unsakini 0.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/MIT-LICENSE +20 -0
- data/README.md +28 -0
- data/Rakefile +34 -0
- data/angular/README.md +31 -0
- data/angular/angular-cli.json +59 -0
- data/angular/karma.conf.js +45 -0
- data/angular/package.json +49 -0
- data/angular/protractor.conf.js +32 -0
- data/angular/src/app/app.component.css +0 -0
- data/angular/src/app/app.component.html +4 -0
- data/angular/src/app/app.component.spec.ts +47 -0
- data/angular/src/app/app.component.ts +10 -0
- data/angular/src/app/app.module.ts +29 -0
- data/angular/src/app/app.routes.module.ts +29 -0
- data/angular/src/app/index.ts +2 -0
- data/angular/src/app/registration/registration.component.css +0 -0
- data/angular/src/app/registration/registration.component.html +14 -0
- data/angular/src/app/registration/registration.component.spec.ts +157 -0
- data/angular/src/app/registration/registration.component.ts +42 -0
- data/angular/src/environments/environment.prod.ts +3 -0
- data/angular/src/environments/environment.ts +8 -0
- data/angular/src/favicon.ico +0 -0
- data/angular/src/index.html +14 -0
- data/angular/src/main.ts +12 -0
- data/angular/src/polyfills.ts +19 -0
- data/angular/src/styles.css +1 -0
- data/angular/src/test.ts +31 -0
- data/angular/src/tsconfig.json +18 -0
- data/angular/src/typings.d.ts +2 -0
- data/angular/tslint.json +114 -0
- data/angular/typings.json +4 -0
- data/app/controllers/api/boards_controller.rb +67 -0
- data/app/controllers/api/comments_controller.rb +51 -0
- data/app/controllers/api/posts_controller.rb +58 -0
- data/app/controllers/api/share_board_controller.rb +118 -0
- data/app/controllers/api/users_controller.rb +27 -0
- data/app/controllers/application_controller.rb +5 -0
- data/app/controllers/concerns/board_owner_controller_concern.rb +38 -0
- data/app/controllers/concerns/comment_owner_controller_concern.rb +33 -0
- data/app/controllers/concerns/logged_in_controller_concern.rb +21 -0
- data/app/controllers/concerns/post_owner_controller_concern.rb +36 -0
- data/app/controllers/concerns/serializer_controller_concern.rb +11 -0
- data/app/controllers/user_token_controller.rb +2 -0
- data/app/controllers/web_base_controller.rb +11 -0
- data/app/models/application_record.rb +5 -0
- data/app/models/board.rb +14 -0
- data/app/models/comment.rb +9 -0
- data/app/models/concerns/encryptable_model_concern.rb +96 -0
- data/app/models/post.rb +12 -0
- data/app/models/user.rb +6 -0
- data/app/models/user_board.rb +71 -0
- data/app/serializers/board_serializer.rb +5 -0
- data/app/serializers/comment_serializer.rb +10 -0
- data/app/serializers/post_serializer.rb +23 -0
- data/app/serializers/user_board_serializer.rb +10 -0
- data/app/serializers/user_serializer.rb +6 -0
- data/config/initializers/unsakini.rb +4 -0
- data/config/routes.rb +22 -0
- data/db/migrate/20161116114222_create_boards.rb +9 -0
- data/db/migrate/20161116200034_create_user_boards.rb +11 -0
- data/db/migrate/20161118031023_create_posts.rb +12 -0
- data/db/migrate/20161118100454_create_comments.rb +11 -0
- data/db/migrate/20161118221508_add_encrypted_password_to_user_board.rb +5 -0
- data/db/migrate/20161122211105_create_users.rb +12 -0
- data/lib/generators/unsakini/angular/USAGE +8 -0
- data/lib/generators/unsakini/angular/angular_generator.rb +7 -0
- data/lib/generators/unsakini/config/USAGE +8 -0
- data/lib/generators/unsakini/config/config_generator.rb +7 -0
- data/lib/generators/unsakini/config/templates/unsakini.rb +4 -0
- data/lib/tasks/unsakini_tasks.rake +33 -0
- data/lib/unsakini/engine.rb +30 -0
