API: Let hide endpoint take payload as documented and act according to it

2020-02-02 19:58:36 +01:00 · 2020-02-02 19:58:36 +01:00 · 2e7526bac5
commit 2e7526bac5
parent dcbd02cf7f
2 changed files with 90 additions and 19 deletions
--- a/app/controllers/api/v1/post_interactions_controller.rb
+++ b/app/controllers/api/v1/post_interactions_controller.rb
@ -24,9 +24,17 @@ module Api
      end

      def hide
+        return render_error(422, "Missing parameter") if params[:hide].nil?
+
        post = find_post
-        current_user.toggle_hidden_shareable(post)
-        head :no_content
+        hidden = current_user.is_shareable_hidden?(post)
+
+        if (params[:hide] && !hidden) || (!params[:hide] && hidden)
+          current_user.toggle_hidden_shareable(post)
+          head :no_content
+        else
+          render_error(params[:hide] ? 409 : 410, params[:hide] ? "Post already hidden" : "Post not hidden")
+        end
      end

      def mute
--- a/spec/integration/api/post_interactions_controller_spec.rb
+++ b/spec/integration/api/post_interactions_controller_spec.rb
@ -25,6 +25,7 @@ describe Api::V1::PostInteractionsController do
  let!(:access_token_public_only) { auth_public_only.create_access_token.to_s }
  let!(:access_token_minimum_scopes) { auth_minimum_scopes.create_access_token.to_s }
  let(:invalid_token) { SecureRandom.hex(9) }
+  let(:headers) { {"Authorization" => "Bearer #{access_token}"} }

  before do
    @status = alice.post(
@ -118,17 +119,42 @@ describe Api::V1::PostInteractionsController do
  end

  describe "#hide" do
+    def hidden_shareables_count
+      auth.user.reload.hidden_shareables.values.map(&:size).inject(0, :+)
+    end
+
    context "succeeds" do
      it "with proper guid and access token" do
-        hidden_count = auth.user.hidden_shareables.count
+        hidden_count = hidden_shareables_count
        post(
          api_v1_post_hide_path(@status.guid),
-          params: {
-            access_token: access_token
-          }
+          as:      :json,
+          headers: headers,
+          params:  {hide: true}
        )
        expect(response.status).to eq(204)
-        expect(auth.user.reload.hidden_shareables.count).to eq(hidden_count + 1)
+        expect(hidden_shareables_count).to eq(hidden_count + 1)
+      end
+
+      it "to unhide a post" do
+        hidden_count = hidden_shareables_count
+        post(
+          api_v1_post_hide_path(@status.guid),
+          as:      :json,
+          headers: headers,
+          params:  {hide: true}
+        )
+        expect(response.status).to eq(204)
+        expect(hidden_shareables_count).to eq(hidden_count + 1)
+
+        post(
+          api_v1_post_hide_path(@status.guid),
+          as:      :json,
+          headers: headers,
+          params:  {hide: false}
+        )
+        expect(response.status).to eq(204)
+        expect(hidden_shareables_count).to eq(hidden_count)
      end
    end

@ -136,19 +162,56 @@ describe Api::V1::PostInteractionsController do
      it "with improper guid" do
        post(
          api_v1_post_hide_path("999_999_999"),
-          params: {
-            access_token: access_token
-          }
+          as:      :json,
+          headers: headers,
+          params:  {hide: true}
        )
        confirm_api_error(response, 404, "Post with provided guid could not be found")
      end

+      it "without hide param" do
+        post(
+          api_v1_post_hide_path(@status.guid),
+          as:      :json,
+          headers: headers
+        )
+        confirm_api_error(response, 422, "Missing parameter")
+      end
+
+      it "hiding already hidden post" do
+        post(
+          api_v1_post_hide_path(@status.guid),
+          as:      :json,
+          headers: headers,
+          params:  {hide: true}
+        )
+        expect(response.status).to eq(204)
+
+        post(
+          api_v1_post_hide_path(@status.guid),
+          as:      :json,
+          headers: headers,
+          params:  {hide: true}
+        )
+        confirm_api_error(response, 409, "Post already hidden")
+      end
+
+      it "unhiding not hidden post" do
+        post(
+          api_v1_post_hide_path(@status.guid),
+          as:      :json,
+          headers: headers,
+          params:  {hide: false}
+        )
+        confirm_api_error(response, 410, "Post not hidden")
+      end
+
      it "with insufficient token" do
        post(
          api_v1_post_hide_path(@status.guid),
-          params: {
-            access_token: access_token_minimum_scopes
-          }
+          as:      :json,
+          headers: {"Authorization" => "Bearer #{access_token_minimum_scopes}"},
+          params:  {hide: true}
        )
        expect(response.status).to eq(403)
      end
@ -156,9 +219,9 @@ describe Api::V1::PostInteractionsController do
      it "on private post without private token" do
        post(
          api_v1_post_hide_path(@shared_post.guid),
-          params: {
-            access_token: access_token_public_only
-          }
+          as:      :json,
+          headers: {"Authorization" => "Bearer #{access_token_public_only}"},
+          params:  {hide: true}
        )
        expect(response.status).to eq(404)
      end
@ -166,9 +229,9 @@ describe Api::V1::PostInteractionsController do
      it "with invalid token" do
        post(
          api_v1_post_hide_path(@status.guid),
-          params: {
-            access_token: invalid_token
-          }
+          as:      :json,
+          headers: {"Authorization" => "Bearer #{invalid_token}"},
+          params:  {hide: true}
        )
        expect(response.status).to eq(401)
      end