jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

post votes: fix exception when voting on posts using API.

Browse Source 
Fix an `undefined method post_vote_url` exception when doing
`POST https://danbooru.donmai.us/posts/1/votes.json`.

Also add the following API endpoints:

* https://danbooru.donmai.us/post_votes/:id.json
* https://danbooru.donmai.us/comment_votes/:id.json
* https://danbooru.donmai.us/forum_post_votes/:id.json

where `:id` is the vote ID, not the post ID.
This commit is contained in:
evazion
2021-11-14 20:11:38 -06:00
parent afae7aed07
commit ab6d9bd0e8
9 changed files with 97 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/controllers/comment_votes_controller.rb
View File

@@ -8,6 +8,11 @@ class CommentVotesController < ApplicationController
respond_with(@comment_votes) respond_with(@comment_votes)
end end
def show
@comment_vote = authorize CommentVote.find(params[:id])
respond_with(@comment_vote)
end
def create def create
@comment = Comment.find(params[:comment_id]) @comment = Comment.find(params[:comment_id])

5
app/controllers/forum_post_votes_controller.rb
View File

@@ -8,6 +8,11 @@ class ForumPostVotesController < ApplicationController
respond_with(@forum_post_votes) respond_with(@forum_post_votes)
end end
def show
@forum_post_vote = authorize ForumPostVote.find(params[:id])
respond_with(@forum_post_vote)
end
def create def create
@forum_post = ForumPost.find(params[:forum_post_id]) @forum_post = ForumPost.find(params[:forum_post_id])
@forum_post_vote = authorize ForumPostVote.new(creator: CurrentUser.user, forum_post: @forum_post, **permitted_attributes(ForumPostVote)) @forum_post_vote = authorize ForumPostVote.new(creator: CurrentUser.user, forum_post: @forum_post, **permitted_attributes(ForumPostVote))

5
app/controllers/post_votes_controller.rb
View File

@@ -8,6 +8,11 @@ class PostVotesController < ApplicationController
respond_with(@post_votes) respond_with(@post_votes)
end end
def show
@post_vote = authorize PostVote.find(params[:id])
respond_with(@post_vote)
end
def create def create
@post = Post.find(params[:post_id]) @post = Post.find(params[:post_id])

4
app/policies/comment_vote_policy.rb
View File

@@ -7,6 +7,10 @@ class CommentVotePolicy < ApplicationPolicy
!record.is_deleted? && (record.user_id == user.id || user.is_admin?) !record.is_deleted? && (record.user_id == user.id || user.is_admin?)
end end
def show?
can_see_votes? || record.user == user
end
def can_see_votes? def can_see_votes?
user.is_moderator? user.is_moderator?
end end

4
app/policies/post_vote_policy.rb
View File

@@ -6,4 +6,8 @@ class PostVotePolicy < ApplicationPolicy
def destroy? def destroy?
unbanned? && record.user == user unbanned? && record.user == user
end end
def show?
user.is_admin? || record.user == user
end
end end

6
config/routes.rb
View File

@@ -89,7 +89,7 @@ Rails.application.routes.draw do
post :approve post :approve
end end
end end
resources :comment_votes, only: [:index, :destroy] resources :comment_votes, only: [:index, :show, :destroy]
resources :comments do resources :comments do
resource :votes, controller: "comment_votes", only: [:create, :destroy], as: "comment_votes" resource :votes, controller: "comment_votes", only: [:create, :destroy], as: "comment_votes"
collection do collection do
@@ -134,7 +134,7 @@ Rails.application.routes.draw do
get :search get :search
end end
end end
resources :forum_post_votes, only: [:index, :create, :destroy] resources :forum_post_votes, only: [:index, :show, :create, :destroy]
resources :forum_topics do resources :forum_topics do
member do member do
post :undelete post :undelete
@@ -189,7 +189,7 @@ Rails.application.routes.draw do
end end
resources :post_regenerations, :only => [:create] resources :post_regenerations, :only => [:create]
resources :post_replacements, :only => [:index, :new, :create, :update] resources :post_replacements, :only => [:index, :new, :create, :update]
resources :post_votes, only: [:index] resources :post_votes, only: [:index, :show]
# XXX Use `only: []` to avoid redefining post routes defined at top of file. # XXX Use `only: []` to avoid redefining post routes defined at top of file.
resources :posts, only: [] do resources :posts, only: [] do

