Add ui for managing api clients

app/controllers/shipit/api_clients_controller.rb

@@ -0,0 +1,49 @@
+module Shipit
+  class ApiClientsController < ShipitController
+    include Pagination
+
+    def index
+      paginator = paginate(ApiClient.order(created_at: :desc).all)
+      @api_clients = paginator.to_a
+      @links = paginator.links
+    end
+
+    def new
+      @api_client = ApiClient.new
+    end
+
+    def create
+      @api_client = ApiClient.new(create_params.merge(creator_id: current_user.id || 1))
+      unless @api_client.save
+        flash[:warning] = @api_client.errors.full_messages.to_sentence
+      end
+
+      respond_with(@api_client)
+    end
+
+    def show
+      @api_client = ApiClient.find(params[:id])
+    end
+
+    def update
+      @api_client = ApiClient.find(params[:id])
+      if @api_client.update(update_params)
+        options = {flash: {success: 'Successfully updated'}}
+      else
+        options = {flash: {warning: @stack.errors.full_messages.to_sentence}}
+      end
+
+      redirect_to(params[:return_to].presence || api_client_path(@api_client), options)
+    end
+
+    private
+
+    def create_params
+      params.require(:api_client).permit(:name, :permissions => [])
+    end
+
+    def update_params
+      params.require(:api_client).permit(:permissions => [])
+    end
+  end
+end

app/views/shipit/api_clients/index.html.erb

@@ -0,0 +1,36 @@
+
+<div class="wrapper">
+  <section>
+    <%= link_to "Create new api client", new_api_client_path, class: 'btn'%>
+  </section>
+</div>
+<div class="wrapper">
+  <section>
+    <ul class="task-list">
+    <% @api_clients.each do |api_client|%>
+      <li>
+        <p>
+          <%= link_to api_client.name, api_client_path(api_client) %>
+          created by <%= api_client.creator.name %> on <%= api_client.created_at%>
+        </p>
+       </li>
+    <% end %>
+    </ul>
+  </section>
+</div>
+
+<div class="wrapper">
+  <section class="pagination">
+    <% if params[:since].present? %>
+      <%= link_to 'Start', @links[:first], class: 'header__btn btn' %>
+    <% else %>
+      <%= link_to 'Start', '', class: 'header__btn btn btn--disabled disabled' %>
+    <% end %>
+
+    <% if url = @links[:next] %>
+      <%= link_to 'Older', url, class: 'header__btn btn' %>
+    <% else %>
+      <%= link_to 'Older', '', class: 'header__btn btn btn--disabled disabled' %>
+    <% end %>
+  </section>
+</div>

app/views/shipit/api_clients/new.html.erb

@@ -0,0 +1,33 @@
+<div class="wrapper">
+  <section>
+    <header class="section-header">
+      <p>New Api Client</p>
+    </header>
+  </section>
+
+  <%= form_for @api_client, url: api_clients_path(@api_client) do |f| %>
+    <section>
+      <%= label_tag "App Name" %>
+      <%= f.text_field :name, placeholder: 'e.g. spy', required: true %>
+    </section>
+
+    <section>
+      <%= label_tag "Permissions" %>
+      <ul class="deploy-checklist">
+        <% Shipit::ApiClient::PERMISSIONS.each do |permission| %>
+          <li class="deploy-checklist__item">
+            <%= check_box_tag 'api_client[permissions][]', permission, false,
+              class: 'deploy-checklist__item__checkbox', id: "checkbox_" + permission %>
+            <label class="deploy-checklist__item__label" for="checkbox_<%= permission %>">
+              <%= permission %>
+            </label>
+          </li>
+        <% end %>
+      </ul>
+    </section>
+
+    <section class="submit-section">
+      <%= f.submit "Create", :class => ['btn', 'primary'] %>
+    </section>
+  <% end %>
+</div>

