rosa-build/spec/controllers/groups/members_controller_spec.rb

require 'spec_helper'

describe Groups::MembersController, type: :controller do
  before(:each) do
    stub_symlink_methods
    @group = FactoryGirl.create(:group)
    @user = @group.owner
    set_session_for @user
    @another_user = FactoryGirl.create(:user)
    @add_params = {group_id: @group, member_id: @another_user.id}
    @remove_params = {group_id: @group, members: [@group.owner.id]}
    @update_params = {group_id: @group, member_id: @group.owner.id, role: :reader}
  end

  context 'for owner user' do
    it 'should add member to group' do
      post :add, @add_params
      expect(response).to redirect_to(group_members_path(@group))
      expect(Relation.by_target(@group).by_actor(@another_user).count).to eq 1
    end

    it 'should add reader member to group' do
      post :add, @add_params
      expect(Relation.by_target(@group).by_actor(@another_user).first.role).to eq 'reader'
      expect(response).to redirect_to(group_members_path(@group))
    end

    it 'should not remove self from group' do
      post :remove, @remove_params
      expect(Relation.by_target(@group).by_actor(@user).first.role).to eq 'admin'
      expect(response).to redirect_to(group_members_path(@group))
    end
  end

  context 'for admin user' do
    before(:each) do
      @admin_user = FactoryGirl.create(:user)
      create_actor_relation(@group, @admin_user, 'admin')
      set_session_for @admin_user
    end

    it 'should add member to group' do
      post :add, @add_params
      expect(Relation.by_target(@group).by_actor(@another_user).count).to eq 1
      expect(response).to redirect_to(group_members_path(@group))
    end

    it 'should add reader member to group' do
      post :add, @add_params
      expect(Relation.by_target(@group).by_actor(@another_user).first.role).to eq 'reader'
      expect(response).to redirect_to(group_members_path(@group))
    end

    it 'should not remove owner from group' do
      post :remove, @remove_params
      expect(Relation.by_target(@group).by_actor(@user).first.role).to eq 'admin'
      expect(response).to redirect_to(group_members_path(@group))
    end

    it 'should not set read role to owner group' do
      post :update, @update_params
      expect(Relation.by_target(@group).by_actor(@user).first.role).to eq 'admin'
      expect(response).to redirect_to(forbidden_path)
    end
  end

  context 'for writer user' do
    before(:each) do
      @writer_user = FactoryGirl.create(:user)
      create_actor_relation(@group, @writer_user, 'writer')
      set_session_for @writer_user
    end

    it 'should not add member to group' do
      post :add, @add_params
      expect(response).to redirect_to(forbidden_path)
    end

    it 'should add reader member to group' do
      post :add, @add_params
      expect(response).to redirect_to(forbidden_path)
    end

    it 'should not remove owner from group' do
      post :remove, @remove_params
      expect(response).to redirect_to(forbidden_path)
    end

    it 'should not set read role to owner group' do
      post :update, @update_params
      expect(response).to redirect_to(forbidden_path)
    end
  end

  context 'for another user' do
    before(:each) do
      set_session_for @another_user
    end

    it 'should not add member to group' do
      post :add, @add_params
      expect(response).to redirect_to(forbidden_path)
    end

    it 'should add reader member to group' do
      post :add, @add_params
      expect(response).to redirect_to(forbidden_path)
    end

    it 'should not remove owner from group' do
      post :remove, @remove_params
      expect(response).to redirect_to(forbidden_path)
    end

    it 'should not set read role to owner group' do
      post :update, @update_params
      expect(response).to redirect_to(forbidden_path)
    end
  end
end