Merge pull request #629 from warpc/349-anonymous_access
[issue #349] Guest user can show open platforms.
This commit is contained in:
commit
0f6744f74b
|
@ -2,7 +2,7 @@
|
|||
class Platforms::PlatformsController < Platforms::BaseController
|
||||
|
||||
before_filter :authenticate_user!
|
||||
skip_before_filter :authenticate_user!, :only => [:advisories] if APP_CONFIG['anonymous_access']
|
||||
skip_before_filter :authenticate_user!, :only => [:advisories, :members, :show] if APP_CONFIG['anonymous_access']
|
||||
load_and_authorize_resource
|
||||
|
||||
autocomplete :user, :uname
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
# -*- encoding : utf-8 -*-
|
||||
class Platforms::ProductsController < Platforms::BaseController
|
||||
before_filter :authenticate_user!
|
||||
skip_before_filter :authenticate_user!, :only => [:index, :show] if APP_CONFIG['anonymous_access']
|
||||
|
||||
load_and_authorize_resource :platform
|
||||
load_and_authorize_resource :product, :through => :platform
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
# -*- encoding : utf-8 -*-
|
||||
class Platforms::RepositoriesController < Platforms::BaseController
|
||||
before_filter :authenticate_user!
|
||||
skip_before_filter :authenticate_user!, :only => [:index, :show, :projects_list] if APP_CONFIG['anonymous_access']
|
||||
|
||||
load_and_authorize_resource :platform
|
||||
load_and_authorize_resource :repository, :through => :platform, :shallow => true
|
||||
|
|
|
@ -5,7 +5,6 @@ class SearchController < ApplicationController
|
|||
|
||||
def index
|
||||
params[:type] ||= 'all'
|
||||
params[:type] = 'projects' unless current_user
|
||||
case params[:type]
|
||||
when 'all'
|
||||
find_collection('projects')
|
||||
|
|
|
@ -13,17 +13,21 @@ class Ability
|
|||
@user = user
|
||||
|
||||
# Shared rights between guests and registered users
|
||||
can :show, Project, :visibility => 'open'
|
||||
can :archive, Project, :visibility => 'open'
|
||||
can [:show, :archive], Project, :visibility => 'open'
|
||||
can :read, Issue, :project => {:visibility => 'open'}
|
||||
can :search, BuildList
|
||||
can [:read, :log, :everything], BuildList, :project => {:visibility => 'open'}
|
||||
can :read, ProductBuildList#, :product => {:platform => {:visibility => 'open'}} # double nested hash don't work
|
||||
can :read, Advisory
|
||||
can(:advisories, Platform) {APP_CONFIG['anonymous_access']}
|
||||
|
||||
# Core callbacks
|
||||
can [:publish_build, :status_build, :pre_build, :post_build, :circle_build, :new_bbdt], BuildList
|
||||
|
||||
# Platforms block
|
||||
can [:show, :members, :advisories], Platform, :visibility == 'open'
|
||||
can [:read, :projects_list], Repository, :platform => {:visibility => 'open'}
|
||||
can :read, Product, :platform => {:visibility => 'open'}
|
||||
|
||||
if user.guest? # Guest rights
|
||||
# can [:new, :create], RegisterRequest
|
||||
else # Registered user rights
|
||||
|
@ -76,30 +80,25 @@ class Ability
|
|||
end
|
||||
can(:cancel, BuildList) {|build_list| build_list.can_cancel? && can?(:write, build_list.project)}
|
||||
|
||||
can [:read], Advisory
|
||||
|
||||
can [:read, :members], Platform, :visibility => 'open'
|
||||
can [:read, :owned, :related, :members], Platform, :owner_type => 'User', :owner_id => user.id
|
||||
can [:read, :related, :members], Platform, :owner_type => 'Group', :owner_id => user.group_ids
|
||||
can([:read, :related, :members], Platform, read_relations_for('platforms')) {|platform| local_reader? platform}
|
||||
can([:update, :members], Platform) {|platform| local_admin? platform}
|
||||
can([:destroy, :members, :add_member, :remove_member, :remove_members] , Platform) {|platform| owner?(platform) || local_admin?(platform) }
|
||||
