Leatherface/mastodon
1
0
Fork 0
mirror of https://github.com/glitch-soc/mastodon.git synced 2025-12-13 07:49:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

First draft API to delete collections (#37117)

Browse Source
This commit is contained in:
David Roetzel
2025-12-04 14:47:23 +01:00
committed by GitHub
parent 5a7a4fff11
commit 9921fa1af7
3 changed files with 45 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
app/controllers/api/v1_alpha/collections_controller.rb
View File

@@ -13,11 +13,12 @@ class Api::V1Alpha::CollectionsController < Api::BaseController
before_action :require_user!, only: [:create] before_action :require_user!, only: [:create]
before_action :set_collection, only: [:show, :update, :destroy]
after_action :verify_authorized after_action :verify_authorized
def show def show
cache_if_unauthenticated! cache_if_unauthenticated!
@collection = Collection.find(params[:id])
authorize @collection, :show? authorize @collection, :show?
render json: @collection, serializer: REST::CollectionSerializer render json: @collection, serializer: REST::CollectionSerializer
@@ -32,7 +33,6 @@ class Api::V1Alpha::CollectionsController < Api::BaseController
end end
def update def update
@collection = Collection.find(params[:id])
authorize @collection, :update? authorize @collection, :update?
@collection.update!(collection_update_params) # TODO: Create a service for this to federate changes @collection.update!(collection_update_params) # TODO: Create a service for this to federate changes
@@ -40,8 +40,20 @@ class Api::V1Alpha::CollectionsController < Api::BaseController
render json: @collection, serializer: REST::CollectionSerializer render json: @collection, serializer: REST::CollectionSerializer
end end
def destroy
authorize @collection, :destroy?
@collection.destroy
head 200
end
private private
def set_collection
@collection = Collection.find(params[:id])
end
def collection_creation_params def collection_creation_params
params.permit(:name, :description, :sensitive, :discoverable, :tag_name, account_ids: []) params.permit(:name, :description, :sensitive, :discoverable, :tag_name, account_ids: [])
end end

2
config/routes/api.rb
View File

@@ -8,7 +8,7 @@ namespace :api, format: false do
namespace :v1_alpha do namespace :v1_alpha do
resources :async_refreshes, only: :show resources :async_refreshes, only: :show
resources :collections, only: [:show, :create, :update] resources :collections, only: [:show, :create, :update, :destroy]
end end
# JSON / REST API # JSON / REST API

30
spec/requests/api/v1_alpha/collections_spec.rb
View File

@@ -164,4 +164,34 @@ RSpec.describe 'Api::V1Alpha::Collections', feature: :collections do
end end
end end
end end
describe 'DELETE /api/v1_alpha/collections/:id' do
subject do
delete "/api/v1_alpha/collections/#{collection.id}", headers: headers
end
let(:collection) { Fabricate(:collection) }
it_behaves_like 'forbidden for wrong scope', 'read:collections'
context 'when user is not owner' do
it 'returns http forbidden' do
subject
expect(response).to have_http_status(403)
end
end
context 'when user is the owner' do
let(:collection) { Fabricate(:collection, account: user.account) }
it 'deletes the collection and returns http success' do
collection
expect { subject }.to change(Collection, :count).by(-1)
expect(response).to have_http_status(200)
end
end
end
end end