URL
Purpose of this test is to check that notes can't be acccess with URL modifications (invalid project ID). To test, we need a note:
Response: HTTP 200, application/json (Hide)
POST /projects/1/notes
Payload:
1 2 3 4
{
"name": "Test Document",
"body": "Text"
}Response:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35
{
"single": {
"id": 1,
"class": "Note",
"url_path": "\/projects\/1\/notes\/1",
"name": "Test Document",
"comments_count": 0,
"attachments": [],
"is_trashed": false,
"trashed_on": null,
"trashed_by_id": 0,
"project_id": 1,
"is_hidden_from_clients": false,
"body": "Text",
"body_formatted": "Text",
"body_plain_text": "Text",
"created_on": 1430164242,
"created_by_id": 1,
"updated_on": 1430164242,
"updated_by_id": 1,
"note_id": 0,
"is_subnote": false,
"subnotes_count": 0,
"is_in_collection": false,
"position": 0,
"contributor_ids": [
1
]
},
"subscribers": [
1
],
"comments": [],
"subnotes": []
}It is accessible through the valid project URL:
Response: HTTP 200, application/json (Hide)
GET /projects/1/notes/1
Response:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35
{
"single": {
"id": 1,
"class": "Note",
"url_path": "\/projects\/1\/notes\/1",
"name": "Test Document",
"comments_count": 0,
"attachments": [],
"is_trashed": false,
"trashed_on": null,
"trashed_by_id": 0,
"project_id": 1,
"is_hidden_from_clients": false,
"body": "Text",
"body_formatted": "Text",
"body_plain_text": "Text",
"created_on": 1430164242,
"created_by_id": 1,
"updated_on": 1430164242,
"updated_by_id": 1,
"note_id": 0,
"is_subnote": false,
"subnotes_count": 0,
"is_in_collection": false,
"position": 0,
"contributor_ids": [
1
]
},
"subscribers": [
1
],
"comments": [],
"subnotes": []
}But not if we insert an incorrect project ID in the URL:
Response: HTTP 404, text/html
GET /projects/2/notes/1
