Skip to content

Commit

Permalink
Fix spec
Browse files Browse the repository at this point in the history
  • Loading branch information
x4d3 committed Nov 14, 2017
1 parent 1297a74 commit 9715076
Show file tree
Hide file tree
Showing 69 changed files with 447 additions and 394 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ class ImpersonateController < ApplicationController
# GET /impersonate/user/123
def create
session[:impersonator_redirect_path] = params[:redirect_path].presence
@user = MnoEnterprise::User.find_one(params[:user_id], :deletion_requests, :organizations, :orga_relations, :dashboards, :teams, :user_access_requests, :sub_tenant)
@user = MnoEnterprise::User.find_one(params[:user_id], :user_access_requests)
unless @user.present?
return redirect_with_error('User does not exist')
end
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ def create

def app_answer_params
# for an admin, the organization does not matter
orga_relation = current_user.orga_relations.first
orga_relation = MnoEnterprise::OrgaRelation.where('user.id': current_user.id).first
params.require(:app_answer).permit(:description)
.merge(reviewer_id: orga_relation.id, reviewer_type: 'OrgaRelation',
parent_id: parent.id, reviewable_id: parent.reviewable_id, reviewable_type: 'App')
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ def create

def app_comment_params
# for an admin, the organization does not matter
orga_relation = current_user.orga_relations.first
orga_relation = MnoEnterprise::OrgaRelation.where('user.id': current_user.id).first
params.require(:app_comment).permit(:description)
.merge(reviewer_id: orga_relation.id, reviewer_type: 'OrgaRelation',
parent_id: parent.id, reviewable_id: parent.reviewable_id, reviewable_type: 'App')
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ class Jpi::V1::Admin::AppInstancesController < Jpi::V1::Admin::BaseResourceContr

# DELETE /mnoe/jpi/v1/app_instances/1
def destroy
app_instance = MnoEnterprise::AppInstance.find_one(params[:id])
app_instance = MnoEnterprise::AppInstance.find_one(params[:id], :owner)

if app_instance
MnoEnterprise::EventLogger.info('app_destroy', current_user.id, 'App destroyed', app_instance)
Expand Down
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
module MnoEnterprise
class Jpi::V1::Admin::Impac::DashboardTemplatesController < Jpi::V1::Admin::BaseResourceController

before_action :load_organizations, except: [:destroy]

# TODO [APIV2]: [:'widgets.kpis', :'kpis.alerts']
DASHBOARD_DEPENDENCIES = [:widgets, :kpis]

Expand All @@ -9,6 +11,7 @@ class Jpi::V1::Admin::Impac::DashboardTemplatesController < Jpi::V1::Admin::Base
#==================================================================
# GET /mnoe/jpi/v1/admin/impac/dashboard_templates
def index
dashboard_templates = MnoEnterprise::Dashboard.templates.includes(*DASHBOARD_DEPENDENCIES)
if params[:terms]
# For search mode
@dashboard_templates = []
Expand All @@ -19,61 +22,44 @@ def index
@dashboard_templates = query.to_a
response.headers['X-Total-Count'] = query.meta.record_count
end
load_organizations
end

# GET /mnoe/jpi/v1/admin/impac/dashboard_templates/1
def show
render json: { errors: { message: 'Dashboard template not found' } }, status: :not_found unless dashboard_template.present?
@dashboard_template = MnoEnterprise::Dashboard.find_one!(params[:id], *DASHBOARD_DEPENDENCIES)
end

# POST /mnoe/jpi/v1/admin/impac/dashboard_templates
def create
@dashboard_template = MnoEnterprise::Dashboard.new(dashboard_template_params.merge(dashboard_type: 'template'))

# Abort on failure
unless @dashboard_template.save
return render json: { errors: dashboard_template.errors }, status: :bad_request
end

MnoEnterprise::EventLogger.info('dashboard_template_create', current_user.id, 'Dashboard Template Creation', dashboard_template)
@dashboard_template.save!
MnoEnterprise::EventLogger.info('dashboard_template_create', current_user.id, 'Dashboard Template Creation', @dashboard_template)
@dashboard_template = @dashboard_template.load_required(*DASHBOARD_DEPENDENCIES)
render 'show'
end

# PATCH/PUT /mnoe/jpi/v1/admin/impac/dashboard_templates/1
def update
return render json: { errors: { message: 'Dashboard template not found' } }, status: :not_found unless dashboard_template

