aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--app/controllers/api_controller.rb22
-rw-r--r--spec/controllers/api_controller_spec.rb24
2 files changed, 41 insertions, 5 deletions
diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb
index 2c7f9a4a9..5661819b9 100644
--- a/app/controllers/api_controller.rb
+++ b/app/controllers/api_controller.rb
@@ -74,6 +74,7 @@ class ApiController < ApplicationController
def add_correspondence
request = InfoRequest.find(params[:id])
json = ActiveSupport::JSON.decode(params[:correspondence_json])
+ attachments = params[:attachments]
direction = json["direction"]
body = json["body"]
@@ -105,8 +106,12 @@ class ApiController < ApplicationController
errors << "Failed to parse 'sent_at' field as ISO8601 time: #{sent_at_str}"
end
+ if direction == "request" && !attachments.nil?
+ errors << "You cannot attach files to messages in the 'request' direction"
+ end
+
if !errors.empty?
- render :json => { "errors" => errors }
+ render :json => { "errors" => errors }, :status => 500
return
end
@@ -144,6 +149,21 @@ class ApiController < ApplicationController
request.incoming_messages << incoming_message
request.save!
+
+ attachments.each_with_index do |attachment, i|
+ filename = File.basename(attachment.original_filename)
+ body = attachment.read
+ content_type = AlaveteliFileTypes.filename_and_content_to_mimetype(filename, body) || 'application/octet-stream'
+
+ a = FoiAttachment.new(
+ :incoming_message_id => incoming_message.id,
+ :filename => filename,
+ :content_type => content_type
+ )
+ a.body = body
+ a.save!
+ end
+
request.log_event("response",
:api => true,
:email => nil,
diff --git a/spec/controllers/api_controller_spec.rb b/spec/controllers/api_controller_spec.rb
index 9cd4c0820..a39471775 100644
--- a/spec/controllers/api_controller_spec.rb
+++ b/spec/controllers/api_controller_spec.rb
@@ -173,7 +173,23 @@ describe ApiController, "when using the API" do
end
it "should not allow files to be attached to a followup" do
+ post :add_correspondence,
+ :k => public_bodies(:geraldine_public_body).api_key,
+ :id => info_requests(:external_request).id,
+ :correspondence_json => {
+ "direction" => "request",
+ "sent_at" => Time.now.iso8601,
+ "body" => "Are you joking, or are you serious?"
+ }.to_json,
+ :attachments => [
+ fixture_file_upload("files/tfl.pdf")
+ ]
+
+ # Make sure it worked
+ response.status.to_i.should == 500
+ errors = ActiveSupport::JSON.decode(response.body)["errors"]
+ errors.should == ["You cannot attach files to messages in the 'request' direction"]
end
it "should allow files to be attached to a response" do
@@ -190,10 +206,10 @@ describe ApiController, "when using the API" do
:k => public_bodies(:geraldine_public_body).api_key,
:id => request_id,
:correspondence_json => {
- "direction" => "response",
- "sent_at" => sent_at,
- "body" => response_body
- }.to_json,
+ "direction" => "response",
+ "sent_at" => sent_at,
+ "body" => response_body
+ }.to_json,
:attachments => [
fixture_file_upload("files/tfl.pdf")
]