2012-08-21 18:15:28 +01:00
|
|
|
# -*- encoding : utf-8 -*-
|
|
|
|
|
require 'spec_helper'
|
|
|
|
|
|
|
|
|
|
shared_examples_for "api projects user with reader rights" do
|
2012-08-22 14:44:01 +01:00
|
|
|
include_examples "api projects user with show rights"
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
shared_examples_for "api projects user with reader rights for hidden project" do
|
|
|
|
|
before(:each) do
|
|
|
|
|
@project.update_column(:visibility, 'hidden')
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it_should_behave_like 'api projects user with show rights'
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
shared_examples_for "api projects user without reader rights for hidden project" do
|
|
|
|
|
before(:each) do
|
|
|
|
|
@project.update_column(:visibility, 'hidden')
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it_should_behave_like 'api projects user without show rights'
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
shared_examples_for "api projects user without show rights" do
|
2012-08-28 17:57:12 +01:00
|
|
|
it "should show access violation instead of project data" do
|
2012-08-22 14:44:01 +01:00
|
|
|
get :show, :id => @project.id, :format => :json
|
2012-10-11 18:51:40 +01:00
|
|
|
response.should_not be_success
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it "should show access violation instead of project refs_list" do
|
|
|
|
|
get :refs_list, :id => @project.id, :format => :json
|
|
|
|
|
response.should_not be_success
|
2012-08-22 14:44:01 +01:00
|
|
|
end
|
2012-08-28 17:57:12 +01:00
|
|
|
|
|
|
|
|
it "should access violation instead of project data by get_id" do
|
|
|
|
|
get :get_id, :name => @project.name, :owner => @project.owner.uname, :format => :json
|
2012-10-11 18:51:40 +01:00
|
|
|
response.should_not be_success
|
2012-08-28 17:57:12 +01:00
|
|
|
end
|
2012-10-17 15:30:54 +01:00
|
|
|
|
|
|
|
|
it "should show access violation instead of project members data" do
|
|
|
|
|
get :members, :id => @project.id, :format => :json
|
|
|
|
|
response.should_not be_success
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
shared_examples_for 'api projects user without fork rights' do
|
|
|
|
|
it 'should not be able to perform fork action' do
|
|
|
|
|
post :fork, :id => @project.id, :format => :json
|
|
|
|
|
response.should_not be_success
|
|
|
|
|
end
|
|
|
|
|
it 'ensures that project has not been forked' do
|
|
|
|
|
lambda { post :fork, :id => @project.id, :format => :json }.should_not change{ Project.count }
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
shared_examples_for 'api projects user with fork rights' do
|
|
|
|
|
it 'should be able to perform fork action' do
|
|
|
|
|
post :fork, :id => @project.id, :format => :json
|
|
|
|
|
response.should be_success
|
|
|
|
|
end
|
|
|
|
|
it 'ensures that project has been forked' do
|
|
|
|
|
lambda { post :fork, :id => @project.id, :format => :json }.should change{ Project.count }.by(1)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
shared_examples_for 'api projects user with fork rights for hidden project' do
|
|
|
|
|
before { @project.update_column(:visibility, 'hidden') }
|
|
|
|
|
it_should_behave_like 'api projects user with fork rights'
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
shared_examples_for 'api projects user without fork rights for hidden project' do
|
|
|
|
|
before { @project.update_column(:visibility, 'hidden') }
|
|
|
|
|
it_should_behave_like 'api projects user without fork rights'
|
2012-08-22 14:44:01 +01:00
|
|
|
end
|
2012-08-21 18:15:28 +01:00
|
|
|
|
2012-08-22 14:44:01 +01:00
|
|
|
shared_examples_for "api projects user with show rights" do
|
|
|
|
|
it "should show project data" do
|
|
|
|
|
get :show, :id => @project.id, :format => :json
|
2012-08-21 18:15:28 +01:00
|
|
|
render_template(:show)
|
|
|
|
|
end
|
2012-08-28 17:57:12 +01:00
|
|
|
|
2012-10-11 18:51:40 +01:00
|
|
|
it "should show refs_list of project" do
|
|
|
|
|
get :refs_list, :id => @project.id, :format => :json
|
|
|
|
|
render_template(:refs_list)
|
|
|
|
|
end
|
|
|
|
|
|
2012-08-28 17:57:12 +01:00
|
|
|
context 'project find by get_id' do
|
|
|
|
|
it "should find project by name and owner name" do
|
|
|
|
|
@project.reload
|
|
|
|
|
get :get_id, :name => @project.name, :owner => @project.owner.uname, :format => :json
