diff options
| author | Robin Houston <robin.houston@gmail.com> | 2012-05-24 12:57:00 +0100 |
|---|---|---|
| committer | Robin Houston <robin.houston@gmail.com> | 2012-06-06 19:34:57 +0100 |
| commit | 87098bd183fcf59ba038f1cebef68356e6d57ed5 (patch) | |
| tree | 5f51b9c3b4cc26da908124d2b5fb84159dd73b2f | |
| parent | 3a7317ea1aaf8e4f9b435299938679a5635783ff (diff) | |
Authenticated API
An authenticated API for public bodies. So far just one method
is implemented, which gives the details of a request in JSON
format.
| -rw-r--r-- | app/controllers/api_controller.rb | 46 | ||||
| -rw-r--r-- | config/routes.rb | 8 |
2 files changed, 54 insertions, 0 deletions
diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb new file mode 100644 index 000000000..538dade3f --- /dev/null +++ b/app/controllers/api_controller.rb @@ -0,0 +1,46 @@ +class ApiController < ApplicationController + before_filter :check_api_key + + def create_request + + end + + def show_request + @request = InfoRequest.find(params[:id]) + raise PermissionDenied if @request.public_body_id != @public_body.id + + @request_data = { + :id => @request.id, + :url => make_url("request", @request.url_title), + :title => @request.title, + + :created_at => @request.created_at, + :updated_at => @request.updated_at, + + :status => @request.calculate_status, + + :public_body_url => make_url("body", @request.public_body.url_name), + :requestor_url => make_url("user", @request.user.url_name), + :request_email => @request.incoming_email, + + :request_text => @request.last_event_forming_initial_request.outgoing_message.body, + } + + render :json => @request_data + end + + def add_correspondence + + end + + protected + def check_api_key + @public_body = PublicBody.find_by_api_key(params[:k].gsub(' ', '+')) + raise PermissionDenied if @public_body.nil? + end + + private + def make_url(*args) + "http://" + MySociety::Config.get("DOMAIN", '127.0.0.1:3000') + "/" + args.join("/") + end +end diff --git a/config/routes.rb b/config/routes.rb index 814deb760..13ab6669e 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -240,6 +240,14 @@ ActionController::Routing::Routes.draw do |map| rule.admin_rule_update '/admin/censor/update/:id', :action => 'update' rule.admin_rule_destroy '/admin/censor/destroy/:censor_rule_id', :action => 'destroy' end + + map.with_options :controller => 'api' do |api| + api.api_create_request '/api/v2/request.json', :action => 'create_request', :conditions => { :method => :post } + + api.api_show_request '/api/v2/request/:id.json', :action => 'show_request', :conditions => { :method => :get } + api.api_add_correspondence '/api/v2/request/:id.json', :action => 'add_correspondence', :conditions => { :method => :post } + end + map.filter('conditionallyprependlocale') # Allow downloading Web Service WSDL as a file with an extension |