rosa-build/spec/controllers/api/v1/platforms_controller_spec.rb

# -*- encoding : utf-8 -*-
require 'spec_helper'

shared_examples_for 'api platform user with reader rights' do
  include_examples "api platform user with show rights"

  it 'should be able to perform index action' do
    get :index, :format => :json
    response.should render_template(:index)
  end

  it 'should be able to perform members action' do
    get :members, :id => @platform.id, :format => :json
    response.should render_template(:members)
  end
end

shared_examples_for 'api platform user with writer rights' do

  context 'api platform user with update rights' do
    before do
      put :update, {:platform => {:description => 'new description'}, :id => @platform.id}, :format => :json
    end

    it 'should be able to perform update action' do
      response.should be_success
    end
    it 'ensures that platform has been updated' do
      @platform.reload
      @platform.description.should == 'new description'
    end
  end

  context 'api platform user with add_member rights' do
    let(:member) { FactoryGirl.create(:user) }
    before do
      put :add_member, {:member_id => member.id, :type => 'User', :id => @platform.id}, :format => :json
    end

    it 'should be able to perform add_member action' do
      response.should be_success
    end
    it 'ensures that new member has been added to platform' do
      @platform.members.should include(member)
    end
  end

  context 'api platform user with remove_member rights' do
    let(:member) { FactoryGirl.create(:user) }
    before do
      @platform.add_member(member)
      delete :remove_member, {:member_id => member.id, :type => 'User', :id => @platform.id}, :format => :json
    end

    it 'should be able to perform update action' do
      response.should be_success
    end
    it 'ensures that member has been removed from platform' do
      @platform.members.should_not include(member)
    end
  end
end

shared_examples_for 'api platform user without writer rights' do

  context 'api platform user without update rights' do
    before do
      put :update, {:platform => {:description => 'new description'}, :id => @platform.id}, :format => :json
    end

    it 'should not be able to perform update action' do
      response.should_not be_success
    end
    it 'ensures that platform has not been updated' do
      @platform.reload
      @platform.description.should_not == 'new description'
    end
  end

  context 'api platform user without add_member rights' do
    let(:member) { FactoryGirl.create(:user) }
    before do
      put :add_member, {:member_id => member.id, :type => 'User', :id => @platform.id}, :format => :json
    end

    it 'should not be able to perform add_member action' do
      response.should_not be_success
    end
    it 'ensures that new member has not been added to platform' do
      @platform.members.should_not include(member)
    end
  end

  context 'api platform user without remove_member rights' do
    let(:member) { FactoryGirl.create(:user) }
    before do
      @platform.add_member(member)
      delete :remove_member, {:member_id => member.id, :type => 'User', :id => @platform.id}, :format => :json
    end

    it 'should be able to perform update action' do
      response.should_not be_success
    end
    it 'ensures that member has not been removed from platform' do
      @platform.members.should include(member)
    end
  end

  it_should_behave_like 'api platform user without clone rights'
end

shared_examples_for 'api platform user with clone rights' do
  before { any_instance_of(Platform, :create_directory => true) }
  let(:params) { {:id => @platform.id, :platform => {:description => 'new description', :name => 'new_name'}} }
  it 'should be able to perform clone action' do
    post :clone, params, :format => :json
    response.should be_success
  end
  it 'ensures that platform has been cloned' do
    lambda { post :clone, params, :format => :json }.should change{ Platform.count }.by(1)
  end
end

shared_examples_for 'api platform user without clone rights' do
  before { any_instance_of(Platform, :create_directory => true) }
  let(:params) { {:id => @platform.id, :platform => {:description => 'new description', :name => 'new_name'}} }
  it 'should not be able to perform clone action' do
    post :clone, params, :format => :json
    response.should_not be_success
  end
  it 'ensures that platform has not been cloned' do
    lambda { post :clone, params, :format => :json }.should_not change{ Platform.count }
  end
end

shared_examples_for 'api platform user with reader rights for hidden platform' do
  before(:each) do
    @platform.update_column(:visibility, 'hidden')
  end

  it_should_behave_like 'api platform user with show rights'
end

shared_examples_for 'api platform user without reader rights for hidden platform' do
  before(:each) do
    @platform.update_column(:visibility, 'hidden')
  end

  it_should_behave_like 'api platform user without show rights'
end

shared_examples_for "api platform user with show rights" do
  it 'should be able to perform show action' do
    get :show, :id => @platform.id, :format => :json
    response.should render_template(:show)
  end

