Add back required api actions (create, update and destroy) and add AMS serializers for the jstree action

This commit is contained in:
luisramos0
2019-08-14 21:52:57 +01:00
parent d08de4bdf9
commit 9f5c9916ba
4 changed files with 123 additions and 21 deletions

View File

@@ -17,13 +17,44 @@ module Api
render json: @taxons, each_serializer: Api::TaxonSerializer
end
def show
def jstree
@taxon = taxon
render json: @taxon, serializer: Api::TaxonSerializer
render json: @taxon.children, each_serializer: Api::TaxonJstreeSerializer
end
def jstree
show
def create
authorize! :create, Spree::Taxon
@taxon = Spree::Taxon.new(params[:taxon])
@taxon.taxonomy_id = params[:taxonomy_id]
taxonomy = Spree::Taxonomy.find_by_id(params[:taxonomy_id])
if taxonomy.nil?
@taxon.errors[:taxonomy_id] = I18n.t(:invalid_taxonomy_id, scope: 'spree.api')
invalid_resource!(@taxon) && return
end
@taxon.parent_id = taxonomy.root.id unless params[:taxon][:parent_id]
if @taxon.save
render json: @taxon, serializer: Api::TaxonSerializer, status: :created
else
invalid_resource!(@taxon)
end
end
def update
authorize! :update, Spree::Taxon
if taxon.update_attributes(params[:taxon])
render json: taxon, serializer: Api::TaxonSerializer, status: :ok
else
invalid_resource!(taxon)
end
end
def destroy
authorize! :delete, Spree::Taxon
taxon.destroy
render json: taxon, serializer: Api::TaxonSerializer, status: :no_content
end
private

View File

@@ -0,0 +1,5 @@
module Api
class TaxonJstreeAttributeSerializer < ActiveModel::Serializer
attributes :id, :name
end
end

View File

@@ -0,0 +1,18 @@
module Api
class TaxonJstreeSerializer < ActiveModel::Serializer
attributes :data, :state
has_one :attr, serializer: TaxonJstreeAttributeSerializer
def data
object.name
end
def attr
object
end
def state
"closed"
end
end
end

View File

@@ -25,22 +25,12 @@ describe Api::TaxonsController do
api_get :index, taxonomy_id: taxonomy.id
expect(json_response.first['name']).to eq taxon.name
children = json_response.first['taxons']
expect(children.count).to eq 1
expect(children.first['name']).to eq taxon2.name
expect(children.first['taxons'].count).to eq 1
end
it "gets all taxons" do
api_get :index
expect(json_response.first['name']).to eq taxonomy.root.name
children = json_response.first['taxons']
expect(children.count).to eq 1
expect(children.first['name']).to eq taxon.name
expect(children.first['taxons'].count).to eq 1
end
it "can search for a single taxon" do
@@ -50,13 +40,6 @@ describe Api::TaxonsController do
expect(json_response.first['name']).to eq "Ruby"
end
it "gets a single taxon" do
api_get :show, id: taxon.id, taxonomy_id: taxonomy.id
expect(json_response['name']).to eq taxon.name
expect(json_response['taxons'].count).to eq 1
end
it "gets all taxons in JSTree form" do
api_get :jstree, taxonomy_id: taxonomy.id, id: taxon.id
@@ -65,5 +48,70 @@ describe Api::TaxonsController do
response["attr"].should eq("name" => taxon2.name, "id" => taxon2.id)
response["state"].should eq("closed")
end
it "cannot create a new taxon if not an admin" do
api_post :create, taxonomy_id: taxonomy.id, taxon: { name: "Location" }
assert_unauthorized!
end
it "cannot update a taxon" do
api_put :update, taxonomy_id: taxonomy.id,
id: taxon.id,
taxon: { name: "I hacked your store!" }
assert_unauthorized!
end
it "cannot delete a taxon" do
api_delete :destroy, taxonomy_id: taxonomy.id, id: taxon.id
assert_unauthorized!
end
end
context "as an admin" do
let(:current_api_user) { build(:admin_user) }
it "can create" do
api_post :create, taxonomy_id: taxonomy.id, taxon: { name: "Colors" }
expect(attributes.all? { |a| json_response.include? a }).to be true
expect(response.status).to eq(201)
expect(taxonomy.reload.root.children.count).to eq 2
expect(Spree::Taxon.last.parent_id).to eq taxonomy.root.id
expect(Spree::Taxon.last.taxonomy_id).to eq taxonomy.id
end
it "cannot create a new taxon with invalid attributes" do
api_post :create, taxonomy_id: taxonomy.id, taxon: {}
expect(response.status).to eq(422)
expect(json_response["error"]).to eq("Invalid resource. Please fix errors and try again.")
errors = json_response["errors"]
expect(taxonomy.reload.root.children.count).to eq 1
end
it "cannot create a new taxon with invalid taxonomy_id" do
api_post :create, taxonomy_id: 1000, taxon: { name: "Colors" }
expect(response.status).to eq(422)
expect(json_response["error"]).to eq("Invalid resource. Please fix errors and try again.")
errors = json_response["errors"]
expect(errors["taxonomy_id"]).not_to be_nil
expect(errors["taxonomy_id"].first).to eq "Invalid taxonomy id."
expect(taxonomy.reload.root.children.count).to eq 1
end
it "can destroy" do
api_delete :destroy, taxonomy_id: taxonomy.id, id: taxon2.id
expect(response.status).to eq(204)
end
end
end