- data/lib/unsakini/version.rb +3 -0
- data/lib/unsakini.rb +5 -0
- data/spec/concerns/models/encryptable_concern.rb +40 -0
- data/spec/dummy/Rakefile +6 -0
- data/spec/dummy/angular/README.md +31 -0
- data/spec/dummy/angular/angular-cli.json +59 -0
- data/spec/dummy/angular/e2e/app.e2e-spec.ts +14 -0
- data/spec/dummy/angular/e2e/app.po.ts +11 -0
- data/spec/dummy/angular/e2e/signup.e2e-spec.ts +28 -0
- data/spec/dummy/angular/e2e/signup.po.ts +31 -0
- data/spec/dummy/angular/e2e/tsconfig.json +16 -0
- data/spec/dummy/angular/karma.conf.js +45 -0
- data/spec/dummy/angular/package.json +50 -0
- data/spec/dummy/angular/protractor.conf.js +32 -0
- data/spec/dummy/angular/src/app/app.component.css +0 -0
- data/spec/dummy/angular/src/app/app.component.html +4 -0
- data/spec/dummy/angular/src/app/app.component.spec.ts +47 -0
- data/spec/dummy/angular/src/app/app.component.ts +10 -0
- data/spec/dummy/angular/src/app/app.module.ts +29 -0
- data/spec/dummy/angular/src/app/app.routes.module.ts +29 -0
- data/spec/dummy/angular/src/app/index.ts +2 -0
- data/spec/dummy/angular/src/app/registration/registration.component.css +0 -0
- data/spec/dummy/angular/src/app/registration/registration.component.html +14 -0
- data/spec/dummy/angular/src/app/registration/registration.component.spec.ts +157 -0
- data/spec/dummy/angular/src/app/registration/registration.component.ts +42 -0
- data/spec/dummy/angular/src/environments/environment.prod.ts +3 -0
- data/spec/dummy/angular/src/environments/environment.ts +8 -0
- data/spec/dummy/angular/src/favicon.ico +0 -0
- data/spec/dummy/angular/src/index.html +14 -0
- data/spec/dummy/angular/src/main.ts +12 -0
- data/spec/dummy/angular/src/polyfills.ts +19 -0
- data/spec/dummy/angular/src/styles.css +1 -0
- data/spec/dummy/angular/src/test.ts +31 -0
- data/spec/dummy/angular/src/tsconfig.json +18 -0
- data/spec/dummy/angular/src/typings.d.ts +2 -0
- data/spec/dummy/angular/tslint.json +114 -0
- data/spec/dummy/angular/typings.json +4 -0
- data/spec/dummy/app/assets/config/manifest.js +3 -0
- data/spec/dummy/app/assets/javascripts/application.js +13 -0
- data/spec/dummy/app/assets/stylesheets/application.css +15 -0
- data/spec/dummy/app/channels/application_cable/channel.rb +4 -0
- data/spec/dummy/app/channels/application_cable/connection.rb +4 -0
- data/spec/dummy/app/controllers/application_controller.rb +2 -0
- data/spec/dummy/app/jobs/application_job.rb +2 -0
- data/spec/dummy/app/mailers/application_mailer.rb +4 -0
- data/spec/dummy/app/models/application_record.rb +3 -0
- data/spec/dummy/app/views/layouts/mailer.html.erb +13 -0
- data/spec/dummy/app/views/layouts/mailer.text.erb +1 -0
- data/spec/dummy/bin/bundle +3 -0
- data/spec/dummy/bin/rails +4 -0
- data/spec/dummy/bin/rake +4 -0
- data/spec/dummy/bin/setup +34 -0
- data/spec/dummy/bin/update +29 -0
- data/spec/dummy/config/application.rb +22 -0
- data/spec/dummy/config/boot.rb +5 -0
- data/spec/dummy/config/cable.yml +9 -0
- data/spec/dummy/config/crypto.yml +7 -0
- data/spec/dummy/config/database.yml +25 -0
- data/spec/dummy/config/environment.rb +5 -0
- data/spec/dummy/config/environments/development.rb +47 -0
- data/spec/dummy/config/environments/production.rb +78 -0
- data/spec/dummy/config/environments/test.rb +42 -0
- data/spec/dummy/config/initializers/application_controller_renderer.rb +6 -0
- data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
- data/spec/dummy/config/initializers/cors.rb +16 -0
- data/spec/dummy/config/initializers/inflections.rb +16 -0
- data/spec/dummy/config/initializers/mime_types.rb +4 -0
