Merge branch 'master' of gitlab.c3sl.ufpr.br:portalmec/portalmec into stable

082c91d0 · Marcela Ribeiro de Oliveira · a536062a · 3321e9d5 · 082c91d0 · 082c91d0
Commit 082c91d0 authored 7 years ago by Marcela Ribeiro de Oliveira
--- a/app/controllers/v1/learning_objects/attachment_controller.rb
+++ b/app/controllers/v1/learning_objects/attachment_controller.rb
@@ -19,7 +19,9 @@
 class V1::LearningObjects::AttachmentController < ApplicationController
  before_action :set_objects
-  before_action :authorize!
+  before_action :authenticate_user!, only: :update
+  before_action :authorize!, only: :destroy
+  before_action :authorize_update_attachment!, only: :update
  # DELETE /learning_objects/:learning_object_id/attachments/:id
  def destroy
@@ -30,6 +32,16 @@ class V1::LearningObjects::AttachmentController < ApplicationController
    render status: :ok
  end
+  # PUT /learning_objects/:learning_object_id/attachments/:id
+  def update
+    return render status: :not_found if @learning_object.nil? || @attachment.nil?
+    if @attachment.update(infohash: infohash_params[:infohash])
+      render status: :ok
+    else
+      render status: :unprocessable_entity
+    end
+  end
  private
@@ -37,6 +49,10 @@ class V1::LearningObjects::AttachmentController < ApplicationController
    params.permit(:learning_object_id, :id)
  end
+  def infohash_params
+    params.permit(:infohash)
+  end
  def set_objects
    @learning_object = LearningObject.find(attachment_params[:learning_object_id])
    @attachment = LearningObject::Attachment.find(attachment_params[:id])
@@ -47,4 +63,11 @@ class V1::LearningObjects::AttachmentController < ApplicationController
    authorize(@learning_object, :destroy?)
  end
+  def authorize_update_attachment!
+    return render status: :unauthorized unless @learning_object.attachments.include? @attachment
+    authorize(@learning_object, :add_infohash?)
+  end
 end
--- a/app/policies/learning_object_policy.rb
+++ b/app/policies/learning_object_policy.rb
@@ -61,6 +61,10 @@ class LearningObjectPolicy < ApplicationPolicy
    record if owns?
  end
+  def add_infohash?
+    record if user.is_admin?
+  end
  def show?
    return record if record.published? || ( !user.nil? && user_can_edit? )
    return record if user == record.publisher

--- a/config/routes.rb
+++ b/config/routes.rb
@@ -165,7 +165,7 @@ Rails.application.routes.draw do
        resource :upload, module: 'learning_objects', only: :create
        resource :publish, module: 'learning_objects', only: :create
      end
-      resources :attachment, module: 'learning_objects', only: :destroy, on: :member
+      resources :attachment, module: 'learning_objects', only: [:destroy, :update], on: :member
    end
    resources :institutions, concerns: :deletable do

--- a/db/migrate/20170808132744_add_info_hash_to_learning_object_attachments.rb
+++ b/db/migrate/20170808132744_add_info_hash_to_learning_object_attachments.rb
+class AddInfoHashToLearningObjectAttachments < ActiveRecord::Migration[5.0]
+  def change
+    add_column :learning_object_attachments, :infohash, :string
+  end
+end
--- a/spec/acceptance/learning_objects_spec.rb
+++ b/spec/acceptance/learning_objects_spec.rb
@@ -225,5 +225,45 @@ resource 'Learning Objects' do
    end
  end
+  get '/v1/learning_objects/submissions' do
+    include_context "authenticate_user_curator"
+    example 'Get a list of submissions' do
+      do_request
+      expect(status).to eq(200)
+    end
+  end
+  get '/v1/learning_objects/:id/show_submission' do
+    include_context "authenticate_user_curator"
+    let(:id) { @learning_object.id }
+    before do
+      @learning_object = create(:learning_object)
+      @learning_object.update(state: LearningObject.states[:submitted])
+    end
+    example 'Show a submission' do
+          do_request
+      expect(status).to eq(200)
+    end
+  end
+  post '/v1/learning_objects/:id/submit' do
+    include_context "authenticate_user_submitter"
+    let(:id) { @learning_object.id }
+    before do
+      @learning_object = create(:learning_object, publisher: @user)
+      @learning_object.update(state: LearningObject.states[:draft])
+    end
+    example 'Submit a learning object to curator' do
+      do_request
+      expect(status).to eq(200)
+    end
+  end
 end
--- a/spec/acceptance/users_spec.rb
+++ b/spec/acceptance/users_spec.rb
@@ -310,4 +310,42 @@ resource 'Users' do
    end
  end
+  get '/v1/users/upload_requests' do
+    include_context "authenticate_user_supervisor"
+    example 'Get all user that want be submitters' do
+      do_request
+      expect(status).to eq(200)
+    end
+  end
+  post '/v1/users/submitter_request' do
+    include_context "authenticate_user"
+    example 'Request to be a submitter' do
+      do_request
+      expect(status).to eq(200)
+    end
+  end
+  post '/v1/users/:id/approve_request' do
+    include_context "authenticate_user_supervisor"
+    parameter :id, 'The id of the user who asked to be a submitter'
+    parameter :approves, 'If the user can be a submitter or not'
+    let(:id) {@user.id}
+    let(:approves) { true }
+    let(:raw_post) {params.to_json}
+    before do
+      @user = create(:user, )
+          @user.update(submitter_request: User.submitter_requests[:requested])
+    end
+    example 'Approve a submitter request' do
+      do_request
+      expect(status).to eq(200)
+    end
+  end
 end
--- a/spec/controllers/v1/collections_controller_spec.rb
+++ b/spec/controllers/v1/collections_controller_spec.rb
@@ -64,4 +64,4 @@ RSpec.describe V1::CollectionsController, type: :controller do
      it { expect(response).to have_http_status(:ok) }
  end
 end
\ No newline at end of file