Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Do not return picture content on create #292

Merged
merged 2 commits into from
Jan 18, 2018
Merged

Do not return picture content on create #292

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
1927b3b
Do not return picture content on create, return image_href where the …
Jan 18, 2018
a792c7d
Return extension so that content is not returned by default and updat…
Jan 18, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion app/controllers/api/pictures_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,8 @@ class PicturesController < BaseController
before_action :set_additional_attributes, :only => [:index, :show]

def create_resource(_type, _id, data)
Picture.create_from_base64(data)
picture = Picture.create_from_base64(data)
picture.attributes.except('content').merge('image_href' => picture.image_href)
rescue => err
raise BadRequestError, "Failed to create Picture - #{err}"
end
Expand Down
272 changes: 140 additions & 132 deletions spec/requests/picture_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,90 +6,65 @@
# - Query picture and image_href of service_requests /api/service_requests/:id?attributes=picture,picture.image_href
#
describe "Pictures" do
let(:dialog1) { FactoryGirl.create(:dialog, :label => "ServiceDialog1") }
let(:ra1) { FactoryGirl.create(:resource_action, :action => "Provision", :dialog => dialog1) }
let(:picture) { FactoryGirl.create(:picture, :extension => "jpg") }
let(:template) do
FactoryGirl.create(:service_template,
:name => "ServiceTemplate",
:resource_actions => [ra1],
:picture => picture)
end
let(:service) { FactoryGirl.create(:service, :service_template_id => template.id) }
let(:service_request) do
FactoryGirl.create(:service_template_provision_request,
:description => 'Service Request',
:requester => @user,
:source_id => template.id)
end

def expect_result_to_include_picture_href(source_id)
expect_result_to_match_hash(response.parsed_body, "id" => source_id)
expect_result_to_have_keys(%w(id href picture))
expect_result_to_match_hash(response.parsed_body["picture"],
"id" => picture.id.to_s,
"resource_id" => template.id.to_s,
"image_href" => /^http:.*#{picture.image_href}$/)
end

describe "Queries of Service Templates" do
it "allows queries of the related picture and image_href" do
api_basic_authorize action_identifier(:service_templates, :read, :resource_actions, :get)

get api_service_template_url(nil, template), :params => { :attributes => "picture,picture.image_href" }

expect_result_to_include_picture_href(template.id.to_s)
context "As an attribute" do
let(:dialog1) { FactoryGirl.create(:dialog, :label => "ServiceDialog1") }
let(:ra1) { FactoryGirl.create(:resource_action, :action => "Provision", :dialog => dialog1) }
let(:picture) { FactoryGirl.create(:picture, :extension => "jpg") }
let(:template) do
FactoryGirl.create(:service_template,
:name => "ServiceTemplate",
:resource_actions => [ra1],
:picture => picture)
end
let(:service) { FactoryGirl.create(:service, :service_template_id => template.id) }
let(:service_request) do
FactoryGirl.create(:service_template_provision_request,
:description => 'Service Request',
:requester => @user,
:source_id => template.id)
end
end

describe "Queries of Services" do
it "allows queries of the related picture and image_href" do
api_basic_authorize action_identifier(:services, :read, :resource_actions, :get)

get api_service_url(nil, service), :params => { :attributes => "picture,picture.image_href" }

expect_result_to_include_picture_href(service.id.to_s)
def expect_result_to_include_picture_href(source_id)
expect_result_to_match_hash(response.parsed_body, "id" => source_id)
expect_result_to_have_keys(%w(id href picture))
expect_result_to_match_hash(response.parsed_body["picture"],
"id" => picture.id.to_s,
"resource_id" => template.id.to_s,
"image_href" => /^http:.*#{picture.image_href}$/)
end
end

describe "Queries of Service Requests" do
it "allows queries of the related picture and image_href" do
api_basic_authorize action_identifier(:service_requests, :read, :resource_actions, :get)
describe "Queries of Service Templates" do
it "allows queries of the related picture and image_href" do
api_basic_authorize action_identifier(:service_templates, :read, :resource_actions, :get)

get api_service_request_url(nil, service_request), :params => { :attributes => "picture,picture.image_href" }
get api_service_template_url(nil, template), :params => { :attributes => "picture,picture.image_href" }

expect_result_to_include_picture_href(service_request.id.to_s)
expect_result_to_include_picture_href(template.id.to_s)
end
end
end

describe 'GET /api/pictures' do
it 'returns image_href, extension when resources are expanded' do
api_basic_authorize
describe "Queries of Services" do
it "allows queries of the related picture and image_href" do
api_basic_authorize action_identifier(:services, :read, :resource_actions, :get)

expected = {
'resources' => [
a_hash_including('image_href' => a_string_including(picture.image_href), 'extension' => picture.extension)
]
}
get(api_pictures_url, :params => { :expand => 'resources' })
get api_service_url(nil, service), :params => { :attributes => "picture,picture.image_href" }

expect(response).to have_http_status(:ok)
expect(response.parsed_body).to include(expected)
expect_result_to_include_picture_href(service.id.to_s)
end
end
end

describe 'GET /api/pictures/:id' do
it 'returns image_href, extension by default' do
api_basic_authorize
describe "Queries of Service Requests" do
it "allows queries of the related picture and image_href" do
api_basic_authorize action_identifier(:service_requests, :read, :resource_actions, :get)

get(api_picture_url(nil, picture))
get api_service_request_url(nil, service_request), :params => { :attributes => "picture,picture.image_href" }

