turniere
/
turniere-backend
mirror of https://github.com/turniere/turniere-backend.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #5 from turniere/ticket/TURNIERE-89 

Implement TeamController
This commit is contained in:
Jonas Seydel 2018-11-25 22:54:03 +01:00 committed by GitHub
parent a045b6c425 20288ff7e4
commit ea812bef12
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 156 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
app/controllers/application_controller.rb
View File

@ -10,4 +10,18 @@ class ApplicationController < ActionController::API
def configure_permitted_parameters def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:username]) devise_parameter_sanitizer.permit(:sign_up, keys: [:username])
end end
private
def require_owner!(owner)
render_forbidden_error if owner != current_user
end
def render_forbidden_error
render json: {
errors: [
'Only the parent tournament owner can update this resource'
]
}, status: :forbidden
end
end end

31
app/controllers/teams_controller.rb Normal file
View File

@ -0,0 +1,31 @@
# frozen_string_literal: true
class TeamsController < ApplicationController
before_action :set_team, only: %i[show update]
before_action :authenticate_user!, only: %i[update]
before_action -> { require_owner! @team.owner }, only: %i[update]
# GET /teams/1
def show
render json: @team
end
# PATCH/PUT /teams/1
def update
if @team.update(team_params)
render json: @team
else
render json: @team.errors, status: :unprocessable_entity
end
end
private
def set_team
@team = Team.find(params[:id])
end
def team_params
ActiveModelSerializers::Deserialization.jsonapi_parse(params, only: [:name])
end
end

2
app/models/team.rb
View File

@ -6,4 +6,6 @@ class Team < ApplicationRecord
has_many :scores, dependent: :destroy has_many :scores, dependent: :destroy
validates :name, presence: true validates :name, presence: true
delegate :owner, to: :tournament
end end

1
config/routes.rb
View File

@ -4,4 +4,5 @@ Rails.application.routes.draw do
mount_devise_token_auth_for 'User', at: 'users' mount_devise_token_auth_for 'User', at: 'users'
resources :matches, only: %i[show] resources :matches, only: %i[show]
resources :teams, only: %i[show update]
end end

8
spec/auth_helpers.rb Normal file
View File

@ -0,0 +1,8 @@
# frozen_string_literal: true
module AuthHelpers
def apply_authentication_headers_for(user)
user_headers = user.create_new_auth_token
@request.headers.merge!(user_headers)
end
end

68
spec/controllers/teams_controller_spec.rb Normal file
View File

@ -0,0 +1,68 @@
# frozen_string_literal: true
require 'rails_helper'
RSpec.describe TeamsController, type: :controller do
before do
@team = create(:team)
@owner = @team.owner
end
describe 'GET #show' do
it 'returns a success response' do
get :show, params: { id: @team.to_param }
expect(response).to be_successful
end
it 'should return the correct team' do
get :show, params: { id: @team.to_param }
body = deserialize_response response
expect(body[:name]).to eq(@team.name)
end
end
describe 'PUT #update' do
let(:valid_update) do
{
data: {
id: @team.id,
type: 'teams',
attributes: {
name: Faker::Dog.name
}
}
}
end
context 'with valid params as owner' do
before(:each) do
apply_authentication_headers_for @owner
end
it 'updates the requested team' do
put :update, params: { id: @team.to_param }.merge(valid_update)
@team.reload
expect(response).to be_successful
expect(@team.name).to eq(valid_update[:data][:attributes][:name])
end
it 'renders a response with the updated team' do
put :update, params: { id: @team.to_param }.merge(valid_update)
expect(response).to be_successful
body = deserialize_response response
expect(body[:name]).to eq(valid_update[:data][:attributes][:name])
end
end
context 'with valid params as another user' do
before(:each) do
apply_authentication_headers_for create(:user)
end
it 'renders a forbidden error response' do
put :update, params: { id: @team.to_param }.merge(valid_update)
expect(response).to have_http_status(:forbidden)
end
end
end
end

7
spec/deserialize_helpers.rb Normal file
View File

@ -0,0 +1,7 @@
# frozen_string_literal: true
module DeserializeHelpers
def deserialize_response(response)
ActiveModelSerializers::Deserialization.jsonapi_parse(JSON.parse(response.body))
end
end

7
spec/rails_helper.rb
View File

@ -1,7 +1,9 @@
# frozen_string_literal: true # frozen_string_literal: true
# This file is copied to spec/ when you run 'rails generate rspec:install'
require 'spec_helper' require 'spec_helper'
require 'auth_helpers'
require 'deserialize_helpers'
ENV['RAILS_ENV'] ||= 'test' ENV['RAILS_ENV'] ||= 'test'
require File.expand_path('../config/environment', __dir__) require File.expand_path('../config/environment', __dir__)
# Prevent database truncation if the environment is production # Prevent database truncation if the environment is production
@ -61,6 +63,9 @@ RSpec.configure do |config|
# arbitrary gems may also be filtered via: # arbitrary gems may also be filtered via:
# config.filter_gems_from_backtrace("gem name") # config.filter_gems_from_backtrace("gem name")
config.include FactoryBot::Syntax::Methods config.include FactoryBot::Syntax::Methods
config.include Devise::Test::ControllerHelpers, type: :controller
config.include AuthHelpers
config.include DeserializeHelpers
end end
Shoulda::Matchers.configure do |config| Shoulda::Matchers.configure do |config|

19
spec/routing/teams_routing_spec.rb Normal file
View File

@ -0,0 +1,19 @@
# frozen_string_literal: true
require 'rails_helper'
RSpec.describe TeamsController, type: :routing do
describe 'routing' do
it 'routes to #show' do
expect(get: '/teams/1').to route_to('teams#show', id: '1')
end
it 'routes to #update via PUT' do
expect(put: '/teams/1').to route_to('teams#update', id: '1')
end
it 'routes to #update via PATCH' do
expect(patch: '/teams/1').to route_to('teams#update', id: '1')
end
end
end