Index webhook subscription (LTI2 API)

Fixes PLAT-2130

Test Plan:
- Create several valid subscriptions in the subscription service
- Using a JWT access token in the authentication header,
  do a GET request to /api/lti/subscriptions
  (Note that the tool doing this request must use the same
  dev key as the one that created the subscriptions).
- Verify the subscriptions are retrieved
- Attempt to retrieve the subscriptions using the same
  endpoint without an authorization header. Verify 401 is returned

Change-Id: I04396d41a4c3e9e97b45c66d8a700449f5a277df
Reviewed-on: https://gerrit.instructure.com/103335
Reviewed-by: Nathan Mills <nathanm@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Tested-by: Jenkins
Product-Review: Weston Dransfield <wdransfield@instructure.com>

app/controllers/lti/subscriptions_api_controller.rb

@@ -105,6 +105,13 @@ module Lti
       forward_service_response(service_response)
     end
 
+
+    # @API List all Webhook Subscription for a tool proxy
+    def index
+      service_response = Services::LiveEventsSubscriptionService.tool_proxy_subscriptions(tool_proxy)
+      forward_service_response(service_response)
+    end
+
     private
 
     def forward_service_response(service_response)

config/routes.rb

@@ -1952,6 +1952,7 @@ CanvasRails::Application.routes.draw do
       delete "subscriptions/:id", action: :destroy
       get "subscriptions/:id", action: :show
       put "subscriptions/:id", action: :update
+      get "subscriptions", action: :index
     end
 
     %w(course account).each do |context|

spec/apis/lti/subscriptions_api_spec.rb

@@ -12,6 +12,7 @@ module Lti
     let(:delete_endpoint){ "/api/lti/subscriptions/#{subscription_id}" }
     let(:update_endpoint){ "/api/lti/subscriptions/#{subscription_id}" }
     let(:create_endpoint){ "/api/lti/subscriptions" }
+    let(:index_endpoint){ "/api/lti/subscriptions" }
 
     let(:ok_response){ double(code: 200, body: subscription.to_json) }
     let(:not_found_response){ double(code: 404, body: "{}") }
@@ -223,5 +224,33 @@ module Lti
       end
     end
 
+    describe '#index' do
+      before(:each) do
+        allow_any_instance_of(Lti::ToolProxy).to receive(:active_in_context?).with(an_instance_of(Account)).and_return(true)
+        tool_proxy[:raw_data]['enabled_capability'] = %w(vnd.instructure.webhooks.assignment.attachment_created)
+        tool_proxy.save!
+      end
+
+      it 'shows subscriptions for a tool proxy' do
+        allow(subscription_service).to receive_messages(tool_proxy_subscriptions: ok_response)
+        get index_endpoint, {}, request_headers
+        expect(response).to be_success
+      end
+
+      it 'checks that the tool proxy has an active developer key' do
+        product_family.update_attributes(developer_key: nil)
+        allow(subscription_service).to receive_messages(tool_proxy_subscription: ok_response)
+        tool_proxy[:raw_data]['enabled_capability'] = %w(vnd.instructure.webhooks.assignment.attachment_created)
+        tool_proxy.save!
+        get index_endpoint, {}, request_headers
+        expect(response).to be_unauthorized
+      end
+
+      it 'requires JWT Access token' do
+        get index_endpoint, {}
+        expect(response).to be_unauthorized
+      end
+    end
+
   end
 end