Refs #6135; ExportsController#upload endpoint

With token-based authentication

5 files changed, 33 insertions, 7 deletions

diff --git a/app/controllers/exports_controller.rb b/app/controllers/exports_controller.rb
index 7ea57341a..36d752347 100644
--- a/app/controllers/exports_controller.rb
+++ b/app/controllers/exports_controller.rb
@@ -2,9 +2,19 @@ class ExportsController < ChouetteController
   include PolicyChecker
   include RansackDateFilter
   include IevInterfaces
-  # skip_before_action :authenticate_user!, only: [:upload]
+  skip_before_action :authenticate_user!, only: [:upload]
   defaults resource_class: Export::Base, collection_name: 'exports', instance_name: 'export'
 
+  def upload
+    if params[:token] == resource.token_upload
+      resource.file = params[:file]
+      resource.save!
+      redirect_to [resource.workbench, resource]
+    else
+      user_not_authorized
+    end
+  end
+
   private
 
   def index_model
diff --git a/spec/controllers/exports_controller_spec.rb b/spec/controllers/exports_controller_spec.rb
index a070cfb1f..dbc8b3f35 100644
--- a/spec/controllers/exports_controller_spec.rb
+++ b/spec/controllers/exports_controller_spec.rb
@@ -2,7 +2,7 @@ RSpec.describe ExportsController, :type => :controller do
   login_user
 
   let(:workbench) { create :workbench }
-  let(:export)    { create :export, workbench: workbench }
+  let(:export)    { create(:netex_export, workbench: workbench) }
 
   describe 'GET #new' do
     it 'should be successful if authorized' do
@@ -76,4 +76,20 @@ RSpec.describe ExportsController, :type => :controller do
       end
     end
   end
+
+  describe 'POST #upload' do
+    context "with the token" do
+      it 'should be successful' do
+        post :upload, workbench_id: workbench.id, id: export.id, token: export.token_upload
+        expect(response).to be_redirect
+      end
+    end
+
+    context "without the token" do
+      it 'should be unsuccessful' do
+        post :upload, workbench_id: workbench.id, id: export.id, token: "foo"
+        expect(response).to_not be_success
+      end
+    end
+  end
 end
diff --git a/spec/factories/exports/exports.rb b/spec/factories/exports/exports.rb
index 66afe7652..c8aaf30a9 100644
--- a/spec/factories/exports/exports.rb
+++ b/spec/factories/exports/exports.rb
@@ -5,7 +5,6 @@ FactoryGirl.define do
     current_step_progress 1.5
     association :workbench
     association :referential
-    file {File.open(File.join(Rails.root, 'spec', 'fixtures', 'OFFRE_TRANSDEV_2017030112251.zip'))}
     status :new
     started_at nil
     ended_at nil
diff --git a/spec/factories/exports/netex_exports.rb b/spec/factories/exports/netex_exports.rb
index 288bba314..0648bbc56 100644
--- a/spec/factories/exports/netex_exports.rb
+++ b/spec/factories/exports/netex_exports.rb
@@ -1,7 +1,7 @@
 FactoryGirl.define do
   factory :netex_export, class: Export::Netex, parent: :export do
-    file { File.open(Rails.root.join('spec', 'fixtures', 'OFFRE_TRANSDEV_2017030112251.zip')) }
-    association :parent, factory: :workbench_export
-
+    association :parent, factory: :workgroup_export
+    export_type :line
+    duration 90
   end
 end
diff --git a/spec/factories/exports/workgroup_exports.rb b/spec/factories/exports/workgroup_exports.rb
index 4b1ef45ab..f5dfb6b94 100644
--- a/spec/factories/exports/workgroup_exports.rb
+++ b/spec/factories/exports/workgroup_exports.rb
@@ -1,4 +1,5 @@
 FactoryGirl.define do
-  factory :workbench_export, class: Export::Workgroup, parent: :export do
+  factory :workgroup_export, class: Export::Workgroup, parent: :export do
+    duration 90
   end
 end