Show webhook subscription (LTI2 API)
Fixes PLAT-2322 Test Plan: - Create a valid subscription in the subscription service - Using a JWT access token in the authentication header, do a GET request to /api/lti/subscriptions/<subscription id> (Note that the tool doing this request mus use the same dev key as the one that created the subscription). - Verify the subscription is retrieved and a 200 is returned - Attempt to retrieve the subscription using the same endpoint without an authorization header. Verify 401 is returned - Attempt to do the get request with a tool that uses a different dev key than the one used to create the subscription. Verify a 404 is returned. Change-Id: I3ef986d91787a17b2a5ff9730ed7da53c0bfaed3 Reviewed-on: https://gerrit.instructure.com/103096 Reviewed-by: Nathan Mills <nathanm@instructure.com> QA-Review: August Thornton <august@instructure.com> Tested-by: Jenkins Product-Review: Weston Dransfield <wdransfield@instructure.com>
This commit is contained in:
parent
37b2722db1
commit
0d866d7d08
|
@ -81,14 +81,17 @@ module Lti
|
||||||
|
|
||||||
|
|
||||||
# @API Delete a Webhook Subscription
|
# @API Delete a Webhook Subscription
|
||||||
#
|
|
||||||
# @argument id [Required, String]
|
|
||||||
# The id of the submission to delete
|
|
||||||
def destroy
|
def destroy
|
||||||
service_response = Services::LiveEventsSubscriptionService.destroy_tool_proxy_subscription(tool_proxy, params.require(:id))
|
service_response = Services::LiveEventsSubscriptionService.destroy_tool_proxy_subscription(tool_proxy, params.require(:id))
|
||||||
forward_service_response(service_response)
|
forward_service_response(service_response)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# @API Show a single Webhook Subscription
|
||||||
|
def show
|
||||||
|
service_response = Services::LiveEventsSubscriptionService.tool_proxy_subscription(tool_proxy, params.require(:id))
|
||||||
|
forward_service_response(service_response)
|
||||||
|
end
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
def forward_service_response(service_response)
|
def forward_service_response(service_response)
|
||||||
|
|
|
@ -1950,6 +1950,7 @@ CanvasRails::Application.routes.draw do
|
||||||
scope(controller: 'lti/subscriptions_api') do
|
scope(controller: 'lti/subscriptions_api') do
|
||||||
post "subscriptions", action: :create
|
post "subscriptions", action: :create
|
||||||
delete "subscriptions/:id", action: :destroy
|
delete "subscriptions/:id", action: :destroy
|
||||||
|
get "subscriptions/:id", action: :show
|
||||||
end
|
end
|
||||||
|
|
||||||
%w(course account).each do |context|
|
%w(course account).each do |context|
|
||||||
|
|
|
@ -5,7 +5,18 @@ module Lti
|
||||||
include_context 'lti2_api_spec_helper'
|
include_context 'lti2_api_spec_helper'
|
||||||
|
|
||||||
let(:controller){ double(lti2_service_name: 'vnd.Canvas.webhooksSubscription') }
|
let(:controller){ double(lti2_service_name: 'vnd.Canvas.webhooksSubscription') }
|
||||||
|
let(:subscription_id){ 'ab342-c444-29392-e222' }
|
||||||
|
let(:test_subscription){ {'RootAccountId' => '1', 'Id' => subscription_id} }
|
||||||
|
|
||||||
|
let(:show_endpoint){ "/api/lti/subscriptions/#{subscription_id}" }
|
||||||
|
let(:delete_endpoint){ "/api/lti/subscriptions/#{subscription_id}" }
|
||||||
|
let(:create_endpoint){ "/api/lti/subscriptions" }
|
||||||
|
|
||||||
|
let(:ok_response){ double(code: 200, body: subscription.to_json) }
|
||||||
|
let(:not_found_response){ double(code: 404, body: "{}") }
|
||||||
|
let(:delete_response){ double(code: 200, body: "{}") }
|
||||||
|
|
||||||
|
