diff options
Diffstat (limited to 'spec')
| -rw-r--r-- | spec/controllers/api_controller_spec.rb | 870 |
1 files changed, 434 insertions, 436 deletions
diff --git a/spec/controllers/api_controller_spec.rb b/spec/controllers/api_controller_spec.rb index d2e5f8c97..7b1d73e8a 100644 --- a/spec/controllers/api_controller_spec.rb +++ b/spec/controllers/api_controller_spec.rb @@ -4,357 +4,353 @@ require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') describe ApiController, "when using the API" do describe 'checking API keys' do - before do - @number_of_requests = InfoRequest.count - @request_data = { - "title" => "Tell me about your chickens", - "body" => "Dear Sir,\n\nI should like to know about your chickens.\n\nYours in faith,\nBob\n", - - "external_url" => "http://www.example.gov.uk/foi/chickens_23", - "external_user_name" => "Bob Smith", - } - end - - it 'should check that an API key is given as a param' do - expect { - post :create_request, :request_json => @request_data.to_json - }.to raise_error ApplicationController::PermissionDenied - InfoRequest.count.should == @number_of_requests - end - - it "should check the API key" do - expect { - post :create_request, - :k => "This is not really an API key", - :request_json => @request_data.to_json - }.to raise_error ApplicationController::PermissionDenied - InfoRequest.count.should == @number_of_requests - end + before do + @number_of_requests = InfoRequest.count + @request_data = { + 'title' => 'Tell me about your chickens', + 'body' => "Dear Sir,\n\nI should like to know about your chickens.\n\nYours in faith,\nBob\n", + 'external_url' => 'http://www.example.gov.uk/foi/chickens_23', + 'external_user_name' => 'Bob Smith' + } + end + + it 'should check that an API key is given as a param' do + expect { + post :create_request, :request_json => @request_data.to_json + }.to raise_error ApplicationController::PermissionDenied + InfoRequest.count.should == @number_of_requests + end + + it 'should check the API key' do + expect { + post :create_request, + :k => 'This is not really an API key', + :request_json => @request_data.to_json + }.to raise_error ApplicationController::PermissionDenied + InfoRequest.count.should == @number_of_requests + end end def _create_request - post :create_request, - :k => public_bodies(:geraldine_public_body).api_key, - :request_json => { - "title" => "Tell me about your chickens", - "body" => "Dear Sir,\n\nI should like to know about your chickens.\n\nYours in faith,\nBob\n", - - "external_url" => "http://www.example.gov.uk/foi/chickens_23", - "external_user_name" => "Bob Smith", - }.to_json - response.content_type.should == "application/json" - return ActiveSupport::JSON.decode(response.body)["id"] + post :create_request, + :k => public_bodies(:geraldine_public_body).api_key, + :request_json => { + 'title' => 'Tell me about your chickens', + 'body' => "Dear Sir,\n\nI should like to know about your chickens.\n\nYours in faith,\nBob\n", + 'external_url' => 'http://www.example.gov.uk/foi/chickens_23', + 'external_user_name' => 'Bob Smith' + }.to_json + response.content_type.should == 'application/json' + ActiveSupport::JSON.decode(response.body)['id'] end # POST /api/v2/request.json describe 'creating a request' do - it "should create a new request from a POST" do - number_of_requests = InfoRequest.count( + it 'should create a new request from a POST' do + number_of_requests = InfoRequest.count( :conditions => [ - "public_body_id = ?", - public_bodies(:geraldine_public_body).id + "public_body_id = ?", + public_bodies(:geraldine_public_body).id ] - ) + ) - request_data = { - "title" => "Tell me about your chickens", - "body" => "Dear Sir,\n\nI should like to know about your chickens.\n\nYours in faith,\nBob\n", + request_data = { + 'title' => 'Tell me about your chickens', + 'body' => "Dear Sir,\n\nI should like to know about your chickens.\n\nYours in faith,\nBob\n", + 'external_url' => 'http://www.example.gov.uk/foi/chickens_23', + 'external_user_name' => 'Bob Smith', + } - "external_url" => "http://www.example.gov.uk/foi/chickens_23", - "external_user_name" => "Bob Smith", - } + post :create_request, + :k => public_bodies(:geraldine_public_body).api_key, + :request_json => request_data.to_json + response.should be_success + + response.content_type.should == 'application/json' + response_body = ActiveSupport::JSON.decode(response.body) + response_body['errors'].should be_nil + response_body['url'].should =~ /^http/ + + InfoRequest.count(:conditions => [ + 'public_body_id = ?', + public_bodies(:geraldine_public_body).id] + ).should == number_of_requests + 1 + + new_request = InfoRequest.find(response_body['id']) + new_request.user_id.should