2012-08-21 18:15:28 +01:00
|
|
|
# -*- encoding : utf-8 -*-
|
|
|
|
|
require 'spec_helper'
|
|
|
|
|
|
2012-08-22 14:44:01 +01:00
|
|
|
shared_examples_for 'api platform user with reader rights' do
|
|
|
|
|
include_examples "api platform user with show rights"
|
|
|
|
|
|
2012-08-21 18:15:28 +01:00
|
|
|
it 'should be able to perform index action' do
|
|
|
|
|
get :index, :format => :json
|
|
|
|
|
response.should render_template(:index)
|
|
|
|
|
end
|
2012-10-04 16:20:10 +01:00
|
|
|
|
2012-08-22 14:44:01 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
shared_examples_for 'api platform user with reader rights for hidden platform' do
|
|
|
|
|
before(:each) do
|
|
|
|
|
@platform.update_column(:visibility, 'hidden')
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it_should_behave_like 'api platform user with show rights'
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
shared_examples_for 'api platform user without reader rights for hidden platform' do
|
|
|
|
|
before(:each) do
|
|
|
|
|
@platform.update_column(:visibility, 'hidden')
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it_should_behave_like 'api platform user without show rights'
|
|
|
|
|
end
|
2012-08-21 18:15:28 +01:00
|
|
|
|
2012-08-22 14:44:01 +01:00
|
|
|
shared_examples_for "api platform user with show rights" do
|
2012-08-21 18:15:28 +01:00
|
|
|
it 'should be able to perform show action' do
|
|
|
|
|
get :show, :id => @platform.id, :format => :json
|
|
|
|
|
response.should render_template(:show)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2012-08-22 14:44:01 +01:00
|
|
|
shared_examples_for "api platform user without show rights" do
|
|
|
|
|
it 'should not be able to perform show action' do
|
|
|
|
|
get :show, :id => @platform.id, :format => :json
|
|
|
|
|
response.body.should == {"message" => "Access violation to this page!"}.to_json
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2012-08-21 18:15:28 +01:00
|
|
|
describe Api::V1::PlatformsController do
|
2012-10-04 16:20:10 +01:00
|
|
|
before do
|
2012-08-21 18:15:28 +01:00
|
|
|
stub_symlink_methods
|
|
|
|
|
|
|
|
|
|
@platform = FactoryGirl.create(:platform)
|
|
|
|
|
@personal_platform = FactoryGirl.create(:platform, :platform_type => 'personal')
|
|
|
|
|
@user = FactoryGirl.create(:user)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'for guest' do
|
2012-09-26 18:15:11 +01:00
|
|
|
|
2012-08-21 18:15:28 +01:00
|
|
|
it "should not be able to perform index action" do
|
|
|
|
|
get :index, :format => :json
|
2012-08-22 14:44:01 +01:00
|
|
|
response.status.should == 401
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
|
2012-09-26 18:15:11 +01:00
|
|
|
it "should not be able to perform show action", :anonymous_access => false do
|
2012-08-21 18:15:28 +01:00
|
|
|
get :show, :id => @platform.id, :format => :json
|
2012-08-22 14:44:01 +01:00
|
|
|
response.status.should == 401
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
2012-09-26 18:15:11 +01:00
|
|
|
|
|
|
|
|
it_should_behave_like 'api platform user with show rights' if APP_CONFIG['anonymous_access']
|
|
|
|
|
it_should_behave_like 'api platform user without reader rights for hidden platform' if APP_CONFIG['anonymous_access']
|
|
|
|
|
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'for global admin' do
|
2012-10-04 16:20:10 +01:00
|
|
|
before do
|
2012-08-21 18:15:28 +01:00
|
|
|
@admin = FactoryGirl.create(:admin)
|
|
|
|
|
@user = FactoryGirl.create(:user)
|
2012-09-21 20:48:30 +01:00
|
|
|
http_login(@admin)
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
|
2012-08-22 14:44:01 +01:00
|
|
|
it_should_behave_like 'api platform user with reader rights'
|
|
|
|
|
it_should_behave_like 'api platform user with reader rights for hidden platform'
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'for owner user' do
|
2012-10-04 16:20:10 +01:00
|
|
|
before do
|
2012-08-21 18:15:28 +01:00
|
|
|
@user = FactoryGirl.create(:user)
|
2012-09-21 20:48:30 +01:00
|
|
|
http_login(@user)
|
2012-08-21 18:15:28 +01:00
|
|
|
@platform.owner = @user; @platform.save
|
|
|
|
|
@platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin')
|
|
|
|
|
end
|
|
|
|
|
|
2012-08-22 14:44:01 +01:00
|
|
|
it_should_behave_like 'api platform user with reader rights'
|
|
|
|
|
it_should_behave_like 'api platform user with reader rights for hidden platform'
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'for reader user' do
|
2012-10-04 16:20:10 +01:00
|
|
|
before do
|
2012-08-21 18:15:28 +01:00
|
|
|
@user = FactoryGirl.create(:user)
|
2012-09-21 20:48:30 +01:00
|
|
|
http_login(@user)
|
2012-08-21 18:15:28 +01:00
|
|
|
@platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader')
|
2012-10-04 16:20:10 +01:00
|
|
|
@personal_platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader')
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'perforf index action with type param' do
|
|
|
|
|
render_views
|
|
|
|
|
%w(main personal).each do |type|
|
|
|
|
|
it "ensures that filter by type = #{type} returns true result" do
|
|
|
|
|
get :index, :format => :json, :type => "#{type}"
|
|
|
|
|
JSON.parse(response.body)['platforms'].map{ |p| p['platform_type'] }.
|
|
|
|
|
uniq.should == ["#{type}"]
|
|
|
|
|
end
|
|
|
|
|
end
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
|
2012-08-22 14:44:01 +01:00
|
|
|
it_should_behave_like 'api platform user with reader rights'
|
|
|
|
|
it_should_behave_like 'api platform user with reader rights for hidden platform'
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context 'for simple user' do
|
2012-10-04 16:20:10 +01:00
|
|
|
before do
|
2012-08-22 14:44:01 +01:00
|
|
|
@user = FactoryGirl.create(:user)
|
2012-09-21 20:48:30 +01:00
|
|
|
http_login(@user)
|
2012-08-22 14:44:01 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it_should_behave_like 'api platform user with reader rights'
|
|
|
|
|
it_should_behave_like 'api platform user without reader rights for hidden platform'
|
2012-08-21 18:15:28 +01:00
|
|
|
end
|
|
|
|
|
end
|
