Merge branch 'master' into 'delete_collections'

# Conflicts:
#   test/controllers/v1/collections_controller_test.rb

app/controllers/concerns/taggable_controller.rb

@@ -27,7 +27,7 @@ module TaggableController
   end
 
   def tag_params
-    params.require(:tag).permit(:name, :owner_id, :owner_type)
+    params.require(:tags).permit(:name, :owner_id, :owner_type)
   end
 
   def set_owner

app/controllers/v1/collections_controller.rb

@@ -7,8 +7,9 @@ class V1::CollectionsController < ApplicationController
   include ::Paginator
 
 
-  before_action :set_collection, only: [:show, :update, :destroy, :add_object]
+  before_action :set_collection, only: [:show, :update, :destroy, :add_object, :delete_object]
   before_action :authenticate_user!, only: [:create, :update, :destroy]
+  before_action :authorize!, except: [:create, :tagging, :untagging]
 
   # GET /v1/collections
   # GET /v1/collections.json
@@ -28,11 +29,9 @@ class V1::CollectionsController < ApplicationController
   def create
     collection = Collection.new(collection_params)
 
+    authorize collection
     if collection.save
-      current_user.tag(collection, with: tag_params[:tags].map{ |t| t['name']})
-      collection.add_items(items_params[:items])
-      collection.add_subjects(ids: subject_params[:subjects].map{ |s| s['id']})
-      collection.add_educational_stages(ids: educational_stage_params[:educational_stages].map{ |e| e['id']})
+      collection_associations(collection)
       render json: collection, status: :created
     else
       render json: collection.errors, status: :unprocessable_entity
@@ -44,7 +43,7 @@ class V1::CollectionsController < ApplicationController
   def update
 
     if @collection.update(collection_params)
-      @collection.add_items(items_params[:items])
+      @collection.add_items(extra_params[:items])
       render json: @collection, status: :ok
     else
       render json: @collection.errors, status: :unprocessable_entity
@@ -58,13 +57,21 @@ class V1::CollectionsController < ApplicationController
     render status: :ok
   end
 
-  # POST /v1/collections/!/items
+  # POST /v1/collections/1/items
   def add_object
-    render nothing: true, status: :unprocessable_entity if params.nil?
-    @collection.add_items(items_params[:items])
+    return render nothing: true, status: :unprocessable_entity if extra_params.blank? || extra_params[:items].blank?
+    @collection.add_items(extra_params[:items])
     render json: @collection, status: :ok
   end
 
+  # DELETE /v1/collections/1/items
+  def delete_object
+    return render nothing: true, status: :unprocessable_entity if extra_params.blank? || extra_params[:items].blank?
+    @collection.delete_items(extra_params[:items])
+    render json: @collection, status: :ok
+  end
+
+
   private
 
   def deleted_resource; Collection; end
@@ -84,20 +91,20 @@ class V1::CollectionsController < ApplicationController
     params.require(:collection).permit(:name, :description, :owner_id, :owner_type, :privacy, tags: [])
   end
 
-  def items_params
-    params.require(:collection).permit(items: [:type, :id, :order])
-  end
-
-  def tag_params
-    params.require(:collection).permit(tags: [:name])
+  def extra_params
+    return {} if params[:collection].nil?
+    params[:collection].permit(subjects: [], educational_stages: [], items: [:id, :name, :type], tags: [:name])
   end
 
-  def subject_params
-    params.require(:collection).permit(subjects: [:id])
+  def collection_associations(collection)
+    current_user.tag(collection, with: extra_params[:tags].map { |t| t['name'] }) unless extra_params[:tags].nil?
+    collection.add_subjects(ids: extra_params[:subjects]) unless extra_params[:subjects].nil?
+    collection.add_educational_stages(ids: extra_params[:educational_stages]) unless extra_params[:educational_stages].nil?
+    collection.add_items(extra_params[:items]) unless extra_params[:items].nil?
   end
 
