rosa-build/spec/controllers/api/v1/advisories_controller_spec.rb

require 'spec_helper'

shared_examples_for 'api advisories user with show rights' do
  it 'should be able to perform show action' do
    get :show, id: @advisory.advisory_id, format: :json
    response.should be_success
  end

  it 'should be able to perform index action' do
    get :index, format: :json
    response.should be_success
  end
end

shared_examples_for 'api advisories user with admin rights' do
  context 'api advisories user with create rights' do
    let(:params) { {build_list_id: @build_list.id, advisory: {description: 'test'}} }
    it 'should be able to perform create action' do
      post :create, params, format: :json
      response.should be_success
    end
    it 'ensures that advisory has been created' do
      lambda { post :create, params, format: :json }.should change{ Advisory.count }.by(1)
    end
    it 'ensures that build_list has been associated with advisory' do
      post :create, params, format: :json
      @build_list.reload
      @build_list.advisory.should_not be_nil
    end
  end

  context 'api advisories user with update rights' do
    let(:params) { {id: @advisory.advisory_id, build_list_id: @build_list.id} }
    it 'should be able to perform update action' do
      put :update, params, format: :json
      response.should be_success
    end
    it 'ensures that advisory has not been created' do
      lambda { put :update, params, format: :json }.should_not change{ Advisory.count }
    end
    it 'ensures that build_list has been associated with advisory' do
      put :update, params, format: :json
      @build_list.reload
      @build_list.advisory.should_not be_nil
    end
  end
end

shared_examples_for 'api advisories user without admin rights' do
  context 'api advisories user without create rights' do
    let(:params) { {build_list_id: @build_list.id, advisory: {description: 'test'}} }
    it 'should not be able to perform create action' do
      post :create, params, format: :json
      response.should_not be_success
    end
    it 'ensures that advisory has not been created' do
      lambda { post :create, params, format: :json }.should_not change{ Advisory.count }
    end
    it 'ensures that build_list has not been associated with advisory' do
      post :create, params, format: :json
      @build_list.reload
      @build_list.advisory.should be_nil
    end
  end

  context 'api advisories user without update rights' do
    let(:params) { {id: @advisory.advisory_id, build_list_id: @build_list.id} }
    it 'should not be able to perform update action' do
      put :update, params, format: :json
      response.should_not be_success
    end
    it 'ensures that advisory has not been created' do
      lambda { put :update, params, format: :json }.should_not change{ Advisory.count }
    end
    it 'ensures that build_list has not been associated with advisory' do
      put :update, params, format: :json
      @build_list.reload
      @build_list.advisory.should be_nil
    end
  end
end

describe Api::V1::AdvisoriesController do

  before do
    stub_symlink_methods

    @advisory = FactoryGirl.create(:advisory)
    @build_list = FactoryGirl.create(:build_list)
    @build_list.save_to_platform.update_column(:released, true)
    @build_list.save_to_repository.update_column(:publish_without_qa, false)
    @build_list.update_column(:status, BuildList::BUILD_PUBLISHED)
  end

  context 'for guest' do

    if APP_CONFIG['anonymous_access']
      it_should_behave_like 'api advisories user with show rights'
    end

    it 'should not be able to perform show action', :anonymous_access  => false do
      get :show, id: @advisory.advisory_id, format: :json
      response.should_not be_success
    end

    it 'should not be able to perform index action', :anonymous_access  => false do
      get :index, format: :json
      response.should_not be_success
    end
    it_should_behave_like 'api advisories user without admin rights'
  end

  context 'for simple user' do
    before do
      @user = FactoryGirl.create(:user)
      http_login(@user)
    end
    it_should_behave_like 'api advisories user with show rights'
    it_should_behave_like 'api advisories user without admin rights'
  end

  context 'for admin' do
    before do
      @admin = FactoryGirl.create(:admin)
      http_login(@admin)
    end

    it_should_behave_like 'api advisories user with show rights'
    it_should_behave_like 'api advisories user with admin rights'
  end

  context 'for user who has access to update build_list' do
    before do
      @user = FactoryGirl.create(:user)
      create_relation @build_list.save_to_platform, @user, 'admin'
      http_login(@user)
    end

    it_should_behave_like 'api advisories user with show rights'
    it_should_behave_like 'api advisories user with admin rights'
  end

end
#698: added specs for #index, #show actions 2012-10-18 15:58:13 +01:00			`require 'spec_helper'`