|
|
|
|
|
assigns[:project].id.should == @project.id
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it "should not find project by non existing name and owner name" do
|
|
|
|
|
get :get_id, :name => 'NONE_EXISTING_NAME', :owner => @project.owner.uname, :format => :json
|
|
|
|
|
assigns[:project].should be_blank
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it "should render 404 for non existing name and owner name" do
|
|
|
|
|
get :get_id, :name => 'NONE_EXISTING_NAME', :owner => @project.owner.uname, :format => :json
|
2012-10-19 16:35:19 +01:00
|
|
|
response.body.should == {:status => 404, :message => I18n.t("flash.404_message")}.to_json
|
2012-08-28 17:57:12 +01:00
|
|
|
end
|
|
|
|
|
end
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
|
2012-10-17 18:08:21 +01:00
|
|
|
shared_examples_for 'api projects user with admin rights' do
|
|
|
|
|
|
|
|
|
|
it "should be able to perform members action" do
|
|
|
|
|
get :members, :id => @project.id, :format => :json
|
|
|
|
|
response.should be_success
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'api project user with update rights' do
|
|
|
|
|
before do
|
|
|
|
|
put :update, {:project => {:description => 'new description'}, :id => @project.id}, :format => :json
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'should be able to perform update action' do
|
|
|
|
|
response.should be_success
|
|
|
|
|
end
|
|
|
|
|
it 'ensures that group has been updated' do
|
|
|
|
|
@project.reload
|
|
|
|
|
@project.description.should == 'new description'
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'api project user with add_member rights' do
|
|
|
|
|
let(:member) { FactoryGirl.create(:user) }
|
|
|
|
|
before do
|
|
|
|
|
put :add_member, {:member_id => member.id, :type => 'User', :role => 'admin', :id => @project.id}, :format => :json
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'should be able to perform add_member action' do
|
|
|
|
|
response.should be_success
|
|
|
|
|
end
|
|
|
|
|
it 'ensures that new member has been added to project' do
|
|
|
|
|
@project.members.should include(member)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'api project user with remove_member rights' do
|
|
|
|
|
let(:member) { FactoryGirl.create(:user) }
|
|
|
|
|
before do
|
|
|
|
|
@project.add_member(member)
|
|
|
|
|
delete :remove_member, {:member_id => member.id, :type => 'User', :id => @project.id}, :format => :json
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'should be able to perform remove_member action' do
|
|
|
|
|
response.should be_success
|
|
|
|
|
end
|
|
|
|
|
it 'ensures that member has been removed from project' do
|
|
|
|
|
@project.members.should_not include(member)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'api group user with update_member rights' do
|
|
|
|
|
let(:member) { FactoryGirl.create(:user) }
|
|
|
|
|
before do
|
|
|
|
|
@project.add_member(member)
|
|
|
|
|
put :update_member, {:member_id => member.id, :type => 'User', :role => 'reader', :id => @project.id}, :format => :json
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'should be able to perform update_member action' do
|
|
|
|
|
response.should be_success
|
|
|
|
|
end
|
|
|
|
|
it 'ensures that member role has been updated in project' do
|
|
|
|
|
@project.relations.by_actor(member).first.
|
|
|
|
|
role.should == 'reader'
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
shared_examples_for 'api projects user without admin rights' do
|
|
|
|
|
|
|
|
|
|
it "should not be able to perform members action" do
|
|
|
|
|
get :members, :id => @project.id, :format => :json
|
|
|
|
|
response.should_not be_success
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'api project user without update_member rights' do
|
|
|
|
|
let(:member) { FactoryGirl.create(:user) }
|
|
|
|
|
before do
|
|
|
|
|
@project.add_member(member)
|
|
|
|
|
put :update_member, {:member_id => member.id, :type => 'User', :role => 'reader', :id => @project.id}, :format => :json
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'should not be able to perform update_member action' do
|
|
|
|
|
response.should_not be_success
|
|
|
|
|
end
|
|
|
|
|
it 'ensures that member role has not been updated in project' do
|
|
|
|
|
@project.relations.by_actor(member).first.
