From aed46b5e61834b2fc25d013d40f1f2997fe81436 Mon Sep 17 00:00:00 2001
From: Jillian Tullo <jtullo@redhat.com>
Date: Tue, 14 Mar 2017 08:21:06 -0400
Subject: [PATCH 1/3] edit authentications

update specs
---
 .../api/authentications_controller.rb         |  8 ++
 config/api.yml                                |  6 +-
 spec/requests/api/authentications_spec.rb     | 89 ++++++++++++++++++-
 3 files changed, 100 insertions(+), 3 deletions(-)

diff --git a/app/controllers/api/authentications_controller.rb b/app/controllers/api/authentications_controller.rb
index 552f8915d56..c147eb7c7ed 100644
--- a/app/controllers/api/authentications_controller.rb
+++ b/app/controllers/api/authentications_controller.rb
@@ -1,5 +1,13 @@
 module Api
   class AuthenticationsController < BaseController
+    def edit_resource(type, id, data)
+      auth = resource_search(id, type, collection_class(:authentications))
+      task_id = auth.update_in_provider_queue(data)
+      action_result(true, "Updating Authentication with id #{id}", :task_id => task_id)
+    rescue => err
+      raise "Could not update Authentication - #{err}"
+    end
+
     def delete_resource(type, id, _data = {})
       auth = resource_search(id, type, collection_class(:authentications))
       raise "Delete not supported for #{authentication_ident(auth)}" unless auth.respond_to?(:delete_in_provider_queue)
diff --git a/config/api.yml b/config/api.yml
index 281ee60f0ae..f46abddec8d 100644
--- a/config/api.yml
+++ b/config/api.yml
@@ -233,7 +233,7 @@
     :options:
     - :collection
     - :subcollection
-    :verbs: *gpd
+    :verbs: *gpppd
     :klass: Authentication
     :collection_actions:
       :get:
@@ -242,6 +242,8 @@
       :post:
       - :name: delete
         :identifier: embedded_automation_manager_credentials_delete
+      - :name: edit
+        :identifier: embedded_automation_manager_credentials_edit
     :resource_actions:
       :get:
       - :name: read
@@ -249,6 +251,8 @@
       :post:
       - :name: delete
         :identifier: embedded_automation_manager_credentials_delete
+      - :name: edit
+        :identifier: embedded_automation_manager_credentials_edit
       :delete:
       - :name: delete
         :identifier: embedded_automation_manager_credentials_delete
diff --git a/spec/requests/api/authentications_spec.rb b/spec/requests/api/authentications_spec.rb
index 934895fb9e4..b3161747675 100644
--- a/spec/requests/api/authentications_spec.rb
+++ b/spec/requests/api/authentications_spec.rb
@@ -31,7 +31,6 @@
 
   describe 'GET /api/authentications/:id' do
     it 'will show an authentication configuration script base' do
-      auth = FactoryGirl.create(:authentication)
       api_basic_authorize action_identifier(:authentications, :read, :resource_actions, :get)
 
       run_get(authentications_url(auth.id))
@@ -44,7 +43,6 @@
     end
 
     it 'forbids access to an authentication configuration script base' do
-      auth = FactoryGirl.create(:authentication)
       api_basic_authorize
 
       run_get(authentications_url(auth.id))
@@ -54,6 +52,14 @@
   end
 
   describe 'POST /api/authentications' do
+    let(:params) do
+      {
+        :id          => auth.id,
+        :description => 'Description',
+        :name        => 'Updated Credential'
+      }
+    end
+
     it 'will delete an authentication' do
       api_basic_authorize collection_action_identifier(:authentications, :delete, :post)
 