# Abort on failure
unless dashboard_template.update(dashboard_template_params)
return render json: { errors: dashboard_template.errors }, status: :bad_request
end

MnoEnterprise::EventLogger.info('dashboard_template_update', current_user.id, 'Dashboard Template Update', dashboard_template)
@dashboard_template = MnoEnterprise::Dashboard.find_one!(params[:id])
dashboard_template.update!(dashboard_template_params)
@dashboard_template = @dashboard_template.load_required(*DASHBOARD_DEPENDENCIES)
MnoEnterprise::EventLogger.info('dashboard_template_update', current_user.id, 'Dashboard Template Update', @dashboard_template)
render 'show'
end

# DELETE /mnoe/jpi/v1/admin/impac/dashboard_templates/1
def destroy
return render json: { errors: { message: 'Dashboard template not found' } }, status: :not_found unless dashboard_template

MnoEnterprise::EventLogger.info('dashboard_template_delete', current_user.id, 'Dashboard Template Deletion', dashboard_template)

# Abort on failure
unless dashboard_template.destroy
return render json: { errors: 'Cannot destroy dashboard template' }, status: :bad_request
end

@dashboard_template = MnoEnterprise::Dashboard.find_one!(params[:id])
MnoEnterprise::EventLogger.info('dashboard_template_delete', current_user.id, 'Dashboard Template Deletion', @dashboard_template)
@dashboard_template.destroy!
head status: :ok
end

private

def dashboard_templates
@dashboard_templates ||= MnoEnterprise::Dashboard.templates.includes(*DASHBOARD_DEPENDENCIES)
end

def dashboard_template
@dashboard_template ||= dashboard_templates.find(params[:id].to_i).first
def load_organizations
@organizations = MnoEnterprise::Organization.where('user.ids': current_user.id)
end

def whitelisted_params
Expand All @@ -86,7 +72,7 @@ def dashboard_template_params
params.require(:dashboard).permit(*whitelisted_params).tap do |whitelisted|
whitelisted[:settings] = params[:dashboard][:metadata] || {}
end
.except(:metadata)
.except(:metadata)
end
end
end
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,15 +4,15 @@ class Jpi::V1::AppInstancesSyncController < Jpi::V1::BaseResourceController

# GET /mnoe/jpi/v1/organization/org-fbba/app_instances_sync
def index
authorize! :check_apps_sync, @parent_organization
authorize! :check_apps_sync, orga_relation
connectors = parent_organization.app_instances_sync!
render json: results(connectors)
end


# POST /mnoe/jpi/v1/organizations/org-fbba/app_instances_sync
def create
authorize! :sync_apps, @parent_organization
authorize! :sync_apps, orga_relation
connectors = parent_organization.trigger_app_instances_sync!
render json: results(connectors)
end
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ def current_app
end

def orga_relation
@orga_relation ||= MnoEnterprise::OrgaRelation.where(organization_id: organization_id, user_id: current_user.id).first
@orga_relation ||= MnoEnterprise::OrgaRelation.where('organization.id': organization_id, 'user.id': current_user.id).first
end

def ensure_app_exists
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,36 +3,6 @@ class Jpi::V1::BaseResourceController < ApplicationController
before_filter :check_authorization

protected
def is_id?(string)
# we consider that it is an id, if it's
string.to_i.to_s == string
end

def orga_relation
@orga_relation ||= begin
id_or_uid = params[:organization_id]
organization_field = is_id?(id_or_uid) ? 'id' : 'uid'
MnoEnterprise::OrgaRelation.where('user.id' => current_user.id, "organization.#{organization_field}" => id_or_uid).first
end
end

def parent_organization_id
id_or_uid = params[:organization_id]
if is_id?(id_or_uid)
id_or_uid
else
parent_organization.id
end
end

def parent_organization
@parent_organization ||= begin
id_or_uid = params[:organization_id]
query = is_id?(id_or_uid) ? id_or_uid : { uid: id_or_uid }
MnoEnterprise::Organization.find(query).first
end
end

