QT/sure
1
0
Fork 0
mirror of https://github.com/we-promise/sure.git synced 2026-05-09 13:45:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
7e1de420cae7ddd7f39e31362916133e087364e2
sure/spec/requests/api/v1/budgets_spec.rb
ghost 2d38cfb011 feat(api): expose budget state (#1640) 
* feat(api): expose budget state

* fix(api): guard malformed budget ids

* fix(api): address budget state review

* fix(api): address budget state review

* fix(api): document budget id formats

* fix(api): align budget category docs auth

* fix(api): lighten budget category index payload

* fix(api): use shared pagination clamp

* fix(api): centralize budget filter handling
2026-05-06 20:50:46 +02:00

149 lines
3.7 KiB
Ruby
Raw Blame History

# frozen_string_literal: true
require 'swagger_helper'
RSpec.describe 'API V1 Budgets', type: :request do
let(:family) do
Family.create!(
name: 'API Family',
currency: 'USD',
locale: 'en',
date_format: '%m-%d-%Y'
)
end
let(:user) do
family.users.create!(
email: 'api-user@example.com',
password: 'password123',
password_confirmation: 'password123'
)
end
let(:api_key) do
key = ApiKey.generate_secure_key
ApiKey.create!(
user: user,
name: 'API Docs Key',
key: key,
display_key: key,
scopes: %w[read],
source: 'web'
)
end
let(:api_key_without_read_scope) do
key = ApiKey.generate_secure_key
ApiKey.new(
user: user,
name: 'No Read Docs Key',
key: key,
display_key: key,
scopes: [],
source: 'mobile'
).tap { |api_key| api_key.save!(validate: false) }
end
let(:'X-Api-Key') { api_key.plain_key }
let!(:budget) do
family.budgets.create!(
start_date: Date.current.beginning_of_month,
end_date: Date.current.end_of_month,
budgeted_spending: 3000,
expected_income: 5000,
currency: 'USD'
)
end
path '/api/v1/budgets' do
get 'List budgets' do
tags 'Budgets'
security [ { apiKeyAuth: [] } ]
produces 'application/json'
parameter name: :page, in: :query, type: :integer, required: false,
description: 'Page number (default: 1)'
parameter name: :per_page, in: :query, type: :integer, required: false,
description: 'Items per page (default: 25, max: 100)'
parameter name: :start_date, in: :query, required: false,
schema: { type: :string, format: :date },
description: 'Filter budgets starting on or after this date'
parameter name: :end_date, in: :query, required: false,
schema: { type: :string, format: :date },
description: 'Filter budgets ending on or before this date'
response '200', 'budgets listed' do
schema '$ref' => '#/components/schemas/BudgetCollection'
run_test!
end
response '401', 'unauthorized' do
schema '$ref' => '#/components/schemas/ErrorResponse'
let(:'X-Api-Key') { nil }
run_test!
end
response '403', 'insufficient scope' do
schema '$ref' => '#/components/schemas/ErrorResponse'
let(:'X-Api-Key') { api_key_without_read_scope.plain_key }
run_test!
end
response '422', 'invalid date filter' do
schema '$ref' => '#/components/schemas/ErrorResponse'
let(:start_date) { 'not-a-date' }
run_test!
end
end
end
path '/api/v1/budgets/{id}' do
parameter name: :id, in: :path, required: true, description: 'Budget ID',
schema: { type: :string, format: :uuid }
get 'Retrieve a budget' do
tags 'Budgets'
security [ { apiKeyAuth: [] } ]
produces 'application/json'
let(:id) { budget.id }
response '200', 'budget retrieved' do
schema '$ref' => '#/components/schemas/Budget'
run_test!
end
response '401', 'unauthorized' do
schema '$ref' => '#/components/schemas/ErrorResponse'
let(:'X-Api-Key') { nil }
run_test!
end
response '403', 'insufficient scope' do
schema '$ref' => '#/components/schemas/ErrorResponse'
let(:'X-Api-Key') { api_key_without_read_scope.plain_key }
run_test!
end
response '404', 'budget not found' do
schema '$ref' => '#/components/schemas/ErrorResponse'
let(:id) { SecureRandom.uuid }
run_test!
end
end
end
end
Reference in New Issue View Git Blame Copy Permalink