  it 'should be able to perform platforms_for_build action' do
    get :platforms_for_build, :format => :json
    response.should render_template(:index)
  end
end

shared_examples_for "api platform user without show rights" do
  [:show, :members].each do |action|
    it "should not be able to perform #{ action } action" do
      get action, :id => @platform.id, :format => :json
      response.body.should == {"message" => "Access violation to this page!"}.to_json
    end
  end
end

describe Api::V1::PlatformsController do
  before do
    stub_symlink_methods

    @platform = FactoryGirl.create(:platform, :visibility => 'open')
    @personal_platform = FactoryGirl.create(:platform, :platform_type => 'personal')
    @user = FactoryGirl.create(:user)
  end

  context 'for guest' do
    
    it "should not be able to perform index action" do
      get :index, :format => :json
      response.status.should == 401
    end

    [:show, :platforms_for_build].each do |action|
      it "should not be able to perform #{ action } action", :anonymous_access  => false do
        get action, :format => :json
        response.status.should == 401
      end
    end

    it 'should be able to perform members action' do
      get :members, :id => @platform.id, :format => :json
      response.should render_template(:members)
    end

    it_should_behave_like 'api platform user with show rights' if APP_CONFIG['anonymous_access']
    it_should_behave_like 'api platform user without reader rights for hidden platform' if APP_CONFIG['anonymous_access']
    it_should_behave_like 'api platform user without writer rights'
  end

  context 'for global admin' do
    before do
      @admin = FactoryGirl.create(:admin)
      @user = FactoryGirl.create(:user)
      http_login(@admin)
    end

    it_should_behave_like 'api platform user with reader rights'
    it_should_behave_like 'api platform user with reader rights for hidden platform'
    it_should_behave_like 'api platform user with writer rights'
    it_should_behave_like 'api platform user with clone rights'
  end

  context 'for owner user' do
    before do
      @user = FactoryGirl.create(:user)
      http_login(@user)
      @platform.owner = @user; @platform.save
      @platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin')
    end

    it_should_behave_like 'api platform user with reader rights'
    it_should_behave_like 'api platform user with reader rights for hidden platform'
    it_should_behave_like 'api platform user with writer rights'
    it_should_behave_like 'api platform user without clone rights'
  end

  context 'for reader user' do
    before do
      @user = FactoryGirl.create(:user)
      http_login(@user)
      @platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader')
      @personal_platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader')
    end

    context 'perform index action with type param' do
      render_views
      %w(main personal).each do |type|
        it "ensures that filter by type = #{type} returns true result" do
          get :index, :format => :json, :type => "#{type}"
          JSON.parse(response.body)['platforms'].map{ |p| p['platform_type'] }.
            uniq.should == ["#{type}"]
        end
      end
    end

    it_should_behave_like 'api platform user with reader rights'
    it_should_behave_like 'api platform user with reader rights for hidden platform'
    it_should_behave_like 'api platform user without writer rights'
  end

  context 'for simple user' do
    before do
      @user = FactoryGirl.create(:user)
      http_login(@user)
    end

    it_should_behave_like 'api platform user with reader rights'
    it_should_behave_like 'api platform user without reader rights for hidden platform'
    it_should_behave_like 'api platform user without writer rights'
  end
end
[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00			`# -- encoding : utf-8 --`
			`require 'spec_helper'`

[refs #374] Finished REST API projects,reps,pls read specs 2012-08-22 14:44:01 +01:00			`shared_examples_for 'api platform user with reader rights' do`
			`include_examples "api platform user with show rights"`

[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00			`it 'should be able to perform index action' do`
			`get :index, :format => :json`
			`response.should render_template(:index)`
			`end`
#671: added #add_member action for platforms API, added new specs 2012-10-09 17:23:48 +01:00
#671: added specs for API 2012-10-09 17:51:41 +01:00			`it 'should be able to perform members action' do`
			`get :members, :id => @platform.id, :format => :json`
			`response.should render_template(:members)`
#671: added #add_member action for platforms API, added new specs 2012-10-09 17:23:48 +01:00			`end`
#671: added specs for API 2012-10-09 17:51:41 +01:00			`end`

			`shared_examples_for 'api platform user with writer rights' do`
#671: added specs for filter by type 2012-10-04 16:20:10 +01:00
#671: added specs for API 2012-10-09 17:51:41 +01:00			`context 'api platform user with update rights' do`
			`before do`
			`put :update, {:platform => {:description => 'new description'}, :id => @platform.id}, :format => :json`
			`end`

