Merge branch 'fix_membership' of cli/Chronobriq-API into master

.dockerignore

@@ -0,0 +1,4 @@
+erd.pdf
+.git
+.gitignore
+.gitattributes

Dockerfile

@@ -0,0 +1,65 @@
+# 
+# This is an unofficial Alpine image embedding rbenv
+# Inspired by https://github.com/didlich/docker-alpine-rbenv/blob/master/Dockerfile
+# 
+
+FROM alpine:3.15
+
+RUN apk add --update \
+    bash \
+    git \
+    wget \
+    curl \
+    vim \
+    build-base \
+    readline-dev \
+    openssl-dev \
+    zlib-dev \
+&& rm -rf /var/cache/apk/*
+
+# rbenv
+ENV PATH /usr/local/rbenv/shims:/usr/local/rbenv/bin:$PATH
+ENV RBENV_ROOT /usr/local/rbenv
+ENV RUBY_VERSION 3.0.2
+ENV CONFIGURE_OPTS --disable-install-doc
+
+RUN apk add --update \
+    linux-headers \
+    imagemagick-dev \    
+    libffi-dev \    
+    libffi-dev \
+	libpq-dev \
+	&& rm -rf /var/cache/apk/*
+
+RUN git clone --depth 1 git://github.com/sstephenson/rbenv.git ${RBENV_ROOT} \
+&&  git clone --depth 1 https://github.com/sstephenson/ruby-build.git ${RBENV_ROOT}/plugins/ruby-build \
+&&  git clone --depth 1 git://github.com/jf/rbenv-gemset.git ${RBENV_ROOT}/plugins/rbenv-gemset \
+&& ${RBENV_ROOT}/plugins/ruby-build/install.sh
+
+RUN echo 'eval "$(rbenv init -)"' >> /etc/profile.d/rbenv.sh 
+
+RUN rbenv install $RUBY_VERSION \
+&&  rbenv global $RUBY_VERSION
+
+RUN gem install bundler
+
+WORKDIR /app
+
+# Getting required gems
+COPY Gemfile ./
+RUN bundle install
+
+COPY [^Gemfile]* ./
+
+# RUN RAILS_ENV=production / db:create
+# RUN / db:migrate
+
+# Deleting useless packages
+# RUN apk del git wget curl build-base \
+#     rm -rf /var/cache/apk/*
+
+EXPOSE 9000
+
+CMD [ "top" ]
+
+# CMD [ "rails", "server", "-p 9000", "-b 127.0.0.1", "-e production" ]

README.md

@@ -16,7 +16,7 @@ PostgreSQL 11 minimum et la gem associée (`pg`).
 3. `rails server` pour lancer un serveur local de développement sur le port 3000
 
 ### 2. Endpoints
-La commande `rails routes` fournie l'ensemble des endpoints et requêtes HTTP disponibles. L'ensemble des requêtes se font sur la base : localhost:3000/api/v1.
+La commande `rails routes` fournie l'ensemble des endpoints et requêtes HTTP disponibles. L'ensemble des requêtes se font sur la base : domaine.tld/api/v1.
 
 ## Tests
 
@@ -70,42 +70,38 @@ Patch et delete permettent de modifier ou supprimer une donnée qui a été cré
 
