fix account notifications API documentation
only works for current user - user_id field is ignored closes #ADMIN-711 Change-Id: I6f783a19bafbcd830fbab918782b1aa3591735d9 Reviewed-on: https://gerrit.instructure.com/139875 Tested-by: Jenkins Reviewed-by: Rob Orton <rob@instructure.com> Product-Review: James Williams <jamesw@instructure.com> QA-Review: James Williams <jamesw@instructure.com>
This commit is contained in:
James Williams
parent
158139f8bf
commit
fc2dcc16e1
|
|
@ -75,15 +75,16 @@
|
|||
class AccountNotificationsController < ApplicationController
|
||||
include Api::V1::AccountNotifications
|
||||
before_action :require_user
|
||||
before_action :require_account_admin, except: [:user_index, :user_close_notification, :show]
|
||||
before_action :require_account_admin, only: [:create, :update, :destroy]
|
||||
before_action :check_user_param, only: [:user_index_deprecated, :user_close_notification_deprecated, :show_deprecated]
|
||||
|
||||
# @API Index of active global notification for the user
|
||||
# Returns a list of all global notifications in the account for this user
|
||||
# Returns a list of all global notifications in the account for the current user
|
||||
# Any notifications that have been closed by the user will not be returned
|
||||
#
|
||||
# @example_request
|
||||
# curl -H 'Authorization: Bearer <token>' \
|
||||
# https://<canvas>/api/v1/accounts/2/users/4/account_notifications
|
||||
# https://<canvas>/api/v1/accounts/2/users/self/account_notifications
|
||||
#
|
||||
# @returns [AccountNotification]
|
||||
def user_index
|
||||
|
|
@ -91,13 +92,17 @@ class AccountNotificationsController < ApplicationController
|
|||
render :json => account_notifications_json(notifications, @current_user, session)
|
||||
end
|
||||
|
||||
def user_index_deprecated
|
||||
user_index
|
||||
end
|
||||
|
||||
# @API Show a global notification
|
||||
# Returns a global notification
|
||||
# Returns a global notification for the current user
|
||||
# A notification that has been closed by the user will not be returned
|
||||
#
|
||||
# @example_request
|
||||
# curl -H 'Authorization: Bearer <token>' \
|
||||
# https://<canvas>/api/v1/accounts/2/users/4/account_notifications/4
|
||||
# https://<canvas>/api/v1/accounts/2/users/self/account_notifications/4
|
||||
#
|
||||
# @returns AccountNotification
|
||||
def show
|
||||
|
|
@ -110,12 +115,16 @@ class AccountNotificationsController < ApplicationController
|
|||
end
|
||||
end
|
||||
|
||||
def show_deprecated
|
||||
show
|
||||
end
|
||||
|
||||
# @API Close notification for user
|
||||
# If the user no long wants to see this notification it can be excused with this call
|
||||
# If the current user no long wants to see this notification it can be excused with this call
|
||||
#
|
||||
# @example_request
|
||||
# curl -X DELETE -H 'Authorization: Bearer <token>' \
|
||||
# https://<canvas>/api/v1/accounts/2/users/4/account_notifications/4
|
||||
# https://<canvas>/api/v1/accounts/2/users/self/account_notifications/4
|
||||
#
|
||||
# @returns AccountNotification
|
||||
def user_close_notification
|
||||
|
|
@ -124,6 +133,10 @@ class AccountNotificationsController < ApplicationController
|
|||
render :json => account_notification_json(notification, @current_user, session)
|
||||
end
|
||||
|
||||
def user_close_notification_deprecated
|
||||
user_close_notification
|
||||
end
|
||||
|
||||
# @API Create a global notification
|
||||
# Create and return a new global notification for an account.
|
||||
#
|
||||
|
|
@ -287,6 +300,10 @@ class AccountNotificationsController < ApplicationController
|
|||
end
|
||||
|
||||
protected
|
||||
def check_user_param
|
||||
raise ActiveRecord::RecordNotFound unless api_find(User, params[:user_id]) == @current_user
|
||||
end
|
||||
|
||||
def require_account_admin
|
||||
require_account_context
|
||||
return false unless authorized_action(@account, @current_user, :manage_alerts)
|
||||
|
|
|
|||
|
|
@ -950,9 +950,12 @@ CanvasRails::Application.routes.draw do
|
|||
scope(controller: :account_notifications) do
|
||||
post 'accounts/:account_id/account_notifications', action: :create, as: 'account_notification'
|
||||
put 'accounts/:account_id/account_notifications/:id', action: :update, as: 'account_notification_update'
|
||||
get 'accounts/:account_id/users/:user_id/account_notifications', action: :user_index, as: 'user_account_notifications'
|
||||
get 'accounts/:account_id/users/:user_id/account_notifications/:id', action: :show, as: 'user_account_notification_show'
|
||||
delete 'accounts/:account_id/users/:user_id/account_notifications/:id', action: :user_close_notification, as: 'user_account_notification'
|
||||
get 'accounts/:account_id/account_notifications', action: :user_index, as: 'user_account_notifications' # to change the api docs
