api: add triggerable jump actions to carddata api (#88875)

tests/api/test_carddata.py

@@ -587,3 +587,101 @@ def test_carddata_global_actions(auth, pub, local_user):
     resp = get_url('/api/cards/test-carddef/%s/?include-actions=on' % carddata.id)
     assert resp.json['actions'] == {}
 
+
+@pytest.mark.parametrize('auth', ['signature', 'http-basic'])
+def test_carddata_jump_trigger_action(auth, pub, local_user):
+    CardDef.wipe()
+    Workflow.wipe()
+    ApiAccess.wipe()
+
+    pub.role_class.wipe()
+    role = pub.role_class(name='allowed-role')
+    role.store()
+
+    local_user.roles = [role.id]
+    local_user.store()
+
+    access = ApiAccess()
+    access.name = 'test'
+    access.access_identifier = 'test'
+    access.access_key = '12345'
+    access.store()
+
+    app = get_app(pub)
+
+    if auth == 'http-basic':
+        access.roles = [role]
+        access.store()
+
+        def get_url(url, **kwargs):
+            app.set_authorization(('Basic', ('test', '12345')))
+            return app.get(url, **kwargs)
+
+    else:
+
+        def get_url(url, **kwargs):
+            return app.get(
+                sign_uri(
+                    url,
+                    user=local_user,
+                    orig=access.access_identifier,
+                    key=access.access_key,
+                ),
+                **kwargs,
+            )
+
+    workflow = Workflow(name='test-workflow')
+    source_status = workflow.add_status('source-status')
+    target_status = workflow.add_status('target-status')
+
+    jump = source_status.add_action('jump')
+    jump.status = target_status.id
+    jump.trigger = 'test-trigger'
+    jump.by = [role.id]
+
+    workflow.store()
+
+    CardDef.wipe()
+    carddef = CardDef()
+    carddef.name = 'test-carddef'
+    carddef.workflow_id = workflow.id
+    carddef.workflow_roles = {'_receiver': role.id}
+    carddef.store()
+
+    carddata = carddef.data_class()()
+    carddata.just_created()
+    carddata.jump_status('source-status')
+    carddata.store()
+
+    resp = get_url('/api/cards/test-carddef/%s/?include-actions=on' % carddata.id)
+    assert resp.json['actions'] == {
+        'jump:test-trigger': f'{carddata.get_api_url()}jump/trigger/test-trigger/'
+    }
+
+    jump.trigger = None
+    workflow.store()
+
+    resp = get_url('/api/cards/test-carddef/%s/?include-actions=on' % carddata.id)
+    assert resp.json['actions'] == {}
+
+    jump.trigger = 'test-trigger'
+    jump.condition = {'type': 'django', 'value': 'false'}
+    workflow.store()
+
+    resp = get_url('/api/cards/test-carddef/%s/?include-actions=on' % carddata.id)
+    assert resp.json['actions'] == {}
+
+    jump.condition = None
+    jump.by = ['_submitter']
+    workflow.store()
+
+    resp = get_url('/api/cards/test-carddef/%s/?include-actions=on' % carddata.id)
+    assert resp.json['actions'] == {}
+
+    jump.by = [role.id]
+    workflow.store()
+    carddata.jump_status(target_status.id)
+    carddata.store()
+
+    resp = get_url('/api/cards/test-carddef/%s/?include-actions=on' % carddata.id)
+    assert resp.json['actions'] == {}

wcs/formdata.py

@@ -1662,6 +1662,17 @@ class FormData(StorableObject):
                         f'global-action:{trigger.identifier}'
                     ] = f'{self.get_api_url()}hooks/{trigger.identifier}/'
 
+            status = self.get_status()
+            if status:
+                for item in self.get_status().items:
+                    if (
+                        item.key == 'jump'
+                        and item.trigger
+                        and item.check_auth(self, user)
+                        and item.check_condition(self, trigger=item.trigger)
+                    ):
+                        actions[f'jump:{item.trigger}'] = f'{self.get_api_url()}jump/trigger/{item.trigger}/'
+
         if include_roles:
             # add a roles dictionary, with workflow functions and two special
             # entries for concerned/actions roles.