can [:autocomplete_user_uname, :read_advisories, :advisories], Platform
|
||||
can [:autocomplete_user_uname], Platform
|
||||
|
||||
can([:failed_builds_list, :create], MassBuild) {|mass_build| (owner?(mass_build.platform) || local_admin?(mass_build.platform)) && mass_build.platform.main? }
|
||||
can(:cancel, MassBuild) {|mass_build| (owner?(mass_build.platform) || local_admin?(mass_build.platform)) && !mass_build.stop_build && mass_build.platform.main?}
|
||||
|
||||
can [:read, :projects_list], Repository, :platform => {:visibility => 'open'}
|
||||
can [:read, :projects_list], Repository, :platform => {:owner_type => 'User', :owner_id => user.id}
|
||||
can [:read, :projects_list], Repository, :platform => {:owner_type => 'Group', :owner_id => user.group_ids}
|
||||
can([:read, :projects_list], Repository, read_relations_for('repositories', 'platforms')) {|repository| local_reader? repository.platform}
|
||||
can([:create, :update, :projects_list, :add_project, :remove_project], Repository) {|repository| local_admin? repository.platform}
|
||||
can([:create, :update, :destroy, :projects_list, :add_project, :remove_project], Repository) {|repository| local_admin? repository.platform}
|
||||
can(:clear, Platform) {|platform| local_admin?(platform) && platform.personal?}
|
||||
can([:change_visibility, :settings, :destroy], Repository) {|repository| owner? repository.platform}
|
||||
|
||||
can([:create, :destroy], KeyPair) {|key_pair| owner?(key_pair.repository.platform) || local_admin?(key_pair.repository.platform)}
|
||||
|
||||
can :read, Product, :platform => {:visibility => 'open'}
|
||||
can :read, Product, :platform => {:owner_type => 'User', :owner_id => user.id, :platform_type => 'main'}
|
||||
can :read, Product, :platform => {:owner_type => 'Group', :owner_id => user.group_ids, :platform_type => 'main'}
|
||||
can(:read, Product, read_relations_for('products', 'platforms')) {|product| product.platform.main?}
|
||||
|
|
|
@ -37,7 +37,7 @@ class MaintainerPresenter < ApplicationPresenter
|
|||
end
|
||||
|
||||
def maintainer_email_link
|
||||
mail_to @maintainer.email, @maintainer.email
|
||||
mail_to @maintainer.email, @maintainer.email, :encode => "javascript"
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
= link_to t("layout.platforms.about"), platform_path(@platform)
|
||||
%li{:class => (contr == :repositories) ? 'active' : ''}
|
||||
= link_to t("layout.repositories.list_header"), platform_repositories_path(@platform)
|
||||
- if can? :read, @platform
|
||||
- if can? :show, @platform
|
||||
%li{:class => (act == :index && contr == :maintainers) ? 'active' : nil}
|
||||
= link_to t("layout.platforms.maintainers"), platform_maintainers_path(@platform)
|
||||
- if can? :edit, @platform
|
||||
|
@ -19,7 +19,7 @@
|
|||
- if can? :read, @platform.products.build
|
||||
%li{:class => (contr == :products) ? 'active' : ''}
|
||||
= link_to t("layout.products.list_header"), platform_products_path(@platform)
|
||||
- if can? :read_advisories, @platform
|
||||
- if can? :advisories, @platform
|
||||
%li{:class => (contr == :platforms and act == :advisories) ? 'active' : ''}
|
||||
= link_to t("layout.advisories.list_header"), advisories_platform_path(@platform)
|
||||
- if can? :update, @platform
|
||||
|
|
|
@ -21,5 +21,5 @@
|
|||
%td= pr.package_type
|
||||
%td= pr.package_version_release
|
||||
%td= pr.maintainer_link
|
||||
%td= pr.maintainer_email_link
|
||||
%td= pr.maintainer_email_link.html_safe
|
||||
%td= pr.package_updated_at
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
.leftlist= f.label :description, t("activerecord.attributes.project.description"), :class => :label
|
||||
.rightlist= f.text_area :description, :class => 'text_field', :cols => 80
|
||||
.both
|
||||