be_nil + new_request.external_user_name.should == request_data['external_user_name'] + new_request.external_url.should == request_data['external_url'] + + new_request.title.should == request_data['title'] + new_request.last_event_forming_initial_request.outgoing_message.body.should == request_data['body'].strip + + new_request.public_body_id.should == public_bodies(:geraldine_public_body).id + new_request.info_request_events.size.should == 1 + new_request.info_request_events[0].event_type.should == 'sent' + new_request.info_request_events[0].calculated_state.should == 'waiting_response' + end + end - post :create_request, - :k => public_bodies(:geraldine_public_body).api_key, - :request_json => request_data.to_json - response.should be_success + # POST /api/v2/request/:id/add_correspondence.json + describe 'adding correspondence to a request' do + it 'should add a response to a request' do + # First we need an external request + request_id = info_requests(:external_request).id - response.content_type.should == "application/json" + # Initially it has no incoming messages + IncomingMessage.count(:conditions => ["info_request_id = ?", request_id]).should == 0 - response_body = ActiveSupport::JSON.decode(response.body) - response_body["errors"].should be_nil - response_body["url"].should =~ /^http/ + # Now add one + sent_at = '2012-05-28T12:35:39+01:00' + response_body = "Thank you for your request for information, which we are handling in accordance with the Freedom of Information Act 2000. You will receive a response within 20 working days or before the next full moon, whichever is sooner.\n\nYours sincerely,\nJohn Gandermulch,\nExample Council FOI Officer\n" + post :add_correspondence, + :k => public_bodies(:geraldine_public_body).api_key, + :id => request_id, + :correspondence_json => { + 'direction' => 'response', + 'sent_at' => sent_at, + 'body' => response_body + }.to_json + + # And make sure it worked + response.should be_success + incoming_messages = IncomingMessage.all(:conditions => ['info_request_id = ?', request_id]) + incoming_messages.count.should == 1 + incoming_message = incoming_messages[0] + + incoming_message.sent_at.should == Time.iso8601(sent_at) + incoming_message.get_main_body_text_folded.should be_equal_modulo_whitespace_to(response_body) + end - InfoRequest.count(:conditions => [ - "public_body_id = ?", - public_bodies(:geraldine_public_body).id] - ).should == number_of_requests + 1 + it 'should add a followup to a request' do + # First we need an external request + request_id = info_requests(:external_request).id - new_request = InfoRequest.find(response_body["id"]) - new_request.user_id.should be_nil - new_request.external_user_name.should == request_data["external_user_name"] - new_request.external_url.should == request_data["external_url"] + # Initially it has one outgoing message + OutgoingMessage.count(:conditions => ['info_request_id = ?', request_id]).should == 1 - new_request.title.should == request_data["title"] - new_request.last_event_forming_initial_request.outgoing_message.body.should == request_data["body"].strip + # Add another, as a followup + sent_at = '2012-05-29T12:35:39+01:00' + followup_body = "Pls answer ASAP.\nkthxbye\n" + post :add_correspondence, + :k => public_bodies(:geraldine_public_body).api_key, + :id => request_id, + :correspondence_json => { + 'direction' => 'request', + 'sent_at' => sent_at, + 'body' => followup_body + }.to_json + + # Make sure it worked + response.should be_success + followup_messages = OutgoingMessage.all( + :conditions => ["info_request_id = ? and message_type = 'followup'", request_id] + ) + followup_messages.size.should == 1 + followup_message = followup_messages[0] + + followup_message.last_sent_at.should == Time.iso8601(sent_at) + followup_message.body.should == followup_body.strip + end - new_request.public_body_id.should == public_bodies(:geraldine_public_body).id - new_request.info_request_events.size.should == 1 - new_request.info_request_events[0].event_type.should == 'sent' - new_request.info_request_events[0].calculated_state.should == 'waiting_response' - end - end + it 'should update the status if a valid state is supplied' do + # First we need an external request + request_id = info_requests(:external_request).id - # POST /api/v2/request/:id/add_correspondence.json - describe 'adding correspondence to a request' do - it "should add a response to a request" do - # First we need an external request - request_id = info_requests(:external_request).id + # Initially it has no incoming messages + IncomingMessage.count(:conditions => ['info_request_id = ?', request_id]).should == 0 - # Initially it has no incoming messages - IncomingMessage.count(:conditions => ["info_request_id = ?", request_id]).should == 0 + # Now add one + sent_at = '2012-05-28T12:35:39+01:00' + response_body = "Thank you for your request for information, which we are handling in accordance with the Freedom of Information Act 2000. You will receive a response within 20 working days or before the next full moon, whichever is sooner.