|
|
|
|
|
role.should_not == 'reader'
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'api project user without update rights' do
|
|
|
|
|
before do
|
|
|
|
|
put :update, {:project => {:description => 'new description'}, :id => @project.id}, :format => :json
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'should not be able to perform update action' do
|
|
|
|
|
response.should_not be_success
|
|
|
|
|
end
|
|
|
|
|
it 'ensures that project has not been updated' do
|
|
|
|
|
@project.reload
|
|
|
|
|
@project.description.should_not == 'new description'
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'api project user without add_member rights' do
|
|
|
|
|
let(:member) { FactoryGirl.create(:user) }
|
|
|
|
|
before do
|
|
|
|
|
put :add_member, {:member_id => member.id, :type => 'User', :role => 'admin', :id => @project.id}, :format => :json
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'should not be able to perform add_member action' do
|
|
|
|
|
response.should_not be_success
|
|
|
|
|
end
|
|
|
|
|
it 'ensures that new member has not been added to project' do
|
|
|
|
|
@project.members.should_not include(member)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'api project user without remove_member rights' do
|
|
|
|
|
let(:member) { FactoryGirl.create(:user) }
|
|
|
|
|
before do
|
|
|
|
|
@project.add_member(member)
|
|
|
|
|
delete :remove_member, {:member_id => member.id, :type => 'User', :id => @project.id}, :format => :json
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it 'should be able to perform update action' do
|
|
|
|
|
response.should_not be_success
|
|
|
|
|
end
|
|
|
|
|
it 'ensures that member has not been removed from project' do
|
|
|
|
|
@project.members.should include(member)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
shared_examples_for 'api projects user with owner rights' do
|
|
|
|
|
context 'api project user with destroy rights' do
|
|
|
|
|
it 'should be able to perform destroy action' do
|
|
|
|
|
delete :destroy, :id => @project.id, :format => :json
|
|
|
|
|
response.should be_success
|
|
|
|
|
end
|
|
|
|
|
it 'ensures that project has been destroyed' do
|
|
|
|
|
lambda { delete :destroy, :id => @project.id, :format => :json }.should change{ Project.count }.by(-1)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
shared_examples_for 'api projects user without owner rights' do
|
|
|
|
|
context 'api project user with destroy rights' do
|
|
|
|
|
it 'should not be able to perform destroy action' do
|
|
|
|
|
delete :destroy, :id => @project.id, :format => :json
|
|
|
|
|
response.should_not be_success
|
|
|
|
|
end
|
|
|
|
|
it 'ensures that project has not been destroyed' do
|
|
|
|
|
lambda { delete :destroy, :id => @project.id, :format => :json }.should_not change{ Project.count }
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2012-08-21 18:15:28 +01:00
|
|
|
describe Api::V1::ProjectsController do
|
|
|
|
|
|
|
|
|
|
before(:each) do
|
|
|
|
|
stub_symlink_methods
|
|
|
|
|
|
|
|
|
|
@project = FactoryGirl.create(:project)
|
2012-08-22 14:44:01 +01:00
|
|
|
@hidden_project = FactoryGirl.create(:project)
|
2012-08-21 18:15:28 +01:00
|
|
|
@another_user = FactoryGirl.create(:user)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'for guest' do
|
2012-10-17 18:08:21 +01:00
|
|
|
|
|
|
|
|
[:index, :members].each do |action|
|
|
|
|
|
it "should not be able to perform #{action} action" do
|
|
|
|
|
get action, :id => @project.id, :format => :json
|
|
|
|
|
response.should_not be_success
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2012-10-11 18:51:40 +01:00
|
|
|
if APP_CONFIG['anonymous_access']
|
2012-10-17 18:08:21 +01:00
|
|
|
it_should_behave_like 'api projects user with show rights'
|
2012-10-11 18:51:40 +01:00
|
|
|
it_should_behave_like 'api projects user without reader rights for hidden project'
|
|
|
|
|
else
|
|
|
|
|
it_should_behave_like 'api projects user without show rights'
|
2012-08-22 14:44:01 +01:00
|
|
|
end
|
2012-10-17 15:30:54 +01:00
|
|
|
it_should_behave_like 'api projects user without fork rights'
|
|
|
|
|
