Added example Swagger YARD doc to User controller.

2014-12-18 15:59:45 +01:00 · 2014-12-18 15:59:45 +01:00 · 565058f1b1
commit 565058f1b1
parent ba02cb90dc
1 changed files with 69 additions and 126 deletions
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@ -3,63 +3,15 @@
 class UsersController < ApplicationController
  before_filter :authentication_check, :except => [:create, :password_reset_send, :password_reset_verify]
-=begin
+  # @path       [GET] /users
-
+  #
-Format:
+  # @summary          Returns a list of Users.
-JSON
+  # @notes            Requester has to be in role 'Admin' or 'Agent' to
-
+  #                   get a list of all Users. If requester is only in the
-Example:
+  #                   role 'Customer' he gets only his own Users entity.
-{
+  #
-  "id":2,
+  # @response_message 200 [Array<User>] List of matching User records.
-  "organization_id":null,
+  # @response_message 401               Invalid session.
  "login":"m@edenhofer.de",
  "firstname":"Marti",
  "lastname":"Ede",
  "email":"m@edenhofer.de",
  "image_source":"http://www.gravatar.com/avatar/1c38b099f2344976005de69965733465?s=48",
  "web":"http://127.0.0.1",
  "password":"123",
  "phone":"112",
  "fax":"211",
  "mobile":"",
  "street":"",
  "zip":"",
  "city":"",
  "country":null,
  "verified":false,
  "active":true,
  "note":"some note",
  "source":null,
  "role_ids":[1,2],
  "group_ids":[1,2,3,4],
 }
 =end
 =begin
 Resource:
 GET /api/v1/users.json
 Response:
 [
  {
    "id": 1,
    "login": "some_login1",
    ...
  },
  {
    "id": 2,
    "login": "some_login2",
    ...
  }
 ]
 Test:
 curl http://localhost/api/v1/users.json -v -u #{login}:#{password}
 =end
  def index
    # only allow customer to fetch him self
@ -75,23 +27,18 @@ curl http://localhost/api/v1/users.json -v -u #{login}:#{password}
    render :json => users_all, :status => :ok
  end
-=begin
+  # @path       [GET] /users/{id}
-
+  #
-Resource:
+  # @summary          Returns the User with the requested identifier.
-GET /api/v1/users/1.json
+  # @notes            Requester has to be in role 'Admin' or 'Agent' to
-
+  #                   get a list of all Users. If requester is only in the
-Response:
+  #                   role 'Customer' he gets only his own Users entity.
-{
+  #
-  "id": 1,
+  # @parameter        id(required) [Integer] The identifier matching the requested User.
-  "login": "some_login1",
+  # @parameter        full         [Bool]    If set a Asset structure with all connected Assets gets returned.
-  ...
+  #
-},
+  # @response_message 200 [User] User record matching the requested identifier.
-
+  # @response_message 401        Invalid session.
 Test:
 curl http://localhost/api/v1/users/#{id}.json -v -u #{login}:#{password}
 =end
  def show
    # access deny
@ -107,31 +54,15 @@ curl http://localhost/api/v1/users/#{id}.json -v -u #{login}:#{password}
    render :json => user
  end
-=begin
+  # @path      [POST] /users
-
+  #
-Resource:
+  # @summary          Creates a User with the provided attribute values.
-POST /api/v1/users.json
+  # @notes            TODO.
-
+  #
-Payload:
+  # @parameter        User(required,body) [User] The attribute value structure needed to create a User.
-{
+  #
-  "login": "some_login",
+  # @response_message 200 [User] Created User record.
-  "firstname": "some firstname",
+  # @response_message 401        Invalid session.
  "lastname": "some lastname",
  "email": "some@example.com"
 }
 Response:
 {
  "id": 1,
  "login": "some_login",
  ...
 },
 Test:
 curl http://localhost/api/v1/users.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"login": "some_login","firstname": "some firstname","lastname": "some lastname","email": "some@example.com"}'
 =end
  def create
    user = User.new( User.param_cleanup(params) )
@ -250,31 +181,16 @@ curl http://localhost/api/v1/users.json -v -u #{login}:#{password} -H "Content-T
    end
  end
-=begin
+  # @path       [PUT] /users/{id}
-
+  #
-Resource:
+  # @summary          Updates the User matching the identifier with the provided attribute values.
-PUT /api/v1/users/#{id}.json
+  # @notes            TODO.
-
+  #
-Payload:
+  # @parameter        id(required)        [Integer] The identifier matching the requested User.
-{
+  # @parameter        User(required,body) [User] The attribute value structure needed to update a User.
-  "login": "some_login",
+  #
-  "firstname": "some firstname",
+  # @response_message 200 [User] Updated User record.
-  "lastname": "some lastname",
+  # @response_message 401        Invalid session.
  "email": "some@example.com"
 }
 Response:
 {
  "id": 2,
  "login": "some_login",
  ...
 },
 Test:
 curl http://localhost/api/v1/users/2.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X PUT -d '{"login": "some_login","firstname": "some firstname","lastname": "some lastname","email": "some@example.com"}'
 =end
  def update
    # access deny
@ -309,13 +225,40 @@ curl http://localhost/api/v1/users/2.json -v -u #{login}:#{password} -H "Content
    end
  end
-  # DELETE /api/v1/users/1
+  # @path    [DELETE] /users/{id}
  #
  # @summary          Deletes the User matching the identifier.
  # @notes            Requester has to be in role 'Admin' to be able to delete a User.
  #
  # @parameter        id(required) [User] The identifier matching the requested User.
  #
  # @response_message 200 User successfully deleted.
  # @response_message 401 Invalid session.
  def destroy
    return if deny_if_not_role('Admin')
    model_destory_render(User, params)
  end
-  # GET /api/v1/users/search
+  # @path       [GET] /users/search
  #
  # @tag Search
  # @tag User
  #
  # @summary          Searches the User matching the given expression(s).
  # @notes            TODO: It's possible to use the SOLR search syntax.
  #                   Requester has to be in role 'Admin' or 'Agent' to
  #                   be able to search Users. If requester is only in the
  #                   role 'Customer' he gets a permission denied message.
  #
  # @parameter        term     [String]               The search term.
  # @parameter        limit    [Integer]              The limit of search results.
  # @parameter        role_ids(multi) [Array<String>] A list of Role identifiers to which the Users have to be allocated to.
  # @parameter        full     [Boolean]              Defines if the result should be
  #                                                   true: { user_ids => [1,2,...], assets => {...} }
  #                                                   or false: [{:id => user.id, :label => "firstname lastname <email>", :value => "firstname lastname <email>"},...].
  #
  # @response_message 200 [Array<User>] Matching Users.
  # @response_message 401               Invalid session.
  def search
    if is_role('Customer') && !is_role('Admin') && !is_role('Agent')