- data/spec/dummy/config/initializers/new_framework_defaults.rb +18 -0
- data/spec/dummy/config/initializers/wrap_parameters.rb +14 -0
- data/spec/dummy/config/locales/en.yml +23 -0
- data/spec/dummy/config/puma.rb +47 -0
- data/spec/dummy/config/routes.rb +3 -0
- data/spec/dummy/config/secrets.yml +22 -0
- data/spec/dummy/config/spring.rb +6 -0
- data/spec/dummy/config.ru +5 -0
- data/spec/dummy/db/development.sqlite3 +0 -0
- data/spec/dummy/db/schema.rb +56 -0
- data/spec/dummy/db/test.sqlite3 +0 -0
- data/spec/dummy/public/app/favicon.ico +0 -0
- data/spec/dummy/public/app/index.html +14 -0
- data/spec/dummy/public/app/inline.bundle.js +139 -0
- data/spec/dummy/public/app/inline.map +1 -0
- data/spec/dummy/public/app/main.bundle.js +64689 -0
- data/spec/dummy/public/app/main.map +1 -0
- data/spec/dummy/public/app/styles.bundle.js +364 -0
- data/spec/dummy/public/app/styles.map +1 -0
- data/spec/factories/boards.rb +5 -0
- data/spec/factories/comments.rb +7 -0
- data/spec/factories/posts.rb +8 -0
- data/spec/factories/user_boards.rb +9 -0
- data/spec/factories/users.rb +10 -0
- data/spec/models/board_spec.rb +19 -0
- data/spec/models/comment_spec.rb +26 -0
- data/spec/models/post_spec.rb +19 -0
- data/spec/models/user_board_spec.rb +193 -0
- data/spec/models/user_spec.rb +5 -0
- data/spec/rails_helper.rb +58 -0
- data/spec/requests/api/api_boards_spec.rb +238 -0
- data/spec/requests/api/api_share_board_spec.rb +167 -0
- data/spec/requests/api/api_users_spec.rb +52 -0
- data/spec/requests/api/board/api_board_posts_spec.rb +299 -0
- data/spec/requests/api/board/post/api_board_post_comments_spec.rb +370 -0
- data/spec/requests/render_app_index_spec.rb +19 -0
- data/spec/schema/board.json +39 -0
- data/spec/schema/comment.json +51 -0
- data/spec/schema/post.json +87 -0
- data/spec/schema/user.json +27 -0
- data/spec/spec_helper.rb +67 -0
- data/spec/support/auth_helper.rb +17 -0
- data/spec/support/scenario_helper.rb +134 -0
- data/spec/support/serialize_helper.rb +37 -0
- metadata +540 -0
@@ -0,0 +1,52 @@
|
|
1
|
+
require 'rails_helper'
|
2
|
+
|
3
|
+
RSpec.describe "Api::Users", type: :request do
|
4
|
+
|
5
|
+
before(:all) do
|
6
|
+
@user = create(:user)
|
7
|
+
end
|
8
|
+
|
9
|
+
describe "GET /api/user/:id" do
|
10
|
+
it "returns http unauthorized" do
|
11
|
+
get api_user_path(@user)
|
12
|
+
expect(response).to have_http_status(:unauthorized)
|
13
|
+
end
|
14
|
+
it "returns current user" do
|
15
|
+
get api_user_path(@user), headers: auth_headers(@user)
|
16
|
+
expect(response).to have_http_status(:ok)
|
17
|
+
expect(response.body).to match_json_schema(:user)
|
18
|
+
expect(response.body).to be_json_eql(serialize(@user))
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
describe "GET /api/users/search" do
|
23
|
+
|
24
|
+
before(:all) do
|
25
|
+
@user_2 = create(:user)
|
26
|
+
end
|
27
|
+
|
28
|
+
it "returns http unauthorized" do
|
29
|
+
get api_user_search_path, params: {email: @user_2.email}
|
30
|
+
expect(response).to have_http_status(:unauthorized)
|
31
|
+
end
|
32
|
+
|
33
|
+
it "returns http not_found" do
|
34
|
+
get api_user_search_path, params: {email: "#{Faker::Crypto.md5}@gmail.com"}, headers: auth_headers(@user)
|
35
|
+
expect(response).to have_http_status(:not_found)
|
36
|
+
end
|
37
|
+
|
38
|
+
it "returns http not_found if my email" do
|
39
|
+
get api_user_search_path, params: {email: @user.email}, headers: auth_headers(@user)
|
40
|
+
expect(response).to have_http_status(:not_found)
|
41
|
+
end
|
42
|
+
|
43
|
+
it "returns single user with by email" do
|
44
|
+