 ### Routes
 
-|               Prefix | Verb   | URI Pattern                                                | Controller#Action                           |
-| -------------------- | ------ | ---------------------------------------------------------- | ------------------------------------------- |
-|          api_v1_users| GET    | /api/v1/users(.:format)                                    | api/v1/users#index {:format=>:json}         |
-|                      | POST   | /api/v1/users(.:format)                                    | api/v1/users#create {:format=>:json}        |
-|           api_v1_user| GET    | /api/v1/users/:id(.:format)                                | api/v1/users#show {:format=>:json}          |
-|                      | PATCH  | /api/v1/users/:id(.:format)                                | api/v1/users#update {:format=>:json}        |
-|                      | PUT    | /api/v1/users/:id(.:format)                                | api/v1/users#update {:format=>:json}        |
-|                      | DELETE | /api/v1/users/:id(.:format)                                | api/v1/users#destroy {:format=>:json}       |
-|         api_v1_tokens| POST   | /api/v1/tokens(.:format)                                   | api/v1/tokens#create {:format=>:json}       |
-|          api_v1_teams| GET    | /api/v1/teams(.:format)                                    | api/v1/teams#index {:format=>:json}         |
-|                      | POST   | /api/v1/teams(.:format)                                    | api/v1/teams#create {:format=>:json}        |
-|           api_v1_team| GET    | /api/v1/teams/:id(.:format)                                | api/v1/teams#show {:format=>:json}          |
-|                      | PATCH  | /api/v1/teams/:id(.:format)                                | api/v1/teams#update {:format=>:json}        |
-|                      | PUT    | /api/v1/teams/:id(.:format)                                | api/v1/teams#update {:format=>:json}        |
-|                      | DELETE | /api/v1/teams/:id(.:format)                                | api/v1/teams#destroy {:format=>:json}       |
-|    api_v1_memberships| GET    | /api/v1/memberships(.:format)                              | api/v1/memberships#index {:format=>:json}   |
-|                      | POST   | /api/v1/memberships(.:format)                              | api/v1/memberships#create {:format=>:json}  |
-|     api_v1_membership| GET    | /api/v1/memberships/:id(.:format)                          | api/v1/memberships#show {:format=>:json}    |
-|                      | PATCH  | /api/v1/memberships/:id(.:format)                          | api/v1/memberships#update {:format=>:json}  |
-|                      | PUT    | /api/v1/memberships/:id(.:format)                          | api/v1/memberships#update {:format=>:json}  |
-|                      | DELETE | /api/v1/memberships/:id(.:format)                          | api/v1/memberships#destroy {:format=>:json} |
-| api_v1_activity_tasks| GET    | /api/v1/activities/:activity_id/tasks(.:format)            | api/v1/tasks#index {:format=>:json}         |
-|                      | POST   | /api/v1/activities/:activity_id/tasks(.:format)            | api/v1/tasks#create {:format=>:json}       |
-|  api_v1_activity_task| GET    | /api/v1/activities/:activity_id/tasks/:id(.:format)        | api/v1/tasks#show {:format=>:json}         |
-|                      | PATCH  | /api/v1/activities/:activity_id/tasks/:id(.:format)        | api/v1/tasks#update {:format=>:json}       |
-|                      | PUT    | /api/v1/activities/:activity_id/tasks/:id(.:format)        | api/v1/tasks#update {:format=>:json}       |
-|                      | DELETE | /api/v1/activities/:activity_id/tasks/:id(.:format)        | api/v1/tasks#destroy {:format=>:json}      |
-|     api_v1_activities| GET    | /api/v1/activities(.:format)                               | api/v1/activities#index {:format=>:json}   |
-|                      | POST   | /api/v1/activities(.:format)                               | api/v1/activities#create {:format=>:json}  |
-|       api_v1_activity| GET    | /api/v1/activities/:id(.:format)                           | api/v1/activities#show {:format=>:json}    |
-|                      | PATCH  | /api/v1/activities/:id(.:format)                           | api/v1/activities#update {:format=>:json}  |
-|                      | PUT    | /api/v1/activities/:id(.:format)                           | api/v1/activities#update {:format=>:json}  |
-|                      | DELETE | /api/v1/activities/:id(.:format)                           | api/v1/activities#destroy {:format=>:json} |
-|          api_v1_tasks| GET    | /api/v1/tasks(.:format)                                    | api/v1/tasks#index {:format=>:json}        |
-|                      | POST   | /api/v1/tasks(.:format)                                    | api/v1/tasks#create {:format=>:json}       |
-|           api_v1_task| GET    | /api/v1/tasks/:id(.:format)                                | api/v1/tasks#show {:format=>:json}         |
-|                      | PATCH  | /api/v1/tasks/:id(.:format)                                | api/v1/tasks#update {:format=>:json}       |
