creating plumbing for /approles/:client_id request #110 (comment)

dwyl · Sep 12, 2020 · 5b8d32e · 5b8d32e
1 parent a199c9e
commit 5b8d32e
Show file tree

Hide file tree

Showing 4 changed files with 28 additions and 14 deletions.
diff --git a/lib/auth/role.ex b/lib/auth/role.ex
@@ -109,7 +109,7 @@ defmodule Auth.Role do
     end
   end
 
-  defp strip_meta(struct) do
+  def strip_meta(struct) do
     struct
     |> Map.delete(:__meta__)
     |> Map.delete(:__struct__)

diff --git a/lib/auth_web/controllers/app_controller.ex b/lib/auth_web/controllers/app_controller.ex
@@ -119,10 +119,15 @@ defmodule AuthWeb.AppController do
     end
   end
 
-  # @doc """
-  # approles/2 Return the (JSON) List of Roles for a given App based on apikey.client_id
-  # """
-  # def approles(conn, %{"client_id" => client_id}) do
+  @doc """
+  approles/2 Return the (JSON) List of Roles for a given App based on apikey.client_id
+  """
+  def approles(conn, %{"client_id" => client_id}) do
+    IO.inspect(client_id)
+    # return empty JSON list with 401 status if client_id is invalid
 
-  # end
+    roles = Auth.Role.list_roles()
+    roles = Enum.map(roles, fn role -> Auth.Role.strip_meta(role) end)
+    json(conn, roles)
+  end
 end
diff --git a/lib/auth_web/router.ex b/lib/auth_web/router.ex
@@ -12,10 +12,6 @@ defmodule AuthWeb.Router do
     plug :put_secure_browser_headers
   end
 
-  # pipeline :api do
-  #   plug :accepts, ["json"]
-  # end
-
   scope "/", AuthWeb do
     pipe_through :browser
 
@@ -27,7 +23,6 @@ defmodule AuthWeb.Router do
     # get "/auth/password/new", AuthController, :password_input
     post "/auth/password/create", AuthController, :password_create
     post "/auth/password/verify", AuthController, :password_prompt
-    # get "/approles/:client_id", AppController, :approles
     # https://github.com/dwyl/ping
     get "/ping", PingController, :ping
   end
@@ -55,8 +50,14 @@ defmodule AuthWeb.Router do
     # resources "/settings/apikeys", ApikeyController
   end
 
+  pipeline :api do
+    plug :accepts, ["json"]
+  end
+
   # Other scopes may use custom stacks.
-  # scope "/api", AuthWeb do
-  #   pipe_through :api
-  # end
+  scope "/", AuthWeb do
+    pipe_through :api
+
+    get "/approles/:client_id", AppController, :approles
+  end
 end
diff --git a/test/auth_web/controllers/app_controller_test.exs b/test/auth_web/controllers/app_controller_test.exs
@@ -160,4 +160,12 @@ defmodule AuthWeb.AppControllerTest do
       assert html_response(conn, 404) =~ "can't touch this."
     end
   end
+
+  describe "GET /approles/:client_id" do
+    test "returns (JSON) list of roles", %{conn: conn, app: app} do
+      conn = admin_login(conn)
+      conn = get(conn, Routes.app_path(conn, :approles, app.apikey))
+      assert html_response(conn, 200) =~ "successfully reset"
+    end
+  end
 end