From 26c7a5a711d0e28c5e33518dc5f6fc37d1bf0849 Mon Sep 17 00:00:00 2001 From: Vokhmin Alexey V Date: Mon, 15 Apr 2013 15:47:53 +0400 Subject: [PATCH] #34: added specs for Hooks controller --- app/controllers/projects/hooks_controller.rb | 5 +- app/models/ability.rb | 2 +- .../projects/hooks_controller_spec.rb | 205 +++++++++++++++++- spec/factories/hook.rb | 8 + 4 files changed, 212 insertions(+), 8 deletions(-) create mode 100644 spec/factories/hook.rb diff --git a/app/controllers/projects/hooks_controller.rb b/app/controllers/projects/hooks_controller.rb index db295bf79..4979724bc 100644 --- a/app/controllers/projects/hooks_controller.rb +++ b/app/controllers/projects/hooks_controller.rb @@ -3,11 +3,13 @@ class Projects::HooksController < Projects::BaseController before_filter :authenticate_user! load_and_authorize_resource :project load_and_authorize_resource :hook + skip_load_and_authorize_resource :hook, :only => [:index, :new, :create] + before_filter lambda { authorize! :edit, @project }, :only => [:index, :new, :create] + # GET /uname/project/hooks # GET /uname/project/hooks?name=web def index - authorize! :edit, @project @name = params[:name] @hooks = @project.hooks.for_name(@name).order('name asc, created_at desc') if @name.present? @@ -57,4 +59,5 @@ class Projects::HooksController < Projects::BaseController @hook.destroy redirect_to project_hooks_path(@project, :name => @hook.name) end + end diff --git a/app/models/ability.rb b/app/models/ability.rb index 5fba0d923..03dc3311b 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -73,7 +73,7 @@ class Ability can :preview, Project can(:refs_list, Project) {|project| can? :read, project} - can([:read, :create, :destroy], Hook) {|hook| hook.project && can?(:edit, hook.project)} + can([:read, :destroy, :update], Hook) {|hook| can?(:edit, hook.project)} can [:autocomplete_to_extra_repos_and_builds, :update_extra_repos_and_builds], BuildList can [:read, :log, :owned, :everything], BuildList, :user_id => user.id diff --git a/spec/controllers/projects/hooks_controller_spec.rb b/spec/controllers/projects/hooks_controller_spec.rb index dde133bbc..36e299ef5 100644 --- a/spec/controllers/projects/hooks_controller_spec.rb +++ b/spec/controllers/projects/hooks_controller_spec.rb @@ -1,12 +1,205 @@ # -*- encoding : utf-8 -*- require 'spec_helper' -describe "Hooks" do - describe "GET /hooks" do - it "works! (now write some real specs)" do - # Run the generator again with the --webrat flag if you want to use webrat methods/matchers - get hooks_path - response.status.should be(200) +shared_examples_for 'hooks user with project admin rights' do + it 'should be able to perform index action' do + get :index, {:owner_name => @project.owner.uname, :project_name => @project.name} + response.should be_success + end + + it 'should be able to perform new action' do + get :new, {:owner_name => @project.owner.uname, :project_name => @project.name, :hook => {:name => 'web'}} + response.should be_success + end + + it 'should be able to perform edit action' do + get :new, {:owner_name => @project.owner.uname, :project_name => @project.name, :id => @hook.id} + response.should be_success + end + + it 'should be able to perform update action' do + put :update, {:owner_name => @project.owner.uname, :project_name => @project.name, :id => @hook.id}.merge(@update_params) + response.should redirect_to(project_hooks_path(@project, :name => 'web')) + end + + it 'should be able to perform create action' do + post :create, {:owner_name => @project.owner.uname, :project_name => @project.name}.merge(@create_params) + response.should redirect_to(project_hooks_path(@project, :name => 'web')) + end +end + +shared_examples_for 'hooks user without project admin rights' do + it 'should not be able to perform index action' do + get :index, {:owner_name => @project.owner.uname, :project_name => @project.name} + response.should redirect_to(forbidden_path) + end + + it 'should not be able to perform new action' do + get :new, {:owner_name => @project.owner.uname, :project_name => @project.name, :hook => {:name => 'web'}} + response.should redirect_to(forbidden_path) + end + + it 'should not be able to perform edit action' do + get :new, {:owner_name => @project.owner.uname, :project_name => @project.name, :id => @hook.id} + response.should redirect_to(forbidden_path) + end + + it 'should not be able to perform update action' do + put :update, {:owner_name => @project.owner.uname, :project_name => @project.name, :id => @hook.id}.merge(@update_params) + response.should redirect_to(forbidden_path) + end + + it 'should not