Added Group#update to API/v1, currently name attribute only.

app/controllers/api/v1/groups_controller.rb

@@ -1,7 +1,7 @@
 module Api
   module V1
     class GroupsController < Api::V1::BaseController
-      before_filter :load_group, :only => :show
+      before_filter :load_group, :only => [:show, :update]
 
       def show
         authorize :api_v1, :use?
@@ -22,6 +22,27 @@ def show
         end
       end
 
+      def update
+        authorize :api_v1, :use?
+
+        if @group
+          logger.tagged('API') { logger.info "#{current_user.log_identifier}@#{request.remote_ip}: Updating group for #{@group.id}." }
+
+          if @group.update_attributes(group_params)
+            @group.touch
+
+            render json: {}, status: 200
+          else
+            logger.debug "Bad api/group UPDATE request. Errors:"
+            logger.debug @group.errors.full_messages
+            render :text => "Found group but could not update for ID '#{@group_id}'.", :status => 500
+          end
+        else
+          logger.tagged('API') { logger.info "#{current_user.log_identifier}@#{request.remote_ip}: Attempted to update group for invalid ID #{@group_id}." }
+          render :text => "Invalid group ID '#{@group_id}'.", :status => 404
+        end
+      end
+
       private
 
         def load_group
@@ -34,6 +55,10 @@ def load_group
           end
         end
 
+        def group_params
+          params.require(:group_attributes).permit(:name)
+        end
+
     end
   end
 end

test/functional/v1/groups_controller_test.rb

@@ -26,6 +26,20 @@ class Api::V1::GroupsControllerTest < ActionController::TestCase
     end
   end
 
+  test 'JSON update request should work' do
+    revoke_access
+    grant_api_user_access
+
+    @group = entities(:groupA)
+
+    patch :update, id: @group, group_attributes: { name: 'New Name' }
+    assert_response :success
+
+    @group.reload
+
+    assert @group.name == 'New Name'
+  end
+
   test "unauthenticated requests should not be honored" do
     revoke_access