@@ -120,9 +126,66 @@
       run_post(authentications_url, :action => 'delete', :resources => [{ 'id' => auth.id }])
       expect(response).to have_http_status(:forbidden)
     end
+
+    it 'can update an authentication with an appropriate role' do
+      api_basic_authorize collection_action_identifier(:authentications, :edit)
+
+      run_post(authentications_url, :action => 'edit', :resources => [params])
+
+      expected = {
+        'results' => [
+          a_hash_including(
+            'success' => true,
+            'message' => "Updating Authentication with id #{auth.id}",
+            'task_id' => a_kind_of(Numeric)
+          )
+        ]
+      }
+      expect(response).to have_http_status(:ok)
+      expect(response.parsed_body).to include(expected)
+    end
+
+    it 'can update an authentication with an appropriate role' do
+      params2 = params.dup.merge(:id => auth_2.id)
+      api_basic_authorize collection_action_identifier(:authentications, :edit)
+
+      run_post(authentications_url, :action => 'edit', :resources => [params, params2])
+
+      expected = {
+        'results' => [
+          a_hash_including(
+            'success' => true,
+            'message' => "Updating Authentication with id #{auth.id}",
+            'task_id' => a_kind_of(Numeric)
+          ),
+          a_hash_including(
+            'success' => true,
+            'message' => "Updating Authentication with id #{auth_2.id}",
+            'task_id' => a_kind_of(Numeric)
+          )
+        ]
+      }
+      expect(response).to have_http_status(:ok)
+      expect(response.parsed_body).to include(expected)
+    end
+
+    it 'will forbid update to an authentication without appropriate role' do
+      api_basic_authorize
+
+      run_post(authentications_url, :action => 'edit', :resources => [params])
+
+      expect(response).to have_http_status(:forbidden)
+    end
   end
 
   describe 'POST /api/authentications/:id' do
+    let(:params) do
+      {
+        :description => 'Description',
+        :name        => 'Updated Credential'
+      }
+    end
+
     it 'will delete an authentication' do
       api_basic_authorize action_identifier(:authentications, :delete, :resource_actions, :post)
 
@@ -144,6 +207,28 @@
 
       expect(response).to have_http_status(:forbidden)
     end
+
+    it 'can update an authentication with an appropriate role' do
+      api_basic_authorize collection_action_identifier(:authentications, :edit)
+
+      run_post(authentications_url(auth.id), :action => 'edit', :resource => params)
+
+      expected = {
+        'success' => true,
+        'message' => "Updating Authentication with id #{auth.id}",
+        'task_id' => a_kind_of(Numeric)
+      }
+      expect(response).to have_http_status(:ok)
+      expect(response.parsed_body).to include(expected)
+    end
+
+    it 'will forbid update to an authentication without appropriate role' do
+      api_basic_authorize
+
+      run_post(authentications_url(auth.id), :action => 'edit', :resource => params)
+
+      expect(response).to have_http_status(:forbidden)
+    end
   end
 
   describe 'DELETE /api/authentications/:id' do

From a36e29d1841b9624b180cfb25d3336561d8cc842 Mon Sep 17 00:00:00 2001
From: Jillian Tullo <jtullo@redhat.com>
Date: Wed, 15 Mar 2017 16:51:13 -0400
Subject: [PATCH 2/3] use action_result for errors

---
 app/controllers/api/authentications_controller.rb |  3 ++-
 config/api.yml                                    |  2 +-
 spec/requests/api/authentications_spec.rb         | 14 ++++++++++++++
 3 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/app/controllers/api/authentications_controller.rb b/app/controllers/api/authentications_controller.rb
index c147eb7c7ed..8f3e6b39628 100644
--- a/app/controllers/api/authentications_controller.rb
+++ b/app/controllers/api/authentications_controller.rb
@@ -2,10 +2,11 @@ module Api
   class AuthenticationsController < BaseController
     def edit_resource(type, id, data)
       auth = resource_search(id, type, collection_class(:authentications))
+      raise 'type not currently supported' unless auth.respond_to?(:update_in_provider_queue)
       task_id = auth.update_in_provider_queue(data)
       action_result(true, "Updating Authentication with id #{id}", :task_id => task_id)
     rescue => err
-      raise "Could not update Authentication - #{err}"
+      action_result(false, err.to_s)
     end
 
     def delete_resource(type, id, _data = {})
diff --git a/config/api.yml b/config/api.yml
index f46abddec8d..b9ed43d74a1 100644
--- a/config/api.yml
+++ b/config/api.yml
@@ -233,7 +233,7 @@
     :options:
     - :collection
     - :subcollection
-    :verbs: *gpppd
+    :verbs: *gpd
     :klass: Authentication
     :collection_actions:
       :get:
diff --git a/spec/requests/api/authentications_spec.rb b/spec/requests/api/authentications_spec.rb
index b3161747675..7ac720ebe91 100644
--- a/spec/requests/api/authentications_spec.rb
+++ b/spec/requests/api/authentications_spec.rb
@@ -222,6 +222,20 @@
       expect(response.parsed_body).to include(expected)
     end
 
