Merge pull request #585 from warpc/374-rest_api_for_builds

[refs #374] Add json responses for build lists api
This commit is contained in:
Alexander Machehin 2012-09-27 07:00:19 -07:00
commit 2b4e2f03e5
40 changed files with 1472 additions and 86 deletions

1
.gitignore vendored
View File

@ -16,3 +16,4 @@ public/downloads/*
*.tmproj
.sass-cache/
dump.rdb
crash.log

View File

@ -53,6 +53,8 @@ gem 'jquery-rails', '~> 2.0.2'
gem 'ruby-haml-js', '~> 0.0.3'
gem 'rails-backbone', '~> 0.7.2'
gem 'rack-throttle'
group :assets do
gem 'sass-rails', '~> 3.2.5'
gem 'coffee-rails', '~> 3.2.2'

View File

@ -218,6 +218,8 @@ GEM
rack
rack-test (0.6.1)
rack (>= 1.0)
rack-throttle (0.3.0)
rack (>= 1.0.0)
rails (3.2.8)
actionmailer (= 3.2.8)
actionpack (= 3.2.8)
@ -389,6 +391,7 @@ DEPENDENCIES
paperclip (~> 3.1.4)
perform_later (~> 1.3.0)
pg (~> 0.14.0)
rack-throttle
rails (= 3.2.8)
rails-backbone (~> 0.7.2)
rails3-generators

View File

@ -0,0 +1,20 @@
# -*- encoding : utf-8 -*-
class Api::V1::BaseController < ApplicationController
before_filter :restrict_paginate, :only => :index
#respond_to :json
rescue_from CanCan::AccessDenied do |exception|
respond_to do |format|
format.json { render :json => {:message => t("flash.exception_message")}.to_json, :status => 403 }
end
end
protected
def restrict_paginate
params[:per_page] = 30 if params[:per_page].to_i < 1
params[:per_page] = 100 if params[:per_page].to_i >100
end
end

View File

@ -0,0 +1,57 @@
# -*- encoding : utf-8 -*-
class Api::V1::BuildListsController < Api::V1::BaseController
before_filter :authenticate_user!
skip_before_filter :authenticate_user!, :only => [:show, :index] if APP_CONFIG['anonymous_access']
load_and_authorize_resource :project, :only => :index
load_and_authorize_resource :build_list, :only => [:show, :create, :cancel, :publish, :reject_publish]
def index
filter = BuildList::Filter.new(nil, current_user, params[:filter] || {})
@build_lists = filter.find.scoped(:include => [:save_to_platform, :project, :user, :arch])
@build_lists = @build_lists.recent.paginate :page => params[:page], :per_page => params[:per_page]
end
def create
project = Project.find(params[:build_list][:project_id])
save_to_repository = Repository.find params[:build_list][:save_to_repository_id] #FIXME
params[:build_list][:save_to_platform_id] = save_to_repository.platform_id
params[:build_list][:auto_publish] = false unless save_to_repository.publish_without_qa?
@build_list = project.build_lists.build(params[:build_list])
@build_list.project_version = @build_list.commit_hash
@build_list.user = current_user
@build_list.priority = current_user.build_priority # User builds more priority than mass rebuild with zero priority
if @build_list.save
render :action => 'show'
else
render :json => {:message => "Validation Failed", :errors => @build_list.errors.messages}.to_json, :status => 422
end
end
def cancel
render_json :cancel
end
def publish
render_json :publish
end
def reject_publish
render_json :reject_publish
end
private
def render_json(action_name)
if @build_list.send(action_name)
render :json => {:"is_#{action_name}ed" => true, :url => api_v1_build_list_path(@build_list, :format => :json), :message => t("layout.build_lists.#{action_name}_success")}
else
render :json => {:"is_#{action_name}ed" => false, :url => api_v1_build_list_path(@build_list, :format => :json), :message => t("layout.build_lists.#{action_name}_fail")}
end
end
end

View File

@ -0,0 +1,16 @@
# -*- encoding : utf-8 -*-
class Api::V1::PlatformsController < Api::V1::BaseController
before_filter :authenticate_user!
skip_before_filter :authenticate_user!, :only => [:show] if APP_CONFIG['anonymous_access']
load_and_authorize_resource
def index
@platforms = @platforms.accessible_by(current_ability, :related).paginate(:page => params[:page], :per_page => 20)
end
def show
end
end

