From 9e5eb361968590a87beaf6342c27c408aa0753df Mon Sep 17 00:00:00 2001 From: Brian Smith Date: Mon, 26 Nov 2012 08:37:11 -0500 Subject: [PATCH] VRFS-82 band invitation complete --- app/controllers/api_bands_controller.rb | 55 +++++-------- app/controllers/api_users_controller.rb | 43 +++++++++- .../api_users/band_invitation_update.rabl | 3 + config/routes.rb | 3 +- spec/requests/bands_api_spec.rb | 56 ++++++++++--- spec/requests/users_api_spec.rb | 79 +++++++++++++++++++ 6 files changed, 190 insertions(+), 49 deletions(-) create mode 100644 app/views/api_users/band_invitation_update.rabl diff --git a/app/controllers/api_bands_controller.rb b/app/controllers/api_bands_controller.rb index c470f8f76..0a778e5b1 100644 --- a/app/controllers/api_bands_controller.rb +++ b/app/controllers/api_bands_controller.rb @@ -27,7 +27,7 @@ class ApiBandsController < ApiController end def update - @band = Band.find_by_id(params[:id]) + @band = Band.find(params[:id]) auth_band_member(@band, current_user) @band = Band.save(params[:id], @@ -95,7 +95,7 @@ class ApiBandsController < ApiController end def recording_create - @band = Band.find_by_id(params[:id]) + @band = Band.find(params[:id]) auth_band_member(@band, current_user) @recording = Recording.save(params[:recording_id], @@ -120,7 +120,7 @@ class ApiBandsController < ApiController end def recording_destroy - @band = Band.find_by_id(params[:id]) + @band = Band.find(params[:id]) auth_band_member(@band, current_user) @recording = Recording.find(params[:recording_id]) @@ -136,20 +136,27 @@ class ApiBandsController < ApiController ###################### INVITATIONS ###################### def invitation_index - @band = Band.find_by_id(params[:id]) + @band = Band.find(params[:id]) auth_band_member(@band, current_user) - @invitations = @band.invitations #BandInvitation.find_by_band_id(params[:id]) + @invitations = @band.invitations respond_with @invitations, responder: ApiResponder, :status => 200 end def invitation_show - @band = Band.find_by_id(params[:id]) + @band = Band.find(params[:id]) auth_band_member(@band, current_user) - @invitation = BandInvitation.find(params[:invitation_id]) + + begin + @invitation = BandInvitation.find(params[:invitation_id]) + respond_with @invitation, responder: ApiResponder, :status => 200 + + rescue ActiveRecord::RecordNotFound + render :json => { :message => ValidationMessages::BAND_INVITATION_NOT_FOUND }, :status => 404 + end end def invitation_create - @band = Band.find_by_id(params[:id]) + @band = Band.find(params[:id]) auth_band_member(@band, current_user) @invitation = BandInvitation.save(params[:invitation_id], @@ -161,38 +168,18 @@ class ApiBandsController < ApiController respond_with @invitation, responder: ApiResponder, :status => 201, :location => api_band_invitation_detail_url(@band, @invitation) end -=begin - def invitation_update - @user = current_user - invitation = @user.received_band_invitations.find_by_band_id(params[:id]) - - unless invitation.nil? - @invitation = BandInvitation.save(params[:recording_id], - params[:id], - current_user.id, - current_user.id, - params[:accepted]) - - respond_with @invitation, responder: ApiResponder, :status => 200 - end - - # no invitation was found for this user and band - render :json => { :message => ValidationMessages::BAND_INVITATION_NOT_FOUND }, :status => 404 - end -=end - def invitation_destroy - @band = Band.find_by_id(params[:id]) + @band = Band.find(params[:id]) auth_band_member(@band, current_user) - @invitation = BandInvitation.find(params[:invitation_id]) - - unless @invitation.nil? + begin + @invitation = BandInvitation.find(params[:invitation_id]) @invitation.delete respond_with responder: ApiResponder, :status => 204 - end - render :json => { :message => ValidationMessages::BAND_INVITATION_NOT_FOUND }, :status => 404 + rescue ActiveRecord::RecordNotFound + render :json => { :message => ValidationMessages::BAND_INVITATION_NOT_FOUND }, :status => 404 + end end ############################################################################# diff --git a/app/controllers/api_users_controller.rb b/app/controllers/api_users_controller.rb index 6e096765b..c224adf4f 100644 --- a/app/controllers/api_users_controller.rb +++ b/app/controllers/api_users_controller.rb @@ -7,13 +7,13 @@ class ApiUsersController < ApiController def index # don't return users that aren't yet confirmed @users = User.where('email_confirmed=TRUE').paginate(page: params[:page]) - respond_with @users, responder: ApiResponder, :status => :ok + respond_with @users, responder: ApiResponder, :status => 200 end def show # don't return users that aren't yet confirmed @user = User.where('email_confirmed=TRUE').find(params[:id]) - respond_with @user, responder: ApiResponder, :status => :ok + respond_with @user, responder: ApiResponder, :status => 200 end # this API call is disabled by virtue of it being commented out in routes.rb @@ -70,7 +70,7 @@ class ApiUsersController < ApiController params[:country], params[:instruments]) - respond_with @user, responder: ApiResponder, :status => :ok + respond_with @user, responder: ApiResponder, :status => 200 end def delete @@ -267,6 +267,43 @@ class ApiUsersController < ApiController respond_with responder: ApiResponder, :status => 204 end + ##################### BAND INVITATIONS ################## + def band_invitation_index + auth_user(params[:id]) + @user = current_user + @invitations = @user.received_band_invitations #.merge(@user.sent_band_invitations) + respond_with @invitations, responder: ApiResponder, :status => 200 + end + + def band_invitation_show + auth_user(params[:id]) + + begin + @invitation = BandInvitation.find(params[:invitation_id]) + respond_with @invitation, responder: ApiResponder, :status => 200 + + rescue ActiveRecord::RecordNotFound + render :json => { :message => ValidationMessages::BAND_INVITATION_NOT_FOUND }, :status => 404 + end + end + + def band_invitation_update + auth_user(params[:id]) + + begin + @invitation = BandInvitation.save(params[:invitation_id], + nil, + nil, + nil, + params[:accepted]) + + respond_with @invitation, responder: ApiResponder, :status => 200 + + rescue ActiveRecord::RecordNotFound + render :json => { :message => ValidationMessages::BAND_INVITATION_NOT_FOUND }, :status => 404 + end + end + ###################### AUTHENTICATION ################### def auth_session_create @user = User.authenticate(params[:email], params[:password]) diff --git a/app/views/api_users/band_invitation_update.rabl b/app/views/api_users/band_invitation_update.rabl new file mode 100644 index 000000000..68a2acead --- /dev/null +++ b/app/views/api_users/band_invitation_update.rabl @@ -0,0 +1,3 @@ +object @invitation + +extends "api_users/band_invitation_show" \ No newline at end of file diff --git a/config/routes.rb b/config/routes.rb index d8e2b1d46..1e86e46a0 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -84,9 +84,10 @@ SampleApp::Application.routes.draw do match '/users/:id/recordings/:recording_id' => 'api_users#recording_update', :via => :post match '/users/:id/recordings/:recording_id' => 'api_users#recording_destroy', :via => :delete - # user band invitations (NOT DONE) + # user band invitations match '/users/:id/band_invitations' => 'api_users#band_invitation_index', :via => :get match '/users/:id/band_invitations/:invitation_id' => 'api_users#band_invitation_show', :via => :get, :as => 'api_user_band_invitation_detail' + match '/users/:id/band_invitations/:invitation_id' => 'api_users#band_invitation_update', :via => :post # favorites match '/users/:id/favorites' => 'api_users#favorite_index', :via => :get, :as => 'api_favorite_index' diff --git a/spec/requests/bands_api_spec.rb b/spec/requests/bands_api_spec.rb index d7a2cccf5..3f3516cec 100644 --- a/spec/requests/bands_api_spec.rb +++ b/spec/requests/bands_api_spec.rb @@ -69,22 +69,24 @@ describe "Band API", :type => :api do end ########################## INVITATIONS ######################### - def