diff --git a/app/controllers/api/cloud_object_store_objects_controller.rb b/app/controllers/api/cloud_object_store_objects_controller.rb new file mode 100644 index 0000000000..767377e38d --- /dev/null +++ b/app/controllers/api/cloud_object_store_objects_controller.rb @@ -0,0 +1,4 @@ +module Api + class CloudObjectStoreObjectsController < BaseProviderController + end +end diff --git a/config/api.yml b/config/api.yml index 7b4ed78e80..e23fa3b0e1 100644 --- a/config/api.yml +++ b/config/api.yml @@ -608,6 +608,24 @@ :get: - :name: read :identifier: cloud_object_store_container_show + :cloud_object_store_objects: + :description: Cloud Object Store Objects + :identifier: cloud_object_store_object + :options: + - :collection + :verbs: *gp + :klass: CloudObjectStoreObject + :collection_actions: + :get: + - :name: read + :identifier: cloud_object_store_object_show_list + :post: + - :name: query + :identifier: cloud_object_store_object_show_list + :resource_actions: + :get: + - :name: read + :identifier: cloud_object_store_object_show :cloud_subnets: :description: Cloud Subnets :identifier: cloud_subnet diff --git a/spec/requests/cloud_object_store_objects_spec.rb b/spec/requests/cloud_object_store_objects_spec.rb new file mode 100644 index 0000000000..02674540de --- /dev/null +++ b/spec/requests/cloud_object_store_objects_spec.rb @@ -0,0 +1,50 @@ +describe "Cloud Object Store Objects API" do + include Spec::Support::SupportsHelper + + context 'GET /api/cloud_object_store_objects' do + it 'forbids access to cloud object store objects without an appropriate role' do + api_basic_authorize + + get(api_cloud_object_store_objects_url) + + expect(response).to have_http_status(:forbidden) + end + + it 'returns cloud object store objects with an appropriate role' do + cloud_object_store_object = FactoryBot.create(:cloud_object_store_object) + api_basic_authorize(collection_action_identifier(:cloud_object_store_objects, :read, :get)) + + get(api_cloud_object_store_objects_url) + + expected = { + 'resources' => [{'href' => api_cloud_object_store_object_url(nil, cloud_object_store_object)}] + } + expect(response).to have_http_status(:ok) + expect(response.parsed_body).to include(expected) + end + end + + context 'GET /api/cloud_object_store_objects' do + let(:cloud_object_store_object) { FactoryBot.create(:cloud_object_store_object) } + + it 'forbids access to a cloud object store object without an appropriate role' do + api_basic_authorize + + get(api_cloud_object_store_object_url(nil, cloud_object_store_object)) + + expect(response).to have_http_status(:forbidden) + end + + it 'returns the cloud object store object with an appropriate role' do + api_basic_authorize(action_identifier(:cloud_object_store_objects, :read, :resource_actions, :get)) + + get(api_cloud_object_store_object_url(nil, cloud_object_store_object)) + + expected = { + 'href' => api_cloud_object_store_object_url(nil, cloud_object_store_object) + } + expect(response).to have_http_status(:ok) + expect(response.parsed_body).to include(expected) + end + end +end