Skip to content

Commit

Permalink
Merge 4ede815 into 8cae234
Browse files Browse the repository at this point in the history
  • Loading branch information
@jhass
jhass committed Feb 2, 2020
2 parents 8cae234 + 4ede815 commit c95ba95
Show file tree
Hide file tree
Showing 4 changed files with 100 additions and 34 deletions.
21 changes: 10 additions & 11 deletions app/controllers/api/v1/base_controller.rb
View file
Expand Up @@ -12,33 +12,32 @@ class BaseController < ApplicationController
rescue_from Exception do |e|
logger.error e.message
logger.error e.backtrace.join("\n")
render json: error_body(500, e.message), status: :internal_server_error
render_error 500, e.message
end

rescue_from Rack::OAuth2::Server::Resource::Bearer::Unauthorized do |e|
logger.error e.message
render_error 403, e.message
end

rescue_from Rack::OAuth2::Server::Resource::Forbidden do |e|
logger.error e.message
render json: error_body(403, e.message), status: :forbidden
render_error 403, e.message
end

rescue_from ActiveRecord::RecordNotFound do |e|
logger.error e.message
message = I18n.t("api.error.not_found")
render json: error_body(404, message), status: :not_found
render_error 404, "No record found for the given id"
end

rescue_from ActiveRecord::RecordInvalid do |e|
logger.error e.message
render json: error_body(422, e.to_s), status: :unprocessable_entity
render_error 422, e.message
end

rescue_from ActionController::ParameterMissing do |e|
logger.error e.message
message = I18n.t("api.error.wrong_parameters") + ": " + e.message
render json: error_body(422, message), status: :unprocessable_entity
end

def error_body(code, message)
{code: code, message: message}
render_error 422, "Parameters missing or invalid: #{e.message}"
end

def current_user
Expand Down
12 changes: 10 additions & 2 deletions app/controllers/api/v1/post_interactions_controller.rb
View file
Expand Up @@ -24,9 +24,17 @@ def subscribe
end

def hide
return render_error(422, "Missing parameter") if params[:hide].nil?

post = find_post
current_user.toggle_hidden_shareable(post)
head :no_content
hidden = current_user.is_shareable_hidden?(post)

if (params[:hide] && !hidden) || (!params[:hide] && hidden)
current_user.toggle_hidden_shareable(post)
head :no_content
else
render_error(params[:hide] ? 409 : 410, params[:hide] ? "Post already hidden" : "Post not hidden")
end
end

def mute
Expand Down
4 changes: 0 additions & 4 deletions config/locales/diaspora/en.yml
View file
Expand Up @@ -985,10 +985,6 @@ en:
login_required: "You must first login before you can authorize this application"
could_not_authorize: "The application could not be authorized"

error:
not_found: "No record found for given id."
wrong_parameters: "Some parameters are wrong or missing."

people:
person:
thats_you: "That’s you!"
Expand Down
97 changes: 80 additions & 17 deletions spec/integration/api/post_interactions_controller_spec.rb
View file
Expand Up @@ -25,6 +25,7 @@
let!(:access_token_public_only) { auth_public_only.create_access_token.to_s }
let!(:access_token_minimum_scopes) { auth_minimum_scopes.create_access_token.to_s }
let(:invalid_token) { SecureRandom.hex(9) }
let(:headers) { {"Authorization" => "Bearer #{access_token}"} }

before do
@status = alice.post(
Expand Down Expand Up @@ -118,57 +119,119 @@
end

describe "#hide" do
def hidden_shareables_count
auth.user.reload.hidden_shareables.values.map(&:size).inject(0, :+)
end

context "succeeds" do
it "with proper guid and access token" do
hidden_count = auth.user.hidden_shareables.count
hidden_count = hidden_shareables_count
post(
api_v1_post_hide_path(@status.guid),
params: {
access_token: access_token
}
as: :json,
headers: headers,
params: {hide: true}
)
expect(response.status).to eq(204)
expect(hidden_shareables_count).to eq(hidden_count + 1)
end

it "to unhide a post" do
hidden_count = hidden_shareables_count
post(
api_v1_post_hide_path(@status.guid),
as: :json,
headers: headers,
params: {hide: true}
)
expect(response.status).to eq(204)
expect(hidden_shareables_count).to eq(hidden_count + 1)

post(
api_v1_post_hide_path(@status.guid),
as: :json,
headers: headers,
params: {hide: false}
)
expect(response.status).to eq(204)
expect(auth.user.reload.hidden_shareables.count).to eq(hidden_count + 1)
expect(hidden_shareables_count).to eq(hidden_count)
end
end

context "fails" do
it "with improper guid" do
post(
api_v1_post_hide_path("999_999_999"),
params: {
access_token: access_token
}
as: :json,
headers: headers,
params: {hide: true}
)
confirm_api_error(response, 404, "Post with provided guid could not be found")
end

it "without hide param" do
post(
api_v1_post_hide_path(@status.guid),
as: :json,
headers: headers
)
confirm_api_error(response, 422, "Missing parameter")
end

it "hiding already hidden post" do
post(
api_v1_post_hide_path(@status.guid),
as: :json,
headers: headers,
params: {hide: true}
)
expect(response.status).to eq(204)

post(
api_v1_post_hide_path(@status.guid),
as: :json,
headers: headers,
params: {hide: true}
)
confirm_api_error(response, 409, "Post already hidden")
end

it "unhiding not hidden post" do
post(
api_v1_post_hide_path(@status.guid),
as: :json,
headers: headers,
params: {hide: false}
)
confirm_api_error(response, 410, "Post not hidden")
end

it "with insufficient token" do
post(
api_v1_post_hide_path(@status.guid),
params: {
access_token: access_token_minimum_scopes
}
as: :json,
headers: {"Authorization" => "Bearer #{access_token_minimum_scopes}"},
params: {hide: true}
)
expect(response.status).to eq(403)
end

it "on private post without private token" do
post(
api_v1_post_hide_path(@shared_post.guid),
params: {
access_token: access_token_public_only
}
as: :json,
headers: {"Authorization" => "Bearer #{access_token_public_only}"},
params: {hide: true}
)
expect(response.status).to eq(404)
end

it "with invalid token" do
post(
api_v1_post_hide_path(@status.guid),
params: {
access_token: invalid_token
}
as: :json,
headers: {"Authorization" => "Bearer #{invalid_token}"},
params: {hide: true}
)
expect(response.status).to eq(401)
end
Expand Down

0 comments on commit c95ba95

Please sign in to comment.