API: Implement /api/v1/demandes/{id}

etalab · Jan 20, 2025 · 6e70fda · 6e70fda
1 parent 5c3dbe6
commit 6e70fda
Show file tree

Hide file tree

Showing 4 changed files with 45 additions and 2 deletions.
diff --git a/app/controllers/api/v1/authorization_requests_controller.rb b/app/controllers/api/v1/authorization_requests_controller.rb
@@ -14,6 +14,18 @@ def index
     end
   end
 
+  def show
+    authorization_request = AuthorizationRequest
+      .where(type: valid_authorization_request_types)
+      .find(params[:id])
+
+    render json: authorization_request,
+      serializer: API::V1::AuthorizationRequestSerializer,
+      status: :ok
+  rescue ActiveRecord::RecordNotFound
+    render_error(404, title: 'Non trouvé', detail: 'Aucune demande n\'a été trouvé')
+  end
+
   private
 
   def valid_authorization_request_types

diff --git a/config/openapi/v1.yaml b/config/openapi/v1.yaml
@@ -391,6 +391,8 @@ paths:
               schema:
                 allOf:
                   - $ref: '#/components/schemas/Demande'
+        404:
+          $ref: '#/components/responses/NotFoundError'
     patch:
       summary: Mettre à jour une demande d'habilitation
       tags:

diff --git a/config/routes.rb b/config/routes.rb
@@ -104,7 +104,7 @@
     namespace :v1 do
       get '/me', to: 'credentials#me'
 
-      resources :authorization_requests, path: 'demandes', only: :index
+      resources :authorization_requests, path: 'demandes', only: %i[index show]
     end
   end
 

diff --git a/spec/requests/api/v1/authorization_requests_controller_spec.rb b/spec/requests/api/v1/authorization_requests_controller_spec.rb
@@ -1,5 +1,5 @@
 RSpec.describe 'API: Authorization requests', type: :request do
-  let(:user) { create(:user, :developer) }
+  let(:user) { create(:user, :developer, authorization_request_types: %w[api_entreprise]) }
   let(:application) { create(:oauth_application, owner: user) }
   let(:access_token) { create(:access_token, application:, resource_owner_id: user.id) }
 
@@ -21,4 +21,33 @@
       end
     end
   end
+
+  describe 'show' do
+    subject(:get_show) do
+      get "/api/v1/demandes/#{id}", headers: { 'Authorization' => "Bearer #{access_token.token}" }
+    end
+
+    let(:id) { authorization_request.id }
+
+    context 'with valid authorization request' do
+      let(:authorization_request) { create(:authorization_request, :api_entreprise) }
+
+      it 'responds OK with data' do
+        get_show
+
+        expect(response.status).to eq(200)
+        expect(response.parsed_body['id']).to eq(authorization_request.id)
+      end
+    end
+
+    context 'with invalid authorization request' do
+      let(:authorization_request) { create(:authorization_request, :api_particulier) }
+
+      it 'responds 404' do
+        get_show
+
+        expect(response.status).to eq(404)
+      end
+    end
+  end
 end
-Original file line number
+Diff line change
@@ Expand Up / @@ -391,6 +391,8 @@ paths: @@
                   schema:
                     allOf:
                       - $ref: '#/components/schemas/Demande'
+:
+              $ref: '#/components/responses/NotFoundError'
         patch:
           summary: Mettre à jour une demande d'habilitation
           tags:
@@ Expand Down @@