Fixed test cases for account requests, assignment controller, bookmar…

…ks controller and roles controller.

app/controllers/api/v1/account_requests_controller.rb

@@ -81,7 +81,11 @@ def account_request_params
 
   # Create a new user if account request is approved
   def create_approved_user
-    @new_user = User.new(name: @account_request.username, role_id: @account_request.role_id, institution_id: @account_request.institution_id, fullname: @account_request.full_name, email: @account_request.email, password: 'password')
+    if User.exists?(email: @account_request.email)
+      render json: { error: 'A user with this email already exists. Cannot approve the account request.' }, status: :unprocessable_entity
+      return
+    end
+    @new_user = User.new(name: @account_request.username, role_id: @account_request.role_id, institution_id: @account_request.institution_id, full_name: @account_request.full_name, email: @account_request.email, password: 'password')
     if @new_user.save
       render json: { success: 'Account Request Approved and User successfully created.', user: @new_user}, status: :ok
     else

app/controllers/api/v1/assignments_controller.rb

@@ -1,4 +1,5 @@
 class Api::V1::AssignmentsController < ApplicationController
+  rescue_from ActiveRecord::RecordNotFound, with: :not_found
 
   # GET /api/v1/assignments
   def index
@@ -32,6 +33,10 @@ def update
     end
   end
 
+  def not_found
+    render json: { error: "Assignment not found" }, status: :not_found
+  end
+
   # DELETE /api/v1/assignments/:id
   def destroy
     assignment = Assignment.find_by(id: params[:id])

app/controllers/api/v1/bookmarks_controller.rb

@@ -1,5 +1,9 @@
 class Api::V1::BookmarksController < ApplicationController
-
+  rescue_from ActiveRecord::RecordNotFound, with: :not_found
+
+  def action_allowed?
+    has_privileges_of?('Student')
+  end
   # Index method returns the list of JSON objects of the bookmark
   # GET on /bookmarks
   def index
@@ -43,6 +47,11 @@ def update
     end
   end
 
+  # Handle the case when an invalid bookmark id is being passed
+  def not_found
+    render json: { error: "Couldn't find Bookmark" }, status: :not_found
+  end
+
   # Destroy method deletes the bookmark object with id- {:id}
   # DELETE on /bookmarks/:id
   def destroy

app/controllers/api/v1/roles_controller.rb

@@ -2,6 +2,10 @@ class Api::V1::RolesController < ApplicationController
   # rescue_from ActiveRecord::RecordNotFound, with: :role_not_found
   rescue_from ActionController::ParameterMissing, with: :parameter_missing
 
+  def action_allowed?
+    has_privileges_of?('Administrator')
+  end
+
   # GET /roles
   def index
     roles = Role.order(:id)

app/controllers/api/v1/student_tasks_controller.rb

@@ -1,6 +1,9 @@
 class Api::V1::StudentTasksController < ApplicationController
 
   # List retrieves all student tasks associated with the current logged-in user.
+  def action_allowed?
+    has_privileges_of?('Student')
+  end
   def list
     # Retrieves all tasks that belong to the current user.
     @student_tasks = StudentTask.from_user(current_user)

spec/factories/courses.rb

@@ -2,7 +2,7 @@
   factory :course do
     sequence(:name) { |n| "Course #{n}" }
     sequence(:directory_path) { |n| "course_#{n}" }
-    association :instructor, factory: [:user, :instructor]
+    association :instructor, factory: [:role, :instructor]
     association :institution
   end
 end

spec/factories/roles.rb

@@ -3,6 +3,8 @@
   factory :role do
     sequence(:name) { |n| "Role #{n}" }
 
+    initialize_with { Role.find_or_create_by(id: id) }
+
     trait :student do
       id { Role::STUDENT }
       name { 'Student' }
@@ -27,6 +29,17 @@
       id { Role::SUPER_ADMINISTRATOR }
       name { 'Super Administrator' }
     end
+
+    # Add a trait to create roles with a parent
+    trait :with_parent do
+      transient do
+        parent { nil }
+      end
+
+      after(:create) do |role, evaluator|
+        role.update(parent_id: evaluator.parent.id) if evaluator.parent
+      end
+    end
   end
 end
 

spec/requests/api/v1/account_requests_spec.rb

@@ -1,6 +1,31 @@
 require 'swagger_helper'
+require 'json_web_token'
 
 RSpec.describe 'Account Requests API', type: :request do
+  before(:all) do
+    # Create roles in hierarchy using the factory
+    @super_admin = FactoryBot.create(:role, :super_administrator)
+    @admin = FactoryBot.create(:role, :administrator, :with_parent, parent: @super_admin)
+    @instructor = FactoryBot.create(:role, :instructor, :with_parent, parent: @admin)
+    @ta = FactoryBot.create(:role, :ta, :with_parent, parent: @instructor)
+    @student = FactoryBot.create(:role, :student, :with_parent, parent: @ta)
+  end
+
+  let(:prof) {
+    User.create(
+      name: "profa",
+      password_digest: "password",
+      role_id: @instructor.id,
+      full_name: "Prof A",
+      email: "[email protected]",
+      mru_directory_path: "/home/testuser",
+      )
+  }
+
+  let(:token) { JsonWebToken.encode({ id: prof.id }) }
+  let(:Authorization) { "Bearer #{token}" }
+  let(:institution) { Institution.create(name: "NC State") }
+
   path '/api/v1/account_requests/pending' do
     # List all Pending Account Requests
     get('List all Pending Account Requests') do
@@ -58,11 +83,9 @@
 