app/views/shipit/api_clients/show.html.erb

@@ -0,0 +1,35 @@
+<div class="wrapper">
+  <section>
+    <header class="section-header">
+      <h2>Api client: <b><%= @api_client.name %></b></h2>
+    </header>
+
+    <p>Created by <%= @api_client.creator.name %> on <%= @api_client.created_at %></p>
+  </section>
+
+  <section>
+    <h3>Authentication token:</h3>
+    <code style="background-color: yellow">
+      <b><%= @api_client.authentication_token %></b>
+    </code>
+  </section>
+
+  <section>
+    <%= form_for @api_client, url: api_client_path(@api_client) do |f| %>
+      <h3> Permissions </h3>
+      <ul class="deploy-checklist">
+        <% Shipit::ApiClient::PERMISSIONS.each do |permission| %>
+          <li class="deploy-checklist__item">
+            <%= check_box_tag 'api_client[permissions][]', permission, @api_client.permissions.include?(permission),
+              class: 'deploy-checklist__item__checkbox', id: "checkbox_" + permission %>
+            <label class="deploy-checklist__item__label" for="checkbox_<%= permission %>">
+              <%= permission %>
+            </label>
+          </li>
+        <% end %>
+      </ul>
+      <%= f.submit "Update", :class => ['btn', 'primary'] %>
+      <% end %>
+  </section>
+
+</div>

config/routes.rb

@@ -46,6 +46,7 @@
   delete '/merge_status/*stack_id/pull/:number', action: :dequeue, controller: :merge_status, id: stack_id_format, as: :dequeue_pull_request
 
   # Humans
+  resources :api_clients
   resources :stacks, only: %i(new create index)
 
   scope '/github/auth/github', as: :github_authentication, controller: :github_authentication do

test/controllers/api_clients_controller_test.rb

@@ -0,0 +1,103 @@
+
+require 'test_helper'
+
+module Shipit
+  class ApiClientsControllerTest < ActionController::TestCase
+    setup do
+      @routes = Shipit::Engine.routes
+      @api_client = shipit_api_clients(:here_come_the_walrus)
+      session[:user_id] = shipit_users(:walrus).id
+    end
+
+    test "GitHub authentication is mandatory" do
+      session[:user_id] = nil
+      get :index
+      assert_redirected_to '/github/auth/github?origin=http%3A%2F%2Ftest.host%2Fapi_clients'
+    end
+
+    test "current_user must be a member of at least a Shipit.github_teams" do
+      session[:user_id] = shipit_users(:bob).id
+      Shipit.stubs(:github_teams).returns([shipit_teams(:cyclimse_cooks), shipit_teams(:shopify_developers)])
+      get :index
+      assert_response :forbidden
+      assert_equal(
+        'You must be a member of cyclimse/cooks or shopify/developers to access this application.',
+        response.body,
+      )
+    end
+
+    test "#index is successful with a valid user" do
+      get :index
+      assert_response :ok
+    end
+
+    test "#new is success" do
+      get :new
+      assert_response :ok
+    end
+
+    test "#create creates a new api_client" do
+      assert_difference "ApiClient.count", +1 do
+        post :create, params: {
+          api_client: {
+            name: 'walrus_app',
+            permissions: [
+             'read:stack',
+             'lock:stack',
+            ]
+          },
+        }
+      end
+
+      assert_redirected_to api_client_path(ApiClient.last)
+    end
+
+    test "#create attaches the current user to the created api client" do
+      post :create, params: {
+        api_client: {
+          name: 'walrus_app',
+          permissions: [
+            'read:stack',
+            'lock:stack',
+          ]
+        },
+      }
+
+      assert_equal shipit_users(:walrus).id, ApiClient.last.creator.id
+    end
+
+    test "#create when not valid renders new" do
+      assert_no_difference "Stack.count" do
+        post :create, params: { api_client: { name: 'walrus_app', permissions: ['invalid'] } }
+      end
+
+      assert flash[:warning]
+      assert_response :success
+    end
+
+    test "#show is success" do
+      get :show, params: {id: @api_client.id}
+      assert_response :ok
+    end
+
+    test "#update updates an existing api_client" do
+      new_permissions = [
+        'read:stack',
+        'lock:stack',
+      ]
+
+      assert_difference "ApiClient.count", 0 do
+        patch :update, params: {
+          id: @api_client.id,
+          api_client: {
+            permissions: new_permissions
+          },
+        }
+      end
+      @api_client.reload
+
+      assert_redirected_to api_client_path(@api_client)
+      assert_equal new_permissions, @api_client.permissions
+    end
+  end
+end