\n\nYours sincerely,\nJohn Gandermulch,\nExample Council FOI Officer\n" + post :add_correspondence, + :k => public_bodies(:geraldine_public_body).api_key, + :id => request_id, + :state => 'successful', + :correspondence_json => { + 'direction' => 'response', + 'sent_at' => sent_at, + 'body' => response_body, + }.to_json + + # And make sure it worked + response.should be_success + incoming_messages = IncomingMessage.all(:conditions => ['info_request_id = ?', request_id]) + incoming_messages.count.should == 1 + request = InfoRequest.find_by_id(request_id) + request.described_state.should == 'successful' + end - # Now add one - sent_at = "2012-05-28T12:35:39+01:00" - response_body = "Thank you for your request for information, which we are handling in accordance with the Freedom of Information Act 2000. You will receive a response within 20 working days or before the next full moon, whichever is sooner.\n\nYours sincerely,\nJohn Gandermulch,\nExample Council FOI Officer\n" - post :add_correspondence, - :k => public_bodies(:geraldine_public_body).api_key, - :id => request_id, - :correspondence_json => { - "direction" => "response", - "sent_at" => sent_at, - "body" => response_body - }.to_json - - # And make sure it worked - response.should be_success - incoming_messages = IncomingMessage.all(:conditions => ["info_request_id = ?", request_id]) - incoming_messages.count.should == 1 - incoming_message = incoming_messages[0] - - incoming_message.sent_at.should == Time.iso8601(sent_at) - incoming_message.get_main_body_text_folded.should be_equal_modulo_whitespace_to(response_body) - end - - it "should add a followup to a request" do - # First we need an external request - request_id = info_requests(:external_request).id - - # Initially it has one outgoing message - OutgoingMessage.count(:conditions => ["info_request_id = ?", request_id]).should == 1 - - # Add another, as a followup - sent_at = "2012-05-29T12:35:39+01:00" - followup_body = "Pls answer ASAP.\nkthxbye\n" - post :add_correspondence, - :k => public_bodies(:geraldine_public_body).api_key, - :id => request_id, - :correspondence_json => { - "direction" => "request", - "sent_at" => sent_at, - "body" => followup_body - }.to_json - - # Make sure it worked - response.should be_success - followup_messages = OutgoingMessage.all( - :conditions => ["info_request_id = ? and message_type = 'followup'", request_id] - ) - followup_messages.size.should == 1 - followup_message = followup_messages[0] - - followup_message.last_sent_at.should == Time.iso8601(sent_at) - followup_message.body.should == followup_body.strip - end - - it "should update the status if a valid state is supplied" do - # First we need an external request - request_id = info_requests(:external_request).id - - # Initially it has no incoming messages - IncomingMessage.count(:conditions => ["info_request_id = ?", request_id]).should == 0 - - # Now add one - sent_at = "2012-05-28T12:35:39+01:00" - response_body = "Thank you for your request for information, which we are handling in accordance with the Freedom of Information Act 2000. You will receive a response within 20 working days or before the next full moon, whichever is sooner.\n\nYours sincerely,\nJohn Gandermulch,\nExample Council FOI Officer\n" - post :add_correspondence, - :k => public_bodies(:geraldine_public_body).api_key, - :id => request_id, - :state => "successful", - :correspondence_json => { - "direction" => "response", - "sent_at" => sent_at, - "body" => response_body, - }.to_json - - # And make sure it worked - response.should be_success - incoming_messages = IncomingMessage.all(:conditions => ["info_request_id = ?", request_id]) - incoming_messages.count.should == 1 - request = InfoRequest.find_by_id(request_id) - request.described_state.should == "successful" - end - - it 'should raise a JSON 500 error if an invalid state is supplied' do - # First we need an external request - request_id = info_requests(:external_request).id - - # Initially it has no incoming messages - IncomingMessage.count(:conditions => ["info_request_id = ?", request_id]).should == 0 - - # Now add one - sent_at = "2012-05-28T12:35:39+01:00" - response_body = "Thank you for your request for information, which we are handling in accordance with the Freedom of Information Act 2000. You will receive a response within 20 working days or before the next full moon, whichever is sooner.