diff options
-rw-r--r-- | app/controllers/api_controller.rb | 22 | ||||
-rw-r--r-- | spec/controllers/api_controller_spec.rb | 24 |
2 files changed, 41 insertions, 5 deletions
diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb index 2c7f9a4a9..5661819b9 100644 --- a/app/controllers/api_controller.rb +++ b/app/controllers/api_controller.rb @@ -74,6 +74,7 @@ class ApiController < ApplicationController def add_correspondence request = InfoRequest.find(params[:id]) json = ActiveSupport::JSON.decode(params[:correspondence_json]) + attachments = params[:attachments] direction = json["direction"] body = json["body"] @@ -105,8 +106,12 @@ class ApiController < ApplicationController errors << "Failed to parse 'sent_at' field as ISO8601 time: #{sent_at_str}" end + if direction == "request" && !attachments.nil? + errors << "You cannot attach files to messages in the 'request' direction" + end + if !errors.empty? - render :json => { "errors" => errors } + render :json => { "errors" => errors }, :status => 500 return end @@ -144,6 +149,21 @@ class ApiController < ApplicationController request.incoming_messages << incoming_message request.save! + + attachments.each_with_index do |attachment, i| + filename = File.basename(attachment.original_filename) + body = attachment.read + content_type = AlaveteliFileTypes.filename_and_content_to_mimetype(filename, body) || 'application/octet-stream' + + a = FoiAttachment.new( + :incoming_message_id => incoming_message.id, + :filename => filename, + :content_type => content_type + ) + a.body = body + a.save! + end + request.log_event("response", :api => true, :email => nil, diff --git a/spec/controllers/api_controller_spec.rb b/spec/controllers/api_controller_spec.rb index 9cd4c0820..a39471775 100644 --- a/spec/controllers/api_controller_spec.rb +++ b/spec/controllers/api_controller_spec.rb @@ -173,7 +173,23 @@ describe ApiController, "when using the API" do end it "should not allow files to be attached to a followup" do + post :add_correspondence, + :k => public_bodies(:geraldine_public_body).api_key, + :id => info_requests(:external_request).id, + :correspondence_json => { + "direction" => "request", + "sent_at" => Time.now.iso8601, + "body" => "Are you joking, or are you serious?" + }.to_json, + :attachments => [ + fixture_file_upload("files/tfl.pdf") + ] + + # Make sure it worked + response.status.to_i.should == 500 + errors = ActiveSupport::JSON.decode(response.body)["errors"] + errors.should == ["You cannot attach files to messages in the 'request' direction"] end it "should allow files to be attached to a response" do @@ -190,10 +206,10 @@ describe ApiController, "when using the API" do :k => public_bodies(:geraldine_public_body).api_key, :id => request_id, :correspondence_json => { - "direction" => "response", - "sent_at" => sent_at, - "body" => response_body - }.to_json, + "direction" => "response", + "sent_at" => sent_at, + "body" => response_body + }.to_json, :attachments => [ fixture_file_upload("files/tfl.pdf") ] |