Revision 901b2d58
Added by Marek Hulán over 5 years ago
| app/controllers/concerns/api/v2/taxonomies_controller.rb | ||
|---|---|---|
|
api :GET, '/:resource_id', N_('List all :resource_id')
|
||
|
param_group :search_and_pagination, ::Api::V2::BaseController
|
||
|
def index
|
||
|
taxonomy_scope = if @nested_obj
|
||
|
taxonomy_scope = if @nested_obj.respond_to?("#{taxonomy_single}_ids")
|
||
|
taxonomy_class.where(:id => @nested_obj.send("#{taxonomy_single}_ids"))
|
||
|
else
|
||
|
taxonomy_class
|
||
| test/controllers/api/v2/organizations_controller_test.rb | ||
|---|---|---|
|
end
|
||
|
end
|
||
|
|
||
|
test "non admin user can list orgs with (default) organization set filtered by location" do
|
||
|
org1 = FactoryBot.create(:organization)
|
||
|
loc1 = FactoryBot.create(:location)
|
||
|
loc2 = FactoryBot.create(:location)
|
||
|
org2 = FactoryBot.create(:organization, :location_ids => [ loc1.id ])
|
||
|
org3 = FactoryBot.create(:organization, :location_ids => [ loc2.id ])
|
||
|
user = FactoryBot.create(:user)
|
||
|
user.organizations = [ org1, org2 ]
|
||
|
user.locations = [ loc1, loc2 ]
|
||
|
filter = FactoryBot.create(:filter, :permissions => [ Permission.find_by_name(:view_organizations) ])
|
||
|
user.roles << filter.role
|
||
|
as_user user do
|
||
|
get :index, params: { :organization_id => org1.id, :location_ids => loc1.id }
|
||
|
assert_response :success
|
||
|
assert_includes assigns(:organizations), org1
|
||
|
assert_includes assigns(:organizations), org2
|
||
|
refute_includes assigns(:organizations), org3
|
||
|
end
|
||
|
end
|
||
|
|
||
|
test "user without view_params permission can't see organization parameters" do
|
||
|
org_with_parameter = FactoryBot.create(:organization, :with_parameter)
|
||
|
setup_user "view", "organizations"
|
||
Also available in: Unified diff
Fixes #24957 - correctly filter taxonomies in API