# Check current user is logged in
# Check organization is valid if specified
def check_authorization
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ json.extract! template, :id, :name, :full_name, :currency

json.metadata template.settings

json.data_sources template.organizations(current_user.organizations).compact.map do |org|
json.data_sources template.organizations(@organizations).compact.map do |org|
json.id org.id
json.uid org.uid
json.label org.name
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ json.extract! dashboard, :id, :name, :full_name, :currency

json.metadata dashboard.settings

json.data_sources dashboard.organizations(current_user.organizations).compact.map do |org|
json.data_sources dashboard.organizations(@organizations).compact.map do |org|
json.id org.id
json.uid org.uid
json.label org.name
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -14,12 +14,8 @@ module MnoEnterprise::Concerns::Controllers::Jpi::V1::Admin::BaseResourceControl

protected

def timestamp
@timestamp ||= (params[:timestamp] || 0).to_i
end

def parent_organization
@parent_organization ||= current_user.organizations.to_a.find { |o| o.id.to_s == params[:organization_id].to_s }
@parent_organization ||= MnoEnterprise::Organization.where(user_id: current_user.id, id: params[:organization_id]).first
end

# Check current user is logged in
Expand All @@ -33,14 +29,14 @@ def check_authorization
end

def render_not_found(resource = controller_name.singularize, id = params[:id])
render json: { errors: {message: "#{resource.titleize} not found (id=#{id})", code: 404, params: params} }, status: :not_found
render json: { errors: { message: "#{resource.titleize} not found (id=#{id})", code: 404, params: params } }, status: :not_found
end

def render_bad_request(attempted_action, issue)
render json: { errors: {message: "Error while trying to #{attempted_action}: #{issue}", code: 400, params: params} }, status: :bad_request
render json: { errors: { message: "Error while trying to #{attempted_action}: #{issue}", code: 400, params: params } }, status: :bad_request
end

def render_forbidden_request(attempted_action)
render json: { errors: {message: "Error while trying to #{attempted_action}: you do not have permission", code: 403} }, status: :forbidden
render json: { errors: { message: "Error while trying to #{attempted_action}: you do not have permission", code: 403 } }, status: :forbidden
end
end
Original file line number Diff line number Diff line change
Expand Up @@ -16,16 +16,16 @@ module MnoEnterprise::Concerns::Controllers::Jpi::V1::AppInstancesController
# GET /mnoe/jpi/v1/organization/1/app_instances
def index
statuses = MnoEnterprise::AppInstance::ACTIVE_STATUSES.join(',')
@app_instances = MnoEnterprise::AppInstance.includes(:app).where('owner.id': parent_organization.id, 'status.in': statuses, 'fulfilled_only': true).to_a.select do |i|
@app_instances = MnoEnterprise::AppInstance.includes(:app).where('owner.id': parent_organization_id, 'status.in': statuses, 'fulfilled_only': true).to_a.select do |i|
can?(:access,i)
end
end

# POST /mnoe/jpi/v1/organization/1/app_instances
def create
authorize! :manage_app_instances, orga_relation
input = { data: { attributes: { app_nid: params[:nid], owner_id: parent_organization_id, owner_type: 'Organization' } } }
app_instance = MnoEnterprise::AppInstance.provision!(input)
app_instance = MnoEnterprise::AppInstance.provision!(params[:nid], parent_organization_id, 'Organization' )
app_instance = app_instance.load_required(:owner)
MnoEnterprise::EventLogger.info('app_add', current_user.id, 'App added', app_instance)
head :created
end
Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
module MnoEnterprise::Concerns::Controllers::Jpi::V1::CurrentUsersController
extend ActiveSupport::Concern

INCLUDED_DEPENDENCIES = %i(deletion_requests organizations orga_relations dashboards teams orga_relations.user orga_relations.organization sub_tenant)
INCLUDED_DEPENDENCIES = %i(organizations orga_relations dashboards teams orga_relations.user orga_relations.organization sub_tenant)

#==================================================================
# Included methods
Expand All @@ -25,27 +25,26 @@ def show
# PUT /mnoe/jpi/v1/current_user
def update
current_user.attributes = user_params
changed_attributes = @user.changed_attributes
changed_attributes = current_user.changed_attributes
current_user.save!
current_user.refresh_user_cache
MnoEnterprise::EventLogger.info('user_update', current_user.id, 'User update', @user, changed_attributes)
MnoEnterprise::EventLogger.info('user_update', current_user.id, 'User update', current_user, changed_attributes)
@user = current_user.load_required(*INCLUDED_DEPENDENCIES)
render :show
end