-|                      | PUT    | /api/v1/tasks/:id(.:format)                                | api/v1/tasks#update {:format=>:json}       |
-|                      | DELETE | /api/v1/tasks/:id(.:format)                                | api/v1/tasks#destroy {:format=>:json}      |
+|                Prefix | Verb   | URI Pattern                                                | Controller#Action                           |
+| --------------------- | ------ | ---------------------------------------------------------- | ------------------------------------------- |
+|           api_v1_users| GET    | /api/v1/users(.:format)                                    | api/v1/users#index {:format=>:json}         |
+|                       | POST   | /api/v1/users(.:format)                                    | api/v1/users#create {:format=>:json}        |
+|            api_v1_user| GET    | /api/v1/users/:id(.:format)                                | api/v1/users#show {:format=>:json}          |
+|                       | PATCH  | /api/v1/users/:id(.:format)                                | api/v1/users#update {:format=>:json}        |
+|                       | PUT    | /api/v1/users/:id(.:format)                                | api/v1/users#update {:format=>:json}        |
+|                       | DELETE | /api/v1/users/:id(.:format)                                | api/v1/users#destroy {:format=>:json}       |
+|          api_v1_tokens| POST   | /api/v1/tokens(.:format)                                   | api/v1/tokens#create {:format=>:json}       |
+|api_v1_team_memberships| GET    | /api/v1/teams/:team_id/memberships(.:format)               | api/v1/memberships#index {:format=>:json}   |
+|                       | POST   | /api/v1/teams/:team_id/memberships(.:format)               | api/v1/memberships#create {:format=>:json}  |
+| api_v1_team_membership| GET    | /api/v1/teams/:team_id/memberships/:id(.:format)           | api/v1/memberships#show {:format=>:json}    |
+|                       |PATCH   | /api/v1/teams/:team_id/memberships/:id(.:format)           | api/v1/memberships#update {:format=>:json}  |
+|                       | PUT    | /api/v1/teams/:team_id/memberships/:id(.:format)           | api/v1/memberships#update {:format=>:json}  |
+|                       | DELETE | /api/v1/teams/:team_id/memberships/:id(.:format)           | api/v1/memberships#destroy {:format=>:json} |
+|          api_v1_teams| GET    | /api/v1/teams(.:format)                                     | api/v1/teams#index {:format=>:json}         |
+|                      | POST   | /api/v1/teams(.:format)                                     | api/v1/teams#create {:format=>:json}        |
+|           api_v1_team| GET    | /api/v1/teams/:id(.:format)                                 | api/v1/teams#show {:format=>:json}          |
+|                      | PATCH  | /api/v1/teams/:id(.:format)                                 | api/v1/teams#update {:format=>:json}        |
+|                      | PUT    | /api/v1/teams/:id(.:format)                                 | api/v1/teams#update {:format=>:json}        |
+|                      | DELETE | /api/v1/teams/:id(.:format)                                 | api/v1/teams#destroy {:format=>:json}       |
+|   api_v1_memberships | GET    | /api/v1/memberships(.:format)                               |api/v1/memberships#index {:format=>:json}    |
+| api_v1_activity_tasks| GET    | /api/v1/activities/:activity_id/tasks(.:format)             | api/v1/tasks#index {:format=>:json}         |
+|                      | POST   | /api/v1/activities/:activity_id/tasks(.:format)             | api/v1/tasks#create {:format=>:json}        |
+|  api_v1_activity_task| GET    | /api/v1/activities/:activity_id/tasks/:id(.:format)         | api/v1/tasks#show {:format=>:json}          |
+|                      | PATCH  | /api/v1/activities/:activity_id/tasks/:id(.:format)         | api/v1/tasks#update {:format=>:json}        |
+|                      | PUT    | /api/v1/activities/:activity_id/tasks/:id(.:format)         | api/v1/tasks#update {:format=>:json}        |
+|                      | DELETE | /api/v1/activities/:activity_id/tasks/:id(.:format)         | api/v1/tasks#destroy {:format=>:json}       |
+|     api_v1_activities| GET    | /api/v1/activities(.:format)                                | api/v1/activities#index {:format=>:json}    |
+|                      | POST   | /api/v1/activities(.:format)                                | api/v1/activities#create {:format=>:json}   |
+|       api_v1_activity| GET    | /api/v1/activities/:id(.:format)                            | api/v1/activities#show {:format=>:json}     |
+|                      | PATCH  | /api/v1/activities/:id(.:format)                            | api/v1/activities#update {:format=>:json}   |
+|                      | PUT    | /api/v1/activities/:id(.:format)                            | api/v1/activities#update {:format=>:json}   |
+|                      | DELETE | /api/v1/activities/:id(.:format)                            | api/v1/activities#destroy {:format=>:json}  |
+|          api_v1_tasks| GET    | /api/v1/tasks(.:format)                                     | api/v1/tasks#index {:format=>:json}         |