       # Attempt to Create an Account Request with valid parameters
       response(201, 'Attempt to Create an Account Request with valid parameters') do
-        let(:role) { Role.create(name: 'Student') }
-        let(:institution) { Institution.create(name: 'North Carolina State University') }
         let(:account_request) do
           { username: 'useracc', full_name: 'User Account 1', email: '[email protected]', introduction: 'User 1 Intro',
-            role_id: role.id, institution_id: institution.id }
+            role_id: @student.id, institution_id: institution.id }
         end
 
         after do |example|
@@ -77,9 +100,7 @@
 
       # Attempt to Create an Account Request with missing parameters
       response(422, 'Attempt to Create an Account Request with missing parameters') do
-        let(:role) { Role.create(name: 'Student') }
-        let(:institution) { Institution.create(name: 'North Carolina State University') }
-        let(:account_request) { { introduction: 'User 1 Intro', role_id: role.id, institution_id: institution.id } }
+        let(:account_request) { { introduction: 'User 1 Intro', role_id: @student.id, institution_id: institution.id } }
 
         after do |example|
           example.metadata[:response][:content] = {
@@ -110,15 +131,13 @@
 
       # Attempt to Create an Account Request whose username already exists in Users table
       response(422, 'Attempt to Create an Account Request whose username already exists in Users table') do
-        let(:role) { Role.create(name: 'Student') }
-        let(:institution) { Institution.create(name: 'North Carolina State University') }
         let(:user) do
-          User.create(name: 'useracc', fullname: 'User One', email: '[email protected]', role_id: role.id,
+          User.create(name: 'useracc', full_name: 'User One', email: '[email protected]', role_id: @student.id,
                       password: 'password')
         end
         let(:account_request) do
           { username: user.name, full_name: 'User Account 1', email: '[email protected]', introduction: 'User 1 Intro',
-            role_id: role.id, institution_id: institution.id }
+            role_id: @student.id, institution_id: institution.id }
         end
 
         after do |example|
@@ -133,14 +152,12 @@
 
       # Create an Account Request whose email already exists in Users table
       response(201, 'Create an Account Request whose email already exists in Users table') do
-        let(:role) { Role.create(name: 'Student') }
-        let(:institution) { Institution.create(name: 'North Carolina State University') }
         let(:user) do
-          User.create(name: 'userone', fullname: 'User One', email: '[email protected]', role_id: role.id,
+          User.create(name: 'userone', full_name: 'User One', email: '[email protected]', role_id: @student.id,
                       password: 'password')
         end
         let(:account_request) do
-          { username: 'useracc', full_name: 'User Account 1', email: user.email, introduction: 'User 1 Intro', role_id: role.id,
+          { username: 'useracc', full_name: 'User Account 1', email: user.email, introduction: 'User 1 Intro', role_id: @student.id,
             institution_id: institution.id }
         end
 
@@ -157,12 +174,10 @@
 
     path '/api/v1/account_requests/{id}' do
       parameter name: 'id', in: :path, type: :integer, description: 'id of the Account Request'
-
-      let(:role) { Role.create(name: 'Student') }
-      let(:institution) { Institution.create(name: 'North Carolina State University') }
+
       let(:account_request) do
         AccountRequest.create(username: 'useracc', full_name: 'User Account 1', email: '[email protected]',
-                              introduction: 'User 1 Intro', role_id: role.id, institution_id: institution.id)
+                              introduction: 'User 1 Intro', role_id: @student.id, institution_id: institution.id)
       end
       let(:id) { account_request.id }
 
@@ -212,7 +227,7 @@
         # Attempt to Approve account request but user with same name already exists
         response(422, 'Attempt to Approve account request but user with same name already exists') do
           let(:user) do
-            User.create(name: 'user', fullname: 'User One', email: '[email protected]', role_id: role.id,
+            User.create(name: 'user', full_name: 'User One', email: '[email protected]', role_id: @student.id,
                         password: 'password')
           end
 
@@ -231,28 +246,6 @@
           run_test!
         end
 
-        # Attempt to Approve account request but user with same email already exists
-        response(422, 'Attempt to Approve account request but user with same email already exists') do
-          let(:user) do
-            User.create(name: 'user', fullname: 'User One', email: '[email protected]', role_id: role.id,
-                        password: 'password')
-          end
-
-          before do
-            account_request.status = 'Approved'
-            account_request.username = user.email
-          end
-
-          after do |example|
-            example.metadata[:response][:content] = {
-              'application/json' => {
-                example: JSON.parse(response.body, symbolize_names: true)
-              }
-            }
-          end
-          run_test!
-        end
-
         # Reject account request
         response(200, 'Reject account request') do
           before do
@@ -316,7 +309,7 @@
         # Attempt to Approve account request but user with same username already exists
         response(422, 'Attempt to Approve account request but user with same username already exists') do
           let(:user) do
-            User.create(name: 'user', fullname: 'User One', email: '[email protected]', role_id: role.id,
+            User.create(name: 'user', full_name: 'User One', email: '[email protected]', role_id: @student.id,
                         password: 'password')
           end
 
@@ -335,10 +328,10 @@
           run_test!
         end
 
-        # Approve account request but user with same email already exists
-        response(200, 'Approve account request but user with same email already exists') do
+        # Reject account request if user with same email already exists
+        response(422, 'Attempt to Approve account request but user with same email already exists') do
           let(:user) do
-            User.create(name: 'user', fullname: 'User One', email: '[email protected]', role_id: role.id,
+            User.create(name: 'user', full_name: 'User One', email: '[email protected]', role_id: @student.id,
                         password: 'password')
           end