View File

@ -0,0 +1,20 @@
# -*- encoding : utf-8 -*-
class Api::V1::ProjectsController < Api::V1::BaseController
before_filter :authenticate_user!
skip_before_filter :authenticate_user!, :only => [:get_id, :show] if APP_CONFIG['anonymous_access']
load_and_authorize_resource
def get_id
if @project = Project.find_by_owner_and_name(params[:owner], params[:name])
authorize! :show, @project
else
raise ActiveRecord::RecordNotFound
end
end
def show
end
end

View File

@ -0,0 +1,13 @@
# -*- encoding : utf-8 -*-
class Api::V1::RepositoriesController < Api::V1::BaseController
before_filter :authenticate_user!
skip_before_filter :authenticate_user!, :only => [:show] if APP_CONFIG['anonymous_access']
load_and_authorize_resource :repository, :through => :platform, :shallow => true
def show
end
end

View File

@ -17,6 +17,20 @@ class ApplicationController < ActionController::Base
rescue_from CanCan::AccessDenied do |exception|
redirect_to forbidden_url, :alert => t("flash.exception_message")
end
if !Rails.env.development?
rescue_from ActiveRecord::RecordNotFound,
ActionController::RoutingError,
ActionController::UnknownController,
::AbstractController::ActionNotFound do |exception|
respond_to do |format|
format.json { render :json => {:message => t("flash.404_message")}.to_json, :status => 404 }
format.html { redirect_to '/404.html', :alert => t("flash.404_message") }
end
end
end
rescue_from Grit::NoSuchPathError, :with => :not_found
protected

View File

@ -14,6 +14,8 @@ class Ability
# Shared rights between guests and registered users
can [:show, :archive], Project, :visibility => 'open'
can :get_id, Project, :visibility => 'open' # api
can :archive, Project, :visibility => 'open'
can :read, Issue, :project => {:visibility => 'open'}
can :search, BuildList
can [:read, :log, :everything], BuildList, :project => {:visibility => 'open'}
@ -24,7 +26,7 @@ class Ability
can [:publish_build, :status_build, :pre_build, :post_build, :circle_build, :new_bbdt], BuildList
# Platforms block
can [:show, :members, :advisories], Platform, :visibility == 'open'
can [:show, :members, :advisories], Platform, :visibility => 'open'
can [:read, :projects_list], Repository, :platform => {:visibility => 'open'}
can :read, Product, :platform => {:visibility => 'open'}
@ -57,7 +59,7 @@ class Ability
can :read, Project, :visibility => 'open'
can [:read, :archive], Project, :owner_type => 'User', :owner_id => user.id
can [:read, :archive], Project, :owner_type => 'Group', :owner_id => user.group_ids
can([:read, :membered], Project, read_relations_for('projects')) {|project| local_reader? project}
can([:read, :membered, :get_id], Project, read_relations_for('projects')) {|project| local_reader? project}
can(:write, Project) {|project| local_writer? project} # for grack
can([:update, :sections, :manage_collaborators, :autocomplete_maintainers], Project) {|project| local_admin? project}
can(:fork, Project) {|project| can? :read, project}
@ -74,12 +76,12 @@ class Ability
can([:create, :update], BuildList) {|build_list| build_list.project.is_package && can?(:write, build_list.project)}
can(:publish, BuildList) do |build_list|
build_list.can_publish? and build_list.save_to_repository.publish_without_qa ? can?(:write, build_list.project) : local_admin?(build_list.save_to_platform)
build_list.save_to_repository.publish_without_qa ? can?(:write, build_list.project) : local_admin?(build_list.save_to_platform)
end
can(:reject_publish, BuildList) do |build_list|
build_list.can_reject_publish? and not build_list.save_to_repository.publish_without_qa and local_admin?(build_list.save_to_platform)
local_admin?(build_list.save_to_platform)
end
can(:cancel, BuildList) {|build_list| build_list.can_cancel? && can?(:write, build_list.project)}
can(:cancel, BuildList) {|build_list| can?(:write, build_list.project)}
can [:read, :owned, :related, :members], Platform, :owner_type => 'User', :owner_id => user.id
can [:read, :related, :members], Platform, :owner_type => 'Group', :owner_id => user.group_ids

