rosa-build/spec/controllers/api/v1/platforms_controller_spec.rb

302 lines
10 KiB
Ruby
Raw Normal View History

# -*- encoding : utf-8 -*-
require 'spec_helper'
shared_examples_for 'api platform user with reader rights' do
include_examples "api platform user with show rights"
it 'should be able to perform index action' do
get :index, :format => :json
response.should render_template(:index)
end
2012-10-09 17:51:41 +01:00
it 'should be able to perform members action' do
get :members, :id => @platform.id, :format => :json
response.should render_template(:members)
end
2012-10-09 17:51:41 +01:00
end
shared_examples_for 'api platform user with writer rights' do
2012-10-04 16:20:10 +01:00
2012-10-09 17:51:41 +01:00
context 'api platform user with update rights' do
before do
put :update, {:platform => {:description => 'new description'}, :id => @platform.id}, :format => :json
end
it 'should be able to perform update action' do
response.should be_success
end
it 'ensures that platform has been updated' do
@platform.reload
@platform.description.should == 'new description'
end
end
2012-10-09 17:51:41 +01:00
context 'api platform user with add_member rights' do
let(:member) { FactoryGirl.create(:user) }
before do
put :add_member, {:member_id => member.id, :type => 'User', :id => @platform.id}, :format => :json
end
it 'should be able to perform add_member action' do
2012-10-09 17:51:41 +01:00
response.should be_success
end
it 'ensures that new member has been added to platform' do
@platform.members.should include(member)
end
end
2012-10-09 17:51:41 +01:00
context 'api platform user with remove_member rights' do
let(:member) { FactoryGirl.create(:user) }
before do
@platform.add_member(member)
delete :remove_member, {:member_id => member.id, :type => 'User', :id => @platform.id}, :format => :json
end
it 'should be able to perform update action' do
response.should be_success
end
it 'ensures that member has been removed from platform' do
@platform.members.should_not include(member)
end
end
end
2012-10-09 17:51:41 +01:00
shared_examples_for 'api platform user without writer rights' do
2012-10-09 17:51:41 +01:00
context 'api platform user without update rights' do
before do
put :update, {:platform => {:description => 'new description'}, :id => @platform.id}, :format => :json
end
it 'should not be able to perform update action' do
response.should_not be_success
end
it 'ensures that platform has not been updated' do
@platform.reload
@platform.description.should_not == 'new description'
end
end
2012-10-09 17:51:41 +01:00
context 'api platform user without add_member rights' do
let(:member) { FactoryGirl.create(:user) }
before do
put :add_member, {:member_id => member.id, :type => 'User', :id => @platform.id}, :format => :json
end
it 'should not be able to perform add_member action' do
2012-10-09 17:51:41 +01:00
response.should_not be_success
end
it 'ensures that new member has not been added to platform' do
@platform.members.should_not include(member)
end
end
context 'api platform user without remove_member rights' do
let(:member) { FactoryGirl.create(:user) }
before do
@platform.add_member(member)
delete :remove_member, {:member_id => member.id, :type => 'User', :id => @platform.id}, :format => :json
end
it 'should be able to perform update action' do
response.should_not be_success
end
it 'ensures that member has not been removed from platform' do
@platform.members.should include(member)
end
end
context 'should not be able to perform clear action' do
it 'for personal platform' do
put :clear, :id => @personal_platform.id, :format => :json
response.should_not be_success
end
it 'for main platform' do
put :clear, :id => @platform.id, :format => :json
response.should_not be_success
end
end
it_should_behave_like 'api platform user without clone rights'
it_should_behave_like 'api platform user without clear rights'
end
shared_examples_for 'api platform user without clear rights' do
it 'for personal platform' do
put :clear, :id => @personal_platform.id, :format => :json
response.should_not be_success
end
it 'for main platform' do
put :clear, :id => @platform.id, :format => :json
response.should_not be_success
end
end
shared_examples_for 'api platform user without clone rights' do
before { any_instance_of(Platform, :create_directory => true) }
let(:params) { {:id => @platform.id, :platform => {:description => 'new description', :name => 'new_name'}} }
it 'should not be able to perform clone action' do
post :clone, params, :format => :json
response.should_not be_success
end
it 'ensures that platform has not been cloned' do
lambda { post :clone, params, :format => :json }.should_not change{ Platform.count }
end
end
shared_examples_for 'api platform user with reader rights for hidden platform' do
before(:each) do
@platform.update_column(:visibility, 'hidden')
end
it_should_behave_like 'api platform user with show rights'
end
shared_examples_for 'api platform user without reader rights for hidden platform' do