\n\nYours sincerely,\nJohn Gandermulch,\nExample Council FOI Officer\n" - post :add_correspondence, - :k => public_bodies(:geraldine_public_body).api_key, - :id => request_id, - :state => 'random_string', - :correspondence_json => { - "direction" => "response", - "sent_at" => sent_at, - "body" => response_body, - }.to_json - - # And make sure it worked - response.status.should == 500 - ActiveSupport::JSON.decode(response.body)["errors"].should == [ - "'random_string' is not a valid request state"] - - incoming_messages = IncomingMessage.all(:conditions => ["info_request_id = ?", request_id]) - incoming_messages.count.should == 0 - request = InfoRequest.find_by_id(request_id) - request.described_state.should == "waiting_response" - end - - it "should not allow internal requests to be updated" do - n_incoming_messages = IncomingMessage.count - n_outgoing_messages = OutgoingMessage.count - - request_id = info_requests(:naughty_chicken_request).id - post :add_correspondence, - :k => public_bodies(:geraldine_public_body).api_key, - :id => request_id, - :correspondence_json => { - "direction" => "request", - "sent_at" => Time.now.iso8601, - "body" => "xxx" - }.to_json - - response.status.should == 403 - ActiveSupport::JSON.decode(response.body)["errors"].should == [ - "Request #{request_id} cannot be updated using the API"] - - IncomingMessage.count.should == n_incoming_messages - OutgoingMessage.count.should == n_outgoing_messages - end - - it "should not allow other people's requests to be updated" do - request_id = _create_request - n_incoming_messages = IncomingMessage.count - n_outgoing_messages = OutgoingMessage.count - - post :add_correspondence, - :k => public_bodies(:humpadink_public_body).api_key, - :id => request_id, - :correspondence_json => { - "direction" => "request", - "sent_at" => Time.now.iso8601, - "body" => "xxx" - }.to_json - - response.status.should == 403 - ActiveSupport::JSON.decode(response.body)["errors"].should == [ - "You do not own request #{request_id}"] - - IncomingMessage.count.should == n_incoming_messages - OutgoingMessage.count.should == n_outgoing_messages - end - - it "should return a JSON 404 error for non-existent requests" do - request_id = "123459876" - InfoRequest.stub(:find_by_id).with(request_id).and_return(nil) - sent_at = "2012-05-28T12:35:39+01:00" - response_body = "Thank you for your request for information, which we are handling in accordance with the Freedom of Information Act 2000. You will receive a response within 20 working days or before the next full moon, whichever is sooner.\n\nYours sincerely,\nJohn Gandermulch,\nExample Council FOI Officer\n" - post :add_correspondence, - :k => public_bodies(:geraldine_public_body).api_key, - :id => request_id, - :correspondence_json => { - "direction" => "response", - "sent_at" => sent_at, - "body" => response_body - }.to_json - response.status.should == 404 - ActiveSupport::JSON.decode(response.body)["errors"].should == ["Could not find request 123459876"] - end - - it "should return a JSON 403 error if we try to add correspondence to a request we don't own" do - request_id = info_requests(:naughty_chicken_request).id - sent_at = "2012-05-28T12:35:39+01:00" - response_body = "Thank you for your request for information, which we are handling in accordance with the Freedom of Information Act 2000. You will receive a response within 20 working days or before the next full moon, whichever is sooner.\n\nYours sincerely,\nJohn Gandermulch,\nExample Council FOI Officer\n" - post :add_correspondence, - :k => public_bodies(:geraldine_public_body).api_key, - :id => request_id, - :correspondence_json => { - "direction" => "response", - "sent_at" => sent_at, - "body" => response_body - }.to_json - response.status.should == 403 - ActiveSupport::JSON.decode(response.body)["errors"].should == ["Request #{request_id} cannot be updated using the API"] - end - - it "should not allow files to be attached to a followup" do - post :add_correspondence, - :k => public_bodies(:geraldine_public_body).api_key, - :id => info_requests(:external_request).id, - :correspondence_json => { - "direction" => "request", - "sent_at" => Time.now.iso8601, - "body" => "Are you joking, or are you serious?" - }.to_json, - :attachments => [ - fixture_file_upload("/files/tfl.pdf") - ] - - # Make sure it worked - response.status.should == 500 - errors = ActiveSupport::JSON.decode(response.body)["errors"] - errors.should == ["You cannot attach files to messages in the 'request' direction"] - end + it 'should raise a JSON 500 error if an invalid state is supplied' do + # First we need an external request + request_id = info_requests(:external_request).id + + # Initially it has no incoming messages + IncomingMessage.count(:conditions => ['info_request_id = ?', request_id]).should == 0 + + # Now add one + sent_at = '2012-05-28T12:35:39+01:00' + response_body = "Thank you for your request for information, which we are handling in accordance with the Freedom of Information Act 2000. You will receive a response within 20 working days or before the next full moon, whichever is sooner.