get api_user_search_path, params: {email: @user_2.email}, headers: auth_headers(@user)
|
45
|
+
expect(response).to have_http_status(:ok)
|
46
|
+
expect(response.body).to match_json_schema(:user)
|
47
|
+
expect(response.body).to be_json_eql(serialize(@user_2))
|
48
|
+
end
|
49
|
+
|
50
|
+
end
|
51
|
+
|
52
|
+
end
|
@@ -0,0 +1,299 @@
|
|
1
|
+
require 'rails_helper'
|
2
|
+
|
3
|
+
# test scope is @user is owner of the board and owner of the post/s
|
4
|
+
RSpec.describe "Api::Board::Posts", type: :request do
|
5
|
+
|
6
|
+
before(:each) do
|
7
|
+
user_has_shared_board_scenario
|
8
|
+
end
|
9
|
+
|
10
|
+
let(:valid_attributes) {
|
11
|
+
{title: Faker::Name.title, content: Faker::Hacker.say_something_smart}
|
12
|
+
}
|
13
|
+
let(:invalid_title_attribute) {
|
14
|
+
{title: "", content: Faker::Hacker.say_something_smart}
|
15
|
+
}
|
16
|
+
let(:invalid_content_attribute) {
|
17
|
+
{title: Faker::Name.title, content: ""}
|
18
|
+
}
|
19
|
+
|
20
|
+
context "Privat Board Posts" do
|
21
|
+
|
22
|
+
describe "Get All Posts" do
|
23
|
+
|
24
|
+
it "return http unauthorized" do
|
25
|
+
get api_board_posts_path(@board)
|
26
|
+
expect(response).to have_http_status(:unauthorized)
|
27
|
+
end
|
28
|
+
it "return http forbidden" do
|
29
|
+
get api_board_posts_path(@board), headers: auth_headers(@user_2)
|
30
|
+
expect(response).to have_http_status(:forbidden)
|
31
|
+
end
|
32
|
+
it "return post" do
|
33
|
+
get api_board_posts_path(@board), headers: auth_headers(@user)
|
34
|
+
expect(response).to have_http_status(:ok)
|
35
|
+
expect(body_to_json('0')).to match_json_schema(:post)
|
36
|
+
expect(response.body).to be_json_eql(serialize(@board.posts.all))
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
describe "Get Single Post" do
|
41
|
+
it "return http unauthorized" do
|
42
|
+
get api_board_post_path(@board, @post)
|
43
|
+
expect(response).to have_http_status(:unauthorized)
|
44
|
+
end
|
45
|
+
it "return http forbidden" do
|
46
|
+
get api_board_post_path(@board, @post), headers: auth_headers(@user_2)
|
47
|
+
expect(response).to have_http_status(:forbidden)
|
48
|
+
end
|
49
|
+
it "return post" do
|
50
|
+
get api_board_post_path(@board, @post), headers: auth_headers(@user)
|
51
|
+
expect(response).to have_http_status(:ok)
|
52
|
+
expect(response.body).to match_json_schema(:post)
|
53
|
+
expect(response.body).to be_json_eql(serialize(@post))
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
describe "Create Post" do
|
58
|
+
it "return http unauthorized" do
|
59
|
+
post api_board_posts_path(@board), as: :json
|
60
|
+
expect(response).to have_http_status(:unauthorized)
|
61
|
+
end
|
62
|
+
it "return http forbidden when not owner" do
|
63
|
+
post api_board_posts_path(@board), headers: auth_headers(@user_2), params: valid_attributes, as: :json
|
64
|
+
expect(response).to have_http_status(:forbidden)
|
65
|
+
end
|
66
|
+
it "return http unprocessable_entity when invalid title" do
|
67
|
+
post api_board_posts_path(@board), headers: auth_headers(@user), params: invalid_title_attribute, as: :json
|
68
|
+
expect(response).to have_http_status(:unprocessable_entity)
|
69
|
+
# todo: assert errors
|
70
|
+
end
|
71
|
+
it "return http unprocessable_entity when invalid content" do
|
72
|
+
post api_board_posts_path(@board), headers: auth_headers(@user), params: invalid_content_attribute, as: :json
|
73
|
+
expect(response).to have_http_status(:unprocessable_entity)
|
74
|
+
# todo: assert errors
|
75
|
+
end
|
76
|
+
it "successfully creates a post" do
|
77
|
+
board_posts_count = @board.posts.count
|
78
|
+
