Merge pull request #223 from abf/rosa-build:221-display-platforms

#221: Display platforms of repositories where user is admin

app/models/ability.rb

@@ -109,7 +109,7 @@ class Ability
         can [:read, :owned, :related, :members], Platform, :owner_type => 'User', :owner_id => user.id
         can [:read, :related, :members], Platform, :owner_type => 'Group', :owner_id => user.group_ids
         can([:read, :related, :members], Platform, read_relations_for('platforms')) {|platform| local_reader? platform}
-        can :related, Platform, :id => user.repositories.pluck(:platform_id)
+        can [:read, :related], Platform, :id => user.repositories.pluck(:platform_id)
         can([:update, :destroy, :change_visibility], Platform) {|platform| owner?(platform) }
         can([:local_admin_manage, :members, :add_member, :remove_member, :remove_members] , Platform) {|platform| owner?(platform) || local_admin?(platform) }
 
@@ -118,6 +118,7 @@ class Ability
 
         can [:read, :projects_list, :projects], Repository, :platform => {:owner_type => 'User', :owner_id => user.id}
         can [:read, :projects_list, :projects], Repository, :platform => {:owner_type => 'Group', :owner_id => user.group_ids}
+        can([:read, :projects_list, :projects], Repository, read_relations_for('repositories')) {|repository| can? :show, repository.platform}
         can([:read, :projects_list, :projects], Repository, read_relations_for('repositories', 'platforms')) {|repository| local_reader? repository.platform}
         can([:create, :edit, :update, :destroy, :projects_list, :projects, :add_project, :remove_project, :regenerate_metadata], Repository) {|repository| local_admin? repository.platform}
         can([:remove_members, :remove_member, :add_member, :signatures], Repository) {|repository| owner?(repository.platform) || local_admin?(repository.platform)}

spec/controllers/api/v1/platforms_controller_spec.rb

@@ -401,6 +401,38 @@ describe Api::V1::PlatformsController do
     it_should_behave_like 'api platform user without global admin rights'
   end
 
+  context 'for member of repository' do
+    before do
+      http_login(@user)
+      repository = FactoryGirl.create(:repository, :platform => @platform)
+      repository.add_member(@user)
+      personal_repository = FactoryGirl.create(:repository, :platform => @personal_platform)
+      personal_repository.add_member(@user)
+    end
+
+    context 'perform index action with type param' do
+      render_views
+      %w(main personal).each do |type|
+        it "ensures that filter by type = #{type} returns true result" do
+          get :index, :format => :json, :type => "#{type}"
+          JSON.parse(response.body)['platforms'].map{ |p| p['platform_type'] }.
+            uniq.should == ["#{type}"]
+        end
+      end
+    end
+
+    it 'should not be able to perform members action for hidden platform' do
+      @platform.update_column(:visibility, 'hidden')
+      get :members, :id => @platform.id, :format => :json
+      response.status.should == 403
+    end
+    it_should_behave_like 'api platform user with reader rights'
+    it_should_behave_like 'api platform user with reader rights for hidden platform'
+    it_should_behave_like 'api platform user without member rights'
+    it_should_behave_like 'api platform user without owner rights'
+    it_should_behave_like 'api platform user without global admin rights'
+  end
+
   context 'for simple user' do
     before do
       http_login(@user)

spec/controllers/api/v1/repositories_controller_spec.rb

@@ -120,6 +120,23 @@ shared_examples_for 'api repository user with writer rights' do
     end
   end
 
+  context 'api repository user with update signatures rights' do
+    before do
+      kp = FactoryGirl.build(:key_pair)
+      put :signatures, :id => @repository.id, :repository => {:public => kp.public, :secret => kp.secret}, :format => :json
+    end
+    it 'should be able to perform signatures action' do
+      response.should be_success
+    end
+    it 'ensures that signatures has been updated' do
+      @repository.key_pair.should_not be_nil
+    end
+  end
+
+end
+
+shared_examples_for 'api repository user with project manage rights' do
+
   context 'api repository user with add_project rights' do
     before { put :add_project, :id => @repository.id, :project_id => @project.id, :format => :json }
     it 'should be able to perform add_project action' do
@@ -144,19 +161,6 @@ shared_examples_for 'api repository user with writer rights' do
     end
   end
 
-  context 'api repository user with update signatures rights' do
-    before do
-      kp = FactoryGirl.build(:key_pair)
-      put :signatures, :id => @repository.id, :repository => {:public => kp.public, :secret => kp.secret}, :format => :json
-    end
-    it 'should be able to perform signatures action' do
-      response.should be_success
-    end
-    it 'ensures that signatures has been updated' do
-      @repository.key_pair.should_not be_nil
-    end
-  end
-
 end
 
 shared_examples_for 'api repository user without writer rights' do
@@ -221,6 +225,22 @@ shared_examples_for 'api repository user without writer rights' do
     end
   end
 