			`shared_examples_for 'api advisories user with show rights' do`
			`it 'should be able to perform show action' do`
[#343] use new ruby hash syntax 2014-01-21 04:51:49 +00:00			`get :show, id: @advisory.advisory_id, format: :json`
#698: added specs for #index, #show actions 2012-10-18 15:58:13 +01:00			`response.should be_success`
			`end`

			`it 'should be able to perform index action' do`
[#343] use new ruby hash syntax 2014-01-21 04:51:49 +00:00			`get :index, format: :json`
#698: added specs for #index, #show actions 2012-10-18 15:58:13 +01:00			`response.should be_success`
			`end`
			`end`

#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`shared_examples_for 'api advisories user with admin rights' do`
			`context 'api advisories user with create rights' do`
[#343] use new ruby hash syntax 2014-01-21 04:51:49 +00:00			`let(:params) { {build_list_id: @build_list.id, advisory: {description: 'test'}} }`
#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`it 'should be able to perform create action' do`
[#343] use new ruby hash syntax 2014-01-21 04:51:49 +00:00			`post :create, params, format: :json`
#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`response.should be_success`
			`end`
			`it 'ensures that advisory has been created' do`
[#343] use new ruby hash syntax 2014-01-21 04:51:49 +00:00			`lambda { post :create, params, format: :json }.should change{ Advisory.count }.by(1)`
#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`end`
			`it 'ensures that build_list has been associated with advisory' do`
[#343] use new ruby hash syntax 2014-01-21 04:51:49 +00:00			`post :create, params, format: :json`
#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`@build_list.reload`
			`@build_list.advisory.should_not be_nil`
			`end`
			`end`

			`context 'api advisories user with update rights' do`
[#343] use new ruby hash syntax 2014-01-21 04:51:49 +00:00			`let(:params) { {id: @advisory.advisory_id, build_list_id: @build_list.id} }`
#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`it 'should be able to perform update action' do`
[#343] use new ruby hash syntax 2014-01-21 04:51:49 +00:00			`put :update, params, format: :json`
#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`response.should be_success`
			`end`
			`it 'ensures that advisory has not been created' do`
[#343] use new ruby hash syntax 2014-01-21 04:51:49 +00:00			`lambda { put :update, params, format: :json }.should_not change{ Advisory.count }`
#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`end`
			`it 'ensures that build_list has been associated with advisory' do`
[#343] use new ruby hash syntax 2014-01-21 04:51:49 +00:00			`put :update, params, format: :json`
#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`@build_list.reload`
			`@build_list.advisory.should_not be_nil`
			`end`
			`end`
			`end`

			`shared_examples_for 'api advisories user without admin rights' do`
			`context 'api advisories user without create rights' do`
[#343] use new ruby hash syntax 2014-01-21 04:51:49 +00:00			`let(:params) { {build_list_id: @build_list.id, advisory: {description: 'test'}} }`
#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`it 'should not be able to perform create action' do`
[#343] use new ruby hash syntax 2014-01-21 04:51:49 +00:00			`post :create, params, format: :json`
#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`response.should_not be_success`
			`end`
			`it 'ensures that advisory has not been created' do`
[#343] use new ruby hash syntax 2014-01-21 04:51:49 +00:00			`lambda { post :create, params, format: :json }.should_not change{ Advisory.count }`
#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`end`
			`it 'ensures that build_list has not been associated with advisory' do`
[#343] use new ruby hash syntax 2014-01-21 04:51:49 +00:00			`post :create, params, format: :json`
#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`@build_list.reload`
			`@build_list.advisory.should be_nil`
			`end`
			`end`

