adding tests for reviews

app/controllers/v1/reviews_controller.rb

@@ -4,7 +4,7 @@ class V1::ReviewsController < ApplicationController
 
   # GET /v1/collections/1/reviews
   def index
-    render json: Review.where(reviewable: reviewable)
+    render json: reviewable.reviews
   end
 
   # GET /v1/collections/1/reviews/1
@@ -27,6 +27,7 @@ class V1::ReviewsController < ApplicationController
   # DELETE /v1/learning_objects/1/reviews/2
   # DELETE /v1/learning_objects/1/reviews/2.json
   def destroy
+    authorize @review
     @review.destroy
     render nothing: true, status: :ok
   end

app/policies/review_policy.rb

@@ -9,7 +9,7 @@ class ReviewPolicy < ApplicationPolicy
   end
 
   def destroy?
-    record if owns?
+    record if record.user == user
   end
 
   def rate?

config/routes.rb

@@ -30,12 +30,6 @@ Rails.application.routes.draw do
 
   # devise_for :users, :controllers => { :omniauth_callbacks => "callbacks" }
   namespace :v1 do
-    resources :reviews do
-      member do
-        post :rate
-      end
-    end
-
     resources :users, concerns: :followable do
       member do
         resources :bookmarks, module: 'users', only: [:index, :create, :destroy]

test/controllers/v1/reviews_controller_test.rb

+require 'test_helper'
+
+class V1::ReviewsControllerTest < ActionController::TestCase
+  tests V1::ReviewsController
+  include Devise::TestHelpers
+
+  test 'should user review a learning object and return :created code' do
+    auth_request users(:admin)
+    assert learning_objects(:user_lo).id > 0
+    create_review learning_objects(:user_lo)
+    assert_response :created
+  end
+
+  test 'should user review a collection and return :created code' do
+    auth_request users(:admin)
+    create_review collections(:ufpr)
+    assert_response :created
+  end
+
+  test 'should guest user review a collection and return :unauthorized code' do
+    create_review collections(:ufpr)
+    assert_response :unauthorized
+  end
+
+  test 'should user delete review withou permission and return :unauthorized code' do
+    auth_request users(:john)
+    delete :destroy, collection_id: collections(:ufpr).id, id: reviews(:collection).id
+    assert_response :unauthorized
+  end
+
+  private
+
+  def create_review(object)
+    object_param_name = "#{object.class.to_s.downcase}_id".to_sym
+    object_param_name = 'learning_object_id' if LearningObject == object.class
+    post :create, review: {
+        name: 'Test of review',
+        description: 'testing',
+        pros: 'my pros', cons: 'my cons'
+    }, object_param_name => object.id
+  end
+
+end

test/fixtures/ratings.yml

+usability:
+  name: 'usability'
+
+application_context:
+  name: 'application context'
+
+content:
+  name: 'content quality'
\ No newline at end of file

test/fixtures/review_ratings.yml

+one_collection_review_rating:
+  review: collection (Review)
+  rating: usability (Rating)
+  value: 5
+
+two_collection_review_rating:
+  review: collection (Review)
+  rating: application_context (Rating)
+  value: 5
+
+three_collection_review_rating:
+  review: collection (Review)
+  rating: content (Rating)
+  value: 5
+
+
+one_lo_review_rating:
+  review: learning_object (Review)
+  rating: usability (Rating)
+  value: 2
+
+two_lo_review_rating:
+  review: learning_object (Review)
+  rating: application_context (Rating)
+  value: 3
+
+three_lo_review_rating:
+  review: learning_object (Review)
+  rating: content (Rating)
+  value: 4
\ No newline at end of file

test/fixtures/reviews.yml

+collection:
+  name: 'my collection review'
+  description: 'testing a review about collection'
+  pros: 'my pros'
+  cons: 'my cons'
+  reviewable: ufpr (Collection)
+  user: admin (User)
+
+learning_object:
+  name: 'my learning object review'
+  description: 'testing a review about learning object'
+  pros: 'my pros'
+  cons: 'my cons'
+  reviewable: user_lo (LearningObject)
+  user: admin (User)
\ No newline at end of file