app/controllers/api/v1/memberships_controller.rb

@@ -3,19 +3,21 @@ class Api::V1::MembershipsController < ApplicationController
   before_action :check_login
 
   def index
-    render json: MembershipSerializer.new(Membership.all).serializable_hash.to_json
+    if !params[:team_id]
+      render json: MembershipSerializer.new(Membership.all).serializable_hash.to_json
+    else
+      render json: MembershipSerializer.new(Team.find(params[:team_id]).memberships).serializable_hash.to_json
+    end
   end
-
+  
   def show
     render json: MembershipSerializer.new(@membership).serializable_hash.to_json
   end
 
-  def create
-    member_id = User.where(username: params[:membership][:username])[0].id
-    team_id = Team.where(name: params[:membership][:team_name])[0].id
-
-    membership = Membership.new(team_id: team_id, member_id: member_id, can_edit: false)
-    
+  def create  
+    membership = current_user.memberships.build(membership_params)
+    membership.team_id = params[:team_id]
+  
     if membership.save
       render json: MembershipSerializer.new(membership).serializable_hash.to_json, status: :created
     else
@@ -25,7 +27,7 @@ class Api::V1::MembershipsController < ApplicationController
 
   def update
     if params[:membership][:can_edit] 
-      if @membership.update(memberships_params)
+      if @membership.update(membership_params)
         render json: MembershipSerializer.new(@membership).serializable_hash.to_json, status: :ok
       else
         render json: @membership.errors, status: :unprocessable_entity
@@ -42,7 +44,7 @@ class Api::V1::MembershipsController < ApplicationController
 
   private
 
-  def memberships_params
+  def membership_params
     params.require(:membership).permit(:can_edit)
   end
   

app/models/activity.rb

@@ -5,7 +5,7 @@ class Activity < ApplicationRecord
   has_one :user, :through => :joined_user_activity
 
   has_many :tasks
-
+  
   validates :name, presence: true
   validates :author, presence: true
 end

app/models/membership.rb

@@ -1,7 +1,4 @@
 class Membership < ApplicationRecord
-  # attr_readonly :member
-  # attr_readonly :team
-
   validates :member, presence: :true
   validates :team, presence: :true
   validates_uniqueness_of :member, scope: :team, message: "user already part of this team"

app/models/task.rb

@@ -1,9 +1,9 @@
 class Task < ApplicationRecord
+  belongs_to :activity
+  belongs_to :owner, class_name: "User"
+
   validates :name, presence: true
   validates :owner, presence: true
   validates :activity, presence: true
   validates :start_time, presence: true
-
-  belongs_to :activity
-  belongs_to :owner, class_name: "User"
 end