- if [:new, :create].include? controller.action_name
|
||||
- if [:new, :create].include? act
|
||||
.leftlist= f.label :owner_id, t("activerecord.attributes.project.owner"), :class => :label
|
||||
.rightlist
|
||||
= label_tag t("activerecord.attributes.project.who_owns.me")
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
%h3= title @user.uname
|
||||
= @user.name
|
||||
%br
|
||||
= link_to @user.email, "mailto:#{@user.email}"
|
||||
= mail_to @user.email, @user.email, :encode => "javascript"
|
||||
%br
|
||||
%h4= t("activerecord.attributes.user.professional_experience") + ":"
|
||||
%p= @user.professional_experience
|
||||
|
|
|
@ -6,6 +6,7 @@ module RosaPresenter
|
|||
include ActionDispatch::Routing::UrlFor
|
||||
include ActionView::Helpers::UrlHelper
|
||||
include ActionView::Helpers::TextHelper
|
||||
include ActionView::Helpers::JavaScriptHelper
|
||||
include Rails.application.routes.url_helpers
|
||||
|
||||
def initialize(item, opts)
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
require 'spec_helper'
|
||||
|
||||
shared_examples_for 'guest user' do
|
||||
|
||||
it "should be able to view maintainers list(index)" do
|
||||
get :index, :platform_id => @platform.id
|
||||
response.should be_success
|
||||
|
@ -20,15 +21,14 @@ describe Platforms::MaintainersController do
|
|||
context 'for guest' do
|
||||
before {set_session_for(User.new)}
|
||||
|
||||
# it_should_behave_like 'guest user'
|
||||
# it "should be able to view maintainers list(index)", :anonymous_access => true do
|
||||
# get :index, :platform_id => @platform.id
|
||||
# response.should be_success
|
||||
# end
|
||||
|
||||
it "should not be able to view maintainers list(index)" do
|
||||
it "should be able to view maintainers list(index)", :anonymous_access => true do
|
||||
get :index, :platform_id => @platform.id
|
||||
response.should redirect_to(forbidden_path)
|
||||
response.should be_success
|
||||
end
|
||||
|
||||
it "should not be able to view maintainers list(index)", :anonymous_access => false do
|
||||
get :index, :platform_id => @platform.id
|
||||
response.should redirect_to(new_user_session_path)
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
require 'spec_helper'
|
||||
|
||||
shared_examples_for 'platform owner' do
|
||||
it_should_behave_like 'platform index viewer'
|
||||
|
||||
it 'should not be able to destroy personal platform' do
|
||||
delete :destroy, :id => @personal_platform.id
|
||||
|
@ -19,14 +18,39 @@ shared_examples_for 'platform owner' do
|
|||
end
|
||||
end
|
||||
|
||||
shared_examples_for 'platform index viewer' do
|
||||
shared_examples_for 'system registered user' do
|
||||
it 'should be able to perform index action' do
|
||||
get :index
|
||||
response.should render_template(:index)
|
||||
end
|
||||
|
||||
it 'should be able to perform show action' do
|
||||
get :show, :id => @platform.id
|
||||
response.should render_template(:show)
|
||||
assigns(:platform).should eq @platform
|
||||
end
|
||||
|
||||
it 'should be able to perform members action' do
|
||||
get :members, :id => @platform.id
|
||||
response.should render_template(:members)
|
||||
response.should be_success
|
||||
end
|
||||
|
||||
it 'should be able to perform advisories action' do
|
||||
get :advisories, :id => @platform.id
|
||||
response.should render_template(:advisories)
|
||||
response.should be_success
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
shared_examples_for 'user without create rights' do
|
||||
|
||||
it 'should not be able to perform new action' do
|
||||
get :new
|
||||
response.should redirect_to(forbidden_path)
|
||||
end
|
||||
|
||||
it 'should not be able to create platform' do
|
||||
post :create, @create_params
|
||||
response.should redirect_to(forbidden_path)
|
||||
