Index webhook subscription (LTI2 API)

Fixes PLAT-2130 Test Plan: - Create several valid subscriptions in the subscription service - Using a JWT access token in the authentication header, do a GET request to /api/lti/subscriptions (Note that the tool doing this request must use the same dev key as the one that created the subscriptions). - Verify the subscriptions are retrieved - Attempt to retrieve the subscriptions using the same endpoint without an authorization header. Verify 401 is returned Change-Id: I04396d41a4c3e9e97b45c66d8a700449f5a277df Reviewed-on: https://gerrit.instructure.com/103335 Reviewed-by: Nathan Mills <nathanm@instructure.com> QA-Review: August Thornton <august@instructure.com> Tested-by: Jenkins Product-Review: Weston Dransfield <wdransfield@instructure.com>
2017-02-27 12:28:59 -07:00 · 2017-02-27 12:28:59 -07:00 · ec689e7fae
parent c4d6c55b12
commit ec689e7fae
3 changed files with 37 additions and 0 deletions
--- a/app/controllers/lti/subscriptions_api_controller.rb
+++ b/app/controllers/lti/subscriptions_api_controller.rb
@ -105,6 +105,13 @@ module Lti
      forward_service_response(service_response)
    end

+
+    # @API List all Webhook Subscription for a tool proxy
+    def index
+      service_response = Services::LiveEventsSubscriptionService.tool_proxy_subscriptions(tool_proxy)
+      forward_service_response(service_response)
+    end
+
    private

    def forward_service_response(service_response)
--- a/config/routes.rb
+++ b/config/routes.rb
@ -1952,6 +1952,7 @@ CanvasRails::Application.routes.draw do
      delete "subscriptions/:id", action: :destroy
      get "subscriptions/:id", action: :show
      put "subscriptions/:id", action: :update
+      get "subscriptions", action: :index
    end

    %w(course account).each do |context|
--- a/spec/apis/lti/subscriptions_api_spec.rb
+++ b/spec/apis/lti/subscriptions_api_spec.rb
@ -12,6 +12,7 @@ module Lti
    let(:delete_endpoint){ "/api/lti/subscriptions/#{subscription_id}" }
    let(:update_endpoint){ "/api/lti/subscriptions/#{subscription_id}" }
    let(:create_endpoint){ "/api/lti/subscriptions" }
+    let(:index_endpoint){ "/api/lti/subscriptions" }

    let(:ok_response){ double(code: 200, body: subscription.to_json) }
    let(:not_found_response){ double(code: 404, body: "{}") }
@ -223,5 +224,33 @@ module Lti
      end
    end

+    describe '#index' do
+      before(:each) do
+        allow_any_instance_of(Lti::ToolProxy).to receive(:active_in_context?).with(an_instance_of(Account)).and_return(true)
+        tool_proxy[:raw_data]['enabled_capability'] = %w(vnd.instructure.webhooks.assignment.attachment_created)
+        tool_proxy.save!
+      end
+
+      it 'shows subscriptions for a tool proxy' do
+        allow(subscription_service).to receive_messages(tool_proxy_subscriptions: ok_response)
+        get index_endpoint, {}, request_headers
+        expect(response).to be_success
+      end
+
+      it 'checks that the tool proxy has an active developer key' do
+        product_family.update_attributes(developer_key: nil)
+        allow(subscription_service).to receive_messages(tool_proxy_subscription: ok_response)
+        tool_proxy[:raw_data]['enabled_capability'] = %w(vnd.instructure.webhooks.assignment.attachment_created)
+        tool_proxy.save!
+        get index_endpoint, {}, request_headers
+        expect(response).to be_unauthorized
+      end
+
+      it 'requires JWT Access token' do
+        get index_endpoint, {}
+        expect(response).to be_unauthorized
+      end
+    end
+
  end
 end