API endpoint: Trust.

metacpan · Aug 20, 2014 · 6ed083b · 6ed083b
1 parent 2a9a9d6
commit 6ed083b
Show file tree

Hide file tree

Showing 5 changed files with 186 additions and 0 deletions.
diff --git a/lib/MetaCPAN/Document/Trust.pm b/lib/MetaCPAN/Document/Trust.pm
@@ -0,0 +1,33 @@
+package MetaCPAN::Document::Trust;
+
+use strict;
+use warnings;
+
+use Moose;
+use ElasticSearchX::Model::Document;
+use DateTime;
+use MetaCPAN::Types qw(:all);
+
+has id => (
+    is => 'ro',
+    id => [qw(user author)],
+);
+
+has [qw(author user)] => (
+    is       => 'ro',
+    required => 1,
+);
+
+has date => (
+    is       => 'ro',
+    required => 1,
+    isa      => 'DateTime',
+    default  => sub { DateTime->now },
+);
+
+has timestamp => (
+    is        => 'ro',
+    timestamp => { path => 'date', store => 1 },
+);
+
+__PACKAGE__->meta->make_immutable;
diff --git a/lib/MetaCPAN/Server/Controller/Trust.pm b/lib/MetaCPAN/Server/Controller/Trust.pm
@@ -0,0 +1,30 @@
+package MetaCPAN::Server::Controller::Trust;
+
+use strict;
+use warnings;
+
+use Moose;
+use Try::Tiny;
+
+BEGIN { extends 'MetaCPAN::Server::Controller' }
+
+with 'MetaCPAN::Server::Role::JSONP';
+
+sub find : Path('') : Args(2) {
+    my ( $self, $c, $user, $author ) = @_;
+    try {
+        my $trust = $self->model($c)->raw->get(
+            {
+                user   => $user,
+                author => $author,
+            }
+        );
+        $c->stash( $trust->{_source} || $trust->{fields} );
+    }
+    catch {
+        $c->detach( '/not_found', [$_] );
+    };
+}
+
+__PACKAGE__->meta->make_immutable;
+1;
diff --git a/lib/MetaCPAN/Server/Controller/User/Trust.pm b/lib/MetaCPAN/Server/Controller/User/Trust.pm
@@ -0,0 +1,25 @@
+package MetaCPAN::Server::Controller::User::Trust;
+
+use strict;
+use warnings;
+
+use Moose;
+
+BEGIN { extends 'Catalyst::Controller::REST' }
+
+with 'MetaCPAN::Server::Role::Trust';
+
+sub auto : Private {
+    my ( $self, $c ) = @_;
+    unless ( $c->user->looks_human ) {
+        $self->status_forbidden( $c,
+            message => 'please complete the turing test' );
+        return 0;
+    }
+    return 1;
+}
+
+sub index : Path : ActionClass('REST') {
+}
+
+1;
diff --git a/lib/MetaCPAN/Server/Role/Trust.pm b/lib/MetaCPAN/Server/Role/Trust.pm
@@ -0,0 +1,40 @@
+package MetaCPAN::Server::Role::Trust;
+
+use strict;
+use warnings;
+
+use Moose::Role;
+
+sub index_POST {
+    my ( $self, $c ) = @_;
+    my $req   = $c->req;
+    my $trust = $c->model('CPAN::Trust')->put(
+        {
+            author => $req->data->{author},
+            user   => $c->user->id,
+        },
+        { refresh => 1 }
+    );
+    $self->status_created(
+        $c,
+        location => $c->uri_for(
+            join( q{/}, '/trust', $trust->user, $trust->author )
+        ),
+        entity => $trust->meta->get_data($trust)
+    );
+}
+
+sub index_DELETE {
+    my ( $self, $c, $author ) = @_;
+    my $trust = $c->model('CPAN::Trust')
+        ->get( { user => $c->user->id, author => $author } );
+    if ($trust) {
+        $trust->delete( { refresh => 1 } );
+        $self->status_ok( $c, entity => $trust->meta->get_data($trust) );
+    }
+    else {
+        $self->status_not_found( $c, message => 'Entity could not be found' );
+    }
+}
+
+1;
diff --git a/t/server/controller/user/trust.t b/t/server/controller/user/trust.t
@@ -0,0 +1,58 @@
+use strict;
+use warnings;
+
+use MetaCPAN::Server::Test;
+use Test::More;
+
+test_psgi app, sub {
+    my $cb = shift;
+
+    ok( my $user = $cb->( GET '/user?access_token=testing' ), 'get user' );
+    is( $user->code, 200, 'code 200' );
+    ok( $user = decode_json( $user->content ), 'decode json' );
+
+    ok(
+        my $res = $cb->(
+            POST '/user/trust?access_token=testing',
+            Content => encode_json(
+                {
+                    author => 'OALDERS',
+                }
+            )
+        ),
+        'POST trust'
+    );
+    is( $res->code, 201, 'status created' );
+    ok( my $location = $res->header('location'), 'location header set' );
+    ok( $res = $cb->( GET $location ), 'GET $location' );
+    is( $res->code, 200, 'found' );
+    my $json = decode_json( $res->content );
+    is( $json->{user}, $user->{id}, 'user is ' . $user->{id} );
+    ok( $res = $cb->( DELETE '/user/trust/OALDERS?access_token=testing' ),
+        'DELETE /user/trust/OA/OALDERS' );
+    is( $res->code, 200, 'status ok' );
+    ok( $res = $cb->( GET '$location?access_token=testing' ),
+        'GET $location' );
+    is( $res->code, 404, 'not found' );
+
+    ok( $user = $cb->( GET '/user?access_token=bot' ), 'get bot' );
+    is( $user->code, 200, 'code 200' );
+    ok( $user = decode_json( $user->content ), 'decode json' );
+    ok( !$user->{looks_human}, 'user looks like a bot' );
+    ok(
+        $res = $cb->(
+            POST '/user/trust?access_token=bot',
+            Content => encode_json(
+                {
+                    author => 'RWSTAUNER',
+                }
+            )
+        ),
+        'POST trust'
+    );
+    ok( decode_json( $res->content ), 'decode response' );
+    is( $res->code, 403, 'forbidden' );
+
+};
+
+done_testing;