[Rt-commit] rt branch, 5.0/rest2-take-untake-steal-ticket, created. rt-5.0.0-23-ge76649fdef

Aaron Trevena ast at bestpractical.com
Fri Sep 18 12:18:18 EDT 2020


The branch, 5.0/rest2-take-untake-steal-ticket has been created
        at  e76649fdefc23d967114f1f9a95f9f944e41fedd (commit)

- Log -----------------------------------------------------------------
commit f6deb2bdbde24f90d8301ef967441614909507d4
Author: Aaron Trevena <ast at bestpractical.com>
Date:   Thu Sep 17 15:38:48 2020 +0100

    Add take/untake/steal endpoints to REST2 API
    
    New Resource class provides take/untake/steal endpoints for REST2 API
    based on REST1 API

diff --git a/lib/RT/REST2.pm b/lib/RT/REST2.pm
index 1079f95cd6..1bfceedeea 100644
--- a/lib/RT/REST2.pm
+++ b/lib/RT/REST2.pm
@@ -482,6 +482,12 @@ curl for SSL like --cacert.
     PUT /tickets/bulk
         update multiple tickets' metadata; provide JSON content(array of hashes)
 
+    PUT /ticket/:id/take
+    PUT /ticket/:id/untake
+    PUT /ticket/:id/steal
+        Take, untake or steal ownership of ticket
+
+
 =head3 Ticket Examples
 
 Below are some examples using the endpoints above.
diff --git a/lib/RT/REST2/Resource/Ownership.pm b/lib/RT/REST2/Resource/Ownership.pm
new file mode 100644
index 0000000000..edb87331a8
--- /dev/null
+++ b/lib/RT/REST2/Resource/Ownership.pm
@@ -0,0 +1,131 @@
+# BEGIN BPS TAGGED BLOCK {{{
+#
+# COPYRIGHT:
+#
+# This software is Copyright (c) 1996-2020 Best Practical Solutions, LLC
+#                                          <sales at bestpractical.com>
+#
+# (Except where explicitly superseded by other copyright notices)
+#
+#
+# LICENSE:
+#
+# This work is made available to you under the terms of Version 2 of
+# the GNU General Public License. A copy of that license should have
+# been provided with this software, but in any event can be snarfed
+# from www.gnu.org.
+#
+# This work is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+# 02110-1301 or visit their web page on the internet at
+# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html.
+#
+#
+# CONTRIBUTION SUBMISSION POLICY:
+#
+# (The following paragraph is not intended to limit the rights granted
+# to you to modify and distribute this software under the terms of
+# the GNU General Public License and is only of importance to you if
+# you choose to contribute your changes and enhancements to the
+# community by submitting them to Best Practical Solutions, LLC.)
+#
+# By intentionally submitting any modifications, corrections or
+# derivatives to this work, or any other work intended for use with
+# Request Tracker, to Best Practical Solutions, LLC, you confirm that
+# you are the copyright holder for those contributions and you grant
+# Best Practical Solutions,  LLC a nonexclusive, worldwide, irrevocable,
+# royalty-free, perpetual, license to use, copy, create derivative
+# works based on those contributions, and sublicense and distribute
+# those contributions and any derivatives thereof.
+#
+# END BPS TAGGED BLOCK }}}
+
+package RT::REST2::Resource::Ownership;
+use strict;
+use warnings;
+
+use Moose;
+use namespace::autoclean;
+use MIME::Base64;
+
+extends 'RT::REST2::Resource';
+use RT::REST2::Util qw( error_as_json );
+
+sub dispatch_rules {
+    Path::Dispatcher::Rule::Regex->new(
+        regex => qr{^/ticket/(\d+)/(take|untake|steal)$},
+        block => sub {
+            my ($match, $req) = @_;
+            my $ticket = RT::Ticket->new($req->env->{"rt.current_user"});
+            $ticket->Load($match->pos(1));
+            return { record => $ticket, type => $match->pos(2) },
+        },
+    );
+}
+
+has record => (
+    is       => 'ro',
+    isa      => 'RT::Record',
+    required => 1,
+);
+
+has type => (
+    is       => 'ro',
+    isa      => 'Str',
+    required => 1,
+);
+
+sub post_is_create            { 1 }
+sub create_path_after_handler { 1 }
+sub allowed_methods           { ['PUT'] }
+sub charsets_provided         { [ 'utf-8' ] }
+sub default_charset           { 'utf-8' }
+sub content_types_provided    { [ { 'application/json' => sub {} } ] }
+
+# Web::Machine uses 'application/octet-stream' as default content-type if
+# none provided. We accept empty POST so may receive empty content-type.
+sub content_types_accepted    { [
+    { 'application/octet-stream' => 'change_ownership' },
+    { 'text/plain' => 'change_ownership' },
+    { 'text/html' => 'change_ownership' },
+    { 'application/x-www-form-urlencoded' => 'change_ownership' },
+    { 'multipart/form-data' => 'change_ownership' },
+    { 'application/json' => 'change_ownership' }
+] }
+
+sub change_ownership {
+    my ($self, $args) = @_;
+
+    my $user = $self->record->CurrentUser;
+
+    my $ticket = $self->record;
+    my $action = ucfirst($self->type);
+    my ($status, $msg) = $ticket->$action();
+
+    unless ($status) {
+        return error_as_json(
+            $self->response,
+            \400,  $msg);
+    }
+
+    $self->response->body(JSON::to_json([$msg], { pretty => 1 }));
+
+    return 1;
+}
+
+sub create_path {
+    my $self = shift;
+    my $id = $self->record->Id;
+    return "/ticket/$id";
+}
+
+__PACKAGE__->meta->make_immutable;
+
+1;
+