|
@ -39,7 +63,10 @@ describe Platforms::PlatformsController do
|
|||
|
||||
@platform = FactoryGirl.create(:platform)
|
||||
@personal_platform = FactoryGirl.create(:platform, :platform_type => 'personal')
|
||||
|
||||
@user = FactoryGirl.create(:user)
|
||||
set_session_for(@user)
|
||||
|
||||
@create_params = {:platform => {
|
||||
:name => 'pl1',
|
||||
:description => 'pl1',
|
||||
|
@ -49,6 +76,9 @@ describe Platforms::PlatformsController do
|
|||
end
|
||||
|
||||
context 'for guest' do
|
||||
before(:each) do
|
||||
set_session_for(User.new)
|
||||
end
|
||||
|
||||
[:index, :create].each do |action|
|
||||
it "should not be able to perform #{ action } action" do
|
||||
|
@ -57,21 +87,39 @@ describe Platforms::PlatformsController do
|
|||
end
|
||||
end
|
||||
|
||||
[:show, :new, :edit, :clone, :destroy].each do |action|
|
||||
[:new, :edit, :clone, :destroy].each do |action|
|
||||
it "should not be able to perform #{ action } action" do
|
||||
get action, :id => @platform
|
||||
response.should redirect_to(new_user_session_path)
|
||||
end
|
||||
end
|
||||
|
||||
[:show, :members, :advisories].each do |action|
|
||||
it "should not be able to perform #{ action } action", :anonymous_access => false do
|
||||
get action, :id => @platform
|
||||
response.should redirect_to(new_user_session_path)
|
||||
end
|
||||
end
|
||||
|
||||
[:show, :members, :advisories].each do |action|
|
||||
it "should be able to perform #{ action } action", :anonymous_access => true do
|
||||
get action, :id => @platform
|
||||
response.should render_template(action)
|
||||
response.should be_success
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
context 'for global admin' do
|
||||
before(:each) do
|
||||
@admin = FactoryGirl.create(:admin)
|
||||
@user = FactoryGirl.create(:user)
|
||||
set_session_for(@admin)
|
||||
@user.role = "admin"
|
||||
@user.save
|
||||
end
|
||||
|
||||
it_should_behave_like 'system registered user'
|
||||
it_should_behave_like 'platform owner'
|
||||
|
||||
it 'should be able to perform new action' do
|
||||
get :new
|
||||
response.should render_template(:new)
|
||||
|
@ -86,54 +134,37 @@ describe Platforms::PlatformsController do
|
|||
lambda { post :create, @create_params }.should change{ Platform.count }.by(1)
|
||||
end
|
||||
|
||||
it_should_behave_like 'platform owner'
|
||||
|
||||
it 'should create platform with mentioned owner if owner id present' do
|
||||
post :create, @create_params.merge({:admin_id => @user.id, :admin_uname => @user.uname})
|
||||
Platform.last.owner.id.should eql(@user.id)
|
||||
owner = FactoryGirl.create(:user)
|
||||
post :create, @create_params.merge({:admin_id => owner.id, :admin_uname => owner.uname})
|
||||
Platform.last.owner.id.should eql(owner.id)
|
||||
end
|
||||
|
||||
it 'should create platform with current user as owner if owner id not present' do
|
||||
post :create, @create_params
|
||||
Platform.last.owner.id.should eql(@admin.id)
|
||||
Platform.last.owner.id.should eql(@user.id)
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
context 'for owner user' do
|
||||
before(:each) do
|
||||
@user = FactoryGirl.create(:user)
|
||||
@user = @platform.owner
|
||||
set_session_for(@user)
|
||||
|
||||
@platform.owner = @user
|
||||
@platform.save
|
||||
|
||||
@platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin')
|
||||
end
|
||||
|
||||
it_should_behave_like 'system registered user'
|
||||
it_should_behave_like 'user without create rights'
|
||||
it_should_behave_like 'platform owner'
|
||||
|
||||
it 'should be able to perform new action' do
|
||||
get :new
|
||||
response.should redirect_to(forbidden_path)
|
||||
end
|
||||
|
||||
it 'should be able to perform create action' do
|
||||
post :create, @create_params
