WIP: Implement ProfileApiClient.list_school_students

Author: chrisroos

lib/concepts/school_student/list.rb

@@ -16,7 +16,7 @@ def call(school:, token:)
       private
 
       def list_students(school, token)
-        response = ProfileApiClient.list_school_students(token:, organisation_id: school.id)
+        response = ProfileApiClient.list_school_students(token:, school:)
         user_ids = response.fetch(:ids)
 
         User.from_userinfo(ids: user_ids)

lib/profile_api_client.rb

@@ -128,16 +128,23 @@ def remove_school_teacher(token:, teacher_id:, organisation_id:)
     #
     # The API should respond:
     # - 422 Unprocessable if the constraints are not met
-    def list_school_students(token:, organisation_id:)
+    # rubocop:disable Metrics/AbcSize
+    def list_school_students(token:, school:)
       return [] if token.blank?
 
-      _ = organisation_id
+      response = connection.post("/api/v1/schools/#{school.id}/students/list") do |request|
+        apply_default_headers(request, token)
+        request.body = Role.student.where(school:).map(&:user_id).to_json
+      end
 
-      # TODO: We should make Faraday raise a Ruby error for a non-2xx status
-      # code so that SchoolOwner::Invite propagates the error in the response.
-      response = { 'ids' => ['99999999-9999-9999-9999-999999999999'] }
-      response.deep_symbolize_keys
+      return [] if response.status == 404
+      unless response.status == 200
+        raise "Students cannot be listed in Profile API. HTTP response code: #{response.status}"
+      end
+
+      JSON.parse(response.body).map(&:deep_symbolize_keys)
     end
+    # rubocop:enable Metrics/AbcSize
 
     # The API should enforce these constraints:
     # - The token has the school-owner or school-teacher role for the given organisation ID

spec/concepts/school_student/list_spec.rb

@@ -21,7 +21,7 @@
     described_class.call(school:, token:)
 
     # TODO: Replace with WebMock assertion once the profile API has been built.
-    expect(ProfileApiClient).to have_received(:list_school_students).with(token:, organisation_id: school.id)
+    expect(ProfileApiClient).to have_received(:list_school_students).with(token:, school:)
   end
 
   it 'returns the school students in the operation response' do

spec/lib/profile_api_client_spec.rb

@@ -373,4 +373,89 @@ def create_school_student
       described_class.create_school_student(token:, username:, password:, name:, school:)
     end
   end
+
+  describe '.list_school_student' do
+    let(:school) { build(:school, id: SecureRandom.uuid) }
+    let(:list_students_url) { "#{api_url}/api/v1/schools/#{school.id}/students/list" }
+
+    before do
+      stub_request(:post, list_students_url).to_return(status: 200, body: '[]')
+    end
+
+    it 'makes a request to the profile api host' do
+      list_school_students
+      expect(WebMock).to have_requested(:post, list_students_url)
+    end
+
+    it 'includes token in the authorization request header' do
+      list_school_students
+      expect(WebMock).to have_requested(:post, list_students_url).with(headers: { authorization: "Bearer #{token}" })
+    end
+
+    it 'includes the profile api key in the x-api-key request header' do
+      list_school_students
+      expect(WebMock).to have_requested(:post, list_students_url).with(headers: { 'x-api-key' => api_key })
+    end
+
+    it 'sets content-type of request to json' do
+      list_school_students
+      expect(WebMock).to have_requested(:post, list_students_url).with(headers: { 'content-type' => 'application/json' })
+    end
+
+    it 'sets accept header to json' do
+      list_school_students
+      expect(WebMock).to have_requested(:post, list_students_url).with(headers: { 'accept' => 'application/json' })
+    end
+
+    it 'sets body to the IDs of the students in the school' do
+      student_role = Role.student.create!(school:, user_id: SecureRandom.uuid)
+      Role.teacher.create!(school:, user_id: SecureRandom.uuid)
+      Role.owner.create!(school:, user_id: SecureRandom.uuid)
+      list_school_students
+      expect(WebMock).to have_requested(:post, list_students_url).with(body: [student_role.user_id])
+    end
+
+    # rubocop:disable RSpec/ExampleLength
+    it 'returns a hash representing the student(s) if successful' do
+      response = [
+        {
+          id: '549e4674-6ffd-4ac6-9a97-b4d7e5c0e5c5',
+          schoolId: '132383f1-702a-46a0-9eb2-a40dd4f212e3',
+          name: 'student-name',
+          username: 'student-username',
+          createdAt: '2024-07-03T13:00:40.041Z',
+          updatedAt: '2024-07-03T13:00:40.041Z',
+          discardedAt: nil
+        }
+      ]
+      stub_request(:post, list_students_url)
+        .to_return(status: 200, body: response.to_json)
+      expect(list_school_students).to eq(response)
+    end
+    # rubocop:enable RSpec/ExampleLength
+
+    it "returns empty array if the API returns a 404 because one or more of the student IDs aren't found" do
+      stub_request(:post, list_students_url)
+        .to_return(status: 404, body: '')
+      expect(list_school_students).to eq([])
+    end
+
+    it 'raises exception if anything other than a 200 status code is returned' do
+      stub_request(:post, list_students_url)
+        .to_return(status: 500)
+
+      expect { list_school_students }.to raise_error(RuntimeError)
+    end
+
+    it 'includes details of underlying response when exception is raised' do
+      stub_request(:post, list_students_url)
+        .to_return(status: 401)
+
+      expect { list_school_students }.to raise_error('Students cannot be listed in Profile API. HTTP response code: 401')
+    end
+
+    def list_school_students
+      described_class.list_school_students(token:, school:)
+    end
+  end
 end