View File

@ -27,6 +27,11 @@ class BuildList < ActiveRecord::Base
validate lambda {
errors.add(:save_to_repository, I18n.t('flash.build_list.wrong_repository')) unless save_to_repository_id.in? save_to_platform.repositories.map(&:id)
}
validate lambda {
include_repos.each {|ir|
errors.add(:save_to_repository, I18n.t('flash.build_list.wrong_include_repos')) unless build_for_platform.repository_ids.include? ir.to_i
}
}
LIVE_TIME = 4.week # for unpublished
MAX_LIVE_TIME = 3.month # for published

View File

@ -68,7 +68,9 @@ class BuildList::Filter
end
def build_date_from_params(field_name, params)
if params["#{field_name}(1i)"].present? || params["#{field_name}(2i)"].present? || params["#{field_name}(3i)"].present?
if params[field_name].present?
Time.at(params[field_name].to_i)
elsif params["#{field_name}(1i)"].present? || params["#{field_name}(2i)"].present? || params["#{field_name}(3i)"].present?
Date.civil((params["#{field_name}(1i)"].presence || Date.today.year).to_i,
(params["#{field_name}(2i)"].presence || Date.today.month).to_i,
(params["#{field_name}(3i)"].presence || Date.today.day).to_i)

View File

@ -0,0 +1,7 @@
json.build_lists @build_lists do |json, build_list|
json.(build_list, :id, :name, :status)
json.url api_v1_build_list_path(build_list, :format => :json)
end
json.url api_v1_build_lists_path(:format => :json, :params => {:filter => params[:filter] } )

View File

@ -0,0 +1,56 @@
json.build_list do |json|
json.(@build_list, :id, :name, :container_path, :status, :duration)
json.(@build_list, :is_circle, :update_type, :build_requires)
json.(@build_list, :auto_publish, :package_version, :commit_hash)
json.arch_name @build_list.arch.name
json.created_at @build_list.created_at.to_i
json.updated_at @build_list.updated_at.to_i
json.project do |json_project|
json_project.(@build_list.project, :id, :name)
json_project.fullname @build_list.project.name_with_owner
json_project.url api_v1_project_path(@build_list.project, :format => :json)
end
json.save_to_repository do |json_save_to_repository|
json_save_to_repository.(@build_list.save_to_repository, :id, :name)
json_save_to_repository.platform do |json_str_platform|
json_str_platform.(@build_list.save_to_repository.platform, :id, :name)
json_str_platform.url api_v1_platform_path(@build_list.save_to_repository.platform, :format => :json)
end
json_save_to_repository.url api_v1_repository_path(@build_list.save_to_repository, :format => :json)
end
json.build_for_platform do |json_build_for_platform|
json_build_for_platform.(@build_list.build_for_platform, :id, :name)
json_build_for_platform.url api_v1_platform_path(@build_list.build_for_platform, :format => :json)
end
json.owner do |json_owner|
json_owner.(@build_list.user, :id, :name)
json_owner.url url_for(@build_list.project.owner)
end
inc_repos = Repository.includes(:platform).where(:id => @build_list.include_repos)
json.include_repos inc_repos do |json_include_repos, repo|
json_include_repos.(repo, :id, :name)
end
json.additional_repos @build_list.additional_repos do |json_repos, repo|
json_repos.(repo, :id, :name)
end if @build_list.additional_repos
json.advisory do |json_advisory|
json_advisory.name @build_list.advisory.advisory_id
json_advisory.(@build_list.advisory, :description)
end if @build_list.advisory
json.mass_build do |json_mass_build|
json_mass_build.(@build_list.mass_build, :id, :name)
end if @build_list.mass_build
json.url api_v1_build_list_path(@build_list, :format => :json)
end