post api_board_posts_path(@board), headers: auth_headers(@user), params: valid_attributes, as: :json
|
79
|
+
expect(response).to have_http_status(:created)
|
80
|
+
expect(response.body).to match_json_schema(:post)
|
81
|
+
expect(response.body).to be_json_eql(serialize(@board.posts.last))
|
82
|
+
expect(@board.posts.count).to eq(board_posts_count+1)
|
83
|
+
end
|
84
|
+
end
|
85
|
+
|
86
|
+
describe "Update Post" do
|
87
|
+
|
88
|
+
it "return http unauthorized" do
|
89
|
+
put api_board_post_path(@board, @post), as: :json
|
90
|
+
expect(response).to have_http_status(:unauthorized)
|
91
|
+
end
|
92
|
+
it "return http forbidden when not owner" do
|
93
|
+
put api_board_post_path(@board, @post), headers: auth_headers(@user_2), params: valid_attributes, as: :json
|
94
|
+
expect(response).to have_http_status(:forbidden)
|
95
|
+
end
|
96
|
+
it "return http unprocessable_entity when invalid title" do
|
97
|
+
put api_board_post_path(@board, @post), headers: auth_headers(@user), params: invalid_title_attribute, as: :json
|
98
|
+
expect(response).to have_http_status(:unprocessable_entity)
|
99
|
+
# todo: assert errors
|
100
|
+
end
|
101
|
+
it "return http unprocessable_entity when invalid content" do
|
102
|
+
put api_board_post_path(@board, @post), headers: auth_headers(@user), params: invalid_content_attribute, as: :json
|
103
|
+
expect(response).to have_http_status(:unprocessable_entity)
|
104
|
+
# todo: assert errors
|
105
|
+
end
|
106
|
+
it "updates my post belonging to my board" do
|
107
|
+
put api_board_post_path(@board, @post), headers: auth_headers(@user), params: valid_attributes, as: :json
|
108
|
+
expect(response).to have_http_status(:ok)
|
109
|
+
expect(response.body).to match_json_schema(:post)
|
110
|
+
expect(body_to_json('title')).to eq(valid_attributes[:title])
|
111
|
+
expect(body_to_json('content')).to eq(valid_attributes[:content])
|
112
|
+
end
|
113
|
+
end
|
114
|
+
|
115
|
+
describe "Delete Post" do
|
116
|
+
it "return http unauthorized" do
|
117
|
+
delete api_board_post_path(@board, @post)
|
118
|
+
expect(response).to have_http_status(:unauthorized)
|
119
|
+
end
|
120
|
+
it "return http forbidden if not owner" do
|
121
|
+
delete api_board_post_path(@board, @post), headers: auth_headers(@user_2)
|
122
|
+
expect(response).to have_http_status(:forbidden)
|
123
|
+
end
|
124
|
+
it "removes my post" do
|
125
|
+
post_id = @post.id
|
126
|
+
board_posts_count = @board.posts.count
|
127
|
+
delete api_board_post_path(@board, @post), headers: auth_headers(@user)
|
128
|
+
expect(response).to have_http_status(:ok)
|
129
|
+
expect(@board.posts.count).to eq(board_posts_count-1)
|
130
|
+
expect(Post.find_by_id(post_id)).to be_nil
|
131
|
+
expect(Comment.where(post_id: post_id)).to be_empty
|
132
|
+
end
|
133
|
+
end
|
134
|
+
end
|
135
|
+
|
136
|
+
context "Shared Board Posts" do
|
137
|
+
|
138
|
+
describe "Get all posts" do
|
139
|
+
it "return http unauthorized" do
|
140
|
+
get api_board_posts_path(@shared_board)
|
141
|
+
expect(response).to have_http_status(:unauthorized)
|
142
|
+
end
|
143
|
+
it "returns all posts for first user" do
|
144
|
+
get api_board_posts_path(@shared_board), headers: auth_headers(@user)
|
145
|
+
expect(response).to have_http_status(:ok)
|
146
|
+
expect(body_to_json('0')).to match_json_schema(:post)
|
147
|
+
expect(response.body).to be_json_eql(serialize(@shared_board.posts.all))
|
148
|
+
end
|
149
|
+
it "returns all posts for second user" do
|
150
|
+
get api_board_posts_path(@shared_board), headers: auth_headers(@user_2)
|
151
|
+
