2013-04-15 20:23:49 +01:00
|
|
|
# -*- encoding : utf-8 -*-
|
|
|
|
require 'spec_helper'
|
|
|
|
|
|
|
|
describe Api::V1::IssuesController do
|
|
|
|
before(:all) do
|
|
|
|
stub_symlink_methods
|
|
|
|
stub_redis
|
|
|
|
any_instance_of(Project, :versions => ['v1.0', 'v2.0'])
|
|
|
|
|
|
|
|
@issue = FactoryGirl.create(:issue)
|
|
|
|
@project = @issue.project
|
|
|
|
|
|
|
|
@membered_issue = FactoryGirl.create(:issue)
|
|
|
|
@membered_project = @membered_issue.project
|
|
|
|
@membered_project.relations.create(:role => 'reader', :actor => @issue.user)
|
|
|
|
|
|
|
|
@open_issue = FactoryGirl.create(:issue)
|
|
|
|
@open_project = @open_issue.project
|
|
|
|
|
|
|
|
@own_hidden_project = FactoryGirl.create(:project, :owner => @issue.user)
|
|
|
|
@own_hidden_project.update_column :visibility, 'hidden'
|
2013-04-17 18:32:04 +01:00
|
|
|
@own_hidden_issue = FactoryGirl.create(:issue, :project => @own_hidden_project, :assignee => @issue.user)
|
2013-04-15 20:23:49 +01:00
|
|
|
|
|
|
|
@hidden_issue = FactoryGirl.create(:issue)
|
|
|
|
@hidden_project = @hidden_issue.project
|
|
|
|
@hidden_project.update_column :visibility, 'hidden'
|
|
|
|
|
|
|
|
@create_params = {:issue => {:title => 'title', :body => 'body'}, :project_id => @project.id, :format => :json}
|
|
|
|
@update_params = {:issue => {:title => 'new title'}, :project_id => @project.id, :id => @issue.serial_id, :format => :json}
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'read and accessible abilities' do
|
|
|
|
context 'for user' do
|
|
|
|
before(:each) do
|
|
|
|
http_login(@issue.user)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'can show issue in own project' do
|
|
|
|
get :show, :project_id => @project.id, :id => @issue.serial_id, :format => :json
|
|
|
|
response.should be_success
|
|
|
|
end
|
|
|
|
|
2013-06-10 18:51:50 +01:00
|
|
|
it 'should render right template for show action' do
|
|
|
|
get :show, :project_id => @project.id, :id => @issue.serial_id, :format => :json
|
|
|
|
response.should render_template('api/v1/issues/show')
|
|
|
|
end
|
|
|
|
|
2013-04-15 20:23:49 +01:00
|
|
|
it 'can show issue in open project' do
|
|
|
|
get :show, :project_id => @open_project.id, :id => @open_issue.serial_id, :format => :json
|
|
|
|
response.should be_success
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'can show issue in own hidden project' do
|
|
|
|
get :show, :project_id => @own_hidden_project.id, :id => @own_hidden_issue.serial_id, :format => :json
|
|
|
|
response.should be_success
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'cant show issue in hidden project' do
|
|
|
|
get :show, :project_id => @hidden_project.id, :id => @hidden_issue.serial_id, :format => :json
|
|
|
|
response.status.should == 403
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'should return three issues' do
|
|
|
|
get :all_index, :filter => 'all', :format => :json
|
|
|
|
assigns[:issues].should include(@issue)
|
|
|
|
assigns[:issues].should include(@own_hidden_issue)
|
|
|
|
assigns[:issues].should include(@membered_issue)
|
|
|
|
end
|
|
|
|
|
2013-06-10 18:51:50 +01:00
|
|
|
it 'should render right template for all index action' do
|
|
|
|
get :all_index, :format => :json
|
|
|
|
response.should render_template('api/v1/issues/index')
|
|
|
|
end
|
|
|
|
|
2013-04-17 18:32:04 +01:00
|
|
|
it 'should return only assigned issue' do
|
2013-04-15 20:23:49 +01:00
|
|
|
get :user_index, :format => :json
|
2013-04-17 18:32:04 +01:00
|
|
|
assigns[:issues].should include(@own_hidden_issue)
|
2013-06-28 17:15:17 +01:00
|
|
|
assigns[:issues].should have(1).item
|
2013-04-15 20:23:49 +01:00
|
|
|
end
|
2013-06-10 18:51:50 +01:00
|
|
|
|
|
|
|
it 'should render right template for user index action' do
|
|
|
|
get :user_index, :format => :json
|
|
|
|
response.should render_template('api/v1/issues/index')
|
|
|
|
end
|
2013-04-15 20:23:49 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'for anonymous user' do
|
|
|
|
it 'can show issue in open project', :anonymous_access => true do
|
|
|
|
get :show, :project_id => @project.id, :id => @issue.serial_id, :format => :json
|
|
|