it_should_behave_like 'api projects user without fork rights for hidden project'
|
2012-10-17 18:08:21 +01:00
|
|
|
it_should_behave_like 'api projects user without admin rights'
|
|
|
|
|
it_should_behave_like 'api projects user without owner rights'
|
2012-08-22 14:44:01 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'for simple user' do
|
|
|
|
|
before(:each) do
|
|
|
|
|
@user = FactoryGirl.create(:user)
|
2012-09-21 20:48:30 +01:00
|
|
|
http_login(@user)
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
2012-08-22 14:44:01 +01:00
|
|
|
|
2012-10-17 18:08:21 +01:00
|
|
|
it 'should be able to perform index action' do
|
|
|
|
|
get :index, :format => :json
|
|
|
|
|
response.should be_success
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'api project user with create rights' do
|
|
|
|
|
let(:params) { {:project => {:name => 'test_name', :owner_id => @user.id, :owner_type => 'User', :visibility => 'open'}} }
|
|
|
|
|
it 'should be able to perform create action' do
|
|
|
|
|
post :create, params, :format => :json
|
|
|
|
|
response.should be_success
|
|
|
|
|
end
|
|
|
|
|
it 'ensures that project has been created' do
|
|
|
|
|
lambda { post :create, params, :format => :json }.should change{ Project.count }.by(1)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2012-08-22 14:44:01 +01:00
|
|
|
it_should_behave_like 'api projects user with reader rights'
|
|
|
|
|
it_should_behave_like 'api projects user without reader rights for hidden project'
|
2012-10-17 15:30:54 +01:00
|
|
|
it_should_behave_like 'api projects user with fork rights'
|
|
|
|
|
it_should_behave_like 'api projects user without fork rights for hidden project'
|
2012-10-17 18:08:21 +01:00
|
|
|
it_should_behave_like 'api projects user without admin rights'
|
|
|
|
|
it_should_behave_like 'api projects user without owner rights'
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'for admin' do
|
|
|
|
|
before(:each) do
|
|
|
|
|
@admin = FactoryGirl.create(:admin)
|
2012-09-21 20:48:30 +01:00
|
|
|
http_login(@admin)
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it_should_behave_like 'api projects user with reader rights'
|
2012-08-22 14:44:01 +01:00
|
|
|
it_should_behave_like 'api projects user with reader rights for hidden project'
|
2012-10-17 15:30:54 +01:00
|
|
|
it_should_behave_like 'api projects user with fork rights'
|
|
|
|
|
it_should_behave_like 'api projects user with fork rights for hidden project'
|
2012-10-17 18:08:21 +01:00
|
|
|
it_should_behave_like 'api projects user with admin rights'
|
|
|
|
|
it_should_behave_like 'api projects user with owner rights'
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'for owner user' do
|
|
|
|
|
before(:each) do
|
|
|
|
|
@user = FactoryGirl.create(:user)
|
2012-09-21 20:48:30 +01:00
|
|
|
http_login(@user)
|
2012-10-17 18:08:21 +01:00
|
|
|
@project = FactoryGirl.create(:project, :owner => @user)
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it_should_behave_like 'api projects user with reader rights'
|
2012-08-22 14:44:01 +01:00
|
|
|
it_should_behave_like 'api projects user with reader rights for hidden project'
|
2012-10-17 15:30:54 +01:00
|
|
|
it_should_behave_like 'api projects user without fork rights'
|
|
|
|
|
it_should_behave_like 'api projects user without fork rights for hidden project'
|
2012-10-17 18:08:21 +01:00
|
|
|
it_should_behave_like 'api projects user with admin rights'
|
|
|
|
|
it_should_behave_like 'api projects user with owner rights'
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'for reader user' do
|
|
|
|
|
before(:each) do
|
|
|
|
|
@user = FactoryGirl.create(:user)
|
2012-09-21 20:48:30 +01:00
|
|
|
http_login(@user)
|
2012-08-21 18:15:28 +01:00
|
|
|
@project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader')
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it_should_behave_like 'api projects user with reader rights'
|
2012-08-22 14:44:01 +01:00
|
|
|
it_should_behave_like 'api projects user with reader rights for hidden project'
|
2012-10-17 15:30:54 +01:00
|
|
|
it_should_behave_like 'api projects user with fork rights'