expect(response).to have_http_status(:ok)
expect(response.parsed_body).to include('image_href' => a_string_including(picture.image_href), 'extension' => picture.extension)
expect_result_to_include_picture_href(service_request.id.to_s)
end
end
end

describe 'POST /api/pictures' do
context 'As a collection' do
# Valid base64 image
let(:content) do
"iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAABGdBTUEAALGP"\
Expand All @@ -106,83 +81,116 @@ def expect_result_to_include_picture_href(source_id)
"xQAAAABJRU5ErkJggg=="
end

it 'rejects create without an appropriate role' do
api_basic_authorize

post api_pictures_url, :params => { :extension => 'png', :content => content }

expect(response).to have_http_status(:forbidden)
before do
@picture = Picture.create_from_base64(:extension => "jpg", :content => content)
end

it 'creates a new picture' do
api_basic_authorize collection_action_identifier(:pictures, :create)
describe 'GET /api/pictures' do
it 'returns image_href, extension when resources are expanded' do
api_basic_authorize

expected = {
'results' => [a_hash_including('id')]
}
expected = {
'resources' => [
a_hash_including('image_href' => a_string_including(@picture.image_href), 'extension' => @picture.extension)
]
}
get(api_pictures_url, :params => { :expand => 'resources' })

expect do
post api_pictures_url, :params => { :extension => 'png', :content => content }
end.to change(Picture, :count).by(1)
expect(response.parsed_body).to include(expected)
expect(response).to have_http_status(:ok)
expect(response).to have_http_status(:ok)
expect(response.parsed_body).to include(expected)
end
end

it 'creates multiple pictures' do
api_basic_authorize collection_action_identifier(:pictures, :create)
describe 'GET /api/pictures/:id' do
it 'returns image_href, extension by default' do
api_basic_authorize

expected = {
'results' => [a_hash_including('id'), a_hash_including('id')]
}
get(api_picture_url(nil, @picture))

expect do
post(api_pictures_url, :params => gen_request(:create, [{:extension => 'png', :content => content},
{:extension => 'jpg', :content => content}]))
end.to change(Picture, :count).by(2)
expect(response.parsed_body).to include(expected)
expect(response).to have_http_status(:ok)
expect(response).to have_http_status(:ok)
expect(response.parsed_body).to include('image_href' => a_string_including(@picture.image_href), 'extension' => @picture.extension)
end
end

it 'requires an extension' do
api_basic_authorize collection_action_identifier(:pictures, :create)

post api_pictures_url, :params => { :content => content }

expected = {
'error' => a_hash_including(
'message' => a_string_including("Extension can't be blank")
)
}
expect(response).to have_http_status(:bad_request)
expect(response.parsed_body).to include(expected)
end
describe 'POST /api/pictures' do
it 'rejects create without an appropriate role' do
api_basic_authorize

it 'requires content' do
api_basic_authorize collection_action_identifier(:pictures, :create)

post api_pictures_url, :params => { :extension => 'png' }

expected = {
'error' => a_hash_including(
'message' => a_string_including("Content can't be blank")
)
}
expect(response).to have_http_status(:bad_request)
expect(response.parsed_body).to include(expected)
end

it 'requires content with valid base64' do
api_basic_authorize collection_action_identifier(:pictures, :create)

post api_pictures_url, :params => { :content => 'not base64', :extension => 'png' }
post api_pictures_url, :params => { :extension => 'png', :content => content }

expected = {
'error' => a_hash_including(
'message' => a_string_including('invalid base64')
)
}
expect(response).to have_http_status(:bad_request)
expect(response.parsed_body).to include(expected)
expect(response).to have_http_status(:forbidden)
end

it 'creates a new picture' do
api_basic_authorize collection_action_identifier(:pictures, :create)

expected = {
'results' => [a_hash_including('id', 'image_href')]
}

expect do
post api_pictures_url, :params => { :extension => 'png', :content => content }
end.to change(Picture, :count).by(1)
expect(response.parsed_body).to include(expected)
expect(response).to have_http_status(:ok)
end

it 'creates multiple pictures' do
api_basic_authorize collection_action_identifier(:pictures, :create)

expected = {
'results' => [a_hash_including('id'), a_hash_including('id')]
}

expect do
post(api_pictures_url, :params => gen_request(:create, [{:extension => 'png', :content => content},
{:extension => 'jpg', :content => content}]))
end.to change(Picture, :count).by(2)
expect(response.parsed_body).to include(expected)
expect(response).to have_http_status(:ok)
end

it 'requires an extension' do
api_basic_authorize collection_action_identifier(:pictures, :create)

post api_pictures_url, :params => { :content => content }

expected = {
'error' => a_hash_including(
'message' => a_string_including("Extension can't be blank")
)
}
expect(response).to have_http_status(:bad_request)
expect(response.parsed_body).to include(expected)
end

it 'requires content' do
api_basic_authorize collection_action_identifier(:pictures, :create)

post api_pictures_url, :params => { :extension => 'png' }

expected = {
'error' => a_hash_including(
'message' => a_string_including("Content can't be blank")
)
}
expect(response).to have_http_status(:bad_request)
expect(response.parsed_body).to include(expected)
end

it 'requires content with valid base64' do
api_basic_authorize collection_action_identifier(:pictures, :create)

post api_pictures_url, :params => { :content => 'not base64', :extension => 'png' }

expected = {
'error' => a_hash_including(
'message' => a_string_including('invalid base64')
)
}
expect(response).to have_http_status(:bad_request)
expect(response.parsed_body).to include(expected)
end
end
end
end