create_band_invitation(authenticated_user, band_id, user_id) + def create_band_invitation(band_id, user_id) post "/api/bands/#{band_id}/invitations.json", { :band_id => band_id, :user_id => user_id }.to_json, "CONTENT_TYPE" => 'application/json' return last_response end - def get_band_invitations(authenticated_user, band_id) + def get_band_invitations(band_id) get "/api/bands/#{band_id}/invitations.json", "CONTENT_TYPE" => 'application/json' return last_response end - def get_band_invitation(authenticated_user, band_id, invitation_id) + def get_band_invitation(band_id, invitation_id) get "/api/bands/#{band_id}/invitations/#{invitation_id}.json", "CONTENT_TYPE" => 'application/json' return last_response end - def delete_band_invitation() + def delete_band_invitation(band_id, invitation_id) + delete "/api/bands/#{band_id}/invitations/#{invitation_id}.json", "CONTENT_TYPE" => 'application/json' + return last_response end context "when logged in as musician" do @@ -175,8 +177,10 @@ describe "Band API", :type => :api do end it "should allow user to create invitation to a Musician for band A" do + + # TEST 1 - CREATE INVITATION recipient = FactoryGirl.create(:user) - last_response = create_band_invitation(user, band.id, recipient.id) + last_response = create_band_invitation(band.id, recipient.id) last_response.status.should == 201 invitation = JSON.parse(last_response.body) @@ -198,10 +202,9 @@ describe "Band API", :type => :api do # test band relationship band.invitations.size.should == 1 - # retrieve invitation list - last_response = get_band_invitations(user, band.id) + # TEST 2 - RETRIEVE INVITATION LIST + last_response = get_band_invitations(band.id) last_response.status.should == 200 - invitations = JSON.parse(last_response.body) invitations.size.should == 1 invitations[0]["id"].should == invitation["id"] @@ -210,19 +213,34 @@ describe "Band API", :type => :api do invitations[0]["recipient"]["id"].should == recipient.id invitations[0]["band"]["id"].should == band.id - # retrieve invitation details - last_response = get_band_invitation(user, band.id, invitation["id"]) + # TEST 3 - RETRIEVE INVITATION DETAILS + last_response = get_band_invitation(band.id, invitation["id"]) last_response.status.should == 200 invitation_details = JSON.parse(last_response.body) invitation_details["accepted"].nil?.should == true invitation_details["sender"]["id"].should == user.id invitation_details["recipient"]["id"].should == recipient.id invitation_details["band"]["id"].should == band.id + + # TEST 4 -DELETE INVITATION + last_response = delete_band_invitation(band.id, invitation["id"]) + last_response.status.should == 204 + + # test receiver relationships + recipient.received_band_invitations.size.should == 0 + recipient.sent_band_invitations.size.should == 0 + + # test sender relationships + user.received_band_invitations.size.should == 0 + user.sent_band_invitations.size.should == 0 + + # test band relationship + band.invitations.size.should == 0 end it "should not allow user to create invitation to a Fan for band A" do recipient = FactoryGirl.create(:fan) - last_response = create_band_invitation(user, band.id, recipient.id) + last_response = create_band_invitation(band.id, recipient.id) last_response.status.should == 400 # test receiver relationships @@ -236,6 +254,22 @@ describe "Band API", :type => :api do # test band relationship band.invitations.size.should == 0 end + + it "should raise exception when attempting to retrieve a non-existent invitation" do + # retrieve non-existent invitation + last_response = get_band_invitation(band.id, "2") + last_response.status.should == 404 + error_msg = JSON.parse(last_response.body) + error_msg["message"].should == ValidationMessages::BAND_INVITATION_NOT_FOUND + end + + it "should raise exception when attempting to delete a non-existent invitation" do + # delete non-existent invitation + last_response = delete_band_invitation(band.id, "2") + last_response.status.should == 404 + error_msg = JSON.parse(last_response.body) + error_msg["message"].should == ValidationMessages::BAND_INVITATION_NOT_FOUND + end end context "when logged in as user who is not in band A" do diff --git a/spec/requests/users_api_spec.rb b/spec/requests/users_api_spec.rb index 3281716af..fa9c762ec 100644 --- a/spec/requests/users_api_spec.rb +++ b/spec/requests/users_api_spec.rb @@ -114,6 +114,37 @@ describe "User API", :type => :api do delete "/api/users/#{source_user.id}/favorites/#{recording_id}.json" end + ########################## BAND INVITATIONS ######################### + def create_band_invitation(authenticated_user, band_id, user_id) + login(authenticated_user.email, authenticated_user.password, 200, true) + post "/api/bands/#{band_id}/invitations.json", { :band_id => band_id, :user_id => user_id }.to_json, "CONTENT_TYPE" => 'application/json' + return last_response + end + + def update_band_invitation(authenticated_user, source_user, invitation_id, accepted) + login(authenticated_user.email, authenticated_user.password, 200, true) + post "/api/users/#{source_user.id}/band_invitations/#{invitation_id}.json", { :accepted => accepted }.to_json, "CONTENT_TYPE" => 'application/json' + return last_response + end + + def get_band_invitations(authenticated_user, source_user) + login(authenticated_user.email, authenticated_user.password, 200, true) + get "/api/users/#{source_user.id}/band_invitations.json", "CONTENT_TYPE" => 'application/json' + return last_response + end + + def get_band_invitation(authenticated_user, source_user, invitation_id) + login(authenticated_user.email, authenticated_user.password, 200, true) + get "/api/users/#{source_user.id}/band_invitations/#{invitation_id}.json", "CONTENT_TYPE" => 'application/json' + return last_response + end + + def get_band_details(authenticated_user, band_id) + login(authenticated_user.email, authenticated_user.password, 200, true) + get "/api/bands/#{band_id}.json", "CONTENT_TYPE" => 'application/json' + return last_response + end + context "when accessing as unauthenticated user" do it "should allow successful login" do @@ -430,6 +461,54 @@ describe "User API", :type => :api do it "should allow user to deny friend request" do end + + it "should allow user to accept band invitation" do + recipient = FactoryGirl.create(:user) + + # create invitation + user.bands << band + last_response = create_band_invitation(user, band.id, recipient.id) + last_response.status.should == 201 + invitation = JSON.parse(last_response.body) + + # get invitation list for user + last_response = get_band_invitations(recipient, recipient) + last_response.status.should == 200 + invitation_list = JSON.parse(last_response.body) + invitation_list.size.should == 1 + invitation_list[0]["id"].should == invitation["id"] + + # get invitation detail + last_response = get_band_invitation(recipient, recipient, invitation["id"]) + last_response.status.should == 200 + invitation_details = JSON.parse(last_response.body) + invitation_details["id"].should == invitation["id"] + + # accept invitation + last_response = update_band_invitation(recipient, recipient, invitation["id"], true) + last_response.status.should == 200 + + last_response = get_band_details(recipient, band.id) + last_response.status.should == 200 + band_details = JSON.parse(last_response.body) + band_details["musicians"].size.should == 2 + + last_response = get_band_invitation(recipient, recipient, invitation["id"]) + last_response.status.should == 200 + invitation_details = JSON.parse(last_response.body) + invitation_details["accepted"].should == true + end + + it "should allow user to decline band invitation" do + recipient = FactoryGirl.create(:user) + user.bands << band + last_response = create_band_invitation(user, band.id, recipient.id) + last_response.status.should == 201 + + invitation = JSON.parse(last_response.body) + + last_response = update_band_invitation(recipient, recipient, invitation["id"], false) + end end end end