|
|
|
|
|
it_should_behave_like 'api projects user with fork rights for hidden project'
|
2012-10-17 18:08:21 +01:00
|
|
|
it_should_behave_like 'api projects user without admin rights'
|
|
|
|
|
it_should_behave_like 'api projects user without owner rights'
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'for writer user' do
|
|
|
|
|
before(:each) do
|
|
|
|
|
@user = FactoryGirl.create(:user)
|
2012-09-21 20:48:30 +01:00
|
|
|
http_login(@user)
|
2012-08-21 18:15:28 +01:00
|
|
|
@project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'writer')
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it_should_behave_like 'api projects user with reader rights'
|
2012-08-22 14:44:01 +01:00
|
|
|
it_should_behave_like 'api projects user with reader rights for hidden project'
|
2012-10-17 15:30:54 +01:00
|
|
|
it_should_behave_like 'api projects user with fork rights'
|
|
|
|
|
it_should_behave_like 'api projects user with fork rights for hidden project'
|
2012-10-17 18:08:21 +01:00
|
|
|
it_should_behave_like 'api projects user without admin rights'
|
|
|
|
|
it_should_behave_like 'api projects user without owner rights'
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'for group' do
|
|
|
|
|
before(:each) do
|
|
|
|
|
@group = FactoryGirl.create(:group)
|
|
|
|
|
@group_user = FactoryGirl.create(:user)
|
2012-10-17 18:08:21 +01:00
|
|
|
# @project.relations.destroy_all
|
2012-09-21 20:48:30 +01:00
|
|
|
http_login(@group_user)
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
|
2012-08-22 14:44:01 +01:00
|
|
|
context 'with no relations to project' do
|
|
|
|
|
it_should_behave_like 'api projects user with reader rights'
|
|
|
|
|
it_should_behave_like 'api projects user without reader rights for hidden project'
|
2012-10-17 15:30:54 +01:00
|
|
|
it_should_behave_like 'api projects user with fork rights'
|
|
|
|
|
it_should_behave_like 'api projects user without fork rights for hidden project'
|
2012-10-17 18:08:21 +01:00
|
|
|
it_should_behave_like 'api projects user without admin rights'
|
|
|
|
|
it_should_behave_like 'api projects user without owner rights'
|
2012-08-22 14:44:01 +01:00
|
|
|
end
|
|
|
|
|
|
2012-08-21 18:15:28 +01:00
|
|
|
context 'owner of the project' do
|
|
|
|
|
before(:each) do
|
2012-10-17 18:08:21 +01:00
|
|
|
@project = FactoryGirl.create(:project, :owner => @group)
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'reader user' do
|
|
|
|
|
before(:each) do
|
|
|
|
|
@group.actors.create(:actor_id => @group_user.id, :actor_type => 'User', :role => 'reader')
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it_should_behave_like 'api projects user with reader rights'
|
2012-08-22 14:44:01 +01:00
|
|
|
it_should_behave_like 'api projects user with reader rights for hidden project'
|
2012-10-17 15:30:54 +01:00
|
|
|
it_should_behave_like 'api projects user with fork rights'
|
|
|
|
|
it_should_behave_like 'api projects user with fork rights for hidden project'
|
2012-10-17 18:08:21 +01:00
|
|
|
it_should_behave_like 'api projects user without admin rights'
|
|
|
|
|
it_should_behave_like 'api projects user without owner rights'
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'admin user' do
|
|
|
|
|
before(:each) do
|
|
|
|
|
@group.actors.create(:actor_id => @group_user.id, :actor_type => 'User', :role => 'admin')
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it_should_behave_like 'api projects user with reader rights'
|
2012-08-22 14:44:01 +01:00
|
|
|
it_should_behave_like 'api projects user with reader rights for hidden project'
|
2012-10-17 15:30:54 +01:00
|
|
|
it_should_behave_like 'api projects user with fork rights'
|
|
|
|
|
it_should_behave_like 'api projects user with fork rights for hidden project'
|
2012-10-17 18:08:21 +01:00
|
|
|
it_should_behave_like 'api projects user with admin rights'
|
|
|
|
|
it_should_behave_like 'api projects user with owner rights'
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'member of the project' do
|
|
|
|
|
context 'with admin rights' do
|
|
|
|
|
before(:each) do
|
|
|
|
|