|
||||
response.should redirect_to(forbidden_path)
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
context 'for reader user' do
|
||||
before(:each) do
|
||||
@user = FactoryGirl.create(:user)
|
||||
set_session_for(@user)
|
||||
@platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader')
|
||||
end
|
||||
|
||||
it_should_behave_like 'platform index viewer'
|
||||
it_should_behave_like 'system registered user'
|
||||
it_should_behave_like 'user without create rights'
|
||||
|
||||
it 'should not be able to perform destroy action' do
|
||||
|
|
|
@ -31,9 +31,16 @@ describe Platforms::ProductsController do
|
|||
@product = FactoryGirl.create(:product, :platform => @platform)
|
||||
@create_params = {:product => {:name => 'pro'}, :platform_id => @platform.id}
|
||||
@update_params = {:product => {:name => 'pro2'}, :platform_id => @platform.id}
|
||||
|
||||
@user = FactoryGirl.create(:user)
|
||||
set_session_for(@user)
|
||||
end
|
||||
|
||||
context 'for guest' do
|
||||
context 'for guest' do
|
||||
before(:each) do
|
||||
set_session_for(User.new)
|
||||
end
|
||||
|
||||
[:create].each do |action|
|
||||
it "should not be able to perform #{ action } action" do
|
||||
get action, :platform_id => @platform.id
|
||||
|
@ -41,40 +48,56 @@ describe Platforms::ProductsController do
|
|||
end
|
||||
end
|
||||
|
||||
[:show, :new, :edit, :update, :destroy].each do |action|
|
||||
[:new, :edit, :update, :destroy].each do |action|
|
||||
it "should not be able to perform #{ action } action" do
|
||||
get action, :id => @product.id, :platform_id => @platform.id
|
||||
response.should redirect_to(new_user_session_path)
|
||||
end
|
||||
end
|
||||
|
||||
[:show, :index].each do |action|
|
||||
it "should not be able to perform #{ action } action", :anonymous_access => false do
|
||||
get action, :id => @product.id, :platform_id => @platform.id
|
||||
response.should redirect_to(new_user_session_path)
|
||||
end
|
||||
end
|
||||
|
||||
[:show, :index].each do |action|
|
||||
it "should be able to perform #{ action } action", :anonymous_access => true do
|
||||
get action, :id => @product.id, :platform_id => @platform.id
|
||||
response.should render_template(action)
|
||||
response.should be_success
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'for global admin' do
|
||||
before(:each) do
|
||||
@admin = FactoryGirl.create(:admin)
|
||||
set_session_for(@admin)
|
||||
end
|
||||
before(:each) do
|
||||
@user.role = "admin"
|
||||
@user.save
|
||||
end
|
||||
|
||||
it_should_behave_like 'admin user'
|
||||
end
|
||||
|
||||
context 'for platform owner' do
|
||||
before(:each) do
|
||||
@user = @platform.owner
|
||||
set_session_for(@user)
|
||||
end
|
||||
|
||||
it_should_behave_like 'admin user'
|
||||
end
|
||||
|
||||
context 'for admin relation user' do
|
||||
before(:each) do
|
||||
@user = FactoryGirl.create(:user)
|
||||
set_session_for(@user)
|
||||
before(:each) do
|
||||
@platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin')
|
||||
end
|
||||
end
|
||||
|
||||
it_should_behave_like 'admin user'
|
||||
end
|
||||
|
||||
context 'for no relation user' do
|
||||
before(:each) do
|
||||
@user = FactoryGirl.create(:user)
|
||||
set_session_for(@user)
|
||||
end
|
||||
|
||||
it 'should not be able to create product' do
|
||||
lambda { post :create, @create_params }.should change{ Product.count }.by(0)
|
||||
|
|
|
@ -19,13 +19,13 @@ shared_examples_for 'user with change projects in repository rights' do
|
|||
it 'should be able to add project to repository' do
|
||||
get :add_project, :id => @repository.id, :platform_id => @platform.id, :project_id => @project.id
|
||||
response.should redirect_to(platform_repository_path(@repository.platform, @repository))
|
||||