			`it 'should be able to perform update action' do`
			`response.should be_success`
			`end`
			`it 'ensures that platform has been updated' do`
			`@platform.reload`
			`@platform.description.should == 'new description'`
			`end`
#671: added #add_member action for platforms API, added new specs 2012-10-09 17:23:48 +01:00			`end`
#671: added specs for API 2012-10-09 17:51:41 +01:00
			`context 'api platform user with add_member rights' do`
			`let(:member) { FactoryGirl.create(:user) }`
			`before do`
			`put :add_member, {:member_id => member.id, :type => 'User', :id => @platform.id}, :format => :json`
			`end`

#671: added #remove_member action for platforms API, updated specs 2012-10-09 18:07:10 +01:00			`it 'should be able to perform add_member action' do`
#671: added specs for API 2012-10-09 17:51:41 +01:00			`response.should be_success`
			`end`
			`it 'ensures that new member has been added to platform' do`
			`@platform.members.should include(member)`
			`end`
#671: added #add_member action for platforms API, added new specs 2012-10-09 17:23:48 +01:00			`end`
#671: added specs for API 2012-10-09 17:51:41 +01:00
#671: added #remove_member action for platforms API, updated specs 2012-10-09 18:07:10 +01:00			`context 'api platform user with remove_member rights' do`
			`let(:member) { FactoryGirl.create(:user) }`
			`before do`
			`@platform.add_member(member)`
			`delete :remove_member, {:member_id => member.id, :type => 'User', :id => @platform.id}, :format => :json`
			`end`

			`it 'should be able to perform update action' do`
			`response.should be_success`
			`end`
			`it 'ensures that member has been removed from platform' do`
			`@platform.members.should_not include(member)`
			`end`
			`end`
#671: added #add_member action for platforms API, added new specs 2012-10-09 17:23:48 +01:00			`end`

#671: added specs for API 2012-10-09 17:51:41 +01:00			`shared_examples_for 'api platform user without writer rights' do`
#671: added #add_member action for platforms API, added new specs 2012-10-09 17:23:48 +01:00
#671: added specs for API 2012-10-09 17:51:41 +01:00			`context 'api platform user without update rights' do`
			`before do`
			`put :update, {:platform => {:description => 'new description'}, :id => @platform.id}, :format => :json`
			`end`

			`it 'should not be able to perform update action' do`
			`response.should_not be_success`
			`end`
			`it 'ensures that platform has not been updated' do`
			`@platform.reload`
			`@platform.description.should_not == 'new description'`
			`end`
#671: added #add_member action for platforms API, added new specs 2012-10-09 17:23:48 +01:00			`end`
#671: added specs for API 2012-10-09 17:51:41 +01:00
			`context 'api platform user without add_member rights' do`
			`let(:member) { FactoryGirl.create(:user) }`
			`before do`
			`put :add_member, {:member_id => member.id, :type => 'User', :id => @platform.id}, :format => :json`
			`end`

#671: added #remove_member action for platforms API, updated specs 2012-10-09 18:07:10 +01:00			`it 'should not be able to perform add_member action' do`
#671: added specs for API 2012-10-09 17:51:41 +01:00			`response.should_not be_success`
			`end`
			`it 'ensures that new member has not been added to platform' do`
			`@platform.members.should_not include(member)`
			`end`
#671: added #add_member action for platforms API, added new specs 2012-10-09 17:23:48 +01:00			`end`
#671: added #remove_member action for platforms API, updated specs 2012-10-09 18:07:10 +01:00
			`context 'api platform user without remove_member rights' do`
			`let(:member) { FactoryGirl.create(:user) }`
			`before do`
			`@platform.add_member(member)`
			`delete :remove_member, {:member_id => member.id, :type => 'User', :id => @platform.id}, :format => :json`
			`end`

			`it 'should be able to perform update action' do`
			`response.should_not be_success`
			`end`
			`it 'ensures that member has not been removed from platform' do`
			`@platform.members.should include(member)`
			`end`
			`end`

#671: added specs for API Platforms#clone action 2012-10-10 16:13:14 +01:00			`it_should_behave_like 'api platform user without clone rights'`
			`end`