let(:subscription_service){ class_double(Services::LiveEventsSubscriptionService).as_stubbed_const }
|
||||||
let(:subscription) do
|
let(:subscription) do
|
||||||
{
|
{
|
||||||
EventTypes:["attachment_created"],
|
EventTypes:["attachment_created"],
|
||||||
|
@ -19,7 +30,6 @@ module Lti
|
||||||
|
|
||||||
describe '#create' do
|
describe '#create' do
|
||||||
let(:test_subscription){ {'RootAccountId' => '1', 'foo' => 'bar'} }
|
let(:test_subscription){ {'RootAccountId' => '1', 'foo' => 'bar'} }
|
||||||
let(:create_endpoint){ "/api/lti/subscriptions" }
|
|
||||||
let(:stub_response){ double(code: 200, body: test_subscription.to_json) }
|
let(:stub_response){ double(code: 200, body: test_subscription.to_json) }
|
||||||
|
|
||||||
before(:each) do
|
before(:each) do
|
||||||
|
@ -80,14 +90,6 @@ module Lti
|
||||||
end
|
end
|
||||||
|
|
||||||
describe '#destroy' do
|
describe '#destroy' do
|
||||||
let(:subscription_id){ 'ab342-c444-29392-e222' }
|
|
||||||
let(:test_subscription){ {'RootAccountId' => '1', 'Id' => subscription_id} }
|
|
||||||
let(:delete_endpoint){ "/api/lti/subscriptions/#{subscription_id}" }
|
|
||||||
let(:ok_response){ double(code: 200, body: subscription.to_json) }
|
|
||||||
let(:not_found_response){ double(code: 404, body: "{}") }
|
|
||||||
let(:delete_response){ double(code: 200, body: "{}") }
|
|
||||||
let(:subscription_service){ class_double(Services::LiveEventsSubscriptionService).as_stubbed_const }
|
|
||||||
|
|
||||||
before(:each) do
|
before(:each) do
|
||||||
allow(subscription_service).to receive_messages(destroy_tool_proxy_subscription: delete_response)
|
allow(subscription_service).to receive_messages(destroy_tool_proxy_subscription: delete_response)
|
||||||
allow_any_instance_of(Lti::ToolProxy).to receive(:active_in_context?).with(an_instance_of(Account)).and_return(true)
|
allow_any_instance_of(Lti::ToolProxy).to receive(:active_in_context?).with(an_instance_of(Account)).and_return(true)
|
||||||
|
@ -122,5 +124,39 @@ module Lti
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe '#show' do
|
||||||
|
before(:each) do
|
||||||
|
allow_any_instance_of(Lti::ToolProxy).to receive(:active_in_context?).with(an_instance_of(Account)).and_return(true)
|
||||||
|
tool_proxy[:raw_data]['enabled_capability'] = %w(vnd.instructure.webhooks.assignment.attachment_created)
|
||||||
|
tool_proxy.save!
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'updates subscriptions' do
|
||||||
|
allow(subscription_service).to receive_messages(tool_proxy_subscription: ok_response)
|
||||||
|
get show_endpoint, {}, request_headers
|
||||||
|
expect(response).to be_success
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'gives gives 404 if subscription does not exist' do
|
||||||
|
allow(subscription_service).to receive_messages(destroy_tool_proxy_subscription: not_found_response)
|
||||||
|
get show_endpoint, {}, request_headers
|
||||||
|
expect(response).not_to be_success
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'checks that the tool proxy has an active developer key' do
|
||||||
|
product_family.update_attributes(developer_key: nil)
|
||||||
|
allow(subscription_service).to receive_messages(tool_proxy_subscription: ok_response)
|
||||||
|
tool_proxy[:raw_data]['enabled_capability'] = %w(vnd.instructure.webhooks.assignment.attachment_created)
|
||||||
|
tool_proxy.save!
|
||||||
|
get show_endpoint, {}, request_headers
|
||||||
|
expect(response).to be_unauthorized
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'requires JWT Access token' do
|
||||||
|
get show_endpoint, {}
|
||||||
|
expect(response).to be_unauthorized
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue