require 'spec_helper' describe "Invitation API ", :type => :api do subject { page } describe "profile page" do let(:user) { FactoryGirl.create(:user) } before do #sign_in user ActiveMusicSession.delete_all post '/sessions', "session[email]" => user.email, "session[password]" => user.password rack_mock_session.cookie_jar["remember_token"].should == user.remember_token end it "list no invitations" do get '/api/invitations.json' last_response.body.should eql('[]') end it "invitation requires receiver" do # starting condition; valid session and current user is already in it music_session = FactoryGirl.create(:active_music_session, :creator => user) connection = FactoryGirl.create(:connection, :user => user, :music_session => music_session) post '/api/invitations.json', {:music_session => music_session.id} last_response.status.should eql(404) end it "invitation can only be sent if you belong to the music session and to friends" do other_user = FactoryGirl.create(:user) # in the music session # starting condition; valid session and current user is already in it music_session = FactoryGirl.create(:active_music_session, :creator => other_user) connection = FactoryGirl.create(:connection, :user => other_user, :music_session => music_session) post '/api/invitations.json', {:music_session => music_session.id, :receiver => other_user.id} last_response.status.should eql(422) response = JSON.parse(last_response.body) response["errors"].should_not == nil response["errors"]["music_session"][0].should == Invitation::MEMBERSHIP_REQUIRED_OF_MUSIC_SESSION response["errors"]["receiver"][0].should == Invitation::FRIENDSHIP_REQUIRED_VALIDATION_ERROR end it "should create a invitation" do other_user = FactoryGirl.create(:user) # in the music session # starting condition; valid session and current user is already in it music_session = FactoryGirl.create(:active_music_session, :creator => other_user) FactoryGirl.create(:connection, :user => other_user, :music_session => music_session) FactoryGirl.create(:connection, :user => user, :music_session => music_session) FactoryGirl.create(:friendship, :user => user, :friend => other_user) FactoryGirl.create(:friendship, :user => other_user, :friend => user) post '/api/invitations.json', {:music_session => music_session.id, :receiver => other_user.id}.to_json, "CONTENT_TYPE" => 'application/json' last_response.status.should eql(201) # and verify that the response is the same as if we use the GET api response1 = JSON.parse(last_response.body) puts "response1 #{response1.inspect}" get "/api/invitations/#{response1["id"]}.json" response1.should == JSON.parse(last_response.body) end it "should list invitations" do other_user = FactoryGirl.create(:user) # in the music session # starting condition; valid session and current user is already in it music_session = FactoryGirl.create(:active_music_session, :creator => other_user) FactoryGirl.create(:connection, :user => other_user, :music_session => music_session) FactoryGirl.create(:connection, :user => user, :music_session => music_session) FactoryGirl.create(:friendship, :user => user, :friend => other_user) FactoryGirl.create(:friendship, :user => other_user, :friend => user) invitation = FactoryGirl.create(:invitation, :sender => user, :receiver => other_user, :music_session => music_session.music_session) # see that there are no invitations sent to us get '/api/invitations.json' response = JSON.parse(last_response.body) response.should == [] # then check that there is one invitation sent by us get '/api/invitations.json?sender=' + user.id response = JSON.parse(last_response.body) response.length.should == 1 response[0]["id"].should == invitation.id # create an invitation the other way invitation = FactoryGirl.create(:invitation, :sender => other_user, :receiver => user, :music_session => music_session.music_session) # see that there is one invitations sent to us get '/api/invitations.json' response = JSON.parse(last_response.body) response.length.should == 1 response[0]["id"].should == invitation.id end it "should return a already-created error message and 409 response" do other_user = FactoryGirl.create(:user) # in the music session # starting condition; valid session and current user is already in it music_session = FactoryGirl.create(:active_music_session, :creator => other_user) FactoryGirl.create(:connection, :user => other_user, :music_session => music_session) FactoryGirl.create(:connection, :user => user, :music_session => music_session) FactoryGirl.create(:friendship, :user => user, :friend => other_user) FactoryGirl.create(:friendship, :user => other_user, :friend => user) invitation = FactoryGirl.create(:invitation, :sender => user, :receiver => other_user, :music_session => music_session.music_session) post '/api/invitations.json', {:music_session => music_session.id, :receiver => other_user.id}.to_json, "CONTENT_TYPE" => 'application/json' last_response.status.should eql(201) end it "should delete" do other_user = FactoryGirl.create(:user) # in the music session # starting condition; valid session and current user is already in it music_session = FactoryGirl.create(:active_music_session, :creator => other_user) FactoryGirl.create(:connection, :user => other_user, :music_session => music_session) FactoryGirl.create(:connection, :user => user, :music_session => music_session) FactoryGirl.create(:friendship, :user => user, :friend => other_user) FactoryGirl.create(:friendship, :user => other_user, :friend => user) invitation = FactoryGirl.create(:invitation, :sender => user, :receiver => other_user, :music_session => music_session.music_session) # refind the invitation to make sure the db serves it up Invitation.find_by_id(invitation.id).should_not == nil delete "/api/invitations/#{invitation.id}.json", "CONTENT_TYPE" => 'application/json' last_response.status.should eql(204) # and then verify that the invitation is gone Invitation.find_by_id(invitation.id).should == nil end it "should not allow query of invitations not belonging to current user" do other_user = FactoryGirl.create(:user) # in the music session other_user2 = FactoryGirl.create(:user) # in the music session # starting condition; valid session and current user is already in it music_session = FactoryGirl.create(:active_music_session, :creator => other_user) FactoryGirl.create(:connection, :user => other_user, :music_session => music_session) FactoryGirl.create(:connection, :user => other_user2, :music_session => music_session) FactoryGirl.create(:friendship, :user => other_user2, :friend => other_user) FactoryGirl.create(:friendship, :user => other_user, :friend => other_user2) invitation = FactoryGirl.create(:invitation, :sender => other_user2, :receiver => other_user, :music_session => music_session.music_session) # then check that there is one invitation sent by us get '/api/invitations.json?sender=' + other_user.id last_response.status.should eql(403) response = JSON.parse(last_response.body) response.should == {"message" => "You can only ask for your own sent invitations","type" => "PermissionError"} # also check that a fetch by id doesn't work get "/api/invitations/#{invitation.id}" last_response.status.should eql(404) # and that delete by id doesn't work delete "/api/invitations/#{invitation.id}" last_response.status.should eql(404) end end end