-  def educational_stage_params
-    params.require(:collection).permit(educational_stages: [:id])
+  def authorize!
+    authorize @collection
   end
 
 end

app/controllers/v1/learning_objects_controller.rb

@@ -7,9 +7,9 @@ class V1::LearningObjectsController < ApplicationController
   include ::DeletedObjectsController
   include ::HighlightsController
 
-  before_action :authenticate_user!, except: [:index, :show]
-  before_action :set_learning_object, only: [:show, :update, :destroy]
-  before_action :authorize!, only: [:update, :destroy]
+  before_action :authenticate_user!, except: [:create, :index, :show]
+  before_action :set_learning_object, only: [:show, :update, :destroy, :authorize!]
+  before_action :authorize!, except: [:create, :tagging, :untagging]
 
   def index
     learning_objects = paginate LearningObject.includes(:tags, :publisher, :language, :license)
@@ -28,6 +28,7 @@ class V1::LearningObjectsController < ApplicationController
   # POST /learning_objects.json
   def create
     learning_object = LearningObject.new(learning_object_params)
+    authorize learning_object
     publisher = LearningObjectPublisher.new(DspaceService.create_client)
 
     if publisher.create_draft(learning_object, current_user)
@@ -42,7 +43,7 @@ class V1::LearningObjectsController < ApplicationController
   # PATCH/PUT /learning_objects/1.json
   def update
     if @learning_object.update(learning_object_params)
-      learning_object_associations(learning_object)
+      learning_object_associations(@learning_object)
       publisher = LearningObjectPublisher.new(DspaceService.create_client)
       publisher.update_dspace(@learning_object)
 

app/models/collection.rb

@@ -84,6 +84,13 @@ class Collection < ApplicationRecord
     CollectionItem.import collection_items, on_duplicate_key_update: {conflict_target: [:collection_id, :collectionable_id, :collectionable_type], columns: [:order]}
   end
 
+  def delete_items(items)
+    items.each do |item|
+      CollectionItem.where(collection: self, collectionable: item[:type].constantize.find(item[:id])).destroy_all
+    end
+  end
+
+
   ## score methods
   def user_category
     owner.try('user_category')

app/models/concerns/metadatable.rb

@@ -12,6 +12,7 @@ module Metadatable
   end
 
   def get_metadata_values_of(key)
+    return [] if metadata.blank?
     metadata[key].blank? ? [] : metadata[key]
   end
 end

app/policies/collection_policy.rb

@@ -19,6 +19,18 @@ class CollectionPolicy < ApplicationPolicy
     end
   end
 
+  def index?
+    record
+  end
+
+  def delete_object?
+    record if owns?
+  end
+
+  def add_object?
+    record if owns?
+  end
+
   def create?
     record if user_exists?
   end

calculate_score.groovy

+_score * doc['score']

config/routes.rb

@@ -81,6 +81,7 @@ Rails.application.routes.draw do
     resources :collections, concerns: [:followable, :sociable, :reviewable, :taggable, :versionable, :deletable, :highlights] do
       member do
         post :items, to: 'collections#add_object'
+        delete :items, to: 'collections#delete_object'
       end
     end
 

test/controllers/v1/collections_controller_test.rb

@@ -8,14 +8,17 @@ class V1::CollectionsControllerTest < ActionController::TestCase
     skip('Unsolved issue: ArgumentError: wrong number of arguments (2 for 0)')
   end
 
-  test 'should user post collection to create and return :created code' do
-    auth_request users(:jack)
-    post :create, params: { collection: { name: 'my collection',
-                                         description: 'testing collection',
-                                         owner_type: 'User', owner_id: users(:jack).id,
-                                         items: [{id: learning_objects(:user_lo).id, type: "LearningObject"}]}
-                          }
-    assert_response :created
+ test 'should user post collection to create and return :created code' do
+      auth_request users(:jack)
+      post :create, params: { collection: { name: 'my collection',
+                                  description: 'testing collection',
+                                  owner_type: 'User', owner_id: users(:jack).id,
+                                  items: [{id: learning_objects(:user_lo).id, type: "LearningObject"}],
+                                  tags: [{"name":"teste"}, {"name": "tag de teste"}],
+                                  subjects: [subjects(:subject_one).id],
+                                  educational_stages: [educational_stages(:stage_teste).id]}
+                            }
+      assert_response :created
   end
 
