diff --git a/lib/dashing/app.rb b/lib/dashing/app.rb index 921bf9c6..09b09680 100644 --- a/lib/dashing/app.rb +++ b/lib/dashing/app.rb @@ -99,6 +99,22 @@ def protected! end end +post '/widgets' do + request.body.rewind + body = JSON.parse(request.body.read) + auth_token = body.delete("auth_token") + if !settings.auth_token || settings.auth_token == auth_token + body["widgets"].each do |widget| + widget_id = widget.delete("id") + send_event(widget_id, widget) + end + 204 # response without entity body + else + status 401 + "Invalid API key\n" + end +end + post '/widgets/:id' do request.body.rewind body = JSON.parse(request.body.read) diff --git a/test/app_test.rb b/test/app_test.rb index 4101e911..1b7590ea 100644 --- a/test/app_test.rb +++ b/test/app_test.rb @@ -56,6 +56,22 @@ def test_post_widgets_without_auth_token assert data['updatedAt'] end + def test_post_multiple_widgets_without_auth_token + post '/widgets', JSON.generate({widgets: [{id: 'some_widget', value: 9}, {id: 'another_widget', value: 8}]}) + assert_equal 204, last_response.status + + assert_equal 2, @connection.length + data = parse_data @connection[0] + assert_equal (9), data['value'] + assert_equal 'some_widget', data['id'] + assert data['updatedAt'] + + data = parse_data @connection[1] + assert_equal (8), data['value'] + assert_equal 'another_widget', data['id'] + assert data['updatedAt'] + end + def test_post_widgets_with_invalid_auth_token app.settings.auth_token = 'sekrit' post '/widgets/some_widget', JSON.generate({value: 9}) @@ -68,6 +84,12 @@ def test_post_widgets_with_valid_auth_token assert_equal 204, last_response.status end + def test_post_multiple_widgets_with_valid_auth_token + app.settings.auth_token = 'sekrit' + post '/widgets', JSON.generate({auth_token: 'sekrit', widgets: [{id: 'some_widget', value: 9}, {id: 'another_widget', value: 8}]}) + assert_equal 204, last_response.status + end + def test_get_events post '/widgets/some_widget', JSON.generate({value: 8}) assert_equal 204, last_response.status