11 files changed, 60 insertions, 42 deletions

diff --git a/app/controllers/api/v1/chouette_controller.rb b/app/controllers/api/v1/chouette_controller.rb
index 1264e3484..98f15414b 100644
--- a/app/controllers/api/v1/chouette_controller.rb
+++ b/app/controllers/api/v1/chouette_controller.rb
@@ -1,18 +1,20 @@
 module Api
   module V1
     class ChouetteController < ActionController::Base
+      inherit_resources
       respond_to :json, :xml
       layout false
       before_filter :authenticate
 
-      def referential
-        @referential ||= @api_key.referential
-      end
+      belongs_to :referential
+
 private
+      alias_method :referential, :parent
+
       def authenticate
         authenticate_or_request_with_http_token do |token, options|
-          @api_key = ApiKey.new(token)
-          switch_referential if @api_key.exists?
+          @api_key = referential.api_keys.find_by_token(token)
+          switch_referential if @api_key
         end
       end
       def switch_referential
diff --git a/app/controllers/api/v1/lines_controller.rb b/app/controllers/api/v1/lines_controller.rb
index 1df8a6618..9e58ea46b 100644
--- a/app/controllers/api/v1/lines_controller.rb
+++ b/app/controllers/api/v1/lines_controller.rb
@@ -1,7 +1,6 @@
 module Api
   module V1
     class LinesController < ChouetteController
-      inherit_resources
 
       defaults :resource_class => Chouette::Line, :finder => :find_by_objectid!
       
diff --git a/app/controllers/api/v1/networks_controller.rb b/app/controllers/api/v1/networks_controller.rb
index 0b014e27b..c69c46433 100644
--- a/app/controllers/api/v1/networks_controller.rb
+++ b/app/controllers/api/v1/networks_controller.rb
@@ -4,9 +4,13 @@ module Api
       inherit_resources
 
       defaults :resource_class => Chouette::Network, :finder => :find_by_objectid!
+      belongs_to :referential, :parent_class => ::Referential
       
   protected
 
+      def parent
+        @referential ||= Referential.find(params[:referential_id])
+      end
       def collection
         @networks ||= referential.networks.search(params[:q]).result(:distinct => true)
       end 
diff --git a/app/models/api/v1/api_key.rb b/app/models/api/v1/api_key.rb
index af029e5f7..0b045e58f 100644
--- a/app/models/api/v1/api_key.rb
+++ b/app/models/api/v1/api_key.rb
@@ -1,28 +1,20 @@
 module Api
   module V1
-    class ApiKey
-      def initialize(token)
-        @organisation_id, @referential_id = token.split('-')
-      end
-      def self.create( organisation, referential)
-        ApiKey.new( "#{organisation.id}-#{referential.id}")
-      end
-      def token
-        "#{@organisation_id}-#{@referential_id}"
-      end
-      def exists?
-        organisation && referential
-      end
-      def referential_slug
-        referential.slug
-      end
-      def referential
-        @referential ||= organisation.referentials.find_by_id @referential_id
-      end 
+    class ApiKey < ::ActiveRecord::Base
+      before_create :generate_access_token
+      belongs_to :referential, :class_name => '::Referential'
+
       def eql?(other)
-        other.token == self.token
+        other.token == self.token && other.referential_id == self.referential_id
       end
+
     private
+      def generate_access_token
+        begin
+          self.token = SecureRandom.hex
+          puts "self.token=#{self.token}"
+        end while self.class.exists?(:token => self.token)
+      end
       def organisation
         @organisation ||= Organisation.find_by_id @organisation_id
       end 
diff --git a/app/models/referential.rb b/app/models/referential.rb
index 70035a32b..2e49e844b 100644
--- a/app/models/referential.rb
+++ b/app/models/referential.rb
@@ -20,6 +20,7 @@ class Referential < ActiveRecord::Base
 
   has_many :imports, :dependent => :destroy
   has_many :exports, :dependent => :destroy
+  has_many :api_keys, :class_name => 'Api::V1::ApiKey', :dependent => :destroy
   
   belongs_to :organisation
   validates_presence_of :organisation
diff --git a/config/routes.rb b/config/routes.rb
index c4238a8a0..4a78e20a1 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -7,22 +7,24 @@ ChouetteIhm::Application.routes.draw do
 
   namespace :api do
     namespace :v1 do
-      resources :time_tables, :only => [:index, :show]
-      resources :connection_links, :only => [:index, :show]
-      resources :companies, :only => [:index, :show]
-      resources :networks, :only => [:index, :show]
-      resources :stop_areas, :only => [:index, :show]
-      resources :lines, :only => [:index, :show] do
-        resources :journey_patterns, :only => [:index, :show]
-        resources :routes, :only => [:index, :show] do
-          resources :vehicle_journeys, :only => [:index, :show]
+      resources :referentials do
+        resources :time_tables, :only => [:index, :show]
+        resources :connection_links, :only => [:index, :show]
+        resources :companies, :only => [:index, :show]
+        resources :networks, :only => [:index, :show]
+        resources :stop_areas, :only => [:index, :show]
+        resources :lines, :only => [:index, :show] do
           resources :journey_patterns, :only => [:index, :show]
-          resources :stop_areas, :only => [:index, :show]
+          resources :routes, :only => [:index, :show] do
+            resources :vehicle_journeys, :only => [:index, :show]
+            resources :journey_patterns, :only => [:index, :show]
+            resources :stop_areas, :only => [:index, :show]
+          end
         end
+        resources :routes, :only => :show
+        resources :journey_patterns, :only => :show
+        resources :vehicle_journeys, :only => :show
       end
-      resources :routes, :only => :show
-      resources :journey_patterns, :only => :show
-      resources :vehicle_journeys, :only => :show
     end
   end
   
diff --git a/spec/controllers/api/v1/lines_controller_spec.rb b/spec/controllers/api/v1/lines_controller_spec.rb
index 5bd8cac57..2bf7515b9 100644
--- a/spec/controllers/api/v1/lines_controller_spec.rb
+++ b/spec/controllers/api/v1/lines_controller_spec.rb
@@ -5,6 +5,7 @@ describe Api::V1::LinesController do
 
     it_behaves_like "api key protected controller" do
       let(:data){line}
+      let(:provided_referential){referential}
     end
   describe "GET #index" do
     it "test" do
diff --git a/spec/controllers/api/v1/networks_controller_spec.rb b/spec/controllers/api/v1/networks_controller_spec.rb
index 01e3ee35d..f3db35369 100644
--- a/spec/controllers/api/v1/networks_controller_spec.rb
+++ b/spec/controllers/api/v1/networks_controller_spec.rb
@@ -5,6 +5,7 @@ describe Api::V1::NetworksController do
 
   it_behaves_like "api key protected controller" do
     let(:data){network}
+    let(:referential){referential}
   end
 
   describe "GET #show" do
diff --git a/spec/models/api/v1/api_key_spec.rb b/spec/models/api/v1/api_key_spec.rb
new file mode 100644
index 000000000..02c68ea13
--- /dev/null
+++ b/spec/models/api/v1/api_key_spec.rb
@@ -0,0 +1,13 @@
+require 'spec_helper'
+
+describe Api::V1::ApiKey do
+  let!(:referential){Factory(:referential)}
+  subject { Api::V1::ApiKey.create( :name => "test", :referential => referential)}
+
+  it "test" do
+    subject.should be_valid
+    subject.referential.should == referential
+
+  end
+end
+
diff --git a/spec/support/api_key.rb b/spec/support/api_key.rb
index 8c025bbad..dc7111214 100644
--- a/spec/support/api_key.rb
+++ b/spec/support/api_key.rb
@@ -1,7 +1,7 @@
 module ApiKeyHelper
 
   def get_api_key
-    Api::V1::ApiKey.create( referential.organisation, referential)
+    Api::V1::ApiKey.find_or_create_by_referential_id_and_name( referential.id,  "test")
   end
   def config_formatted_request_with_authorization( format)
     request.env['HTTP_AUTHORIZATION'] = ActionController::HttpAuthentication::Token.encode_credentials( get_api_key.token)
diff --git a/spec/support/api_key_protected.rb b/spec/support/api_key_protected.rb
index 43256716d..9f3544afb 100644
--- a/spec/support/api_key_protected.rb
+++ b/spec/support/api_key_protected.rb
@@ -1,13 +1,14 @@
 shared_examples "api key protected controller" do
 
-    let(:h) { { :index => (Proc.new { get :index }),
-                :show => (Proc.new { get :show, :id => data.objectid })}}
+    let(:h) { { :index => (Proc.new { get :index, :referential_id => provided_referential.id }),
+                :show => (Proc.new { get :show, :referential_id => provided_referential.id, :id => data.objectid })}}
     [:index, :show].each do |http_verb|
 
       describe "GET ##{http_verb}" do
         ["application/json","application/xml","application/html"].each do |format|
           context "when an invalid authorization is provided" do
             before :each do
+              puts "when an invalid authorization is provided"
               config_formatted_request_with_dummy_authorization( format)
               h[http_verb].call
             end
@@ -17,6 +18,7 @@ shared_examples "api key protected controller" do
           end
           context "when no authorization is provided" do
             before :each do
+              puts "when no authorization is provided"
               config_formatted_request_without_authorization( format)
               h[http_verb].call
             end
@@ -26,6 +28,7 @@ shared_examples "api key protected controller" do
           end
           context "when authorization provided and request.accept is #{format}," do
             before :each do
+              puts "when authorization provided and request.accept is #{format},"
               config_formatted_request_with_authorization( format)
               h[http_verb].call
             end