Add People controller

2026-02-03 22:06:07 +00:00 · 2020-08-13 11:47:56 +02:00
parent 8d4587506b
commit c3cf08156d
4 changed files with 87 additions and 1 deletions
--- a/engines/dfc_provider/app/controllers/dfc_provider/api/people_controller.rb
+++ b/engines/dfc_provider/app/controllers/dfc_provider/api/people_controller.rb
@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+# Controller used to provide the People API for the DFC application
+module DfcProvider
+  module Api
+    class PeopleController < BaseController
+      skip_before_filter :check_enterprise
+
+      before_filter :find_user, :check_user_accessibility
+
+      def show
+        render json: @user, serializer: DfcProvider::PersonSerializer
+      end
+
+      private
+
+      def find_user
+        @retrieved_user = Spree::User.find(params[:id])
+      end
+
+      def check_user_accessibility
+        return if @user == @retrieved_user
+
+        not_found
+      end
+    end
+  end
+end
--- a/engines/dfc_provider/app/serializers/dfc_provider/person_serializer.rb
+++ b/engines/dfc_provider/app/serializers/dfc_provider/person_serializer.rb
@@ -26,7 +26,10 @@ module DfcProvider
    end

    def id
-      "/personId/#{object.id}"
+      dfc_provider_routes.api_dfc_provider_person_url(
+        id: object.id,
+        host: root_url
+      )
    end

    def type
@@ -42,5 +45,11 @@ module DfcProvider
    def affiliates
      object.enterprises
    end
+
+    private
+
+    def dfc_provider_routes
+      DfcProvider::Engine.routes.url_helpers
+    end
  end
 end
--- a/engines/dfc_provider/config/routes.rb
+++ b/engines/dfc_provider/config/routes.rb
@@ -7,6 +7,7 @@ DfcProvider::Engine.routes.draw do
        resources :catalog_items, only: [:index, :show]
        resources :supplied_products, only: [:show]
      end
+      resources :people, only: [:show]
    end
  end
 end
--- a/engines/dfc_provider/spec/controllers/dfc_provider/api/people_controller_spec.rb
+++ b/engines/dfc_provider/spec/controllers/dfc_provider/api/people_controller_spec.rb
@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe DfcProvider::Api::PeopleController, type: :controller do
+  render_views
+
+  let!(:user) { create(:user) }
+
+  describe('.show') do
+    context 'with authorization token' do
+      before do
+        request.headers['Authorization'] = 'Bearer 123456.abcdef.123456'
+      end
+
+      context 'with an authenticated user' do
+        before do
+          allow_any_instance_of(DfcProvider::AuthorizationControl)
+            .to receive(:process)
+            .and_return(user)
+        end
+
+        context 'given with an accessible id' do
+          before do
+            api_get :show,
+                    id: user.id
+          end
+
+          it 'is successful' do
+            expect(response.status).to eq 200
+          end
+
+          it 'renders the required content' do
+            expect(response.body).to include('dfc:Person')
+          end
+        end
+
+        context 'with an other user id' do
+          before { api_get :show, id: create(:user).id }
+
+          it 'returns 404' do
+            expect(response.status).to eq 404
+          end
+        end
+      end
+    end
+  end
+end