Make the UsersController more RESTy. It now supports retrieving a list of users or a particular as XML (available to admins only).

git-svn-id: http://www.rousette.org.uk/svn/tracks-repos/trunk@412 a4c988fc-2ded-0310-b66e-134b36920a42
2025-12-21 17:50:13 +01:00 · 2007-01-31 05:36:33 +00:00 · 2007-01-31 05:36:33 +00:00 · ef2d93542e
commit ef2d93542e
parent b1b03b2c8a
7 changed files with 79 additions and 38 deletions
--- a/tracks/app/controllers/users_controller.rb
+++ b/tracks/app/controllers/users_controller.rb
@ -5,20 +5,37 @@ class UsersController < ApplicationController
     before_filter  :begin_open_id_auth,    :only => :update_auth_type
  end

-  before_filter :admin_login_required, :only => [ :index, :destroy ]
+  before_filter :admin_login_required, :only => [ :index, :show, :destroy ]
  skip_before_filter :login_required, :only => [ :new, :create ]
  prepend_before_filter :login_optional, :only => [ :new, :create ]
  
+  # GET /users
+  # GET /users.xml
  def index
+    respond_to do |format|
+      format.html do
        @page_title = "TRACKS::Manage Users"
        @user_pages, @users = paginate :users, :order => 'login ASC', :per_page => 10
-    @total_users = User.find(:all).size
+        @total_users = User.count
        # When we call users/signup from the admin page
        # we store the URL so that we get returned here when signup is successful
-    expires_now
        store_location
      end
+      format.xml do
+        @users  = User.find(:all)
+        render :xml => @users.to_xml(:except => [ :password ])
+      end
+    end
+  end
  
+  # GET /users/somelogin
+  # GET /users/somelogin.xml
+  def show
+    @user = User.find_by_login(params[:id])
+    render :xml => @user.to_xml(:except => [ :password ])
+  end
+
+  # GET /users/new
  def new
    if User.no_users_yet?
      @page_title = "TRACKS::Sign up as the admin user"
@ -42,6 +59,8 @@ class UsersController < ApplicationController
  #               -d '<request><login>username</login><password>abc123</password></request>'
  #               http://our.tracks.host/users
  #
+  # POST /users
+  # POST /users.xml
  def create
    if params['exception']
      render_failure "Expected post format is valid xml like so: <request><login>username</login><password>abc123</password></request>."
@ -94,29 +113,24 @@ class UsersController < ApplicationController
    end
  end  
  
+  # DELETE /users/somelogin
+  # DELETE /users/somelogin.xml
  def destroy
    @deleted_user = User.find_by_id(params[:id])
    @saved = @deleted_user.destroy
    @total_users = User.find(:all).size
    
-    respond_to do |wants|
-      
-      wants.html do
+    respond_to do |format|
+      format.html do
        if @saved
          notify :notice, "Successfully deleted user #{@deleted_user.login}", 2.0
-          redirect_to :action => 'index'
        else
          notify :error, "Failed to delete user #{@deleted_user.login}", 2.0
-          redirect_to :action => 'index'
        end
+        redirect_to users_url
      end
-      
-      wants.js do
-        render
-      end
-      
-      wants.xml { render :text => '200 OK. User deleted.', :status => 200 }
-    
+      format.js
+      format.xml { head :ok }
    end
  end
  
--- a/tracks/app/models/user.rb
+++ b/tracks/app/models/user.rb
@ -68,6 +68,10 @@ class User < ActiveRecord::Base
    find(:first, :conditions => [ "is_admin = ?", true ])    
  end
  
+  def to_param
+    login
+  end
+  
  def display_name
    if first_name.blank? && last_name.blank?
      return login
--- a/tracks/config/routes.rb
+++ b/tracks/config/routes.rb
@ -1,18 +1,4 @@
 ActionController::Routing::Routes.draw do |map|
-  # Add your own custom routes here.
-  # The priority is based upon order of creation: first created -> highest priority.
-  
-  # Here's a sample route:
-  # map.connect 'products/:id', :controller => 'catalog', :action => 'view'
-  # Keep in mind you can assign values other than :controller and :action
-
-  # You can have the root of your site routed by hooking up '' 
-  # -- just remember to delete public/index.html.
-  # map.connect '', :controller => "welcome"
-
-  # Allow downloading Web Service WSDL as a file with an extension
-  # instead of a file named 'wsdl'
-  #map.connect ':controller/service.wsdl', :action => 'wsdl'
  