config/database.yml

@@ -1,31 +1,21 @@
-# SQLite. Versions 3.8.0 and up are supported.
-#   gem install sqlite3
-#
-#   Ensure the SQLite 3 gem is defined in your Gemfile
-#   gem 'sqlite3'
-#
 default: &default
-  # adapter: sqlite3
-  adapter: postgresql
-  pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
-  timeout: 5000
-  username: <%= ENV['PG_USER'] %>
-  password: <%= ENV['PG_USER_PWD'] %>
-
-development:
-  <<: *default
-  # database: db/development.sqlite3
-  database: chronobriq_development
+    adapter: postgresql
+    pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+    timeout: 5000
+    username: <%= ENV['PG_USER'] %>
+    password: <%= ENV['PG_USER_PWD'] %>
 
 # Warning: The database defined as "test" will be erased and
 # re-generated from your development database when you run "rake".
 # Do not set this db to the same as development or production.
 test:
-  <<: *default
-  # database: db/test.sqlite3
-  database: chronobriq_test
+    <<: *default
+    database: chronobriq_test
+
+development:
+    <<: *default
+    database: chronobriq_development
 
 production:
-  <<: *default
-  # database: db/production.sqlite3
-  database: chronobriq_production
+    <<: *default
+    database: chronobriq_production

config/routes.rb

@@ -3,12 +3,14 @@ Rails.application.routes.draw do
     namespace :v1 do
       resources :users
       resources :tokens, only: %i[create]
-      resources :teams
-      resources :memberships
+      resources :teams do
+        resources :memberships
+      end
+      resources :memberships, only: %i[index]
       resources :activities do
         resources :tasks
       end
-      resources :tasks
+      resources :tasks, only: %i[index]
     end
   end
 end

docker-compose.yml

@@ -0,0 +1,15 @@
+version: "3"
+services:
+    chronobriq-api:
+        build: .
+        ports:
+            - "9000:9000"
+        depends_on:
+            - db
+    db:
+        image: postgres:12-alpine
+        volumes:
+            - database:/var/lib/postgresql/chronobriq-api
+
+volumes:
+    database:

test/controllers/api/v1/memberships_controller_test.rb

@@ -10,48 +10,58 @@ class Api::V1::MembershipsControllerTest < ActionDispatch::IntegrationTest
   end
 
   # INDEX
-  test "should access Membership index" do
-    get api_v1_memberships_url,
+  test "should access Membership index - specifix team" do
+    get api_v1_team_memberships_url(@team),
     headers: { Authorization: JsonWebToken.encode(user_id: @user.id) }, 
     as: :json
     assert_response :success
+
+    json_response = JSON.parse(self.response.body)
+    assert_equal @membership.member_id, json_response['data'][0]['attributes']['member_id']
   end
 
-  test "should forbid Membership index" do
+  test "should access Membership index - all teams" do
     get api_v1_memberships_url,
+    headers: { Authorization: JsonWebToken.encode(user_id: @user.id) }, 
+    as: :json
+    assert_response :success
+  end
+
+  test "should not access Membership index" do
+    get api_v1_team_memberships_url(@team),
     as: :json
     assert_response :forbidden
   end
 
   # SHOW
   test "should show Membership" do
-    get api_v1_memberships_url(@membership),
+    get api_v1_team_memberships_url(@team, @membership),
     headers: { Authorization: JsonWebToken.encode(user_id: @user.id) }, 
     as: :json
     assert_response :success
   end
 
   test "should forbid show Membership" do
-    get api_v1_memberships_url(@membership),
+    get api_v1_team_memberships_url(@team, @membership),
     as: :json
     assert_response :forbidden
   end
 