|
response.should be_success
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'cant show issue in hidden project', :anonymous_access => true do
|
|
|
|
get :show, :project_id => @hidden_project.id, :id => @hidden_issue.serial_id, :format => :json
|
|
|
|
response.status.should == 403
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'should not return any issues' do
|
|
|
|
get :all_index, :filter => 'all', :format => :json
|
|
|
|
response.status.should == 401
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'create accessibility' do
|
|
|
|
context 'for user' do
|
|
|
|
before(:each) do
|
|
|
|
http_login(@issue.user)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'can create issue in own project' do
|
2013-06-28 14:20:10 +01:00
|
|
|
lambda { post :create, @create_params}.should change{ Issue.count }.by(1)
|
2013-04-15 20:23:49 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'can create issue in own hidden project' do
|
2013-06-28 14:20:10 +01:00
|
|
|
lambda { post :create, @create_params.merge(:project_id => @own_hidden_project.id)}.should change{ Issue.count }.by(1)
|
2013-04-15 20:23:49 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'can create issue in open project' do
|
2013-06-28 14:20:10 +01:00
|
|
|
lambda { post :create, @create_params.merge(:project_id => @open_project.id)}.should change{ Issue.count }.by(1)
|
2013-04-15 20:23:49 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'cant create issue in hidden project' do
|
2013-06-28 14:20:10 +01:00
|
|
|
lambda { post :create, @create_params.merge(:project_id => @hidden_project.id)}.should change{ Issue.count }.by(0)
|
2013-04-15 20:23:49 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'for anonymous user' do
|
|
|
|
it 'cant create issue in project', :anonymous_access => true do
|
2013-06-28 14:20:10 +01:00
|
|
|
lambda { post :create, @create_params}.should change{ Issue.count }.by(0)
|
2013-04-15 20:23:49 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'cant create issue in hidden project', :anonymous_access => true do
|
2013-06-28 14:20:10 +01:00
|
|
|
lambda { post :create, @create_params.merge(:project_id => @hidden_project.id)}.should change{ Issue.count }.by(0)
|
2013-04-15 20:23:49 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'update accessibility' do
|
|
|
|
context 'for user' do
|
|
|
|
before(:each) do
|
|
|
|
http_login(@issue.user)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'can update issue in own project' do
|
|
|
|
put :update, @update_params
|
|
|
|
@issue.reload.title.should == 'new title'
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'can update issue in own hidden project' do
|
|
|
|
put :update, @update_params.merge(:project_id => @own_hidden_project.id, :id => @own_hidden_issue.serial_id)
|
|
|
|
@own_hidden_issue.reload.title.should == 'new title'
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'cant update issue in open project' do
|
|
|
|
put :update, @update_params.merge(:project_id => @open_project.id, :id => @open_issue.serial_id)
|
|
|
|
@open_issue.reload.title.should_not == 'new title'
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'cant update issue in hidden project' do
|
|
|
|
put :update, @update_params.merge(:project_id => @hidden_project.id, :id => @hidden_issue.serial_id)
|
|
|
|
@hidden_issue.reload.title.should_not == 'title'
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'for anonymous user' do
|
|
|
|
before(:each) do
|
|
|
|
@count = Issue.count
|
|
|
|
end
|
|
|
|
it 'cant update issue in project', :anonymous_access => true do
|
|
|
|
put :update, @update_params
|
|
|
|
response.status.should == 401
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'cant update issue in hidden project', :anonymous_access => true do
|
|
|
|
put :update, @update_params.merge(:project_id => @hidden_project.id, :id => @hidden_issue.serial_id)
|
|
|
|
response.status.should == 401
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2013-06-28 14:20:10 +01:00
|
|
|
|
2013-04-15 20:23:49 +01:00
|
|
|
after(:all) do
|
|
|
|
User.destroy_all
|
|
|
|
Platform.destroy_all
|
|
|
|
end
|
|
|
|
end
|