Add backend to remove pictures

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel 2020-11-20 16:35:48 +01:00
parent 03e4916ebf
commit 1cd680526a
No known key found for this signature in database
GPG key ID: A061B9DDE0CA0773
3 changed files with 144 additions and 74 deletions

View file

@ -6,6 +6,7 @@ defmodule Mobilizon.GraphQL.Resolvers.Picture do
alias Mobilizon.Actors.Actor alias Mobilizon.Actors.Actor
alias Mobilizon.{Media, Users} alias Mobilizon.{Media, Users}
alias Mobilizon.Media.Picture alias Mobilizon.Media.Picture
alias Mobilizon.Users.User
import Mobilizon.Web.Gettext import Mobilizon.Web.Gettext
@doc """ @doc """
@ -37,8 +38,8 @@ defmodule Mobilizon.GraphQL.Resolvers.Picture do
size: file.size size: file.size
}} }}
_error -> nil ->
{:error, dgettext("errors", "Picture with ID %{id} was not found", id: picture_id)} {:error, :not_found}
end end
end end
@ -46,7 +47,7 @@ defmodule Mobilizon.GraphQL.Resolvers.Picture do
def upload_picture( def upload_picture(
_parent, _parent,
%{file: %Plug.Upload{} = file} = args, %{file: %Plug.Upload{} = file} = args,
%{context: %{current_user: user}} %{context: %{current_user: %User{} = user}}
) do ) do
with %Actor{id: actor_id} <- Users.get_actor_for_user(user), with %Actor{id: actor_id} <- Users.get_actor_for_user(user),
{:ok, %{name: _name, url: url, content_type: content_type, size: size}} <- {:ok, %{name: _name, url: url, content_type: content_type, size: size}} <-
@ -75,7 +76,26 @@ defmodule Mobilizon.GraphQL.Resolvers.Picture do
end end
end end
def upload_picture(_parent, _args, _resolution) do def upload_picture(_parent, _args, _resolution), do: {:error, :unauthenticated}
{:error, dgettext("errors", "You need to login to upload a picture")}
@doc """
Remove a picture that the user owns
"""
@spec remove_picture(map(), map(), map()) ::
{:ok, Picture.t()}
| {:error, :unauthorized}
| {:error, :unauthenticated}
| {:error, :not_found}
def remove_picture(_parent, %{id: picture_id}, %{context: %{current_user: %User{} = user}}) do
with {:picture, %Picture{actor_id: actor_id} = picture} <-
{:picture, Media.get_picture(picture_id)},
{:is_owned, %Actor{} = _actor} <- User.owns_actor(user, actor_id) do
Media.delete_picture(picture)
else
{:picture, nil} -> {:error, :not_found}
{:is_owned, _} -> {:error, :unauthorized}
end
end end
def remove_picture(_parent, _args, _resolution), do: {:error, :unauthenticated}
end end

View file

@ -35,7 +35,7 @@ defmodule Mobilizon.GraphQL.Schema.PictureType do
object :picture_queries do object :picture_queries do
@desc "Get a picture" @desc "Get a picture"
field :picture, :picture do field :picture, :picture do
arg(:id, non_null(:string), description: "The picture ID") arg(:id, non_null(:id), description: "The picture ID")
resolve(&Picture.picture/3) resolve(&Picture.picture/3)
end end
end end
@ -48,5 +48,13 @@ defmodule Mobilizon.GraphQL.Schema.PictureType do
arg(:file, non_null(:upload), description: "The picture file") arg(:file, non_null(:upload), description: "The picture file")
resolve(&Picture.upload_picture/3) resolve(&Picture.upload_picture/3)
end end
@desc """
Remove a picture
"""
field :remove_picture, :deleted_object do
arg(:id, non_null(:id), description: "The picture's ID")
resolve(&Picture.remove_picture/3)
end
end end
end end

