[Git][noosfero/noosfero][api] api: review people mountpoint
Rodrigo Souto
gitlab at gitlab.com
Thu Jun 25 15:24:30 BRT 2015
Rodrigo Souto pushed to branch api at Noosfero / noosfero
Commits:
dc740341 by Rodrigo Souto at 2015-06-25T15:24:13Z
api: review people mountpoint
- - - - -
3 changed files:
- lib/noosfero/api/v1/people.rb
- test/unit/api/people_test.rb
- test/unit/api/test_helper.rb
Changes:
=====================================
lib/noosfero/api/v1/people.rb
=====================================
--- a/lib/noosfero/api/v1/people.rb
+++ b/lib/noosfero/api/v1/people.rb
@@ -38,13 +38,14 @@ module Noosfero
desc "Return the person information"
get ':id' do
- person = environment.people.visible.find_by_id(params[:id])
+ person = environment.people.visible_for_person(current_person).find_by_id(params[:id])
present person, :with => Entities::Person
end
desc "Return the person friends"
get ':id/friends' do
- friends = current_person.friends.visible
+ person = environment.people.visible_for_person(current_person).find_by_id(params[:id])
+ friends = person.friends.visible
present friends, :with => Entities::Person
end
=====================================
test/unit/api/people_test.rb
=====================================
--- a/test/unit/api/people_test.rb
+++ b/test/unit/api/people_test.rb
@@ -16,21 +16,17 @@ class PeopleTest < ActiveSupport::TestCase
end
should 'not list invisible people' do
- person1 = fast_create(Person)
- fast_create(Person, :visible => false)
+ invisible_person = fast_create(Person, :visible => false)
get "/api/v1/people?#{params.to_query}"
- json = JSON.parse(last_response.body)
- assert_equivalent [person1.id, person.id], json['people'].map {|c| c['id']}
+ assert_not_includes json_response_ids(:people), invisible_person.id
end
should 'not list private people without permission' do
- person1 = fast_create(Person)
- fast_create(Person, :public_profile => false)
+ private_person = fast_create(Person, :public_profile => false)
get "/api/v1/people?#{params.to_query}"
- json = JSON.parse(last_response.body)
- assert_equivalent [person1.id, person.id], json['people'].map {|c| c['id']}
+ assert_not_includes json_response_ids(:people), private_person.id
end
should 'list private person for friends' do
@@ -40,8 +36,7 @@ class PeopleTest < ActiveSupport::TestCase
p2.add_friend(person)
get "/api/v1/people?#{params.to_query}"
- json = JSON.parse(last_response.body)
- assert_equivalent [p1.id, p2.id, person.id], json['people'].map {|c| c['id']}
+ assert_includes json_response_ids(:people), p2.id
end
should 'get person' do
@@ -61,42 +56,44 @@ class PeopleTest < ActiveSupport::TestCase
end
should 'not get private people without permission' do
- person = fast_create(Person)
- fast_create(Person, :public_profile => false)
+ private_person = fast_create(Person, :public_profile => false)
- get "/api/v1/people/#{person.id}?#{params.to_query}"
+ get "/api/v1/people/#{private_person.id}?#{params.to_query}"
json = JSON.parse(last_response.body)
- assert_equal person.id, json['person']['id']
+ assert json['person'].blank?
end
should 'get private person for friends' do
- person = fast_create(Person, :public_profile => false)
- person.add_friend(person)
+ private_person = fast_create(Person, :public_profile => false)
+ person.add_friend(private_person)
+ private_person.add_friend(person)
- get "/api/v1/people/#{person.id}?#{params.to_query}"
+ get "/api/v1/people/#{private_person.id}?#{params.to_query}"
json = JSON.parse(last_response.body)
- assert_equal person.id, json['person']['id']
+ assert_equal private_person.id, json['person']['id']
end
should 'list person friends' do
- p = fast_create(Person)
- fast_create(Person)
- person.add_friend(p)
+ friend = fast_create(Person)
+ person.add_friend(friend)
+ friend.add_friend(person)
- get "/api/v1/people/#{person.id}/friends?#{params.to_query}"
- json = JSON.parse(last_response.body)
- assert_equivalent [p.id], json['people'].map {|c| c['id']}
+ get "/api/v1/people/#{friend.id}/friends?#{params.to_query}"
+ assert_includes json_response_ids(:people), person.id
end
- should 'not list person friends invisible' do
- p1 = fast_create(Person)
- p2 = fast_create(Person, :visible => false)
- person.add_friend(p1)
- person.add_friend(p2)
+ should 'not list person invisible friends' do
+ friend = fast_create(Person)
+ invisible_friend = fast_create(Person, :visible => false)
+ person.add_friend(friend)
+ person.add_friend(invisible_friend)
+ friend.add_friend(person)
+ invisible_friend.add_friend(person)
get "/api/v1/people/#{person.id}/friends?#{params.to_query}"
- json = JSON.parse(last_response.body)
- assert_equivalent [p1.id], json['people'].map {|c| c['id']}
+ friends = json_response_ids(:people)
+ assert_includes friends, friend.id
+ assert_not_includes friends, invisible_friend.id
end
end
=====================================
test/unit/api/test_helper.rb
=====================================
--- a/test/unit/api/test_helper.rb
+++ b/test/unit/api/test_helper.rb
@@ -20,4 +20,11 @@ class ActiveSupport::TestCase
end
attr_accessor :private_token, :user, :person, :params
+ private
+
+ def json_response_ids(kind)
+ json = JSON.parse(last_response.body)
+ json[kind.to_s].map {|c| c['id']}
+ end
+
end
View it on GitLab: https://gitlab.com/noosfero/noosfero/commit/dc740341ee0956038e2366d315bf4cebc352174c
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20150625/ed4369c1/attachment-0001.html>
More information about the Noosfero-dev
mailing list