			`context 'api advisories user without update rights' do`
[#343] use new ruby hash syntax 2014-01-21 04:51:49 +00:00			`let(:params) { {id: @advisory.advisory_id, build_list_id: @build_list.id} }`
#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`it 'should not be able to perform update action' do`
[#343] use new ruby hash syntax 2014-01-21 04:51:49 +00:00			`put :update, params, format: :json`
#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`response.should_not be_success`
			`end`
			`it 'ensures that advisory has not been created' do`
[#343] use new ruby hash syntax 2014-01-21 04:51:49 +00:00			`lambda { put :update, params, format: :json }.should_not change{ Advisory.count }`
#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`end`
			`it 'ensures that build_list has not been associated with advisory' do`
[#343] use new ruby hash syntax 2014-01-21 04:51:49 +00:00			`put :update, params, format: :json`
#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`@build_list.reload`
			`@build_list.advisory.should be_nil`
			`end`
			`end`
			`end`

#698: added specs for #index, #show actions 2012-10-18 15:58:13 +01:00			`describe Api::V1::AdvisoriesController do`

			`before do`
			`stub_symlink_methods`

			`@advisory = FactoryGirl.create(:advisory)`
#168: removed bs_id from build_list 2013-07-01 13:20:38 +01:00			`@build_list = FactoryGirl.create(:build_list)`
#698: updated Advisories API 2012-10-18 17:25:24 +01:00			`@build_list.save_to_platform.update_column(:released, true)`
			`@build_list.save_to_repository.update_column(:publish_without_qa, false)`
#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`@build_list.update_column(:status, BuildList::BUILD_PUBLISHED)`
#698: added specs for #index, #show actions 2012-10-18 15:58:13 +01:00			`end`

			`context 'for guest' do`
[#343] use new ruby hash syntax 2014-01-21 04:51:49 +00:00
#698: added specs for #index, #show actions 2012-10-18 15:58:13 +01:00			`if APP_CONFIG['anonymous_access']`
			`it_should_behave_like 'api advisories user with show rights'`
			`end`

			`it 'should not be able to perform show action', :anonymous_access => false do`
[#343] use new ruby hash syntax 2014-01-21 04:51:49 +00:00			`get :show, id: @advisory.advisory_id, format: :json`
#698: added specs for #index, #show actions 2012-10-18 15:58:13 +01:00			`response.should_not be_success`
			`end`

			`it 'should not be able to perform index action', :anonymous_access => false do`
[#343] use new ruby hash syntax 2014-01-21 04:51:49 +00:00			`get :index, format: :json`
#698: added specs for #index, #show actions 2012-10-18 15:58:13 +01:00			`response.should_not be_success`
			`end`
#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`it_should_behave_like 'api advisories user without admin rights'`
#698: added specs for #index, #show actions 2012-10-18 15:58:13 +01:00			`end`

			`context 'for simple user' do`
			`before do`
			`@user = FactoryGirl.create(:user)`
			`http_login(@user)`
			`end`
			`it_should_behave_like 'api advisories user with show rights'`
#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`it_should_behave_like 'api advisories user without admin rights'`
#698: added specs for #index, #show actions 2012-10-18 15:58:13 +01:00			`end`

			`context 'for admin' do`
			`before do`
			`@admin = FactoryGirl.create(:admin)`
			`http_login(@admin)`
			`end`

			`it_should_behave_like 'api advisories user with show rights'`
#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`it_should_behave_like 'api advisories user with admin rights'`
#698: added specs for #index, #show actions 2012-10-18 15:58:13 +01:00			`end`

			`context 'for user who has access to update build_list' do`
			`before do`
			`@user = FactoryGirl.create(:user)`
[#345] fix relations create; refactoring specs; remove unneded files 2014-03-18 09:31:01 +00:00			`create_relation @build_list.save_to_platform, @user, 'admin'`
#698: added specs for #index, #show actions 2012-10-18 15:58:13 +01:00			`http_login(@user)`
			`end`

			`it_should_behave_like 'api advisories user with show rights'`
#698: updated specs, permission access 2012-10-18 16:44:28 +01:00			`it_should_behave_like 'api advisories user with admin rights'`
#698: added specs for #index, #show actions 2012-10-18 15:58:13 +01:00			`end`

			`end`