   test 'should institution post collection to create and return :created code' do
@@ -23,7 +26,10 @@ class V1::CollectionsControllerTest < ActionController::TestCase
     post :create, params: { collection: { name: 'my collection',
                                description: 'testing collection',
                                owner_type: 'Institution', owner_id: institutions(:ufpr).id,
-                               items: [{id: learning_objects(:user_lo).id, type: "LearningObject"}]}
+                               items: [{id: learning_objects(:user_lo).id, type: "LearningObject"}],
+                               subjects: [subjects(:subject_one).id],
+                               tags: [{"name": "teste"}, {"name": "tag de teste"}],
+                               educational_stages: [educational_stages(:stage_teste).id]}
                           }
     assert_response :created
   end
@@ -47,12 +53,72 @@ class V1::CollectionsControllerTest < ActionController::TestCase
     assert_response :unauthorized
   end
 
+  test 'should user patch collection to update and return :ok code' do
+    auth_request users(:john)
+    post :update, params: {
+        id: collections(:ufpr).id,
+        collection: {
+          name: 'my updated collection',
+          description: 'testing to update collection',
+          owner_type: 'User', owner_id: users(:john).id,
+          items:
+            [
+                {id: learning_objects(:one).id, type: "LearningObject", order: 1},
+                {id: collections(:ufpr).id, type: "Collection", order: 3}
+            ]
+        }
+      }
+    assert_response :ok
+  end
+
+  test 'should user patch collection to update and return :unauthorized code' do
+    auth_request users(:john)
+    post :update, params: {
+        id: collections(:ufpr).id,
+        collection: {
+          name: 'my updated collection',
+          description: 'testing to update collection',
+          owner_type: 'User', owner_id: users(:john).id,
+          items:
+            [
+                {id: learning_objects(:one).id, type: "LearningObject", order: 1},
+                {id: collections(:ufpr).id, type: "Collection", order: 3}
+            ]
+        }
+      }
+    assert_response :unauthorized
+  end
+
+  test 'should user add items to collection and return :ok code' do
+    auth_request users(:john)
+    post :add_object, params: { id: collections(:ufpr).id, collection: {items: [{id: learning_objects(:lo_metadata2).id, type: 'LearningObject'}] }}
+
+    assert_response :ok
+  end
+
+  test 'should user remove items to collection and return :ok code' do
+    auth_request users(:john)
+    post :delete_object, params: { id: collections(:ufpr).id, collection: { items: [{id: learning_objects(:lo_metadata).id, type: 'LearningObject'}] }}
+    assert_response :ok
+  end
+
+  test 'should user add items to collection and return :unprocessable_entity code' do
+    auth_request users(:john)
+    post :add_object, params: { id: collections(:ufpr).id, collection: {items: [] }}
+    assert_response :unprocessable_entity
+  end
+
+  test 'should user remove items to collection and return :unprocessable_entity code' do
+    auth_request users(:john)
+    post :delete_object, params: { id: collections(:ufpr).id, collection: { items: [] } }
+    assert_response :unprocessable_entity
+  end
 
   test 'should user tagging a collection' do
     auth_request users(:jack)
     tag = tags(:tag_three).name
 
-    post :tagging, params: { id: collections(:ufpr).id, tag: { name: tag, owner_id: users(:jack).id, owner_type: 'User' } }
+    post :tagging, params: { id: collections(:ufpr).id, tags: { name: tag, owner_id: users(:jack).id, owner_type: 'User' } }
     assert_response :created
   end
 
@@ -61,7 +127,7 @@ class V1::CollectionsControllerTest < ActionController::TestCase
     auth_request users(:john)
     tag = tags(:tag_one).name
 