expect(response).to have_http_status(:ok)
|
152
|
+
expect(body_to_json('0')).to match_json_schema(:post)
|
153
|
+
expect(response.body).to be_json_eql(serialize(@shared_board.posts.all))
|
154
|
+
end
|
155
|
+
end
|
156
|
+
|
157
|
+
describe "Get single post" do
|
158
|
+
it "return http unauthorized" do
|
159
|
+
get api_board_post_path(@shared_board, @shared_post)
|
160
|
+
expect(response).to have_http_status(:unauthorized)
|
161
|
+
end
|
162
|
+
it "renders post resource to first user" do
|
163
|
+
get api_board_post_path(@shared_board, @shared_post), headers: auth_headers(@user)
|
164
|
+
expect(response).to have_http_status(:ok)
|
165
|
+
expect(response.body).to match_json_schema(:post)
|
166
|
+
expect(response.body).to be_json_eql(serialize(@shared_post))
|
167
|
+
end
|
168
|
+
it "renders post resource to 2nd user" do
|
169
|
+
get api_board_post_path(@shared_board, @shared_post), headers: auth_headers(@user_2)
|
170
|
+
expect(response).to have_http_status(:ok)
|
171
|
+
expect(response.body).to match_json_schema(:post)
|
172
|
+
expect(response.body).to be_json_eql(serialize(@shared_post))
|
173
|
+
end
|
174
|
+
end
|
175
|
+
|
176
|
+
|
177
|
+
describe "Create post" do
|
178
|
+
|
179
|
+
it "return http unauthorized" do
|
180
|
+
post api_board_posts_path(@shared_board), as: :json
|
181
|
+
expect(response).to have_http_status(:unauthorized)
|
182
|
+
end
|
183
|
+
|
184
|
+
context "Board owner" do
|
185
|
+
it "return http unprocessable_entity when invalid title" do
|
186
|
+
post api_board_posts_path(@shared_board), headers: auth_headers(@user), params: invalid_title_attribute, as: :json
|
187
|
+
expect(response).to have_http_status(:unprocessable_entity)
|
188
|
+
# todo: assert errors
|
189
|
+
end
|
190
|
+
it "return http unprocessable_entity when invalid content" do
|
191
|
+
post api_board_posts_path(@shared_board), headers: auth_headers(@user), params: invalid_content_attribute, as: :json
|
192
|
+
expect(response).to have_http_status(:unprocessable_entity)
|
193
|
+
# todo: assert errors
|
194
|
+
end
|
195
|
+
it "successfully creates a post" do
|
196
|
+
board_posts_count = @shared_board.posts.count
|
197
|
+
post api_board_posts_path(@shared_board), headers: auth_headers(@user), params: valid_attributes, as: :json
|
198
|
+
expect(response).to have_http_status(:created)
|
199
|
+
expect(response.body).to match_json_schema(:post)
|
200
|
+
expect(response.body).to be_json_eql(serialize(@shared_board.posts.last))
|
201
|
+
expect(@shared_board.posts.count).to eq(board_posts_count+1)
|
202
|
+
end
|
203
|
+
end
|
204
|
+
|
205
|
+
context "Board shared user" do
|
206
|
+
it "return http unprocessable_entity when invalid title" do
|
207
|
+
post api_board_posts_path(@shared_board), headers: auth_headers(@user_2), params: invalid_title_attribute, as: :json
|
208
|
+
expect(response).to have_http_status(:unprocessable_entity)
|
209
|
+
# todo: assert errors
|
210
|
+
end
|
211
|
+
it "return http unprocessable_entity when invalid content" do
|
212
|
+
post api_board_posts_path(@shared_board), headers: auth_headers(@user_2), params: invalid_content_attribute, as: :json
|
213
|
+
expect(response).to have_http_status(:unprocessable_entity)
|
214
|
+
# todo: assert errors
|
215
|
+
end
|
216
|
+
it "successfully creates a post" do
|
217
|
+
board_posts_count = @shared_board.posts.count
|
218
|
+
post api_board_posts_path(@shared_board), headers: auth_headers(@user_2), params: valid_attributes, as: :json
|
219
|
+
expect(response).to have_http_status(:created)
|
220
|
+