  # Mobile/lite version
  map.connect 'mobile', :controller => 'mobile', :action => 'index'
--- a/tracks/test/functional/users_controller_test.rb
+++ b/tracks/test/functional/users_controller_test.rb
@ -1,6 +1,5 @@
 require File.dirname(__FILE__) + '/../test_helper'
 require 'users_controller'
-require 'user'

 # Re-raise errors caught by the controller.
 class UsersController; def rescue_action(e) raise e end; end
@ -34,6 +33,9 @@ class UsersControllerTest < Test::Unit::TestCase
    login_as @admin_user
    get :index
    assert_response :success
+    assert_equal "TRACKS::Manage Users", assigns['page_title']  
+    assert_equal 3, assigns['total_users']
+    assert_equal "/users", session['return-to']
  end
  
  def test_destroy_user
@ -156,5 +158,4 @@ class UsersControllerTest < Test::Unit::TestCase
    assert_equal User.count, @num_users_in_fixture    
  end    
  
-  
 end
--- a/tracks/test/integration/create_user_api_test.rb
+++ b/tracks/test/integration/create_user_api_test.rb
@ -4,7 +4,7 @@ require 'users_controller'
 # Re-raise errors caught by the controller.
 class UsersController; def rescue_action(e) raise e end; end

-class CreateUserControllerTest < ActionController::IntegrationTest
+class UsersXmlApiTest < ActionController::IntegrationTest
  fixtures :users
  
  @@foobar_postdata = "<request><login>foo</login><password>bar</password></request>"
@ -74,8 +74,29 @@ class CreateUserControllerTest < ActionController::IntegrationTest
    authenticated_get_xml "/users", users(:admin_user).login, 'abracadabra', {}
  end
  
+  def test_get_users_as_xml
+    get '/users.xml', {}, basic_auth_headers()
+    #puts @response.body
+    assert_response :success
+    assert_tag :tag => "users",
+               :children => { :count => 3, :only => { :tag => "user" } } 
+    assert_no_tag :tag => "password"
+  end
+
+  def test_get_user_as_xml
+    get "/users/#{users(:other_user).login}.xml", {}, basic_auth_headers()
+    puts @response.body
+    assert_response :success
+    assert_tag :tag => "user"
+    assert_no_tag :tag => "password"
+  end
+    
  private

+  def basic_auth_headers(username = users(:admin_user).login, password = 'abracadabra')
+    {'AUTHORIZATION' => "Basic " + Base64.encode64("#{username}:#{password}") }
+  end
+
  def authenticated_post_xml_to_user_create(postdata = @@foobar_postdata, user = users(:admin_user).login, password = 'abracadabra', headers = {})
    authenticated_post_xml "/users", user, password, postdata, headers
  end
--- a/tracks/test/selenium/login/first_run_shows_signup.rsel
+++ b/tracks/test/selenium/login/first_run_shows_signup.rsel
@ -0,0 +1,10 @@
+setup :clear_tables => [:users, :preferences]
+open '/'
+assert_title 'exact:TRACKS::Sign up as the admin user'
+type "user_login", "admin"
+type "user_password", "abracadabra"
+type "user_password_confirmation", "abracadabra"
+click_and_wait "signup"
+assert_title 'exact:TRACKS::Login'
+include_partial 'login/login', :username => 'admin', :password => 'abracadabra'
+assert_title 'exact:TRACKS::List tasks'
--- a/tracks/test/unit/user_test.rb
+++ b/tracks/test/unit/user_test.rb
@ -139,4 +139,9 @@ class UserTest < Test::Unit::TestCase
    assert_equal @admin_user.preference, @admin_user.prefs
  end
  
+  def test_to_param_returns_login
+    assert_equal @admin_user.login, @admin_user.to_param
+  end
+  
+
 end