|
||||
get 'accounts/:account_id/users/:user_id/account_notifications', action: :user_index_deprecated # for back compat
|
||||
get 'accounts/:account_id/account_notifications/:id', action: :show, as: 'user_account_notification_show'
|
||||
get 'accounts/:account_id/users/:user_id/account_notifications/:id', action: :show_deprecated
|
||||
delete 'accounts/:account_id/account_notifications/:id', action: :user_close_notification, as: 'user_account_notification'
|
||||
delete 'accounts/:account_id/users/:user_id/account_notifications/:id', action: :user_close_notification_deprecated
|
||||
end
|
||||
|
||||
scope(controller: :brand_configs_api) do
|
||||
|
|
|
|||
|
|
@ -29,11 +29,10 @@ describe 'Account Notification API', type: :request do
|
|||
describe 'user_index' do
|
||||
before do
|
||||
account_notification(message: 'default')
|
||||
@path = "/api/v1/accounts/#{@admin.account.id}/users/#{@admin.id}/account_notifications"
|
||||
@path = "/api/v1/accounts/#{@admin.account.id}/account_notifications"
|
||||
@api_params = {controller: 'account_notifications',
|
||||
action: 'user_index',
|
||||
format: 'json',
|
||||
user_id: @admin.id,
|
||||
account_id: @admin.account.id.to_s}
|
||||
end
|
||||
|
||||
|
|
@ -41,17 +40,37 @@ describe 'Account Notification API', type: :request do
|
|||
account_notification(message: 'second')
|
||||
json = api_call(:get, @path, @api_params,)
|
||||
expect(json.length).to eq 2
|
||||
expect(json.map{|r| r["message"]}).to match_array(%w{default second})
|
||||
end
|
||||
|
||||
it "should still work on the old endpoint" do
|
||||
json = api_call(:get, "/api/v1/accounts/#{@admin.account.id}/users/#{@admin.id}/account_notifications", {
|
||||
controller: 'account_notifications',
|
||||
action: 'user_index_deprecated',
|
||||
format: 'json',
|
||||
user_id: @admin.id.to_s,
|
||||
account_id: @admin.account.id.to_s})
|
||||
expect(json.map{|r| r["message"]}).to eq %w{default}
|
||||
end
|
||||
|
||||
it "should catch a user_id mismatch on the old endpoint" do
|
||||
other_user = User.create!
|
||||
api_call(:get, "/api/v1/accounts/#{@admin.account.id}/users/#{other_user.id}/account_notifications", {
|
||||
controller: 'account_notifications',
|
||||
action: 'user_index_deprecated',
|
||||
format: 'json',
|
||||
user_id: other_user.id.to_s,
|
||||
account_id: @admin.account.id.to_s}, {}, {:expected_status => 404})
|
||||
end
|
||||
end
|
||||
|
||||
describe 'show' do
|
||||
before do
|
||||
@an = account_notification(message: 'default')
|
||||
@path = "/api/v1/accounts/#{@admin.account.id}/users/#{@admin.id}/account_notifications/#{@an.id}"
|
||||
@path = "/api/v1/accounts/#{@admin.account.id}/account_notifications/#{@an.id}"
|
||||
@api_params = {controller: 'account_notifications',
|
||||
action: 'show',
|
||||
format: 'json',
|
||||
user_id: @admin.id,
|
||||
id: @an.id,
|
||||
account_id: @admin.account.id.to_s}
|
||||
end
|
||||
|
|
@ -64,12 +83,11 @@ describe 'Account Notification API', type: :request do
|
|||
it "should show the notification as a non admin" do
|
||||
user = user_with_managed_pseudonym(:account => @admin.account)
|
||||
|
||||
@path = "/api/v1/accounts/#{user.account.id}/users/#{user.id}/account_notifications/#{@an.id}"
|
||||
@path = "/api/v1/accounts/#{user.account.id}/account_notifications/#{@an.id}"
|
||||
|
||||
@api_params = {controller: 'account_notifications',
|
||||
action: 'show',
|
||||
format: 'json',
|
||||
user_id: user.id,
|
||||
id: @an.id,
|
||||
account_id: @user.account.id.to_s}
|
||||
|
||||
|
|
@ -81,12 +99,11 @@ describe 'Account Notification API', type: :request do
|
|||
describe 'user_close_notification' do
|
||||
before do
|
||||
@a = account_notification(message: 'default')
|
||||
@path = "/api/v1/accounts/#{@admin.account.id}/users/#{@admin.id}/account_notifications/#{@a.id}"
|
||||
@path = "/api/v1/accounts/#{@admin.account.id}/account_notifications/#{@a.id}"
|
||||
@api_params = {controller: 'account_notifications',
|
||||
action: 'user_close_notification',
|
||||
format: 'json',
|
||||
id: @a.id.to_param,
|
||||
user_id: @admin.id,
|
||||
account_id: @admin.account.id.to_s}
|
||||
end
|
||||
|
||||
|
|
@ -95,7 +112,7 @@ describe 'Account Notification API', type: :request do
|
|||
@admin.reload
|
||||
expect(@admin.preferences[:closed_notifications]).to eq [@a.id]
|
||||
|
||||
json = api_call(:get, "/api/v1/accounts/#{@admin.account.id}/users/#{@admin.id}/account_notifications", @api_params.merge(action: 'user_index'),)
|
||||
json = api_call(:get, "/api/v1/accounts/#{@admin.account.id}/account_notifications", @api_params.merge(action: 'user_index'),)
|
||||
expect(json.length).to eq 0
|
||||
end
|
||||
end
|
||||
|
|
|
|||
Loading…
Reference in New Issue