diff --git a/app/controllers/api/v1/project_preferences_controller.rb b/app/controllers/api/v1/project_preferences_controller.rb index 8a0b49b24..d82a9bd00 100644 --- a/app/controllers/api/v1/project_preferences_controller.rb +++ b/app/controllers/api/v1/project_preferences_controller.rb @@ -8,11 +8,16 @@ class Api::V1::ProjectPreferencesController < Api::ApiController schema_type :json_schema before_action :find_upp_for_update_settings, only: [:update_settings] + def read_settings + skip_policy_scope + read_and_update_settings_response + end + def update_settings skip_policy_scope @upp.settings.merge! params_for[:settings] @upp.save! - update_settings_response + read_and_update_settings_response end private @@ -29,15 +34,30 @@ def user_allowed? @upp.project.owners_and_collaborators.include?(api_user.user) || api_user.is_admin? end - def update_settings_response + def read_and_update_settings_response + set_last_modified_header if action_name == "update_settings" + + render_json_response + end + + private + + def set_last_modified_header response.headers['Last-Modified'] = @upp.updated_at.httpdate + end + + def render_json_response + if action_name == "update_settings" + preferences = UserProjectPreference.where(id: @upp.id) + else + project = Project.find_by!(id: params[:project_id]) + preferences = project.user_project_preference.where.not(email_communication: nil) + preferences = params[:user_id].present? ? preferences.where(user_id: params[:user_id]) : preferences + end + render( status: :ok, - json_api: serializer.resource( - {}, - UserProjectPreference.where(id: @upp.id), - context - ) + json_api: serializer.resource({}, preferences, context) ) end end diff --git a/app/models/project.rb b/app/models/project.rb index 260d89943..2816d9888 100644 --- a/app/models/project.rb +++ b/app/models/project.rb @@ -15,6 +15,7 @@ class Project < ApplicationRecord has_many :tutorials has_many :field_guides, dependent: :destroy belongs_to :organization + has_many :user_project_preference # uses the activated_state enum on the workflow has_many :workflows, -> { where(serialize_with_project: true).active}, diff --git a/config/routes.rb b/config/routes.rb index 40178522a..c09a16980 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -55,6 +55,7 @@ json_api_resources :project_preferences do collection do post :update_settings + get :read_settings end end diff --git a/spec/controllers/api/v1/project_preferences_controller_spec.rb b/spec/controllers/api/v1/project_preferences_controller_spec.rb index 68bbf6e7d..b77d48e82 100644 --- a/spec/controllers/api/v1/project_preferences_controller_spec.rb +++ b/spec/controllers/api/v1/project_preferences_controller_spec.rb @@ -197,4 +197,45 @@ end end end + + describe '#read_settings' do + let!(:project) { create(:project, owner: authorized_user) } + let!(:upp) { create(:user_project_preference, project: project) } + let(:run_generic_read) { get :read_settings, params: { project_id: project.id, format: :json } } + let(:unauthorised_user) { create(:user) } + let(:run_unauthorised_user_read) { get :read_settings, params: { project_id: project.id, user_id: unauthorised_user.id, format: :json } } + + describe 'genetic preferences' do + before(:each) do + default_request user_id: authorized_user.id, scopes: scopes + run_generic_read + end + + it 'responds with a 200' do + expect(response.status).to eq(200) + end + + it 'returns the correct response data' do + json_response = JSON.parse(response.body) + expect(json_response["project_preferences"]).to be_a(Array) + expect(json_response["project_preferences"].count).to eq(1) + end + end + + describe 'user specific preferences' do + before(:each) do + default_request user_id: unauthorised_user.id, scopes: scopes + run_unauthorised_user_read + end + + it 'responds with a 200' do + expect(response.status).to eq(200) + end + + it 'returns the correct response data' do + json_response = JSON.parse(response.body) + expect(json_response["project_preferences"].count).to eq(0) + end + end + end end