { raise 'Override in spec' }
-  let(:query_params) { {} }
-  let(:request_description) { raise 'Override in spec (must be unique!)' }
-
-  let(:client) do
-    QuizApiClient::Client.new(
-      consumer_key: consumer_key,
-      consumer_request_id: consumer_request_id,
-      host: host,
-      shared_secret: shared_secret,
-      protocol: 'http'
-    )
-  end
-end
-
-shared_examples 'a http get request to quiz_api' do
-  include_context 'http get'
-
-  context 'retrieving a single resource' do
-    let(:token) do
-      client.jwt_service.grant_permission(
-        exp: token_expiration_one_year,
-        scope: scope,
-        uuid: user,
-        resource_id: resource_id
-      )
-    end
-
-    before do
-      quiz_api
-        .given(provider_state)
-        .upon_receiving(request_description)
-        .with(
-          method: :get,
-          path: quizzes_api_path,
-          headers: headers(token),
-          query: query_params
-        )
-        .will_respond_with(
-          status: status,
-          headers: response_headers,
-          body: response_body
-        )
-    end
-
-    it 'verifies the request is valid' do
-      result = client.send(service_name).show(token: token, params: params)
-      expect(result).to be_truthy
-    end
-  end
-end
-
-shared_examples 'a http get request to quiz_api collection endpoint' do
-  include_context 'http get'
-
-  context 'retrieving a list of resources' do
-    let(:token) do
-      client.jwt_service.grant_permission(
-        exp: token_expiration_one_year,
-        scope: scope,
-        uuid: user,
-        resource_id: resource_id
-      )
-    end
-
-    before do
-      quiz_api
-        .given(provider_state)
-        .upon_receiving(request_description)
-        .with(
-          method: :get,
-          path: quizzes_api_path,
-          headers: headers(token),
-          query: query_params
-        )
-        .will_respond_with(
-          status: status,
-          headers: response_headers,
-          body: response_body
-        )
-    end
-
-    it 'verifies the request is valid' do
-      result = client.send(service_name).list(token: token, params: params)
-      expect(result).to be_truthy
-    end
-  end
-end
-
-shared_examples 'a http get only request to quiz_api' do
-  include_context 'http get'
-
-  context 'retrieving a single resource' do
-    let(:token) do
-      client.jwt_service.grant_permission(
-        exp: token_expiration_one_year,
-        scope: scope,
-        uuid: user,
-        resource_id: resource_id
-      )
-    end
-
-    before do
-      quiz_api
-        .given(provider_state)
-        .upon_receiving(request_description)
-        .with(
-          method: :get,
-          path: quizzes_api_path,
-          headers: headers(token),
-          query: query_params
-        )
-        .will_respond_with(
-          status: status,
-          headers: response_headers,
-          body: response_body
-        )
-    end
-
-    it 'verifies the request is valid' do
-      result = client.send(service_name).get(token: token, params: params)
-      expect(result).to be_truthy
-    end
-  end
-end

data/spec/contracts/shared_examples/http_patch_example.rb

@@ -1,60 +0,0 @@
-shared_examples 'a http patch request to quiz_api' do
-  let(:quizzes_api_path) { raise 'Override in spec' }
-  let(:consumer_key) { 'consumer key' }
-  let(:consumer_request_id) { 'consumer request id' }
-  let(:host) { 'localhost:1234' }
-  let(:shared_secret) { 'secret' }
-  let(:scope) { raise 'Override in spec' }
-  let(:user) { nil }
-  let(:resource_id) { nil }
-  let(:response_body) { raise 'Override in spec' }
-  let(:service_name) { raise 'Override in spec' }
-  let(:status) { 200 }
-  let(:provider_state) { raise 'Override in spec' }
-  let(:params) { raise 'Override in spec' }
-  let(:body) { raise 'Override in spec' }
-  let(:request_description) { raise 'Override in spec (must be unique!)' }
-
-  let(:client) do
-    QuizApiClient::Client.new(
-      consumer_key: consumer_key,
-      consumer_request_id: consumer_request_id,
-      host: host,
-      shared_secret: shared_secret,
-      protocol: 'http'
-    )
-  end
-
-  context 'updating a resource' do
-    let(:token) do
-      client.jwt_service.grant_permission(
-        exp: token_expiration_one_year,
-        scope: scope,
-        uuid: user,
-        resource_id: resource_id
-      )
-    end
-
-    before do
-      quiz_api
-        .given(provider_state)
-        .upon_receiving(request_description)
-        .with(
-          method: :patch,
-          path: quizzes_api_path,
-          headers: headers(token),
-          body: body
-        )
-        .will_respond_with(
-          status: status,
-          headers: { 'Content-Type' => 'application/json; charset=utf-8' },
-          body: response_body
-        )
-    end
-
-    it 'verifies the request is valid' do
-      result = client.send(service_name).update(token: token, params: params)
-      expect(result).to be_truthy
-    end
-  end
-end

data/spec/contracts/shared_examples/http_post_example.rb

@@ -1,68 +0,0 @@
-shared_examples 'a http post request to quiz_api' do
-  let(:quizzes_api_path) { raise 'Override in spec' }
-  let(:consumer_key) { 'consumer key' }
-  let(:consumer_request_id) { 'consumer request id' }
-  let(:host) { 'localhost:1234' }
-  let(:shared_secret) { 'secret' }
-  let(:scope) { raise 'Override in spec' }
-  let(:user) { nil }
-  let(:resource_id) { nil }
-  let(:response_body) { raise 'Override in spec' }
-  let(:service_name) { raise 'Override in spec' }
-  let(:status) { 201 }
-  let(:provider_state) { raise 'Override in spec' }
-  let(:params) { raise 'Override in spec' }
-  let(:body) { raise 'Override in spec' }
-  let(:request_description) { raise 'Override in spec (must be unique!)' }
-  let(:batch) { false }
-
-  let(:client) do
-    QuizApiClient::Client.new(
-      consumer_key: consumer_key,
-      consumer_request_id: consumer_request_id,
-      host: host,
-      shared_secret: shared_secret,
-      protocol: 'http'
-    )
-  end
-
-  context 'creating a new resource' do
-    let(:token) do
-      client.jwt_service.grant_permission(
-        exp: token_expiration_one_year,
-        scope: scope,
-        uuid: user,
-        resource_id: resource_id
-      )
-    end
-
-    before do
-      quiz_api
-        .given(provider_state)
-        .upon_receiving(request_description)
-        .with(
-          method: :post,
-          path: quizzes_api_path,
-          headers: headers(token),
-          body: body
-        )
-        .will_respond_with(
-          status: status,
-          headers: { 'Content-Type' => 'application/json; charset=utf-8' },
-          body: response_body
-        )
-    end
-
-    it 'verifies the request is valid' do
-      service = client.send(service_name)
-
-      result = if batch
-        service.create_batch(token: token, body: params)
-      else
-        service.create(token: token, params: params)
-      end
-
-      expect(result).to be_truthy
-    end
-  end
-end