\n\nYours sincerely,\nJohn Gandermulch,\nExample Council FOI Officer\n" + post :add_correspondence, + :k => public_bodies(:geraldine_public_body).api_key, + :id => request_id, + :state => 'random_string', + :correspondence_json => { + 'direction' => 'response', + 'sent_at' => sent_at, + 'body' => response_body, + }.to_json + + # And make sure it worked + response.status.should == 500 + ActiveSupport::JSON.decode(response.body)['errors'].should == [ + "'random_string' is not a valid request state"] + + incoming_messages = IncomingMessage.all(:conditions => ['info_request_id = ?', request_id]) + incoming_messages.count.should == 0 + request = InfoRequest.find_by_id(request_id) + request.described_state.should == 'waiting_response' + end + + it 'should not allow internal requests to be updated' do + n_incoming_messages = IncomingMessage.count + n_outgoing_messages = OutgoingMessage.count - it "should allow files to be attached to a response" do - # First we need an external request - request_id = info_requests(:external_request).id - - # Initially it has no incoming messages - IncomingMessage.count(:conditions => ["info_request_id = ?", request_id]).should == 0 - - # Now add one - sent_at = "2012-05-28T12:35:39+01:00" - response_body = "Thank you for your request for information, which we are handling in accordance with the Freedom of Information Act 2000. You will receive a response within 20 working days or before the next full moon, whichever is sooner.\n\nYours sincerely,\nJohn Gandermulch,\nExample Council FOI Officer\n" - post :add_correspondence, - :k => public_bodies(:geraldine_public_body).api_key, - :id => request_id, - :correspondence_json => { - "direction" => "response", - "sent_at" => sent_at, - "body" => response_body - }.to_json, - :attachments => [ - fixture_file_upload("/files/tfl.pdf") - ] - - # And make sure it worked - response.should be_success - incoming_messages = IncomingMessage.all(:conditions => ["info_request_id = ?", request_id]) - incoming_messages.count.should == 1 - incoming_message = incoming_messages[0] - - incoming_message.sent_at.should == Time.iso8601(sent_at) - incoming_message.get_main_body_text_folded.should be_equal_modulo_whitespace_to(response_body) - - # Get the attachment - attachments = incoming_message.get_attachments_for_display - attachments.size.should == 1 - attachment = attachments[0] - attachment.filename.should == "tfl.pdf" - attachment.body.should == load_file_fixture("tfl.pdf") - end + request_id = info_requests(:naughty_chicken_request).id + post :add_correspondence, + :k => public_bodies(:geraldine_public_body).api_key, + :id => request_id, + :correspondence_json => { + 'direction' => 'request', + 'sent_at' => Time.now.iso8601, + 'body' => 'xxx' + }.to_json + + response.status.should == 403 + ActiveSupport::JSON.decode(response.body)['errors'].should == [ + "Request #{request_id} cannot be updated using the API"] + + IncomingMessage.count.should == n_incoming_messages + OutgoingMessage.count.should == n_outgoing_messages + end + + it 'should not allow other people\'s requests to be updated' do + request_id = _create_request + n_incoming_messages = IncomingMessage.count + n_outgoing_messages = OutgoingMessage.count + + post :add_correspondence, + :k => public_bodies(:humpadink_public_body).api_key, + :id => request_id, + :correspondence_json => { + 'direction' => 'request', + 'sent_at' => Time.now.iso8601, + 'body' => 'xxx' + }.to_json + + response.status.should == 403 + ActiveSupport::JSON.decode(response.body)['errors'].should == [ + "You do not own request #{request_id}"] + + IncomingMessage.count.should == n_incoming_messages + OutgoingMessage.count.should == n_outgoing_messages + end + + it 'should return a JSON 404 error for non-existent requests' do + request_id = '123459876' + InfoRequest.stub(:find_by_id).with(request_id).and_return(nil) + sent_at = '2012-05-28T12:35:39+01:00' + response_body = "Thank you for your request for information, which we are handling in accordance with the Freedom of Information Act 2000. You will receive a response within 20 working days or before the next full moon, whichever is sooner.