Adds xml/json REST API for Users (#6260).

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4453 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Jean-Philippe Lang 2010-12-03 11:28:44 +00:00
parent 96ce0f017c
commit e9775097ec
4 changed files with 317 additions and 1 deletions

View File

@ -1,5 +1,5 @@
# Redmine - project management software
# Copyright (C) 2006-2009 Jean-Philippe Lang
# Copyright (C) 2006-2010 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@ -19,6 +19,7 @@ class UsersController < ApplicationController
layout 'admin'
before_filter :require_admin, :except => :show
accept_key_auth :index, :show, :create, :update
helper :sort
include SortHelper
@ -48,6 +49,8 @@ class UsersController < ApplicationController
respond_to do |format|
format.html { render :layout => !request.xhr? }
format.json { render :template => 'users/index.apit' }
format.xml { render :template => 'users/index.apit' }
end
end
@ -69,6 +72,8 @@ class UsersController < ApplicationController
respond_to do |format|
format.html { render :layout => 'base' }
format.json { render :template => 'users/show.apit' }
format.xml { render :template => 'users/show.apit' }
end
rescue ActiveRecord::RecordNotFound
render_404
@ -111,6 +116,8 @@ class UsersController < ApplicationController
{:controller => 'users', :action => 'edit', :id => @user}
)
}
format.json { render :template => 'users/show.apit', :status => :created, :location => user_url(@user) }
format.xml { render :template => 'users/show.apit', :status => :created, :location => user_url(@user) }
end
else
@auth_sources = AuthSource.find(:all)
@ -118,6 +125,8 @@ class UsersController < ApplicationController
respond_to do |format|
format.html { render :action => 'new' }
format.json { render :json => {:errors => @user.errors}, :status => :unprocessable_entity, :layout => false }
format.xml { render :xml => @user.errors, :status => :unprocessable_entity, :layout => false }
end
end
end
@ -166,6 +175,8 @@ class UsersController < ApplicationController
flash[:notice] = l(:notice_successful_update)
redirect_to :back
}
format.json { head :ok }
format.xml { head :ok }
end
else
@auth_sources = AuthSource.find(:all)
@ -173,6 +184,8 @@ class UsersController < ApplicationController
respond_to do |format|
format.html { render :action => :edit }
format.json { render :json => {:errors => @user.errors}, :status => :unprocessable_entity, :layout => false }
format.xml { render :xml => @user.errors, :status => :unprocessable_entity, :layout => false }
end
end
rescue ::ActionController::RedirectBackError

View File

@ -0,0 +1,19 @@
api.array :users do
@users.each do |user|
api.user do
api.id user.id
api.login user.login
api.firstname user.firstname
api.lastname user.lastname
api.mail user.mail
api.created_on user.created_on
api.last_login_on user.last_login_on
api.array :custom_fields do
user.visible_custom_field_values.each do |custom_value|
api.custom_field custom_value.value, :id => custom_value.custom_field_id, :name => custom_value.custom_field.name
end
end unless user.visible_custom_field_values.empty?
end
end
end

28
app/views/users/show.apit Normal file
View File

@ -0,0 +1,28 @@
api.user do
api.id @user.id
api.login @user.login if User.current.admin?
api.firstname @user.firstname
api.lastname @user.lastname
api.mail @user.mail if User.current.admin? || !@user.pref.hide_mail
api.created_on @user.created_on
api.last_login_on @user.last_login_on
api.array :custom_fields do
@user.visible_custom_field_values.each do |custom_value|
api.custom_field custom_value.value, :id => custom_value.custom_field_id, :name => custom_value.custom_field.name
end
end unless @user.visible_custom_field_values.empty?
api.array :memberships do
@memberships.each do |membership|
api.membership do
api.project :id => membership.project.id, :name => membership.project.name
api.array :roles do
membership.roles.each do |role|
api.role :id => role.id, :name => role.name
end
end
end if membership.project
end
end if @memberships.present?
end