@project.relations.create :actor_id => @group.id, :actor_type => @group.class.to_s, :role => 'admin'
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'reader user' do
|
|
|
|
|
before(:each) do
|
|
|
|
|
@group.actors.create(:actor_id => @group_user.id, :actor_type => 'User', :role => 'reader')
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it_should_behave_like 'api projects user with reader rights'
|
2012-08-22 14:44:01 +01:00
|
|
|
it_should_behave_like 'api projects user with reader rights for hidden project'
|
2012-10-17 15:30:54 +01:00
|
|
|
it_should_behave_like 'api projects user with fork rights'
|
|
|
|
|
it_should_behave_like 'api projects user with fork rights for hidden project'
|
2012-10-17 18:08:21 +01:00
|
|
|
it_should_behave_like 'api projects user with admin rights'
|
|
|
|
|
it_should_behave_like 'api projects user without owner rights'
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'admin user' do
|
|
|
|
|
before(:each) do
|
|
|
|
|
@group.actors.create(:actor_id => @group_user.id, :actor_type => 'User', :role => 'admin')
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it_should_behave_like 'api projects user with reader rights'
|
2012-08-22 14:44:01 +01:00
|
|
|
it_should_behave_like 'api projects user with reader rights for hidden project'
|
2012-10-17 15:30:54 +01:00
|
|
|
it_should_behave_like 'api projects user with fork rights'
|
|
|
|
|
it_should_behave_like 'api projects user with fork rights for hidden project'
|
2012-10-17 18:08:21 +01:00
|
|
|
it_should_behave_like 'api projects user with admin rights'
|
|
|
|
|
it_should_behave_like 'api projects user without owner rights'
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'with reader rights' do
|
|
|
|
|
before(:each) do
|
|
|
|
|
@project.relations.create :actor_id => @group.id, :actor_type => @group.class.to_s, :role => 'reader'
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'reader user' do
|
|
|
|
|
before(:each) do
|
|
|
|
|
@group.actors.create(:actor_id => @group_user.id, :actor_type => 'User', :role => 'reader')
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it_should_behave_like 'api projects user with reader rights'
|
2012-08-22 14:44:01 +01:00
|
|
|
it_should_behave_like 'api projects user with reader rights for hidden project'
|
2012-10-17 15:30:54 +01:00
|
|
|
it_should_behave_like 'api projects user with fork rights'
|
|
|
|
|
it_should_behave_like 'api projects user with fork rights for hidden project'
|
2012-10-17 18:08:21 +01:00
|
|
|
it_should_behave_like 'api projects user without admin rights'
|
|
|
|
|
it_should_behave_like 'api projects user without owner rights'
|
2012-08-21 18:15:28 +01:00
|
|
|
|
|
|
|
|
context 'user should has best role' do
|
|
|
|
|
before(:each) do
|
|
|
|
|
@project.relations.create :actor_id => @group_user.id, :actor_type => @group_user.class.to_s, :role => 'admin'
|
|
|
|
|
end
|
2012-10-17 15:30:54 +01:00
|
|
|
it_should_behave_like 'api projects user with reader rights'
|
|
|
|
|
it_should_behave_like 'api projects user with fork rights'
|
|
|
|
|
it_should_behave_like 'api projects user with fork rights for hidden project'
|
2012-10-17 18:08:21 +01:00
|
|
|
it_should_behave_like 'api projects user with admin rights'
|
|
|
|
|
it_should_behave_like 'api projects user without owner rights'
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'admin user' do
|
|
|
|
|
before(:each) do
|
|
|
|
|
@group.actors.create(:actor_id => @group_user.id, :actor_type => 'User', :role => 'admin')
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it_should_behave_like 'api projects user with reader rights'
|
2012-08-22 14:44:01 +01:00
|
|
|
it_should_behave_like 'api projects user with reader rights for hidden project'
|
2012-10-17 15:30:54 +01:00
|
|
|
it_should_behave_like 'api projects user with fork rights'
|
|
|
|
|
it_should_behave_like 'api projects user with fork rights for hidden project'
|
2012-10-17 18:08:21 +01:00
|
|
|
it_should_behave_like 'api projects user without admin rights'
|
|
|
|
|
it_should_behave_like 'api projects user without owner rights'
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