View file

@ -17,76 +17,69 @@ defmodule Mobilizon.GraphQL.Resolvers.PictureTest do
{:ok, conn: conn, user: user, actor: actor} {:ok, conn: conn, user: user, actor: actor}
end end
@picture_query """
query Picture($id: ID!) {
picture(id: $id) {
id
name,
alt,
url,
content_type,
size
}
}
"""
describe "Resolver: Get picture" do describe "Resolver: Get picture" do
test "picture/3 returns the information on a picture", context do test "picture/3 returns the information on a picture", %{conn: conn} do
%Picture{id: id} = picture = insert(:picture) %Picture{id: id} = picture = insert(:picture)
query = """
{
picture(id: "#{id}") {
name,
alt,
url,
content_type,
size
}
}
"""
res = res =
context.conn conn
|> get("/api", AbsintheHelpers.query_skeleton(query, "picture")) |> AbsintheHelpers.graphql_query(query: @picture_query, variables: %{id: id})
assert json_response(res, 200)["data"]["picture"]["name"] == picture.file.name assert res["data"]["picture"]["name"] == picture.file.name
assert json_response(res, 200)["data"]["picture"]["content_type"] == assert res["data"]["picture"]["content_type"] ==
picture.file.content_type picture.file.content_type
assert json_response(res, 200)["data"]["picture"]["size"] == 13_120 assert res["data"]["picture"]["size"] == 13_120
assert json_response(res, 200)["data"]["picture"]["url"] =~ Endpoint.url() assert res["data"]["picture"]["url"] =~ Endpoint.url()
end end
test "picture/3 returns nothing on a non-existent picture", context do test "picture/3 returns nothing on a non-existent picture", %{conn: conn} do
query = """
{
picture(id: "3") {
name,
alt,
url
}
}
"""
res = res =
context.conn conn
|> get("/api", AbsintheHelpers.query_skeleton(query, "picture")) |> AbsintheHelpers.graphql_query(query: @picture_query, variables: %{id: 3})
assert hd(json_response(res, 200)["errors"])["message"] == assert hd(res["errors"])["message"] == "Resource not found"
"Picture with ID 3 was not found" assert hd(res["errors"])["status_code"] == 404
end end
end end
describe "Resolver: Upload picture" do describe "Resolver: Upload picture" do
@upload_picture_mutation """
mutation UploadPicture($name: String!, $alt: String, $file: Upload!) {
uploadPicture(
name: $name
alt: $alt
file: $file
) {
url
name
content_type
size
}
}
"""
test "upload_picture/3 uploads a new picture", %{conn: conn, user: user} do test "upload_picture/3 uploads a new picture", %{conn: conn, user: user} do
picture = %{name: "my pic", alt: "represents something", file: "picture.png"} picture = %{name: "my pic", alt: "represents something", file: "picture.png"}
mutation = """
mutation { uploadPicture(
name: "#{picture.name}",
alt: "#{picture.alt}",
file: "#{picture.file}"
) {
url,
name,
content_type,
size
}
}
"""
map = %{ map = %{
"query" => mutation, "query" => @upload_picture_mutation,
"variables" => picture,
picture.file => %Plug.Upload{ picture.file => %Plug.Upload{
path: "test/fixtures/picture.png", path: "test/fixtures/picture.png",
filename: picture.file filename: picture.file
@ -101,30 +94,20 @@ defmodule Mobilizon.GraphQL.Resolvers.PictureTest do
"/api", "/api",
map map
) )
|> json_response(200)
assert json_response(res, 200)["data"]["uploadPicture"]["name"] == picture.name assert res["data"]["uploadPicture"]["name"] == picture.name
assert json_response(res, 200)["data"]["uploadPicture"]["content_type"] == "image/png" assert res["data"]["uploadPicture"]["content_type"] == "image/png"
assert json_response(res, 200)["data"]["uploadPicture"]["size"] == 10_097 assert res["data"]["uploadPicture"]["size"] == 10_097
assert json_response(res, 200)["data"]["uploadPicture"]["url"] assert res["data"]["uploadPicture"]["url"]
end end
test "upload_picture/3 forbids uploading if no auth", %{conn: conn} do test "upload_picture/3 forbids uploading if no auth", %{conn: conn} do
picture = %{name: "my pic", alt: "represents something", file: "picture.png"} picture = %{name: "my pic", alt: "represents something", file: "picture.png"}
mutation = """
mutation { uploadPicture(
name: "#{picture.name}",
alt: "#{picture.alt}",
file: "#{picture.file}"
) {
url,
name
}
}
"""
map = %{ map = %{
"query" => mutation, "query" => @upload_picture_mutation,
"variables" => picture,
picture.file => %Plug.Upload{ picture.file => %Plug.Upload{
path: "test/fixtures/picture.png", path: "test/fixtures/picture.png",
filename: picture.file filename: picture.file
@ -138,9 +121,68 @@ defmodule Mobilizon.GraphQL.Resolvers.PictureTest do
"/api", "/api",
map map
) )
|> json_response(200)
assert hd(json_response(res, 200)["errors"])["message"] == assert hd(res["errors"])["message"] == "You need to be logged in"
"You need to login to upload a picture" end
end
describe "Resolver: Remove picture" do
@remove_picture_mutation """
mutation RemovePicture($id: ID!) {
removePicture(id: $id) {
id
}
}
"""
test "Removes a previously uploaded picture", %{conn: conn, user: user, actor: actor} do
%Picture{id: picture_id} = insert(:picture, actor: actor)
res =
conn
|> auth_conn(user)
|> AbsintheHelpers.graphql_query(
query: @remove_picture_mutation,
variables: %{id: picture_id}
)
assert is_nil(res["errors"])
assert res["data"]["removePicture"]["id"] == to_string(picture_id)
res =
conn
|> AbsintheHelpers.graphql_query(query: @picture_query, variables: %{id: picture_id})
assert hd(res["errors"])["message"] == "Resource not found"
assert hd(res["errors"])["status_code"] == 404
end
test "Removes nothing if picture is not found", %{conn: conn, user: user} do
res =
conn
|> auth_conn(user)
|> AbsintheHelpers.graphql_query(
query: @remove_picture_mutation,
variables: %{id: 400}
)
assert hd(res["errors"])["message"] == "Resource not found"
assert hd(res["errors"])["status_code"] == 404
end
test "Removes nothing if picture if not logged-in", %{conn: conn, actor: actor} do
%Picture{id: picture_id} = insert(:picture, actor: actor)
res =
conn
|> AbsintheHelpers.graphql_query(
query: @remove_picture_mutation,
variables: %{id: picture_id}
)
assert hd(res["errors"])["message"] == "You need to be logged in"
assert hd(res["errors"])["status_code"] == 401
end end
end end
end end