-  # CREATE
-  # test "should create membership" do
-  #   assert_difference("Membership.count") do
-  #     post api_v1_memberships_url,
-  #     params: { membership: { team_id: @team.id, member_id: @user.id, can_edit: false } },
-  #     headers: { Authorization: JsonWebToken.encode(user_id: @user.id) }, 
-  #     as: :json
-  #   end
-  #   assert_response :created
-  # end
+  #CREATE
+  test "should create membership" do
+    assert_difference("Membership.count") do
+      post api_v1_team_memberships_url(@team),
+      params: { membership: { can_edit: false, member_id: @user2, team_id: @team } },
+      headers: { Authorization: JsonWebToken.encode(user_id: @user2.id) }, 
+      as: :json
+    end
+    assert_response :created
+  end
 
   test "should forbid create membership" do
     assert_no_difference("Membership.count") do
-      post api_v1_memberships_url,
-      params: { membership: { team_id: @team.id, member_id: @user.id, can_edit: false } },
+      post api_v1_team_memberships_url(@team),
+      params: { membership: { can_edit: false } },
       as: :json
     end
     assert_response :forbidden
@@ -59,7 +69,7 @@ class Api::V1::MembershipsControllerTest < ActionDispatch::IntegrationTest
 
   # UPDATE
   test "should update membership" do
-    patch api_v1_membership_url(@membership),
+    patch api_v1_team_membership_url(@team, @membership),
     headers: { Authorization: JsonWebToken.encode(user_id: @user.id) }, 
     params: { membership: { can_edit: true } },
     as: :json
@@ -67,14 +77,14 @@ class Api::V1::MembershipsControllerTest < ActionDispatch::IntegrationTest
   end
 
   test "should forbid update membership" do
-    patch api_v1_membership_url(@membership),
+    patch api_v1_team_membership_url(@team, @membership),
     params: { membership: { can_edit: true } },
     as: :json
     assert_response :forbidden
   end
 
   test "should forbid update read_only attributes - team_id" do
-    patch api_v1_membership_url(@membership),
+    patch api_v1_team_membership_url(@team, @membership),
     headers: { Authorization: JsonWebToken.encode(user_id: @user.id) }, 
     params: { membership: { team_id: @team2.id, member_id: @user2.id } },
     as: :json
@@ -84,7 +94,7 @@ class Api::V1::MembershipsControllerTest < ActionDispatch::IntegrationTest
   # DESTROY
   test "should destroy membership" do
     assert_difference('Membership.count', -1) do
-      delete api_v1_membership_url(@membership), 
+      delete api_v1_team_membership_url(@team, @membership), 
       headers: { Authorization: JsonWebToken.encode(user_id: @user.id) },
       as: :json
     end
@@ -93,7 +103,7 @@ class Api::V1::MembershipsControllerTest < ActionDispatch::IntegrationTest
 
   test "should forbid destroy membership" do
     assert_no_difference('Membership.count') do
-      delete api_v1_membership_url(@membership), as: :json
+      delete api_v1_team_membership_url(@team, @membership), as: :json
     end
     assert_response :forbidden
   end

test/controllers/api/v1/tasks_controller_test.rb

@@ -44,17 +44,17 @@ class Api::V1::TasksControllerTest < ActionDispatch::IntegrationTest
   test "should create task" do
     assert_difference("Task.count") do
       post api_v1_activity_tasks_url(@activity),
-      params: { task: { name: @task.name, description: @task.description, owner_id: @user, activity_id: @activity, start_time: DateTime.now } },
+      params: { task: { name: @task.name, description: @task.description, owner_id: @user, start_time: DateTime.now } },
       headers: { Authorization: JsonWebToken.encode(user_id: @user.id) },
       as: :json
     end
     assert_response :created
   end
 
-  test "should not create task" do
+  test "should not create task - not logged in" do
     assert_no_difference("Task.count") do
       post api_v1_activity_tasks_url(@activity),
-      params: { task: { name: @task.name, description: @task.description, owner_id: @user, activity_id: @activity } },
+      params: { task: { name: @task.name, description: @task.description, owner_id: @user } },
       as: :json
     end
     assert_response :forbidden

test/fixtures/memberships.yml

@@ -8,8 +8,3 @@ one:
   team: one
   member: one
   can_edit: true
-
-two:
-  team: one
-  member: two
-  can_edit: false