@repository.projects.should include (@project)
|
||||
@repository.projects.should include(@project)
|
||||
end
|
||||
|
||||
it 'should be able to remove project from repository' do
|
||||
get :remove_project, :id => @repository.id, :platform_id => @platform.id, :project_id => @project.id
|
||||
response.should redirect_to(platform_repository_path(@repository.platform, @repository))
|
||||
@repository.projects.should_not include (@project)
|
||||
@repository.projects.should_not include(@project)
|
||||
end
|
||||
|
||||
end
|
||||
|
@ -40,6 +40,12 @@ shared_examples_for 'registered user' do
|
|||
get :show, :id => @repository.id
|
||||
response.should render_template(:show)
|
||||
end
|
||||
|
||||
it 'should be able to perform projects_list action' do
|
||||
get :projects_list, :id => @repository.id, :platform_id => @platform.id, :format => :json
|
||||
response.should be_success
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
shared_examples_for 'platform admin user' do
|
||||
|
@ -75,28 +81,52 @@ describe Platforms::RepositoriesController do
|
|||
@project = FactoryGirl.create(:project)
|
||||
@another_user = FactoryGirl.create(:user)
|
||||
@create_params = {:repository => {:name => 'pro', :description => 'pro2'}, :platform_id => @platform.id}
|
||||
|
||||
@user = FactoryGirl.create(:user)
|
||||
set_session_for(@user)
|
||||
end
|
||||
|
||||
context 'for guest' do
|
||||
[:index, :create].each do |action|
|
||||
it "should not be able to perform #{ action } action" do
|
||||
get action, :platform_id => @platform
|
||||
response.should redirect_to(new_user_session_path)
|
||||
end
|
||||
|
||||
before(:each) do
|
||||
set_session_for(User.new)
|
||||
end
|
||||
|
||||
[:show, :new, :add_project, :remove_project, :destroy].each do |action|
|
||||
it "should not be able to perform create action" do
|
||||
get :create, :platform_id => @platform
|
||||
response.should redirect_to(new_user_session_path)
|
||||
end
|
||||
|
||||
[:new, :add_project, :remove_project, :destroy].each do |action|
|
||||
it "should not be able to perform #{ action } action" do
|
||||
get action, :id => @repository.id
|
||||
response.should redirect_to(new_user_session_path)
|
||||
end
|
||||
end
|
||||
|
||||
it_should_behave_like 'registered user' if APP_CONFIG['anonymous_access']
|
||||
|
||||
it "should not be able to perform show action", :anonymous_access => false do
|
||||
get :show, :id => @repository
|
||||
response.should redirect_to(new_user_session_path)
|
||||
end
|
||||
|
||||
it "should not be able to perform index action", :anonymous_access => false do
|
||||
get :index, :platform_id => @platform
|
||||
response.should redirect_to(new_user_session_path)
|
||||
end
|
||||
|
||||
it 'should not be able to perform projects_list action', :anonymous_access => false do
|
||||
get :projects_list, :id => @repository.id, :platform_id => @platform.id, :format => :json
|
||||
response.response_code.should == 401
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
context 'for admin' do
|
||||
before(:each) do
|
||||
@admin = FactoryGirl.create(:admin)
|
||||
set_session_for(@admin)
|
||||
@user.role = "admin"
|
||||
@user.save
|
||||
end
|
||||
|
||||
it_should_behave_like 'platform admin user'
|
||||
|
@ -105,21 +135,22 @@ describe Platforms::RepositoriesController do
|
|||
|
||||
context 'for platform owner user' do
|
||||
before(:each) do
|
||||
@user = FactoryGirl.create(:user)
|
||||
@user = @repository.platform.owner
|
||||
set_session_for(@user)
|
||||
@repository.platform.owner = @user
|
||||
@repository.platform.save
|
||||
@repository.platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin')
|
||||
end
|
||||
|
||||
it_should_behave_like 'platform admin user'
|
||||
end
|
||||
|
||||
