[myexperiment-hackers] [2580] trunk: added tagging api

[noreply]

Revision

2580

Author

dgc

Date

2011-03-17 09:47:43 -0400 (Thu, 17 Mar 2011)

Log Message

added tagging api

Modified Paths

• trunk/config/tables.xml
• trunk/lib/authorization.rb
• trunk/lib/rest.rb
• trunk/test/functional/api_controller_test.rb

Diff

Modified: trunk/config/tables.xml

(Binary files differ)

Modified: trunk/lib/authorization.rb (2579 => 2580)

--- trunk/lib/authorization.rb	2011-03-17 13:47:11 UTC (rev 2579)
+++ trunk/lib/authorization.rb	2011-03-17 13:47:43 UTC (rev 2580)
@@ -191,6 +191,19 @@
       return true
     end
     
+    # Tagging permissions
+
+    if (object_type == 'Tagging') && (action == 'create')
+
+      # Taggings can only be created by authenticated users
+      return false if user.nil?
+
+      # Taggings can only be set on things that a user can view
+      return Authorization.is_authorized?('view', nil, context, user) if context
+
+      return true
+    end
+    
     # Bookmark permissions
 
     if (object_type == 'Bookmark') && (action == 'create')

Modified: trunk/lib/rest.rb (2579 => 2580)

--- trunk/lib/rest.rb	2011-03-17 13:47:11 UTC (rev 2579)
+++ trunk/lib/rest.rb	2011-03-17 13:47:43 UTC (rev 2580)
@@ -1900,6 +1900,59 @@
   rating_aux('destroy', opts)
 end
 
+# Taggings
+
+def tagging_aux(action, opts)
+
+  # Obtain object
+
+  case action
+    when 'create':
+      return rest_response(401, :reason => "Not authorised to create a tagging") unless Authorization.is_authorized_for_type?('create', 'Tagging', opts[:user], nil)
+
+      ob = Tagging.new(:user => opts[:user])
+    when 'read', 'update', 'destroy':
+      ob = obtain_rest_resource('Tagging', opts[:query]['id'], opts[:query]['version'], opts[:user], action)
+    else
+      raise "Invalid action '#{action}'"
+  end
+
+  return if ob.nil? # appropriate rest response already given
+
+  if action == "destroy"
+
+    ob.destroy
+
+  else
+
+    data = ""
+
+    subject = parse_element(data, :resource, '/tagging/subject')
+    label   = parse_element(data, :text,     '/tagging/label')
+    tag     = parse_element(data, :resource, '/tagging/tag')
+
+    ob.label    = label   if label
+    ob.tag      = tag     if tag
+
+    if subject
+      return rest_response(401, :reason => "Not authorised for the specified resource") unless Authorization.is_authorized_for_type?(action, 'Rating', opts[:user], subject)
+      ob.taggable = subject
+    end
+
+    return rest_response(400, :object => ob) unless ob.save
+  end
+
+  rest_get_request(ob, "tagging", opts[:user], rest_resource_uri(ob), "tagging", { "id" => ob.id.to_s })
+end
+
+def post_tagging(opts)
+  tagging_aux('create', opts)
+end
+
+def delete_tagging(opts)
+  tagging_aux('destroy', opts)
+end
+
 # Call dispatcher
 
 def rest_call_request(req_uri, format, rules, user, query)

Modified: trunk/test/functional/api_controller_test.rb (2579 => 2580)

--- trunk/test/functional/api_controller_test.rb	2011-03-17 13:47:11 UTC (rev 2579)
+++ trunk/test/functional/api_controller_test.rb	2011-03-17 13:47:43 UTC (rev 2580)
@@ -622,6 +622,78 @@
     assert_response(:not_found)
   end
 
+  def test_taggings
+
+    login_as(:john)
+
+    # post a workflow to test with
+
+    content = Base64.encode64(File.read('test/fixtures/files/workflow_dilbert.xml'))
+
+    existing_workflows = Workflow.find(:all)
+
+    rest_request(:post, 'workflow', "<?xml version='1.0'?>
+      <workflow>
+        <title>Unique tags</title>
+        <description>A workflow description.</description>
+        <license-type>by-sa</license-type>
+        <content-type>application/vnd.taverna.scufl+xml</content-type>
+        <content>#{content}</content>
+      </workflow>")
+
+    assert_response(:success)
+
+    extra_workflows = Workflow.find(:all) - existing_workflows
+
+    assert_equal(extra_workflows.length, 1)
+
+    workflow = extra_workflows.first
+    workflow_url = rest_resource_uri(workflow)
+
+    # post a tagging
+
+    existing_taggings = Tagging.find(:all)
+
+    rest_request(:post, 'tagging', "<?xml version='1.0'?>
+      <tagging>
+        <subject resource='#{workflow_url}'/>
+        <label>my test tag</label>
+      </tagging>")
+
+    assert_response(:success)
+
+    extra_taggings = Tagging.find(:all) - existing_taggings 
+    
+    assert_equal(extra_taggings.length, 1)
+
+    tagging = extra_taggings.first
+
+    assert_equal(tagging.user, users(:john));
+    assert_equal(tagging.taggable, workflow);
+    assert_equal(tagging.label, 'my test tag');
+
+    # update the tagging (which should fail)
+
+    rest_request(:put, 'tagging', "<?xml version='1.0'?>
+      <tagging>
+        <label>fail</label>
+      </tagging>", "id" => tagging.id)
+
+    assert_response(400)
+    
+    # delete the tagging
+
+    rest_request(:delete, 'tagging', nil, "id" => tagging.id)
+
+    assert_response(:success)
+
+    # try to get the deleted tagging
+
+    rest_request(:get, 'tagging', nil, "id" => tagging.id)
+
+    assert_response(:not_found)
+  end
+
   private
 
   def rest_request(method, uri, data = "" query = {})