be able to perform create action' do + post :create, {:owner_name => @project.owner.uname, :project_name => @project.name}.merge(@create_params) + response.should redirect_to(forbidden_path) + end +end + +describe Projects::HooksController do + + before(:each) do + stub_symlink_methods + + @project = FactoryGirl.create(:project) + @hook = FactoryGirl.create(:hook, :project => @project) + + @create_params = {:hook => {:name => 'web', :data => {:url => 'create'}}} + @update_params = {:hook => {:data => {:url => 'update'}}} + + @user = FactoryGirl.create(:user) + set_session_for(@user) + end + + context 'registered user' do + it_should_behave_like 'hooks user without project admin rights' + end # context 'registered user' + + context 'for project members' do + + context 'for global admin' do + before do + @user.role = "admin" + @user.save + end + + it_should_behave_like 'hooks user with project admin rights' + end + + context 'for owner user' do + before do + @user = @project.owner + set_session_for(@user) # owner should be user + end + it_should_behave_like 'hooks user with project admin rights' + end + + context 'for reader user' do + before do + @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader') + end + it_should_behave_like 'hooks user without project admin rights' + end + + context 'for writer user' do + before do + @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'writer') + end + it_should_behave_like 'hooks user without project admin rights' + end + + end # context 'for project members' + + context 'for group' do + before do + @group = FactoryGirl.create(:group) + end + + context 'group is owner of the project' do + before do + @project = FactoryGirl.create(:project, :owner => @group) + @hook = FactoryGirl.create(:hook, :project => @project) + end + + context 'group member user with reader role' do + before do + @group.actors.create(:actor_id => @user.id, :actor_type => 'User', :role => 'reader') + end + + it_should_behave_like 'hooks user without project admin rights' + + context 'user should has best role' do + before do + @project.relations.create :actor_id => @user.id, :actor_type => @user.class.to_s, :role => 'admin' + end + it_should_behave_like 'hooks user with project admin rights' + end + end + + context 'group member user with admin role' do + before do + @group.actors.create(:actor_id => @user.id, :actor_type => 'User', :role => 'admin') + end + + it_should_behave_like 'hooks user with project admin rights' + end + end + + context 'group is member of the project' do + context 'with admin rights' do + before do + @project.relations.create :actor_id => @group.id, :actor_type => @group.class.to_s, :role => 'admin' + end + + context 'group member user with reader role' do + before do + @group.actors.create(:actor_id => @user.id, :actor_type => 'User', :role => 'reader') + end + + it_should_behave_like 'hooks user with project admin rights' + + context 'user should has best role' do + before do + @project.relations.create :actor_id => @user.id, :actor_type => @user.class.to_s, :role => 'reader' + end + it_should_behave_like 'hooks user with project admin rights' + end + end + + context 'group member user with admin role' do + before do + @group.actors.create(:actor_id => @user.id, :actor_type => 'User', :role => 'admin') + end + + it_should_behave_like 'hooks user with project admin rights' + end + end + + context 'with reader rights' do + before do + @project.relations.create :actor_id => @group.id, :actor_type => @group.class.to_s, :role => 'reader' + end + + context 'group member user with reader role' do + before do + @group.actors.create(:actor_id => @user.id, :actor_type => 'User', :role => 'reader') + end + it_should_behave_like 'hooks user without project admin rights' + + context 'user should has best role' do + before do + @project.relations.create :actor_id => @user.id, :actor_type => @user.class.to_s, :role => 'admin' + end + it_should_behave_like 'hooks user with project admin rights' + end + end + + context 'group member user with admin role' do + before do + @group.actors.create(:actor_id => @user.id, :actor_type => 'User', :role => 'admin') + end + it_should_behave_like 'hooks user without project admin rights' + end + end end end end diff --git a/spec/factories/hook.rb b/spec/factories/hook.rb new file mode 100644 index 000000000..d7fa39637 --- /dev/null +++ b/spec/factories/hook.rb @@ -0,0 +1,8 @@ +# -*- encoding : utf-8 -*- +FactoryGirl.define do + factory :hook do + name 'web' + association :project, :factory => :project + data { |hook| hook.data = {:url => 'url'} } + end +end