From 1676cf1321cd4537352deb3ed7a04b0af086a3dd Mon Sep 17 00:00:00 2001
From: Kevin Musiorski <1021154+RudyOnRails@users.noreply.github.com>
Date: Wed, 20 Jun 2018 19:00:09 -0500
Subject: [PATCH] 2907: allow depositor to be passed in to api params (#490)

* if depositor key is in API side params, sign in the depositor (but raise exception if not found) after successful API user authentication, otherwise just sign in API user.
---
 app/controllers/lakeshore/api_controller.rb   |  6 +++-
 config/environments/development.rb            |  4 +--
 .../lakeshore/file_sets_controller_spec.rb    | 29 +++++++++++++++++++
 3 files changed, 36 insertions(+), 3 deletions(-)
 create mode 100644 spec/controllers/lakeshore/file_sets_controller_spec.rb

diff --git a/app/controllers/lakeshore/api_controller.rb b/app/controllers/lakeshore/api_controller.rb
index 8bc11cbf..2a844ab3 100644
--- a/app/controllers/lakeshore/api_controller.rb
+++ b/app/controllers/lakeshore/api_controller.rb
@@ -8,7 +8,11 @@ def authenticate_api_user
         resource = User.find_by_email(username)
         return head :unauthorized unless resource
         if resource.valid_password?(password) && resource.api?
-          sign_in :user, resource
+          if params[:depositor]
+            sign_in :user, User.find_by_email!(params[:depositor])
+          else
+            sign_in :user, resource
+          end
         end
       end
     end
diff --git a/config/environments/development.rb b/config/environments/development.rb
index ddb6e0d2..bfc0b0c3 100644
--- a/config/environments/development.rb
+++ b/config/environments/development.rb
@@ -49,6 +49,6 @@
   # config.action_view.raise_on_missing_translations = true
 
   # default the queue adapter to :inline or override to :resque, if needed
-  config.active_job.queue_adapter = :inline
-  # config.active_job.queue_adapter = :resque
+  # config.active_job.queue_adapter = :inline
+  config.active_job.queue_adapter = :resque
 end
diff --git a/spec/controllers/lakeshore/file_sets_controller_spec.rb b/spec/controllers/lakeshore/file_sets_controller_spec.rb
new file mode 100644
index 00000000..b1925724
--- /dev/null
+++ b/spec/controllers/lakeshore/file_sets_controller_spec.rb
@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+require 'rails_helper'
+
+describe Lakeshore::FileSetsController do
+  let(:apiuser) { create(:apiuser) }
+  before do
+    sign_in_basic(apiuser)
+    LakeshoreTesting.restore
+  end
+
+  let(:asset)     { create(:asset, :with_intermediate_file_set) }
+  let(:file_set1) { asset.intermediate_file_set.first }
+  let(:file)      { create(:image_file) }
+  let(:aic_user1) { create(:aic_user1) }
+
+  describe "#update" do
+    before { put :update, params }
+    context "when API user exists" do
+      context "but is not an AICUser and no depositor param exists" do
+        let(:file_set_params) { { files: [file] } }
+        let(:params)          { { file_set: file_set_params, id: file_set1.id } }
+        it "returns a 500 respone code with an error message" do
+          expect(response).to have_http_status(500)
+          expect(response.body).to include("AICUser 'apiuser' not found, contact collections_support@artic.edu\n")
+        end
+      end
+    end
+  end
+end