			`shared_examples_for 'api platform user with clone rights' do`
			`before { any_instance_of(Platform, :create_directory => true) }`
			`let(:params) { {:id => @platform.id, :platform => {:description => 'new description', :name => 'new_name'}} }`
			`it 'should be able to perform clone action' do`
			`post :clone, params, :format => :json`
			`response.should be_success`
			`end`
			`it 'ensures that platform has been cloned' do`
			`lambda { post :clone, params, :format => :json }.should change{ Platform.count }.by(1)`
			`end`
			`end`

			`shared_examples_for 'api platform user without clone rights' do`
			`before { any_instance_of(Platform, :create_directory => true) }`
			`let(:params) { {:id => @platform.id, :platform => {:description => 'new description', :name => 'new_name'}} }`
			`it 'should not be able to perform clone action' do`
			`post :clone, params, :format => :json`
			`response.should_not be_success`
			`end`
			`it 'ensures that platform has not been cloned' do`
			`lambda { post :clone, params, :format => :json }.should_not change{ Platform.count }`
			`end`
[refs #374] Finished REST API projects,reps,pls read specs 2012-08-22 14:44:01 +01:00			`end`

			`shared_examples_for 'api platform user with reader rights for hidden platform' do`
			`before(:each) do`
			`@platform.update_column(:visibility, 'hidden')`
			`end`

			`it_should_behave_like 'api platform user with show rights'`
			`end`

			`shared_examples_for 'api platform user without reader rights for hidden platform' do`
			`before(:each) do`
			`@platform.update_column(:visibility, 'hidden')`
			`end`

			`it_should_behave_like 'api platform user without show rights'`
			`end`
[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00
[refs #374] Finished REST API projects,reps,pls read specs 2012-08-22 14:44:01 +01:00			`shared_examples_for "api platform user with show rights" do`
[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00			`it 'should be able to perform show action' do`
			`get :show, :id => @platform.id, :format => :json`
			`response.should render_template(:show)`
			`end`
#671: added #add_member action for platforms API, added new specs 2012-10-09 17:23:48 +01:00
			`it 'should be able to perform platforms_for_build action' do`
			`get :platforms_for_build, :format => :json`
			`response.should render_template(:index)`
			`end`
[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00			`end`

[refs #374] Finished REST API projects,reps,pls read specs 2012-08-22 14:44:01 +01:00			`shared_examples_for "api platform user without show rights" do`
#671: added #add_member action for platforms API, added new specs 2012-10-09 17:23:48 +01:00			`[:show, :members].each do \|action\|`
			`it "should not be able to perform #{ action } action" do`
			`get action, :id => @platform.id, :format => :json`
			`response.body.should == {"message" => "Access violation to this page!"}.to_json`
			`end`
[refs #374] Finished REST API projects,reps,pls read specs 2012-08-22 14:44:01 +01:00			`end`
			`end`

[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00			`describe Api::V1::PlatformsController do`
#671: added specs for filter by type 2012-10-04 16:20:10 +01:00			`before do`
[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00			`stub_symlink_methods`

#671: added #add_member action for platforms API, added new specs 2012-10-09 17:23:48 +01:00			`@platform = FactoryGirl.create(:platform, :visibility => 'open')`
[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00			`@personal_platform = FactoryGirl.create(:platform, :platform_type => 'personal')`
			`@user = FactoryGirl.create(:user)`
			`end`

			`context 'for guest' do`
[refs #374] Fix support http basic auth, fix tests, fix abilities. 2012-09-26 18:15:11 +01:00
[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00			`it "should not be able to perform index action" do`
			`get :index, :format => :json`
[refs #374] Finished REST API projects,reps,pls read specs 2012-08-22 14:44:01 +01:00			`response.status.should == 401`
[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00			`end`

#671: added #add_member action for platforms API, added new specs 2012-10-09 17:23:48 +01:00			`[:show, :platforms_for_build].each do \|action\|`
			`it "should not be able to perform #{ action } action", :anonymous_access => false do`
			`get action, :format => :json`
			`response.status.should == 401`
			`end`
			`end`

#671: added specs for API 2012-10-09 17:51:41 +01:00			`it 'should be able to perform members action' do`
#671: added #add_member action for platforms API, added new specs 2012-10-09 17:23:48 +01:00			`get :members, :id => @platform.id, :format => :json`
			`response.should render_template(:members)`
[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00			`end`
[refs #374] Fix support http basic auth, fix tests, fix abilities. 2012-09-26 18:15:11 +01:00
			`it_should_behave_like 'api platform user with show rights' if APP_CONFIG['anonymous_access']`
			`it_should_behave_like 'api platform user without reader rights for hidden platform' if APP_CONFIG['anonymous_access']`
#671: added specs for API 2012-10-09 17:51:41 +01:00			`it_should_behave_like 'api platform user without writer rights'`
[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00			`end`