\n\nYours sincerely,\nJohn Gandermulch,\nExample Council FOI Officer\n" + post :add_correspondence, + :k => public_bodies(:geraldine_public_body).api_key, + :id => request_id, + :correspondence_json => { + 'direction' => 'response', + 'sent_at' => sent_at, + 'body' => response_body + }.to_json + response.status.should == 404 + ActiveSupport::JSON.decode(response.body)['errors'].should == ['Could not find request 123459876'] + end + + it 'should return a JSON 403 error if we try to add correspondence to a request we don\'t own' do + request_id = info_requests(:naughty_chicken_request).id + sent_at = '2012-05-28T12:35:39+01:00' + response_body = "Thank you for your request for information, which we are handling in accordance with the Freedom of Information Act 2000. You will receive a response within 20 working days or before the next full moon, whichever is sooner.\n\nYours sincerely,\nJohn Gandermulch,\nExample Council FOI Officer\n" + post :add_correspondence, + :k => public_bodies(:geraldine_public_body).api_key, + :id => request_id, + :correspondence_json => { + 'direction' => 'response', + 'sent_at' => sent_at, + 'body' => response_body + }.to_json + response.status.should == 403 + ActiveSupport::JSON.decode(response.body)['errors'].should == ["Request #{request_id} cannot be updated using the API"] + end + + it 'should not allow files to be attached to a followup' do + post :add_correspondence, + :k => public_bodies(:geraldine_public_body).api_key, + :id => info_requests(:external_request).id, + :correspondence_json => { + 'direction' => 'request', + 'sent_at' => Time.now.iso8601, + 'body' => 'Are you joking, or are you serious?' + }.to_json, + :attachments => [ + fixture_file_upload('/files/tfl.pdf') + ] + + # Make sure it worked + response.status.should == 500 + errors = ActiveSupport::JSON.decode(response.body)['errors'] + errors.should == ["You cannot attach files to messages in the 'request' direction"] + end + + it 'should allow files to be attached to a response' do + # First we need an external request + request_id = info_requests(:external_request).id + + # Initially it has no incoming messages + IncomingMessage.count(:conditions => ['info_request_id = ?', request_id]).should == 0 + + # Now add one + sent_at = '2012-05-28T12:35:39+01:00' + response_body = "Thank you for your request for information, which we are handling in accordance with the Freedom of Information Act 2000. You will receive a response within 20 working days or before the next full moon, whichever is sooner.\n\nYours sincerely,\nJohn Gandermulch,\nExample Council FOI Officer\n" + post :add_correspondence, + :k => public_bodies(:geraldine_public_body).api_key, + :id => request_id, + :correspondence_json => { + 'direction' => 'response', + 'sent_at' => sent_at, + 'body' => response_body + }.to_json, + :attachments => [ + fixture_file_upload('/files/tfl.pdf') + ] + + # And make sure it worked + response.should be_success + incoming_messages = IncomingMessage.all(:conditions => ['info_request_id = ?', request_id]) + incoming_messages.count.should == 1 + incoming_message = incoming_messages[0] + + incoming_message.sent_at.should == Time.iso8601(sent_at) + incoming_message.get_main_body_text_folded.should be_equal_modulo_whitespace_to(response_body) + + # Get the attachment + attachments = incoming_message.get_attachments_for_display + attachments.size.should == 1 + attachment = attachments[0] + attachment.filename.should == 'tfl.pdf' + attachment.body.should == load_file_fixture('tfl.pdf') + end end # POST /api/v2/request/:id/update.json - describe "updating a request's status" do - it "should update the status" do + describe 'updating a request\'s status' do + it 'should update the status' do # First we need an external request request_id = info_requests(:external_request).id request = InfoRequest.find_by_id(request_id) @@ -366,11 +362,11 @@ describe ApiController, "when using the API" do post :update_state, :k => public_bodies(:geraldine_public_body).api_key, :id => request_id, - :state => "partially_successful" + :state => 'partially_successful' # It should have updated the status request = InfoRequest.find_by_id(request_id) - request.described_state.should == "partially_successful" + request.described_state.should == 'partially_successful' # It should have recorded the status_update event last_event = request.info_request_events.last @@ -379,7 +375,7 @@ describe ApiController, "when using the API" do last_event.params_yaml.should =~ /script: Geraldine Quango on behalf of requester via API/ end - it "should return a JSON 500 error if an invalid state is sent" do + it 'should return a JSON 500 error if an invalid state is sent' do # First we need an external request request_id = info_requests(:external_request).id request = InfoRequest.find_by_id(request_id) @@ -391,19 +387,19 @@ describe ApiController, "when using the API" do post :update_state, :k => public_bodies(:geraldine_public_body).api_key, :id => request_id, - :state => "random_string" + :state => 'random_string' # Check that the error has been raised... response.status.should == 500 - ActiveSupport::JSON.decode(response.body)["errors"].should == ["'random_string' is not a valid request state"] + ActiveSupport::JSON.decode(response.body)['errors'].should == ["'random_string' is not a valid request state"] # ..and that the status hasn't been updated request = InfoRequest.find_by_id(request_id) - request.described_state.should == "waiting_response" + request.described_state.should == 'waiting_response' end - it "should return a JSON 404 error for non-existent requests" do - request_id = "123459876" + it 'should return a JSON 404 error for non-existent requests' do + request_id = '123459876' InfoRequest.stub(:find_by_id).with(request_id).and_return(nil) post :update_state, @@ -412,123 +408,125 @@ describe ApiController, "when using the API" do :state => "successful" response.status.should == 404 - ActiveSupport::JSON.decode(response.body)["errors"].should == ["Could not find request 123459876"] + ActiveSupport::JSON.decode(response.body)['errors'].should == ['Could not find request 123459876'] end - it "should return a JSON 403 error if we try to add correspondence to a request we don't own" do + it 'should return a JSON 403 error if we try to add correspondence to a request we don\'t own' do request_id = info_requests(:naughty_chicken_request).id post :update_state, :k => public_bodies(:geraldine_public_body).api_key, :id => request_id, - :state => "successful" + :state => 'successful' response.status.should == 403 - ActiveSupport::JSON.decode(response.body)["errors"].should == ["Request #{request_id} cannot be updated using the API"] + ActiveSupport::JSON.decode(response.body)['errors'].should == ["Request #{request_id} cannot be updated using the API"] end end # GET /api/v2/request/:id.json - describe "showing request info" do - it "should show information about a request" do - info_request = info_requests(:naughty_chicken_request) - get :show_request, - :k => public_bodies(:geraldine_public_body).api_key, - :id => info_request.id - - response.should be_success - assigns[:request].id.should == info_request.id - - r = ActiveSupport::JSON.decode(response.body) - r["title"].should == info_request.title - # Let’s not test all the fields here, because it would - # essentially just be a matter of copying the code that - # assigns them and changing assignment to an equality - # check, which does not really test anything at all. - end - - it 'should show information about an external request' do - info_request = info_requests(:external_request) - get :show_request, - :k => public_bodies(:geraldine_public_body).api_key, - :id => info_request.id - - response.should be_success - assigns[:request].id.should == info_request.id - r = ActiveSupport::JSON.decode(response.body) - r["title"].should == info_request.title - end + describe 'showing request info' do + it 'should show information about a request' do + info_request = info_requests(:naughty_chicken_request) + + get :show_request, + :k => public_bodies(:geraldine_public_body).api_key, + :id => info_request.id + + response.should be_success + assigns[:request].id.should == info_request.id + + r = ActiveSupport::JSON.decode(response.body) + r['title'].should == info_request.title + # Let’s not test all the fields here, because it would + # essentially just be a matter of copying the code that + # assigns them and changing assignment to an equality + # check, which does not really test anything at all. + end + + it 'should show information about an external request' do + info_request = info_requests(:external_request) + get :show_request, + :k => public_bodies(:geraldine_public_body).api_key, + :id => info_request.id + + response.should be_success + assigns[:request].id.should == info_request.id + r = ActiveSupport::JSON.decode(response.body) + r['title'].should == info_request.title + end end # GET /api/v2/body/:id/request_events.:feed_type - describe "showing public body info" do - it "should show an Atom feed of new request events" do - get :body_request_events, - :id => public_bodies(:geraldine_public_body).id, - :k => public_bodies(:geraldine_public_body).api_key, - :feed_type => "atom" - - response.should be_success - response.should render_template("api/request_events") - assigns[:events].size.should > 0 - assigns[:events].each do |event| - event.info_request.public_body.should == public_bodies(:geraldine_public_body) - event.outgoing_message.should_not be_nil - event.event_type.should satisfy { |x| ['sent', 'followup_sent', 'resent', 'followup_resent'].include?