28
test/functional/comment_votes_controller_test.rb
View File

@@ -53,12 +53,40 @@ class CommentVotesControllerTest < ActionDispatch::IntegrationTest
end end
end end
context "show action" do
setup do
@comment_vote = create(:comment_vote, comment: @comment, user: @user)
end
should "show the vote to the voter" do
get_auth comment_vote_path(@comment_vote), @user, as: :json
assert_response :success
end
should "show the vote to moderators" do
get_auth comment_vote_path(@comment_vote), create(:moderator_user), as: :json
assert_response :success
end
should "not show the vote to other users" do
get_auth comment_vote_path(@comment_vote), create(:user), as: :json
assert_response 403
end
end
context "create action" do context "create action" do
setup do setup do
@user = create(:user) @user = create(:user)
@comment = create(:comment) @comment = create(:comment)
end end
should "work for a JSON response" do
post_auth comment_comment_votes_path(comment_id: @comment.id), @user, params: { score: 1, format: "json" }
assert_response 201
assert_equal(1, @comment.reload.score)
end
should "not allow anonymous users to vote" do should "not allow anonymous users to vote" do
post comment_comment_votes_path(comment_id: @comment.id, score: "1"), xhr: true post comment_comment_votes_path(comment_id: @comment.id, score: "1"), xhr: true
assert_response 403 assert_response 403

15
test/functional/forum_post_votes_controller_test.rb
View File

@@ -34,7 +34,22 @@ class ForumPostVotesControllerTest < ActionDispatch::IntegrationTest
end end
end end
context "show action" do
should "show the vote to all users" do
@forum_post_vote = create(:forum_post_vote, forum_post: @forum_post)
get forum_post_vote_path(@forum_post_vote), as: :json
assert_response :success
end
end
context "create action" do context "create action" do
should "work for a JSON response" do
post_auth forum_post_votes_path, @user, params: { forum_post_id: @forum_post.id, forum_post_vote: { score: 1 }}, as: :json
assert_response 201
assert_equal(1, @forum_post.votes.count)
end
should "allow members to vote" do should "allow members to vote" do
assert_difference("ForumPostVote.count", 1) do assert_difference("ForumPostVote.count", 1) do
post_auth forum_post_votes_path(format: :js), @user, params: { forum_post_id: @forum_post.id, forum_post_vote: { score: 1 }} post_auth forum_post_votes_path(format: :js), @user, params: { forum_post_id: @forum_post.id, forum_post_vote: { score: 1 }}

28
test/functional/post_votes_controller_test.rb
View File

@@ -44,7 +44,35 @@ class PostVotesControllerTest < ActionDispatch::IntegrationTest
end end
end end
context "show action" do
setup do
@post_vote = create(:post_vote, post: @post, user: @user)
end
should "show the vote to the voter" do
get_auth post_vote_path(@post_vote), @user, as: :json
assert_response :success
end
should "show the vote to admins" do
get_auth post_vote_path(@post_vote), create(:admin_user), as: :json
assert_response :success
end
should "not show the vote to other users" do
get_auth post_vote_path(@post_vote), create(:user), as: :json
assert_response 403
end
end
context "create action" do context "create action" do
should "work for a JSON response" do
post_auth post_post_votes_path(post_id: @post.id), @user, params: { score: 1, format: "json" }
assert_response 201
assert_equal(1, @post.reload.score)
end
should "not allow anonymous users to vote" do should "not allow anonymous users to vote" do
post post_post_votes_path(post_id: @post.id), params: { score: 1, format: "js" } post post_post_votes_path(post_id: @post.id), params: { score: 1, format: "js" }