[noosfero/noosfero][api] api: expose plugin endpoints only if enabled on the environment
Rodrigo Souto
gitlab at gitlab.com
Mon Jun 15 20:17:49 BRT 2015
Rodrigo Souto pushed to branch api at Noosfero / noosfero
Commits:
4cb1363d by Rodrigo Souto at 2015-06-15T20:17:32Z
api: expose plugin endpoints only if enabled on the environment
- - - - -
7 changed files:
- app/controllers/public/api_controller.rb
- app/views/api/index.html.erb
- app/views/api/playground.html.erb
- lib/noosfero/api/api.rb
- lib/noosfero/api/helpers.rb
- + test/unit/api/api_test.rb
- test/unit/api/helpers_test.rb
Changes:
=====================================
app/controllers/public/api_controller.rb
=====================================
--- a/app/controllers/public/api_controller.rb
+++ b/app/controllers/public/api_controller.rb
@@ -2,12 +2,18 @@ class ApiController < PublicController
no_design_blocks
+ helper_method :endpoints
+
def index
- @api = Noosfero::API.api_class
end
def playground
- @api = Noosfero::API.api_class
+ end
+
+ private
+
+ def endpoints
+ Noosfero::API::API.endpoints(environment)
end
end
=====================================
app/views/api/index.html.erb
=====================================
--- a/app/views/api/index.html.erb
+++ b/app/views/api/index.html.erb
@@ -4,7 +4,7 @@
<%= s_('api-playground|Try the %s') % link_to('API Playground', '/api/playground') %>
</div>
-<%= @api.endpoints.map do |endpoint|
+<%= endpoints.map do |endpoint|
app = endpoint.options[:app].to_s
unless app.blank?
content_tag(:h2, app.split('::').last.to_s, title: app) +
=====================================
app/views/api/playground.html.erb
=====================================
--- a/app/views/api/playground.html.erb
+++ b/app/views/api/playground.html.erb
@@ -2,7 +2,7 @@
<script>
var endpoints = <%=
- at api.endpoints.map do |endpoint|
+endpoints.map do |endpoint|
app = endpoint.options[:app].to_s
unless app.blank?
endpoint.routes.map do |route|
=====================================
lib/noosfero/api/api.rb
=====================================
--- a/lib/noosfero/api/api.rb
+++ b/lib/noosfero/api/api.rb
@@ -28,6 +28,7 @@ module Noosfero
before { setup_multitenancy }
before { detect_stuff_by_domain }
+ before { filter_disabled_plugins_endpoints }
after { set_session_cookie }
version 'v1'
@@ -57,10 +58,26 @@ module Noosfero
end
end
end
- end
- def self.api_class
- API
+ def self.endpoint_unavailable?(endpoint, environment)
+ api_class = endpoint.options[:app] || endpoint.options[:for]
+ if api_class.present?
+ klass = api_class.name.deconstantize.constantize
+ return klass < Noosfero::Plugin && !environment.plugin_enabled?(klass)
+ end
+ end
+
+ class << self
+ def endpoints_with_plugins(environment = nil)
+ if environment.present?
+ cloned_endpoints = endpoints_without_plugins.dup
+ cloned_endpoints.delete_if { |endpoint| endpoint_unavailable?(endpoint, environment) }
+ else
+ endpoints_without_plugins
+ end
+ end
+ alias_method_chain :endpoints, :plugins
+ end
end
end
end
=====================================
lib/noosfero/api/helpers.rb
=====================================
--- a/lib/noosfero/api/helpers.rb
+++ b/lib/noosfero/api/helpers.rb
@@ -127,6 +127,10 @@ module Noosfero
# error helpers #
##########################################
+ def not_found!
+ render_api_error!('404 Not found', 404)
+ end
+
def forbidden!
render_api_error!('403 Forbidden', 403)
end
@@ -184,6 +188,10 @@ module Noosfero
end
end
+ def filter_disabled_plugins_endpoints
+ not_found! if Noosfero::API::API.endpoint_unavailable?(self, !@environment)
+ end
+
private
def parser_params(params)
=====================================
test/unit/api/api_test.rb
=====================================
--- /dev/null
+++ b/test/unit/api/api_test.rb
@@ -0,0 +1,29 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class MyPlugin < Noosfero::Plugin;end
+class MyPlugin::API;end
+
+class APITest < ActiveSupport::TestCase
+
+ should 'endpoint should not be available if its plugin is unavailable' do
+ endpoint = mock()
+ environment = Environment.default
+ environment.stubs(:plugin_enabled?).returns(false)
+ endpoint.stubs(:options).returns({:for => MyPlugin::API})
+
+ assert Noosfero::API::API.endpoint_unavailable?(endpoint, environment)
+ end
+
+ should 'endpoint should be available if its plugin is available' do
+ class MyPlugin < Noosfero::Plugin;end
+ class MyPlugin::API;end
+
+ endpoint = mock()
+ environment = Environment.default
+ environment.stubs(:plugin_enabled?).returns(true)
+ endpoint.stubs(:options).returns({:for => MyPlugin::API})
+
+ assert !Noosfero::API::API.endpoint_unavailable?(endpoint, environment)
+ end
+
+end
=====================================
test/unit/api/helpers_test.rb
=====================================
--- a/test/unit/api/helpers_test.rb
+++ b/test/unit/api/helpers_test.rb
@@ -161,6 +161,13 @@ class APIHelpersTest < ActiveSupport::TestCase
assert_nil make_conditions_with_parameter[:type]
end
+ should 'render not_found if endpoint is unavailable' do
+ Noosfero::API::API.stubs(:endpoint_unavailable?).returns(true)
+ self.expects(:not_found!)
+
+ filter_disabled_plugins_endpoints
+ end
+
protected
def error!(info, status)
View it on GitLab: https://gitlab.com/noosfero/noosfero/commit/4cb1363d9240f238416f25cdeddfb0b4e01905a4
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20150615/8a4ec573/attachment.html>
More information about the Noosfero-dev
mailing list