context 'for platform member user' do
|
||||
before(:each) do
|
||||
@platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin')
|
||||
end
|
||||
|
||||
it_should_behave_like 'platform admin user'
|
||||
end
|
||||
|
||||
context 'for user' do
|
||||
before(:each) do
|
||||
@user = FactoryGirl.create(:user)
|
||||
set_session_for(@user)
|
||||
end
|
||||
|
||||
it_should_behave_like 'registered user'
|
||||
|
||||
|
@ -143,13 +174,13 @@ describe Platforms::RepositoriesController do
|
|||
it 'should not be able to add project to repository' do
|
||||
get :add_project, :id => @repository.id, :platform_id => @platform.id, :project_id => @project.id
|
||||
response.should redirect_to(forbidden_path)
|
||||
@repository.projects.should_not include (@project)
|
||||
@repository.projects.should_not include(@project)
|
||||
end
|
||||
|
||||
it 'should not be able to remove project from repository' do
|
||||
get :remove_project, :id => @repository.id, :platform_id => @platform.id, :project_id => @project.id
|
||||
response.should redirect_to(forbidden_path)
|
||||
@repository.projects.should_not include (@project)
|
||||
@repository.projects.should_not include(@project)
|
||||
end
|
||||
|
||||
it_should_behave_like 'not destroy personal repository'
|
||||
|
|
|
@ -16,18 +16,16 @@ describe Projects::Git::TreesController do
|
|||
end
|
||||
|
||||
context 'for guest' do
|
||||
if APP_CONFIG['anonymous_access']
|
||||
it 'should be able to perform archive action with anonymous acccess' do
|
||||
fill_project
|
||||
get :archive, @params.merge(:format => 'tar')
|
||||
response.should be_success
|
||||
end
|
||||
else
|
||||
it 'should not be able to perform archive action without anonymous acccess' do
|
||||
fill_project
|
||||
get :archive, @params.merge(:format => 'tar')
|
||||
response.code.should == '401'
|
||||
end
|
||||
it 'should be able to perform archive action with anonymous acccess', :anonymous_access => true do
|
||||
fill_project
|
||||
get :archive, @params.merge(:format => 'tar')
|
||||
response.should be_success
|
||||
end
|
||||
|
||||
it 'should not be able to perform archive action without anonymous acccess', :anonymous_access => false do
|
||||
fill_project
|
||||
get :archive, @params.merge(:format => 'tar')
|
||||
response.code.should == '401'
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -103,15 +103,15 @@ describe CanCan do
|
|||
@ability.should be_able_to(:read, @admin)
|
||||
end
|
||||
|
||||
pending "shoud be able to read index AutoBuildList" do
|
||||
@ability.should be_able_to(:index, AutoBuildList)
|
||||
end
|
||||
|
||||
it "shoud be able to read open projects" do
|
||||
@project = FactoryGirl.create(:project, :visibility => 'open')
|
||||
@ability.should be_able_to(:read, @project)
|
||||
end
|
||||
|
||||
it 'should be able to see open platform' do
|
||||
@ability.should be_able_to(:show, open_platform)
|
||||
end
|
||||
|
||||
it "shoud be able to create project" do
|
||||
@ability.should be_able_to(:create, Project)
|
||||
end
|
||||
|
@ -150,10 +150,6 @@ describe CanCan do
|
|||
@ability.should be_able_to(:read, @project)
|
||||
end
|
||||
|
||||
it 'should be able to read open platform' do
|
||||
@ability.should be_able_to(:read, open_platform)
|
||||
end
|
||||
|
||||
it 'should be able to read issue' do
|
||||
@ability.should be_able_to(:read, @issue)
|
||||
end
|
||||
|
|
|
@ -25,6 +25,9 @@ RSpec.configure do |config|
|
|||
# examples within a transaction, remove the following line or assign false
|
||||
# instead of true.
|
||||
config.use_transactional_fixtures = true
|
||||
|
||||
config.filter_run_excluding :anonymous_access => !(APP_CONFIG['anonymous_access'])
|
||||
|
||||
end
|
||||
|
||||
def set_session_for(user=nil)
|
||||
|
|
Loading…
Reference in New Issue