commit e76649fdefc23d967114f1f9a95f9f944e41fedd
Author: Aaron Trevena <ast at bestpractical.com>
Date:   Fri Sep 18 16:39:43 2020 +0100

    Add tests for new REST2 take/untake/steal endpoints

diff --git a/t/rest2/tickets.t b/t/rest2/tickets.t
index 837efd2992..6b71222208 100644
--- a/t/rest2/tickets.t
+++ b/t/rest2/tickets.t
@@ -2,6 +2,7 @@ use strict;
 use warnings;
 use RT::Test::REST2 tests => undef;
 use Test::Deep;
+use Test::Warn;
 
 # Test using integer priorities
 RT->Config->Set(EnablePriorityAsString => 0);
@@ -469,6 +470,80 @@ my ($ticket_url, $ticket_id);
     is($content->{ContentType}, 'text/html');
 }
 
+
+# Steal, untake, take Ticket
+{
+    my $ticket_base_url = "$ticket_url/";
+
+    my $queue = RT::Test->load_or_create_queue(Name => 'TestOwnershipQueue');
+
+    my $other_user = RT::Test->load_or_create_user(
+        Name            => 'A N Other',
+        EmailAddress    => 'user_another at example.com',
+        Password        => 'password',
+    );
+    ok $other_user && $other_user->id, 'loaded or created user';
+
+    ok( RT::Test->add_rights(
+        { Principal => $other_user, Right => [qw(OwnTicket SeeQueue ShowTicket)] },
+        { Principal => $user,  Right => [qw(OwnTicket SeeQueue ShowTicket TakeTicket StealTicket) ] },
+    ), 'set rights');
+
+    my $ticket = RT::Test->create_ticket(Queue => $queue->Id,
+                                                 Subject => 'Test ownership',
+                                                 Content => 'Test test test',
+                                                 Requestor => $user->EmailAddress
+                                             );
+
+
+    # try to take a non-existant ticket
+    warning_like {
+        my $res = $mech->put_json("$rest_base_path/ticket/987654321/take",
+                                  { } , 'Authorization' => $auth );
+        like($res->code, qr/4\d\d/, 'attempt to take non-existant ticket gives 4xx error');
+    } qr/HasRight called with no valid object/;
+
+    # take Ticket
+    my $ticket_id = $ticket->Id;
+    my $res = $mech->put("$rest_base_path/ticket/$ticket_id/take",
+                         'Authorization' => $auth );
+    is($res->code, 200, 'request to take ticket gives 200 success');
+    is($mech->json_response->[0], 'Owner changed from Nobody to test', 'changed owner when taken') or diag $mech->json_response->[0];
+
+    # change ownership of ticket
+    $ticket->SetOwner($other_user);
+
+    # try to take from another user, check error
+    $res = $mech->put("$rest_base_path/ticket/$ticket_id/take",
+                      'Authorization' => $auth );
+    like($res->code, qr/4\d\d/, 'attempt to take ticket from another user gives 4xx error ' . $res->code);
+    is($mech->json_response->{message}, 'You can only take tickets that are unowned');
+
+    # Steal from other owner
+    $res = $mech->put("$rest_base_path/ticket/$ticket_id/steal",
+                      'Authorization' => $auth );
+    is($res->code, 200, 'request to take ticket gives 200 success');
+    is($mech->json_response->[0], 'Owner changed from A N Other to test', 'changed owner when taken') or diag $mech->json_response->[0];
+
+
+    # untake Ticket
+    RT::Test->add_rights({ Principal => $user,  Right => ['ModifyTicket'] });
+    $res = $mech->put("$rest_base_path/ticket/$ticket_id/untake",
+                         'Authorization' => $auth );
+    is($res->code, 200, 'request to untake ticket gives 200 success');
+    is($mech->json_response->[0], 'Owner changed from test to Nobody', 'changed owner when untaken')  or diag $mech->json_response->[0];
+
+    # try to untake Ticket, check error
+    $res = $mech->put("$rest_base_path/ticket/$ticket_id/untake",
+                      'Authorization' => $auth );
+    like($res->code, qr/4\d\d/, 'attempt to untake ticket again gives 4xx error ' . $res->code);
+    is($mech->json_response->{message}, 'That user already owns that ticket');
+
+    $ticket->Delete;
+}
+
+
+
 # Ticket Sorted Search
 {
     my $ticket2 = RT::Ticket->new($RT::SystemUser);

-----------------------------------------------------------------------


More information about the rt-commit mailing list