# PUT /mnoe/jpi/v1/current_user/register_developer
def register_developer
current_user.create_api_credentials!
MnoEnterprise::EventLogger.info('register_developer', current_user.id, 'Developer registration', @user)
MnoEnterprise::EventLogger.info('register_developer', current_user.id, 'Developer registration', current_user)
@user = current_user.load_required(*INCLUDED_DEPENDENCIES)
render :show

end

# PUT /mnoe/jpi/v1/current_user/update_password
def update_password
current_user.update_password!(data: { attributes: password_params })
MnoEnterprise::EventLogger.info('user_update_password', current_user.id, 'User password change', @user)
MnoEnterprise::EventLogger.info('user_update_password', current_user.id, 'User password change', current_user)
@user = current_user.load_required(*INCLUDED_DEPENDENCIES)
sign_in @user, bypass: true
render :show
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ module ClassMethods
#==================================================================
# POST /deletion_request.json
def create
@deletion_request = current_user.create_deletion_request!
@deletion_request = MnoEnterprise::DeletionRequest.create!(deletable: current_user)
# TODO: deliver_later => need to use user#id and deletion_request#id
MnoEnterprise::SystemNotificationMailer.deletion_request_instructions(current_user, @deletion_request).deliver_now
render json: @deletion_request, status: :created
Expand All @@ -33,7 +33,6 @@ def create
# PUT /deletion_request/1/resend.json
def resend
@deletion_request = current_user.current_deletion_request

# Check that the user has a deletion_request in progress
# and that the token provided (params[:id]) matches the
# deletion_request token
Expand All @@ -59,4 +58,5 @@ def destroy
head :bad_request
end
end

end
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@ module MnoEnterprise::Concerns::Controllers::Jpi::V1::Impac::DashboardTemplatesC
# context where it is included rather than being executed in the module's context
included do
DASHBOARD_DEPENDENCIES = [:widgets, :'widgets.kpis', :kpis, :'kpis.alerts']

respond_to :json
end

Expand All @@ -18,5 +17,6 @@ module MnoEnterprise::Concerns::Controllers::Jpi::V1::Impac::DashboardTemplatesC
# GET /mnoe/jpi/v1/impac/dashboard_templates
def index
@templates = MnoEnterprise::Dashboard.published_templates.includes(*DASHBOARD_DEPENDENCIES)
@organizations = MnoEnterprise::Organization.where('user.ids': current_user.id)
end
end
Original file line number Diff line number Diff line change
Expand Up @@ -18,11 +18,13 @@ module MnoEnterprise::Concerns::Controllers::Jpi::V1::Impac::DashboardsControlle
# GET /mnoe/jpi/v1/impac/dashboards
def index
dashboards
@organizations = MnoEnterprise::Organization.where('user.ids': current_user.id)
end

# GET /mnoe/jpi/v1/impac/dashboards/1
# -> GET /api/mnoe/v1/users/1/dashboards
def show
@organizations = MnoEnterprise::Organization.where('user.ids': current_user.id)
render_not_found('dashboard') unless dashboard(*DASHBOARD_DEPENDENCIES)
end

Expand All @@ -35,6 +37,7 @@ def create
@dashboard = MnoEnterprise::Dashboard.create!(dashboard_create_params)
MnoEnterprise::EventLogger.info('dashboard_create', current_user.id, 'Dashboard Creation', @dashboard)
@dashboard = dashboard.load_required(*DASHBOARD_DEPENDENCIES)
@organizations = MnoEnterprise::Organization.where('user.ids': current_user.id)
render 'show'
end

Expand All @@ -46,7 +49,7 @@ def update
# TODO: enable authorization
# authorize! :manage_dashboard, dashboard
dashboard.update_attributes!(dashboard_update_params)

@organizations = MnoEnterprise::Organization.where('user.ids': current_user.id)
# Reload Dashboard
@dashboard = dashboard.load_required(DASHBOARD_DEPENDENCIES)
render 'show'
Expand All @@ -73,6 +76,7 @@ def copy
# Owner is the current user by default, can be overriden to something else (eg: current organization)
@dashboard = template.copy!(current_user, dashboard_params[:name], dashboard_params[:organization_ids])
@dashboard = @dashboard.load_required(DASHBOARD_DEPENDENCIES)
@organizations = MnoEnterprise::Organization.where('user.ids': current_user.id)
render 'show'
end

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ module MnoEnterprise::Concerns::Controllers::Jpi::V1::Impac::WidgetsController
# -> GET /api/mnoe/v1/organizations/:id/widgets
def index
render_not_found('organization') unless parent_organization
@widgets = MnoEnterprise::Widget.find(organization_id: parent_organization.id)
@widgets = MnoEnterprise::Widget.find(organization_id: parent_organization_id)
end

# POST /mnoe/jpi/v1/impac/dashboards/:id/widgets
Expand Down
Loading

0 comments on commit 9715076

Please sign in to comment.