expect(response.body).to match_json_schema(:post)
|
221
|
+
expect(response.body).to be_json_eql(serialize(@shared_board.posts.last))
|
222
|
+
expect(@shared_board.posts.count).to eq(board_posts_count+1)
|
223
|
+
end
|
224
|
+
end
|
225
|
+
|
226
|
+
end
|
227
|
+
|
228
|
+
describe "Update my post" do
|
229
|
+
|
230
|
+
# owner of the post in the board should be able to update it
|
231
|
+
it "return http unauthorized" do
|
232
|
+
put api_board_post_path(@shared_board, @shared_post), as: :json
|
233
|
+
expect(response).to have_http_status(:unauthorized)
|
234
|
+
end
|
235
|
+
|
236
|
+
context "Post owner" do
|
237
|
+
it "return http unprocessable_entity when invalid title" do
|
238
|
+
put api_board_post_path(@shared_board, @shared_post), headers: auth_headers(@user), params: invalid_title_attribute, as: :json
|
239
|
+
expect(response).to have_http_status(:unprocessable_entity)
|
240
|
+
# todo: assert errors
|
241
|
+
end
|
242
|
+
it "return http unprocessable_entity when invalid content" do
|
243
|
+
put api_board_post_path(@shared_board, @shared_post), headers: auth_headers(@user), params: invalid_content_attribute, as: :json
|
244
|
+
expect(response).to have_http_status(:unprocessable_entity)
|
245
|
+
# todo: assert errors
|
246
|
+
end
|
247
|
+
it "updates my post belonging to my board" do
|
248
|
+
put api_board_post_path(@shared_board, @shared_post), headers: auth_headers(@user), params: valid_attributes, as: :json
|
249
|
+
expect(response).to have_http_status(:ok)
|
250
|
+
expect(response.body).to match_json_schema(:post)
|
251
|
+
@shared_post.reload
|
252
|
+
expect(response.body).to be_json_eql(serialize(@shared_post))
|
253
|
+
expect(body_to_json('title')).to eq(valid_attributes[:title])
|
254
|
+
expect(body_to_json('content')).to eq(valid_attributes[:content])
|
255
|
+
end
|
256
|
+
end
|
257
|
+
|
258
|
+
# while the shared user should not
|
259
|
+
context "Shared user" do
|
260
|
+
it "cannot update the post" do
|
261
|
+
put api_board_post_path(@shared_board, @shared_post), headers: auth_headers(@user_2), params: valid_attributes, as: :json
|
262
|
+
expect(response).to have_http_status(:forbidden)
|
263
|
+
@shared_post.reload
|
264
|
+
expect(@shared_post.title).to_not eq(valid_attributes[:title])
|
265
|
+
expect(@shared_post.content).to_not eq(valid_attributes[:content])
|
266
|
+
end
|
267
|
+
end
|
268
|
+
end
|
269
|
+
|
270
|
+
describe "Delete my post" do
|
271
|
+
|
272
|
+
it "return http unauthorized" do
|
273
|
+
delete api_board_post_path(@shared_board, @shared_post)
|
274
|
+
expect(response).to have_http_status(:unauthorized)
|
275
|
+
end
|
276
|
+
|
277
|
+
describe "Post owner" do
|
278
|
+
it "deletes own post" do
|
279
|
+
board_posts_count = @shared_board.posts.count
|
280
|
+
delete api_board_post_path(@shared_board, @shared_post), headers: auth_headers(@user)
|
281
|
+
expect(response).to have_http_status(:ok)
|
282
|
+
expect(@shared_board.posts.count).to eq(board_posts_count-1)
|
283
|
+
expect(Post.find_by_id(@shared_post.id)).to be_nil
|
284
|
+
end
|
285
|
+
end
|
286
|
+
|
287
|
+
describe "Shared user" do
|
288
|
+
it "return http forbidden" do
|
289
|
+
board_posts_count = @shared_board.posts.count
|
290
|
+
delete api_board_post_path(@shared_board, @shared_post), headers: auth_headers(@user_2)
|
291
|
+
expect(response).to have_http_status(:forbidden)
|
292
|
+
expect(board_posts_count).to eq(@shared_board.posts.count)
|
293
|
+
expect(Post.find_by_id(@shared_post.id)).not_to be_nil
|
294
|
+
end
|
295
|
+
end
|
296
|
+
|
297
|
+
end
|
298
|
+
end
|
299
|
+
end
|