-    post :untagging, params: { id: collections(:ufpr).id, tag: { name: tag, owner_id: users(:jack).id, owner_type: 'User' } }
+    post :untagging, params: { id: collections(:ufpr).id, tags: { name: tag, owner_id: users(:jack).id, owner_type: 'User' } }
     assert_response :ok
   end
 
@@ -72,7 +138,7 @@ class V1::CollectionsControllerTest < ActionController::TestCase
     institution.users << users(:jack)
     tag = tags(:tag_one).name
 
-    post :tagging, params: { id: collections(:ufpr).id, tag: { name: tag, owner_id: institutions(:ufpr).id, owner_type: 'Institution' } }
+    post :tagging, params: { id: collections(:ufpr).id, tags: { name: tag, owner_id: institutions(:ufpr).id, owner_type: 'Institution' } }
     assert_response :created
   end
 
@@ -82,7 +148,7 @@ class V1::CollectionsControllerTest < ActionController::TestCase
     institution.users << users(:john)
     tag = tags(:tag_two).name
 
-    delete :untagging, params: { id: collections(:ufpr).id, tag: { name: tag , owner_id: institutions(:ufpr).id, owner_type: 'Institution' } }
+    post :untagging, params: { id: collections(:ufpr).id, tags: { name: tag, owner_id: institutions(:ufpr).id, owner_type: 'Institution' } }
     assert_response :ok
   end
 

test/controllers/v1/learning_objects_controller_test.rb

@@ -8,7 +8,7 @@ class V1::LearningObjectsControllerTest < ActionController::TestCase
     auth_request users(:jack)
     tag = tags(:tag_three).name
 
-    post :tagging, params: { id: learning_objects(:user_lo).id, tag: { name: tag, owner_id: users(:jack).id, owner_type: 'User' } }
+    post :tagging, params: { id: learning_objects(:user_lo).id, tags: { name: tag, owner_id: users(:jack).id, owner_type: 'User' } }
     assert_response :created
   end
 
@@ -16,7 +16,7 @@ class V1::LearningObjectsControllerTest < ActionController::TestCase
     auth_request users(:jack)
     tag = tags(:tag_three).name
 
-    post :untagging, params: { id: learning_objects(:user_lo).id, tag: { name: tag, owner_id: users(:jack).id, owner_type: 'User' } }
+    post :untagging, params: { id: learning_objects(:user_lo).id, tags: { name: tag, owner_id: users(:jack).id, owner_type: 'User' } }
     assert_response :ok
   end
 
@@ -26,7 +26,7 @@ class V1::LearningObjectsControllerTest < ActionController::TestCase
     institution.users << users(:jack)
     tag = tags(:tag_one).name
 
-    post :tagging, params: { id: learning_objects(:institution_lo).id, tag: { name: tag, owner_id: users(:jack).id, owner_type: 'User' } }
+    post :tagging, params: { id: learning_objects(:institution_lo).id, tags: { name: tag, owner_id: users(:jack).id, owner_type: 'User' } }
     assert_response :created
   end
 
@@ -36,7 +36,7 @@ class V1::LearningObjectsControllerTest < ActionController::TestCase
     institution.users << users(:jack)
     tag = tags(:tag_one).name
 
-    post :untagging, params: { id: learning_objects(:institution_lo).id, tag: { name: tag, owner_id: users(:jack).id, owner_type: 'User' } }
+    post :untagging, params: { id: learning_objects(:institution_lo).id, tags: { name: tag, owner_id: users(:jack).id, owner_type: 'User' } }
     assert_response :ok
   end
 

test/fixtures/collection_item.yml

+item1:
+  collectionable_id: :user_lo.id (User)
+  collectionable_type: 'LearningObject'
+  order: 1

test/fixtures/collections.yml

 ufpr:
   name: 'UFPR collection'
   owner: john (User)
-  privacy: 'public'
\ No newline at end of file
+  privacy: 'public'

test/fixtures/educational_stages.yml

+stage_teste:
+  name: "teste"

test/fixtures/subjects.yml

+subject_one:
+  name: 'teste'