+    it 'requires that the type support update_in_provider_queue' do
+      api_basic_authorize collection_action_identifier(:authentications, :edit)
+      auth = FactoryGirl.create(:authentication)
+
+      run_post(authentications_url(auth.id), :action => 'edit', :resource => params)
+
+      expected = {
+        'success' => false,
+        'message' => 'type not currently supported'
+      }
+      expect(response).to have_http_status(:ok)
+      expect(response.parsed_body).to include(expected)
+    end
+
     it 'will forbid update to an authentication without appropriate role' do
       api_basic_authorize
 

From 719708699a9597aa6432ad83d318a10daa48f8f7 Mon Sep 17 00:00:00 2001
From: Jillian Tullo <jtullo@redhat.com>
Date: Thu, 16 Mar 2017 10:15:28 -0400
Subject: [PATCH 3/3] updating update message

---
 app/controllers/api/authentications_controller.rb |  4 ++--
 spec/requests/api/authentications_spec.rb         | 10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/app/controllers/api/authentications_controller.rb b/app/controllers/api/authentications_controller.rb
index 8f3e6b39628..17932e6b012 100644
--- a/app/controllers/api/authentications_controller.rb
+++ b/app/controllers/api/authentications_controller.rb
@@ -2,9 +2,9 @@ module Api
   class AuthenticationsController < BaseController
     def edit_resource(type, id, data)
       auth = resource_search(id, type, collection_class(:authentications))
-      raise 'type not currently supported' unless auth.respond_to?(:update_in_provider_queue)
+      raise "Update not supported for #{authentication_ident(auth)}" unless auth.respond_to?(:update_in_provider_queue)
       task_id = auth.update_in_provider_queue(data)
-      action_result(true, "Updating Authentication with id #{id}", :task_id => task_id)
+      action_result(true, "Updating #{authentication_ident(auth)}", :task_id => task_id)
     rescue => err
       action_result(false, err.to_s)
     end
diff --git a/spec/requests/api/authentications_spec.rb b/spec/requests/api/authentications_spec.rb
index 7ac720ebe91..14e04d3343c 100644
--- a/spec/requests/api/authentications_spec.rb
+++ b/spec/requests/api/authentications_spec.rb
@@ -136,7 +136,7 @@
         'results' => [
           a_hash_including(
             'success' => true,
-            'message' => "Updating Authentication with id #{auth.id}",
+            'message' => a_string_including('Updating Authentication'),
             'task_id' => a_kind_of(Numeric)
           )
         ]
@@ -155,12 +155,12 @@
         'results' => [
           a_hash_including(
             'success' => true,
-            'message' => "Updating Authentication with id #{auth.id}",
+            'message' => a_string_including('Updating Authentication'),
             'task_id' => a_kind_of(Numeric)
           ),
           a_hash_including(
             'success' => true,
-            'message' => "Updating Authentication with id #{auth_2.id}",
+            'message' => a_string_including('Updating Authentication'),
             'task_id' => a_kind_of(Numeric)
           )
         ]
@@ -215,7 +215,7 @@
 
       expected = {
         'success' => true,
-        'message' => "Updating Authentication with id #{auth.id}",
+        'message' => a_string_including('Updating Authentication'),
         'task_id' => a_kind_of(Numeric)
       }
       expect(response).to have_http_status(:ok)
@@ -230,7 +230,7 @@
 
       expected = {
         'success' => false,
-        'message' => 'type not currently supported'
+        'message' => "Update not supported for Authentication id:#{auth.id} name: '#{auth.name}'"
       }
       expect(response).to have_http_status(:ok)
       expect(response.parsed_body).to include(expected)