en cours : ajout des methods update et destroy, et des tests unitaires

app/controllers/api/v1/teams_controller.rb

@@ -1,6 +1,7 @@
 class Api::V1::TeamsController < ApplicationController
   before_action :set_team, only: %i[show update destroy]
   before_action :check_login
+  before_action :can_edit?, only: %i[update destroy]
 
   def index
     render json: TeamSerializer.new(Team.all).serializable_hash.to_json
@@ -29,6 +30,19 @@ class Api::V1::TeamsController < ApplicationController
     end
   end
 
+  def update
+    if @team.update(team_params)
+      render json: TeamSerializer.new(@team).serializable_hash.to_json, status: :ok
+    else
+      render json: @team.errors, status: :unprocessable_entity
+    end
+  end
+
+  def destroy
+    @team.destroy
+    head 204
+  end
+
   private
   
   def team_params
@@ -39,4 +53,7 @@ class Api::V1::TeamsController < ApplicationController
     @team = Team.find(params[:id])
   end
 
+  def can_edit?
+    head :forbidden unless JoinedTeamUser.where(:team_id => params[:id]).where(:user_id => current_user.id)[0].can_edit
+  end
 end

db/seeds.rb

@@ -13,13 +13,13 @@ JoinedTeamUser.reset_pk_sequence
 
 3.times do |i|
   team = Team.create(name: Faker::Company.name, description: Faker::Company.catch_phrase)
-  puts "Created TEAM ##{i} - #{team.name}"
+  puts "Created TEAM ##{i+1} - #{team.name}"
 end
 
 10.times do |i|
   name = Faker::Name.first_name.downcase
   user = User.create! username: "#{name}", email: "#{name}@email.com", password: "azerty"
-  puts "Created USER ##{i} - #{user.username}"
+  puts "Created USER ##{i+1} - #{user.username}"
   
   2.times do
     activity = Activity.create!(
@@ -56,6 +56,6 @@ puts "Created Admin"
     user_id: User.all.sample.id,
     activity_id: Activity.all.sample.id
   )
-  puts "Created TASK ##{i} - #{task.name}"
+  puts "Created TASK ##{i+1} - #{task.name}"
 end
 

test/controllers/api/v1/teams_controller_test.rb

@@ -27,7 +27,6 @@ class Api::V1::TeamsControllerTest < ActionDispatch::IntegrationTest
     assert_response :success
   end
 
-  # SHOW
   test "should forbid show team" do
     get api_v1_team_url(@team),
     as: :json
@@ -37,30 +36,77 @@ class Api::V1::TeamsControllerTest < ActionDispatch::IntegrationTest
   # CREATE
   test "should create team" do
     assert_difference('Team.count') do
-      post api_v1_teams_url, params: { team: { name: "Random name", description: "Random description" } }, headers: { Authorization: JsonWebToken.encode(user_id: @user.id) }, as: :json
+      post api_v1_teams_url,
+      params: { team: { name: "Random name", description: "Random description" } },
+      headers: { Authorization: JsonWebToken.encode(user_id: @user.id) },
+      as: :json
     end
     assert_response :created
   end
 
-  test "should not create team when not logged in" do
+  test "should forbid create team when not logged in" do
     assert_no_difference('Team.count') do
-      post api_v1_teams_url, params: { team: { name: "Random name", description: "Random description" } }, as: :json
+      post api_v1_teams_url,
+      params: { team: { name: "Random name", description: "Random description" } },
+      as: :json
     end
     assert_response :forbidden
   end
 
-  test "should not create team with taken name" do
+  test "should forbid create team with taken name" do
     assert_no_difference('Team.count') do
-      post api_v1_teams_url, params: { team: { name: @team.name, description: "Random description" } }, headers: { Authorization: JsonWebToken.encode(user_id: @user.id) }, as: :json
+      post api_v1_teams_url,
+      params: { team: { name: @team.name, description: "Random description" } },
+      headers: { Authorization: JsonWebToken.encode(user_id: @user.id) },
+      as: :json
     end
     assert_response :unprocessable_entity
   end
 
