Added swagger paths

Author: Wong-ZZ

lib/cadet/assessments/assessments.ex

@@ -42,7 +42,7 @@ defmodule Cadet.Assessments do
           {:error, {:bad_request, "New Opening date should occur after current time"}}
 
         true ->
-          {:error, {:forbidden, "Assessment is already opened"}}
+          {:error, {:unauthorized, "Assessment is already opened"}}
       end
     else
       {:error, {:forbidden, "User is not permitted to edit"}}

lib/cadet/jobs/xml_parser.ex

@@ -102,33 +102,33 @@ defmodule Cadet.Updater.XMLParser do
 
       {:error, stage, changeset, _} when is_atom(stage) ->
         log_error_bad_changeset(changeset, stage)
-        changeset_error = 
+        changeset_error =
           changeset
           |> Map.get(:errors)
           |> extract_changeset_error_message
-        error_message = "Invalid #{stage} changeset " <> changeset_error
+        error_message = "Invalid #{stage} changeset #{changeset_error}"
         log_and_return_badrequest(error_message)
     end
   catch
     # the :erlsom library used by SweetXml will exit if XML is invalid
     :exit, parse_error ->
-      error_message = 
+      error_message =
         parse_error
         |> nested_tuple_to_list()
         |> List.flatten()
-        |> Enum.reduce("", fn x, acc -> acc <> to_string(x) <> " " end)
-      {:error, {:bad_request, "Invalid XML " <> error_message}}
+        |> Enum.reduce("", fn x, acc -> "#{acc <> to_string(x)} " end)
+      {:error, {:bad_request, "Invalid XML #{error_message}"}}
   end
 
   defp extract_changeset_error_message(errors_list) do
     errors_list
-    |> Enum.map(fn {field, {error, _}} -> to_string(field) <> " " <> error end)
-    |> List.foldr("", fn x, acc -> acc <> x <> " " end)
+    |> Enum.map(fn {field, {error, _}} -> "#{to_string(field)} #{error}" end)
+    |> List.foldr("", fn x, acc -> "#{acc <> x} " end)
   end
 
   @spec process_assessment(String.t()) :: {:ok, map()} | {:error, String.t}
   defp process_assessment(xml) do
-    open_at = 
+    open_at =
       Timex.now()
       |> Timex.beginning_of_day()
       |> Timex.shift(days: 3)
@@ -164,7 +164,7 @@ defmodule Cadet.Updater.XMLParser do
     end
 
     {:ok, assessment_params}
-    
+
   rescue
     # This error is raised by xpath/3 when TASK does not exist (hence is equal to nil)
     Protocol.UndefinedError ->
@@ -213,7 +213,7 @@ defmodule Cadet.Updater.XMLParser do
         else
           {:no_missing_attr?, false} ->
             {:error, "Missing attribute(s) on PROBLEM"}
-          
+
           {:error, errmsg} ->
             {:error, errmsg}
         end

lib/cadet_web/controllers/assessments_controller.ex

@@ -35,7 +35,7 @@ defmodule CadetWeb.AssessmentsController do
     end
   end
 
-  def update(conn, %{"id" => id, "togglePublishTo" => toggle_publish_to}) do
+  def publish(conn, %{"id" => id, "togglePublishTo" => toggle_publish_to}) do
     result = Assessments.toggle_publish_assessment(conn.assigns.current_user, id, toggle_publish_to)
 
     case result do
@@ -80,27 +80,32 @@ defmodule CadetWeb.AssessmentsController do
   end
 
   def create(conn, %{"assessment" => assessment, "forceUpdate" => force_update}) do
-    file = assessment["file"].path
+    role = conn.assigns[:current_user].role
+    if role == :student do
+      send_resp(conn, :forbidden, "User not allowed to create")
+    else
+      file = assessment["file"].path
       |> File.read!()
-    result =
-      case force_update do
-        "true" -> parse_xml(file, true)
-        "false" -> parse_xml(file, false)
-      end
-
-    case result do
-      :ok ->
-        if (force_update == "true") do
-          send_resp(conn, 200, "Force Update OK")
-        else
-          send_resp(conn, 200, "OK")
+      result =
+        case force_update do
+          "true" -> parse_xml(file, true)
+          "false" -> parse_xml(file, false)
         end
 
-      {:ok, warning_message} ->
-        send_resp(conn, 200, warning_message)
+      case result do
+        :ok ->
+          if (force_update == "true") do
+            send_resp(conn, 200, "Force Update OK")
+          else
+            send_resp(conn, 200, "OK")
+          end
 
-      {:error, {status, message}} ->
-        send_resp(conn, status, message)
+        {:ok, warning_message} ->
+          send_resp(conn, 200, warning_message)
+
+        {:error, {status, message}} ->
+          send_resp(conn, status, message)
+      end
     end
   end
 
@@ -153,6 +158,72 @@ defmodule CadetWeb.AssessmentsController do
     response(403, "Password incorrect")
   end
 
+  swagger_path :create do
+    post("/assessments")
+
+    summary("Creates a new assessment or updates an existing assessment")
+
+    security([%{JWT: []}])
+
+    parameters do
+      assessment(:body, :file, "assessment to create or update", required: true)
+      forceUpdate(:body, :boolean, "force update", required: true)
+    end
+
+    response(200, "OK")
+    response(400, "XML parse error")
+    response(403, "User not allowed to create")
+  end
+
+  swagger_path :delete do
+    PhoenixSwagger.Path.delete("/assessments/:id")
+
+    summary("Deletes an assessment")
+
+    security([%{JWT: []}])
+
+    parameters do
+      assessmentId(:path, :integer, "assessment id", required: true)
+    end
+
+    response(200, "OK")
+    response(403, "User is not permitted to delete")
+  end
+
+  swagger_path :publish do
+    post("/assessments/publish/:id")
+
+    summary("Toggles an assessment between published and unpublished")
+
+    security([%{JWT: []}])
+
+    parameters do
+      assessmentId(:path, :integer, "assessment id", required: true)
+      togglePublishTo(:body, :boolean, "toggles assessment publish state", required: true)
+    end
+
+    response(200, "OK")
+    response(403, "User is not permitted to publish")
+  end
+
+  swagger_path :update do
+    post("/assessments/update/:id")
+
+    summary("Changes the open/close date of an assessment")
+
+    security([%{JWT: []}])
+
+    parameters do
+      assessmentId(:path, :integer, "assessment id", required: true)
+      closeAt(:body, :string, "open date", required: true)
+      openAt(:body, :string, "close date", required: true)
+    end
+
+    response(200, "OK")
+    response(401, "Assessment is already opened")
+    response(403, "User is not permitted to edit")
+  end
+
   def swagger_definitions do
     %{
       AssessmentsList:

lib/cadet_web/router.ex

@@ -40,7 +40,7 @@ defmodule CadetWeb.Router do
     post("/assessments", AssessmentsController, :create)
     delete("/assessments/:id", AssessmentsController, :delete)
     post("/assessments/:id", AssessmentsController, :show)
-    post("/assessments/publish/:id", AssessmentsController, :update)
+    post("/assessments/publish/:id", AssessmentsController, :publish)
     post("/assessments/update/:id", AssessmentsController, :update)
     post("/assessments/:assessmentid/submit", AssessmentsController, :submit)
     post("/assessments/question/:questionid/submit", AnswerController, :submit)