View File

@ -0,0 +1,256 @@
# Redmine - project management software
# Copyright (C) 2006-2010 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
require "#{File.dirname(__FILE__)}/../../test_helper"
require 'pp'
class ApiTest::UsersTest < ActionController::IntegrationTest
fixtures :users
def setup
Setting.rest_api_enabled = '1'
end
context "GET /users" do
should_allow_api_authentication(:get, "/users.xml")
should_allow_api_authentication(:get, "/users.json")
end
context "GET /users/2" do
context ".xml" do
should "return requested user" do
get '/users/2.xml'
assert_tag :tag => 'user',
:child => {:tag => 'id', :content => '2'}
end
end
context ".json" do
should "return requested user" do
get '/users/2.json'
json = ActiveSupport::JSON.decode(response.body)
assert_kind_of Hash, json
assert_kind_of Hash, json['user']
assert_equal 2, json['user']['id']
end
end
end
context "POST /users" do
context "with valid parameters" do
setup do
@parameters = {:user => {:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname', :mail => 'foo@example.net'}}
end
context ".xml" do
should_allow_api_authentication(:post,
'/users.xml',
{:user => {:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname', :mail => 'foo@example.net'}},
{:success_code => :created})
should "create a user with the attributes" do
assert_difference('User.count') do
post '/users.xml', @parameters, :authorization => credentials('admin')
end
user = User.first(:order => 'id DESC')
assert_equal 'foo', user.login
assert_equal 'Firstname', user.firstname
assert_equal 'Lastname', user.lastname
assert_equal 'foo@example.net', user.mail
assert !user.admin?
assert_response :created
assert_equal 'application/xml', @response.content_type
assert_tag 'user', :child => {:tag => 'id', :content => user.id.to_s}
end
end
context ".json" do
should_allow_api_authentication(:post,
'/users.json',
{:user => {:login => 'foo', :firstname => 'Firstname', :lastname => 'Lastname', :mail => 'foo@example.net'}},
{:success_code => :created})
should "create a user with the attributes" do
assert_difference('User.count') do
post '/users.json', @parameters, :authorization => credentials('admin')
end
user = User.first(:order => 'id DESC')
assert_equal 'foo', user.login
assert_equal 'Firstname', user.firstname
assert_equal 'Lastname', user.lastname
assert_equal 'foo@example.net', user.mail
assert !user.admin?
assert_response :created
assert_equal 'application/json', @response.content_type
json = ActiveSupport::JSON.decode(response.body)
assert_kind_of Hash, json
assert_kind_of Hash, json['user']
assert_equal user.id, json['user']['id']
end
end
end
context "with invalid parameters" do
setup do
@parameters = {:user => {:login => 'foo', :lastname => 'Lastname', :mail => 'foo'}}
end
context ".xml" do
should "return errors" do
assert_no_difference('User.count') do
post '/users.xml', @parameters, :authorization => credentials('admin')
end
assert_response :unprocessable_entity
assert_equal 'application/xml', @response.content_type
assert_tag 'errors', :child => {:tag => 'error', :content => "Firstname can't be blank"}
end
end
context ".json" do
should "return errors" do
assert_no_difference('User.count') do
post '/users.json', @parameters, :authorization => credentials('admin')
end
assert_response :unprocessable_entity
assert_equal 'application/json', @response.content_type
json = ActiveSupport::JSON.decode(response.body)
assert_kind_of Hash, json
assert json.has_key?('errors')
assert_kind_of Array, json['errors']
end
end
end
end
context "PUT /users/2" do
context "with valid parameters" do
setup do
@parameters = {:user => {:login => 'jsmith', :firstname => 'John', :lastname => 'Renamed', :mail => 'jsmith@somenet.foo'}}
end
context ".xml" do
should_allow_api_authentication(:put,
'/users/2.xml',
{:user => {:login => 'jsmith', :firstname => 'John', :lastname => 'Renamed', :mail => 'jsmith@somenet.foo'}},
{:success_code => :ok})
should "update user with the attributes" do
assert_no_difference('User.count') do
put '/users/2.xml', @parameters, :authorization => credentials('admin')
end
user = User.find(2)
assert_equal 'jsmith', user.login
assert_equal 'John', user.firstname
assert_equal 'Renamed', user.lastname
assert_equal 'jsmith@somenet.foo', user.mail
assert !user.admin?
assert_response :ok
end
end
context ".json" do
should_allow_api_authentication(:put,
'/users/2.json',
{:user => {:login => 'jsmith', :firstname => 'John', :lastname => 'Renamed', :mail => 'jsmith@somenet.foo'}},
{:success_code => :ok})
should "update user with the attributes" do
assert_no_difference('User.count') do
put '/users/2.json', @parameters, :authorization => credentials('admin')
end
user = User.find(2)
assert_equal 'jsmith', user.login
assert_equal 'John', user.firstname
assert_equal 'Renamed', user.lastname
assert_equal 'jsmith@somenet.foo', user.mail
assert !user.admin?
assert_response :ok
end
end
end
context "with invalid parameters" do
setup do
@parameters = {:user => {:login => 'jsmith', :firstname => '', :lastname => 'Lastname', :mail => 'foo'}}
end
context ".xml" do
should "return errors" do
assert_no_difference('User.count') do
put '/users/2.xml', @parameters, :authorization => credentials('admin')
end
assert_response :unprocessable_entity
assert_equal 'application/xml', @response.content_type
assert_tag 'errors', :child => {:tag => 'error', :content => "Firstname can't be blank"}
end
end
context ".json" do
should "return errors" do
assert_no_difference('User.count') do
put '/users/2.json', @parameters, :authorization => credentials('admin')
end
assert_response :unprocessable_entity
assert_equal 'application/json', @response.content_type
json = ActiveSupport::JSON.decode(response.body)
assert_kind_of Hash, json
assert json.has_key?('errors')
assert_kind_of Array, json['errors']
end
end
end
context "DELETE /users/2" do
context ".xml" do
should "not be allowed" do
assert_no_difference('User.count') do
delete '/users/2.xml'
end
assert_response :method_not_allowed
end
end
context ".json" do
should "not be allowed" do
assert_no_difference('User.count') do
delete '/users/2.json'
end
assert_response :method_not_allowed
end
end
end
end
def credentials(user, password=nil)
ActionController::HttpAuthentication::Basic.encode_credentials(user, password || user)
end
end