URL
Purpose of this test is to check that notes can't be acccess with URL modifications (invalid project ID). To test, we need a note:
Response: HTTP 200, application/json (Hide)
POST /projects/1/notes
Payload:
1 2 3 4
{ "name": "Test Document", "body": "Text" }
Response:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35
{ "single": { "id": 1, "class": "Note", "url_path": "\/projects\/1\/notes\/1", "name": "Test Document", "comments_count": 0, "attachments": [], "is_trashed": false, "trashed_on": null, "trashed_by_id": 0, "project_id": 1, "is_hidden_from_clients": false, "body": "Text", "body_formatted": "Text", "body_plain_text": "Text", "created_on": 1430164242, "created_by_id": 1, "updated_on": 1430164242, "updated_by_id": 1, "note_id": 0, "is_subnote": false, "subnotes_count": 0, "is_in_collection": false, "position": 0, "contributor_ids": [ 1 ] }, "subscribers": [ 1 ], "comments": [], "subnotes": [] }
It is accessible through the valid project URL:
Response: HTTP 200, application/json (Hide)
GET /projects/1/notes/1
Response:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35
{ "single": { "id": 1, "class": "Note", "url_path": "\/projects\/1\/notes\/1", "name": "Test Document", "comments_count": 0, "attachments": [], "is_trashed": false, "trashed_on": null, "trashed_by_id": 0, "project_id": 1, "is_hidden_from_clients": false, "body": "Text", "body_formatted": "Text", "body_plain_text": "Text", "created_on": 1430164242, "created_by_id": 1, "updated_on": 1430164242, "updated_by_id": 1, "note_id": 0, "is_subnote": false, "subnotes_count": 0, "is_in_collection": false, "position": 0, "contributor_ids": [ 1 ] }, "subscribers": [ 1 ], "comments": [], "subnotes": [] }
But not if we insert an incorrect project ID in the URL:
Response: HTTP 404, text/html
GET /projects/2/notes/1