diff --git a/app/controllers/concerns/publisher_controller.rb b/app/controllers/concerns/publisher_controller.rb
index dbfcd2f1ea4b2e3eb871a503fed4efb606874fe5..5199dca2fe3c0f7e14ea3425539bdaa8e35e962b 100644
--- a/app/controllers/concerns/publisher_controller.rb
+++ b/app/controllers/concerns/publisher_controller.rb
@@ -21,9 +21,9 @@ module PublisherController
extend ActiveSupport::Concern
included do
- before_action :authenticate, only: [:show_all_drafts, :show_liked_learning_objects, :show_liked_collections]
- before_action :set_publisher, only: [:show_all_drafts, :show_all_learning_objects, :show_all_collections, :show_liked_learning_objects, :show_liked_collections]
- before_action -> { authorize @publisher }, only: [:show_all_drafts, :show_liked_learning_objects, :show_liked_collections]
+ before_action :authenticate, only: [:show_all_drafts, :show_liked_learning_objects, :show_submitted_learning_objects, :show_liked_collections]
+ before_action :set_publisher, only: [:show_all_drafts, :show_all_learning_objects, :show_submitted_learning_objects, :show_all_collections, :show_liked_learning_objects, :show_liked_collections]
+ before_action -> { authorize @publisher }, only: [:show_all_drafts, :show_submitted_learning_objects, :show_liked_learning_objects, :show_liked_collections]
end
def show_all_drafts
@@ -35,6 +35,10 @@ module PublisherController
render json: LearningObject.where(publisher: @publisher, state: LearningObject.states[:published])
end
+ def show_submitted_learning_objects
+ render json: LearningObject.where(publisher: @publisher, state: LearningObject.states[:submitted])
+ end
+
def show_all_collections
render json: ::UserPolicy::Scope.new(current_user, @publisher, Collection).resolve.where(owner: @publisher)
end
@@ -59,7 +63,7 @@ module PublisherController
end
def set_publisher
- user, id = request.path.split('/')[2, 3]
+ user, id = request.path.split('/')[2, 2]
return nil unless %w(users institutions).include? user
publisher_model = user.singularize.classify.constantize
@publisher = publisher_model.find(id)
diff --git a/app/policies/publisher_policy.rb b/app/policies/publisher_policy.rb
index 631b5eccfb79d362773e6d120033a53d7932f1bd..5df13047229f9888c91ba76bca2937845f97258a 100644
--- a/app/policies/publisher_policy.rb
+++ b/app/policies/publisher_policy.rb
@@ -24,7 +24,7 @@ module PublisherPolicy
def initialize(user, record, scope)
@user = user
- @record = user
+ @record = record
@scope = scope
end
@@ -47,6 +47,10 @@ module PublisherPolicy
record if same_user? || user_can_edit?
end
+ def show_submitted_learning_objects?
+ record if same_user? || user_can_edit?
+ end
+
def show_liked_collections?
record if same_user? || user_can_edit?
end
diff --git a/config/routes.rb b/config/routes.rb
index 422d0df906892627913c7d3e217d0acaa965396a..6d447546019431034f88f0fedb5edd17b8747687 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -100,6 +100,7 @@ Rails.application.routes.draw do
get 'drafts', as: :get_drafts, action: :show_all_drafts
get 'learning_objects', as: :get_learning_objects, action: :show_all_learning_objects
get 'learning_objects/liked', as: :get_liked_learning_objects, action: :show_liked_learning_objects
+ get 'submissions', as: :get_submitted_learning_objects, action: :show_submitted_learning_objects
get 'collections', as: :get_collections, action: :show_all_collections
get 'collections/liked', as: :get_liked_collections, action: :show_liked_collections
end
diff --git a/spec/acceptance/users_spec.rb b/spec/acceptance/users_spec.rb
index e381d1b1400963e79233ece6798b7cd0483f7f3d..df0c1526f1e813a7667b85b19cd1b3e9f0b11c2a 100644
--- a/spec/acceptance/users_spec.rb
+++ b/spec/acceptance/users_spec.rb
@@ -292,6 +292,21 @@ resource 'Users' do
end
end
+ get '/v1/users/:id/submissions' do
+ include_context "authenticate_user"
+
+ before do
+ create(:learning_object, publisher: @user, state: LearningObject.states[:submitted])
+ end
+
+ let(:id) { @user.id }
+
+ example 'Showing an user’s submissions' do
+ do_request
+ expect(status).to eq(200)
+ end
+ end
+
delete '/v1/auth' do
include_context "authenticate_user"