+  context 'api repository user without update signatures rights' do
+    before do
+      kp = FactoryGirl.build(:key_pair)
+      put :signatures, :id => @repository.id, :repository => {:public => kp.public, :secret => kp.secret}, :format => :json
+    end
+    it 'should not be able to perform signatures action' do
+      response.should_not be_success
+    end
+    it 'ensures that signatures has not been updated' do
+      @repository.key_pair.should be_nil
+    end
+  end
+
+end
+
+shared_examples_for 'api repository user without project manage rights' do
   context 'api repository user without add_project rights' do
     before { put :add_project, :id => @repository.id, :project_id => @project.id, :format => :json }
     it 'should not be able to perform add_project action' do
@@ -244,20 +264,6 @@ shared_examples_for 'api repository user without writer rights' do
       @repository.projects.should include(@project)
     end
   end
-
-  context 'api repository user without update signatures rights' do
-    before do
-      kp = FactoryGirl.build(:key_pair)
-      put :signatures, :id => @repository.id, :repository => {:public => kp.public, :secret => kp.secret}, :format => :json
-    end
-    it 'should not be able to perform signatures action' do
-      response.should_not be_success
-    end
-    it 'ensures that signatures has not been updated' do
-      @repository.key_pair.should be_nil
-    end
-  end
-
 end
 
 
@@ -284,6 +290,7 @@ describe Api::V1::RepositoriesController do
       it_should_behave_like 'api repository user with show rights'
     end
     it_should_behave_like 'api repository user without writer rights'
+    it_should_behave_like 'api repository user without project manage rights'
     it_should_behave_like 'api repository user without key_pair rights'
 
     it 'should not be able to perform projects action', :anonymous_access => false do
@@ -331,6 +338,22 @@ describe Api::V1::RepositoriesController do
     it_should_behave_like 'api repository user without reader rights for hidden platform'
     it_should_behave_like 'api repository user with show rights'
     it_should_behave_like 'api repository user without writer rights'
+    it_should_behave_like 'api repository user without project manage rights'
+    it_should_behave_like 'api repository user without key_pair rights'
+  end
+
+  context 'for member of repository' do
+    before(:each) do
+      @user = FactoryGirl.create(:user)
+      @repository.add_member @user
+      http_login @user
+    end
+
+    it_should_behave_like 'api repository user with reader rights'
+    it_should_behave_like 'api repository user with reader rights for hidden platform'
+    it_should_behave_like 'api repository user with show rights'
+    it_should_behave_like 'api repository user with project manage rights'
+    it_should_behave_like 'api repository user without writer rights'
     it_should_behave_like 'api repository user without key_pair rights'
   end
 

spec/controllers/platforms/platforms_controller_spec.rb

@@ -378,6 +378,22 @@ describe Platforms::PlatformsController do
     it_should_behave_like 'platform user without global admin rights'
   end
 
+  context 'for member of repository' do
+    before do
+      http_login(@user)
+      repository = FactoryGirl.create(:repository, :platform => @platform)
+      repository.add_member(@user)
+      personal_repository = FactoryGirl.create(:repository, :platform => @personal_platform)
+      personal_repository.add_member(@user)
+    end
+
+    it_should_behave_like 'platform user with reader rights'
+    it_should_behave_like 'platform user with reader rights for hidden platform'
+    it_should_behave_like 'platform user without member rights'
+    it_should_behave_like 'platform user without owner rights'
+    it_should_behave_like 'platform user without global admin rights'
+  end
+
   context 'for simple user' do
     before do
       http_login(@user)

spec/controllers/platforms/repositories_controller_spec.rb

@@ -302,7 +302,7 @@ describe Platforms::RepositoriesController do
   context 'for repository member user' do
     before(:each) do
       [@repository, @personal_repository].each do |repo|
-        repo.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin')
+        repo.add_member @user
       end
     end
 
@@ -311,6 +311,19 @@ describe Platforms::RepositoriesController do
     let(:redirect_path) { forbidden_path }
     it_should_behave_like 'registered user or guest'
     it_should_behave_like 'user with change projects in repository rights'
+
+    context 'for hidden platform' do
+      before do
+        @platform.update_column(:visibility, 'hidden')
+        @personal_repository.platform.update_column(:visibility, 'hidden')
+      end
+      it_should_behave_like 'registered user'
+
+      let(:redirect_path) { forbidden_path }
+      it_should_behave_like 'registered user or guest'
+      it_should_behave_like 'user with change projects in repository rights'
+    end
+
   end
 
 end