From 0e8c226b7c9d24ee881fddf2db0e7622a16e7993 Mon Sep 17 00:00:00 2001
From: Bilal <bilal@saburly.com>
Date: Tue, 15 Sep 2020 18:06:31 +0300
Subject: [PATCH 1/2] show accounts for current user on /accounts endpoint

---
 app/controllers/api/accounts_controller.rb |  5 +++++
 app/serializers/serializable_account.rb    | 21 +++++++++++++++++++++
 config/routes.rb                           |  1 +
 3 files changed, 27 insertions(+)
 create mode 100644 app/controllers/api/accounts_controller.rb
 create mode 100644 app/serializers/serializable_account.rb

diff --git a/app/controllers/api/accounts_controller.rb b/app/controllers/api/accounts_controller.rb
new file mode 100644
index 0000000..1521989
--- /dev/null
+++ b/app/controllers/api/accounts_controller.rb
@@ -0,0 +1,5 @@
+class Api::AccountsController < Api::ApiController
+  def show
+    render jsonapi: current_user.accounts
+  end
+end
diff --git a/app/serializers/serializable_account.rb b/app/serializers/serializable_account.rb
new file mode 100644
index 0000000..b37c758
--- /dev/null
+++ b/app/serializers/serializable_account.rb
@@ -0,0 +1,21 @@
+class SerializableAccount < JSONAPI::Serializable::Resource
+  type "account"
+
+  attributes :name
+
+  attribute :users do
+    @object.users.map do |user|
+      if user.avatar.attached?
+        avatar = Rails.application.routes.url_helpers.rails_blob_url(user.avatar, host: AppHost.new.domain_with_port)
+      else
+        avatar = nil
+      end
+      {
+        email: user.email,
+        name: user.full_name,
+        role: user.account_auths.map(&:role).compact.join(", "),
+        avatar: avatar
+      }
+    end
+  end
+end
diff --git a/config/routes.rb b/config/routes.rb
index d93745c..648354f 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -171,6 +171,7 @@ Rails.application.routes.draw do
         post 'user_token' => 'user_token#create'
         post 'users' => 'users#create'
         resource :profiles, only: [:show]
+        resource :accounts, only: [:show]
         resources :projects, only: [:index] do
           resources :broadcasts, only: [:index, :show, :update]
           RELEASES.each do |release|
-- 
2.47.3


From 853f1207f24656e7e4264c6e71cd066a90554ecd Mon Sep 17 00:00:00 2001
From: Bilal <bilal@saburly.com>
Date: Tue, 15 Sep 2020 18:25:39 +0300
Subject: [PATCH 2/2] add specs

---
 .../api/accounts_controller_spec.rb           | 48 +++++++++++++++++++
 1 file changed, 48 insertions(+)
 create mode 100644 spec/controllers/api/accounts_controller_spec.rb

diff --git a/spec/controllers/api/accounts_controller_spec.rb b/spec/controllers/api/accounts_controller_spec.rb
new file mode 100644
index 0000000..6b52c88
--- /dev/null
+++ b/spec/controllers/api/accounts_controller_spec.rb
@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe Api::AccountsController, type: :controller do
+  let(:current_user) { create(:user, first_name: 'Current') }
+  let(:new_acc) { create(:account, name: 'New Acc') }
+  let(:different_user) { create(:user, first_name: 'Different') }
+  let(:new_auth) { create(:account_auth, account: new_acc, user: different_user)}
+
+  describe '#show' do
+    it 'responds with accounts info for the current user' do
+      sign_in_to_api(current_user)
+
+      get :show
+
+      expect(response).to be_successful
+
+      current_user.accounts.each do |acc|
+        expect(response.body).to have_content acc.name
+
+        acc.users.each do |user|
+          expect(response.body).to have_content user.full_name
+          expect(response.body).to have_content user.email
+        end
+      end
+    end
+
+    it 'does not include other users accounts' do
+      different_user.update(account_auths: [new_auth])
+
+      sign_in_to_api(current_user)
+
+      get :show
+
+      expect(response).to be_successful
+
+      different_user.accounts.each do |acc|
+        expect(response.body).not_to have_content acc.name
+
+        acc.users.each do |user|
+          expect(response.body).not_to have_content user.full_name
+          expect(response.body).not_to have_content user.email
+        end
+      end
+    end
+  end
+end
-- 
2.47.3