-  test "should not create team without name" do
+  test "should forbid create a team without name" do
     assert_no_difference('Team.count') do
-      post api_v1_teams_url, params: { team: { description: "Random description"} }, headers: { Authorization: JsonWebToken.encode(user_id: @user.id) }, as: :json
+      post api_v1_teams_url,
+      params: { team: { description: "Random description"} },
+      headers: { Authorization: JsonWebToken.encode(user_id: @user.id) },
+      as: :json
     end
     assert_response :unprocessable_entity
   end
   
+  # UPDATE
+  test "should update team" do
+    patch api_v1_team_url(@team),
+    params: { team: { name: "New name", description: "New description" } },
+    headers: { Authorization: JsonWebToken.encode(user_id: @user.id) },
+    as: :json
+    assert_response :success
+  end
+
+  test "should not update team " do
+    patch api_v1_team_url(@team),
+    params: { team: { name: "New name", description: "New description" } },
+    as: :json
+    assert_response :forbidden
+  end
+
+  # Ajouter un test pour vérifier le statut de "current_user.can_edit" dans le modèle JoinedTeamUser
+
+  # DESTROY
+  test "should destroy team" do
+    assert_difference('Team.count', -1) do
+      delete api_v1_team_url(@team),
+      headers: { Authorization: JsonWebToken.encode(user_id: @user.id) },
+      as: :json
+    end
+    assert_response :no_content
+  end
+
+  test "should forbid destroy team" do
+    assert_no_difference('Team.count') do
+      delete api_v1_team_url(@team), as: :json
+    end
+    assert_response :forbidden
+  end
+  # Ajouter un test pour vérifier le statut de "current_user.can_edit" dans le modèle JoinedTeamUser
+
 end

test/controllers/api/v1/users_controller_test.rb

@@ -40,21 +40,27 @@ class Api::V1::UsersControllerTest < ActionDispatch::IntegrationTest
   #CREATE
   test "should create user" do
     assert_difference('User.count') do
-      post api_v1_users_url, params: { user: { email: 'test@test.org', username: 'new_user_name', password: '123456' } }, as: :json
+      post api_v1_users_url,
+      params: { user: { email: 'test@test.org', username: 'new_user_name', password: '123456' } },
+      as: :json
     end
     assert_response :created
   end
 
   test "should not create user with taken email" do
     assert_no_difference('User.count') do
-      post api_v1_users_url, params: { user: { email: @user.email, username: 'username_test', password: '123456' } }, as: :json
+      post api_v1_users_url,
+      params: { user: { email: @user.email, username: 'username_test', password: '123456' } },
+      as: :json
     end
     assert_response :unprocessable_entity
   end
 
   test "should not create user with taken username" do
     assert_no_difference('User.count') do
-      post api_v1_users_url, params: { user: { email: "test@email.com", username: @user.username, password: '123456' } }, as: :json
+      post api_v1_users_url,
+      params: { user: { email: "test@email.com", username: @user.username, password: '123456' } },
+      as: :json
     end
     assert_response :unprocessable_entity
   end

test/fixtures/joined_team_users.yml

@@ -4,8 +4,12 @@
 # model remove the '{}' from the fixture names and add the columns immediately
 # below each fixture, per the syntax in the comments below
 #
-one: {}
-# column: value
-#
-two: {}
-# column: value
+one:
+  team: one
+  user: one
+  can_edit: true
+
+two:
+  team: one
+  user: two
+  can_edit: false

test/fixtures/teams.yml

@@ -1,5 +1,9 @@
 # Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
 
 one:
-  name: MyString
-  description: MyText
+  name: Team one
+  description: Team one
+
+one:
+  name: Team two
+  description: Team two

test/fixtures/users.yml

@@ -11,3 +11,9 @@ two:
   username: TwoUsername
   is_admin: false
   password_digest: <%= BCrypt::Password.create('g00d_pa$$') %>
+
+admin:
+  email: admin@email.com
+  username: AdminUsername
+  is_admin: true
+  password_digest: <%= BCrypt::Password.create('g00d_pa$$') %>