			`context 'for global admin' do`
#671: added specs for filter by type 2012-10-04 16:20:10 +01:00			`before do`
[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00			`@admin = FactoryGirl.create(:admin)`
			`@user = FactoryGirl.create(:user)`
[refs #374] Fix failed tests after http basic auth 2012-09-21 20:48:30 +01:00			`http_login(@admin)`
[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00			`end`

[refs #374] Finished REST API projects,reps,pls read specs 2012-08-22 14:44:01 +01:00			`it_should_behave_like 'api platform user with reader rights'`
			`it_should_behave_like 'api platform user with reader rights for hidden platform'`
#671: added specs for API 2012-10-09 17:51:41 +01:00			`it_should_behave_like 'api platform user with writer rights'`
#671: added specs for API Platforms#clone action 2012-10-10 16:13:14 +01:00			`it_should_behave_like 'api platform user with clone rights'`
[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00			`end`

			`context 'for owner user' do`
#671: added specs for filter by type 2012-10-04 16:20:10 +01:00			`before do`
[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00			`@user = FactoryGirl.create(:user)`
[refs #374] Fix failed tests after http basic auth 2012-09-21 20:48:30 +01:00			`http_login(@user)`
[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00			`@platform.owner = @user; @platform.save`
			`@platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin')`
			`end`

[refs #374] Finished REST API projects,reps,pls read specs 2012-08-22 14:44:01 +01:00			`it_should_behave_like 'api platform user with reader rights'`
			`it_should_behave_like 'api platform user with reader rights for hidden platform'`
#671: added specs for API 2012-10-09 17:51:41 +01:00			`it_should_behave_like 'api platform user with writer rights'`
#671: added specs for API Platforms#clone action 2012-10-10 16:13:14 +01:00			`it_should_behave_like 'api platform user without clone rights'`
[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00			`end`

			`context 'for reader user' do`
#671: added specs for filter by type 2012-10-04 16:20:10 +01:00			`before do`
[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00			`@user = FactoryGirl.create(:user)`
[refs #374] Fix failed tests after http basic auth 2012-09-21 20:48:30 +01:00			`http_login(@user)`
[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00			`@platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader')`
#671: added specs for filter by type 2012-10-04 16:20:10 +01:00			`@personal_platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader')`
			`end`

#671: fixed comments 2012-10-04 16:50:20 +01:00			`context 'perform index action with type param' do`
#671: added specs for filter by type 2012-10-04 16:20:10 +01:00			`render_views`
			`%w(main personal).each do \|type\|`
			`it "ensures that filter by type = #{type} returns true result" do`
			`get :index, :format => :json, :type => "#{type}"`
			`JSON.parse(response.body)['platforms'].map{ \|p\| p['platform_type'] }.`
			`uniq.should == ["#{type}"]`
			`end`
			`end`
[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00			`end`

[refs #374] Finished REST API projects,reps,pls read specs 2012-08-22 14:44:01 +01:00			`it_should_behave_like 'api platform user with reader rights'`
			`it_should_behave_like 'api platform user with reader rights for hidden platform'`
#671: added specs for API 2012-10-09 17:51:41 +01:00			`it_should_behave_like 'api platform user without writer rights'`
[refs #374] Finished REST API projects,reps,pls read specs 2012-08-22 14:44:01 +01:00			`end`

			`context 'for simple user' do`
#671: added specs for filter by type 2012-10-04 16:20:10 +01:00			`before do`
[refs #374] Finished REST API projects,reps,pls read specs 2012-08-22 14:44:01 +01:00			`@user = FactoryGirl.create(:user)`
[refs #374] Fix failed tests after http basic auth 2012-09-21 20:48:30 +01:00			`http_login(@user)`
[refs #374] Finished REST API projects,reps,pls read specs 2012-08-22 14:44:01 +01:00			`end`

			`it_should_behave_like 'api platform user with reader rights'`
			`it_should_behave_like 'api platform user without reader rights for hidden platform'`
#671: added specs for API 2012-10-09 17:51:41 +01:00			`it_should_behave_like 'api platform user without writer rights'`
[refs #374] Add reps, pls and projs read api specs base code 2012-08-21 18:15:28 +01:00			`end`
			`end`