(x) } - end - end - - it "should show a JSON feed of new request events" do - get :body_request_events, - :id => public_bodies(:geraldine_public_body).id, - :k => public_bodies(:geraldine_public_body).api_key, - :feed_type => "json" - - response.should be_success - assigns[:events].size.should > 0 - assigns[:events].each do |event| - event.info_request.public_body.should == public_bodies(:geraldine_public_body) - event.outgoing_message.should_not be_nil - event.event_type.should satisfy {|x| ['sent', 'followup_sent', 'resent', 'followup_resent'].include?(x)} - end - - assigns[:event_data].size.should == assigns[:events].size - assigns[:event_data].each do |event_record| - event_record[:event_type].should satisfy { |x| ['sent', 'followup_sent', 'resent', 'followup_resent'].include?(x) } - end - end - - it "should honour the since_event_id parameter" do - get :body_request_events, - :id => public_bodies(:geraldine_public_body).id, - :k => public_bodies(:geraldine_public_body).api_key, - :feed_type => "json" - response.should be_success - first_event = assigns[:event_data][0] - second_event_id = assigns[:event_data][1][:event_id] - - get :body_request_events, - :id => public_bodies(:geraldine_public_body).id, - :k => public_bodies(:geraldine_public_body).api_key, - :feed_type => "json", - :since_event_id => second_event_id - response.should be_success - assigns[:event_data].should == [first_event] - end - - it "should honour the since_date parameter for the Atom feed" do - get :body_request_events, - :id => public_bodies(:humpadink_public_body).id, - :k => public_bodies(:humpadink_public_body).api_key, - :since_date => "2010-01-01", - :feed_type => "atom" - - response.should be_success - response.should render_template("api/request_events") - assigns[:events].size.should > 0 - assigns[:events].each do |event| - event.created_at.should >= Date.new(2010, 1, 1) - end - end + describe 'showing public body info' do + it 'should show an Atom feed of new request events' do + get :body_request_events, + :id => public_bodies(:geraldine_public_body).id, + :k => public_bodies(:geraldine_public_body).api_key, + :feed_type => 'atom' + + response.should be_success + response.should render_template('api/request_events') + assigns[:events].size.should > 0 + assigns[:events].each do |event| + event.info_request.public_body.should == public_bodies(:geraldine_public_body) + event.outgoing_message.should_not be_nil + event.event_type.should satisfy { |x| ['sent', 'followup_sent', 'resent', 'followup_resent'].include?(x) } + end + end + + it 'should show a JSON feed of new request events' do + get :body_request_events, + :id => public_bodies(:geraldine_public_body).id, + :k => public_bodies(:geraldine_public_body).api_key, + :feed_type => 'json' + + response.should be_success + assigns[:events].size.should > 0 + assigns[:events].each do |event| + event.info_request.public_body.should == public_bodies(:geraldine_public_body) + event.outgoing_message.should_not be_nil + event.event_type.should satisfy {|x| ['sent', 'followup_sent', 'resent', 'followup_resent'].include?(x)} + end + + assigns[:event_data].size.should == assigns[:events].size + assigns[:event_data].each do |event_record| + event_record[:event_type].should satisfy { |x| ['sent', 'followup_sent', 'resent', 'followup_resent'].include?(x) } + end + end + + it 'should honour the since_event_id parameter' do + get :body_request_events, + :id => public_bodies(:geraldine_public_body).id, + :k => public_bodies(:geraldine_public_body).api_key, + :feed_type => 'json' + + response.should be_success + first_event = assigns[:event_data][0] + second_event_id = assigns[:event_data][1][:event_id] + + get :body_request_events, + :id => public_bodies(:geraldine_public_body).id, + :k => public_bodies(:geraldine_public_body).api_key, + :feed_type => 'json', + :since_event_id => second_event_id + response.should be_success + assigns[:event_data].should == [first_event] + end + + it 'should honour the since_date parameter for the Atom feed' do + get :body_request_events, + :id => public_bodies(:humpadink_public_body).id, + :k => public_bodies(:humpadink_public_body).api_key, + :since_date => '2010-01-01', + :feed_type => 'atom' + + response.should be_success + response.should render_template('api/request_events') + assigns[:events].size.should > 0 + assigns[:events].each do |event| + event.created_at.should >= Date.new(2010, 1, 1) + end + end end end |