before(:each) do
@platform.update_column(:visibility, 'hidden')
end
it_should_behave_like 'api platform user without show rights'
end
shared_examples_for "api platform user with show rights" do
it 'should be able to perform show action' do
get :show, :id => @platform.id, :format => :json
response.should render_template(:show)
end
it 'should be able to perform platforms_for_build action' do
get :platforms_for_build, :format => :json
response.should render_template(:index)
end
end
shared_examples_for "api platform user without show rights" do
[:show, :members].each do |action|
it "should not be able to perform #{ action } action" do
get action, :id => @platform.id, :format => :json
response.body.should == {"message" => "Access violation to this page!"}.to_json
end
end
end
describe Api::V1::PlatformsController do
2012-10-04 16:20:10 +01:00
before do
stub_symlink_methods
@platform = FactoryGirl.create(:platform, :visibility => 'open')
@personal_platform = FactoryGirl.create(:platform, :platform_type => 'personal')
@user = FactoryGirl.create(:user)
end
context 'for guest' do
it "should not be able to perform index action" do
get :index, :format => :json
response.status.should == 401
end
[:show, :platforms_for_build].each do |action|
it "should not be able to perform #{ action } action", :anonymous_access => false do
get action, :format => :json
response.status.should == 401
end
end
2012-10-09 17:51:41 +01:00
it 'should be able to perform members action' do
get :members, :id => @platform.id, :format => :json
response.should render_template(:members)
end
it_should_behave_like 'api platform user with show rights' if APP_CONFIG['anonymous_access']
it_should_behave_like 'api platform user without reader rights for hidden platform' if APP_CONFIG['anonymous_access']
2012-10-09 17:51:41 +01:00
it_should_behave_like 'api platform user without writer rights'
end
context 'for global admin' do
2012-10-04 16:20:10 +01:00
before do
@admin = FactoryGirl.create(:admin)
@user = FactoryGirl.create(:user)
http_login(@admin)
end
it_should_behave_like 'api platform user with reader rights'
it_should_behave_like 'api platform user with reader rights for hidden platform'
2012-10-09 17:51:41 +01:00
it_should_behave_like 'api platform user with writer rights'
context 'with clone rights' do
before { any_instance_of(Platform, :create_directory => true) }
let(:params) { {:id => @platform.id, :platform => {:description => 'new description', :name => 'new_name'}} }
it 'should be able to perform clone action' do
post :clone, params, :format => :json
response.should be_success
end
it 'ensures that platform has been cloned' do
lambda { post :clone, params, :format => :json }.should change{ Platform.count }.by(1)
end
end
context 'with clear rights for personal platform' do
it 'personal platform should be cleared successfully' do
put :clear, :id => @personal_platform.id, :format => :json
response.should be_success
end
it 'main platform should not be cleared' do
put :clear, :id => @platform.id, :format => :json
response.should_not be_success
end
end
end
context 'for owner user' do
2012-10-04 16:20:10 +01:00
before do
@user = FactoryGirl.create(:user)
http_login(@user)
@platform.owner = @user; @platform.save
@platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin')
end
it_should_behave_like 'api platform user with reader rights'
it_should_behave_like 'api platform user with reader rights for hidden platform'
2012-10-09 17:51:41 +01:00
it_should_behave_like 'api platform user with writer rights'
it_should_behave_like 'api platform user without clone rights'
it_should_behave_like 'api platform user without clear rights'
end
context 'for reader user' do
2012-10-04 16:20:10 +01:00
before do
@user = FactoryGirl.create(:user)
http_login(@user)
@platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader')
2012-10-04 16:20:10 +01:00
@personal_platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader')
end
2012-10-04 16:50:20 +01:00
context 'perform index action with type param' do
2012-10-04 16:20:10 +01:00
render_views
%w(main personal).each do |type|
it "ensures that filter by type = #{type} returns true result" do
get :index, :format => :json, :type => "#{type}"
JSON.parse(response.body)['platforms'].map{ |p| p['platform_type'] }.
uniq.should == ["#{type}"]
end
end
end
it_should_behave_like 'api platform user with reader rights'
it_should_behave_like 'api platform user with reader rights for hidden platform'
2012-10-09 17:51:41 +01:00
it_should_behave_like 'api platform user without writer rights'
end
context 'for simple user' do
2012-10-04 16:20:10 +01:00
before do
@user = FactoryGirl.create(:user)
http_login(@user)
end
it_should_behave_like 'api platform user with reader rights'
it_should_behave_like 'api platform user without reader rights for hidden platform'
2012-10-09 17:51:41 +01:00
it_should_behave_like 'api platform user without writer rights'
end
end