View File

@ -0,0 +1,17 @@
json.platforms @platforms do |json, platform|
json.(platform, :id, :name, :platform_type, :visibility)
json.owner do |json_owner|
json_owner.(platform.owner, :id, :name)
json_owner.type platform.owner_type
json_owner.url url_for(platform.owner)
end
json.repositories do |json_rep|
platform.repositories.each do |repo|
json_rep.(repo, :id, :name)
json_rep.url api_v1_repository_path(repo.name, :format => :json)
end
end
json.url api_v1_platform_path(platform.name, :format => :json)
end
json.url api_v1_platforms_path(:format => :json)

View File

@ -0,0 +1,17 @@
json.platform do |json|
json.(@platform, :id, :name, :description, :parent_platform_id, :released, :visibility, :platform_type, :distrib_type)
json.created_at @platform.created_at.to_i
json.updated_at @platform.updated_at.to_i
json.owner do |json_owner|
json_owner.(@platform.owner, :id, :name)
json_owner.type @platform.owner_type
json_owner.url url_for(@platform.owner)
end
json.repositories do |json_rep|
@platform.repositories.each do |repo|
json_rep.(repo, :id, :name)
json_rep.url api_v1_repository_path(repo.name, :format => :json)
end
end
end
json.url api_v1_platform_path(@platform, :format => :json)

View File

@ -0,0 +1,9 @@
json.project do |json|
json.(@project, :id, :name, :visibility)
json.owner do |json_owner|
json_owner.(@project.owner, :id, :name)
json_owner.type @project.owner_type
json_owner.url url_for(@project.owner)
end
json.url api_v1_project_path(@project, :format => :json)
end

View File

@ -0,0 +1,11 @@
json.projects @projects do |json, project|
json.(project, :id, :name, :visibility)
json.owner do |json_owner|
json_owner.(project.owner, :id, :name)
json_owner.type project.owner_type
json_owner.url url_for(project.owner)
end
json.url api_v1_project_path(project, :format => :json)
end
json.url api_v1_projects_path(:format => :json)

View File

@ -0,0 +1,14 @@
json.project do |json|
json.(@project, :id, :name, :visibility, :description, :ancestry, :has_issues, :has_wiki,
:srpm_file_name, :srpm_content_type, :srpm_file_size, :srpm_updated_at, :default_branch, :is_package,
:average_build_time, :build_count)
json.created_at @project.created_at.to_i
json.updated_at @project.updated_at.to_i
json.owner do |json_owner|
json_owner.(@project.owner, :id, :name)
json_owner.type @project.owner_type
json_owner.url url_for(@project.owner)
end
end
json.url api_v1_project_path(@project, :format => :json)

View File

@ -0,0 +1,11 @@
json.repository do |json|
json.(@repository, :id, :name, :description, :publish_without_qa)
json.created_at @repository.created_at.to_i
json.updated_at @repository.updated_at.to_i
json.platform do |json_platform|
json_platform.(@repository.platform, :id, :name)
json_platform.url api_v1_platform_path(@repository.platform, :format => :json)
end
end
json.url api_v1_repository_path(@repository, :format => :json)

View File

@ -17,3 +17,6 @@
%li
= image_tag 'square.png'
= link_to t('bottom_menu.support'), contact_url
%li
= image_tag 'square.png'
= link_to t('bottom_menu.developer_api'), t('bottom_menu.developer_api_url')

View File

@ -2,6 +2,8 @@
require File.expand_path('../boot', __FILE__)
require 'rails/all'
require 'rack/throttle'
require 'redis'
# If you have a Gemfile, require the gems listed there, including any gems
# you've limited to :test, :development, or :production.
@ -14,6 +16,10 @@ end
module Rosa
class Application < Rails::Application
# Rate limit
config.middleware.use Rack::Throttle::Interval, :cache => Redis.new, :key_prefix => :throttle, :min => 0.1
config.middleware.use Rack::Throttle::Hourly, :max => 500
#config.middleware.use Rack::Throttle::Daily, :max => 500
config.action_view.javascript_expansions[:defaults] = %w(jquery rails)
config.autoload_paths += %W(#{config.root}/lib)

View File

@ -0,0 +1,7 @@
class Rack::Throttle::Limiter
def http_error(code, message = nil, headers = {})
[code, {'Content-Type' => 'application/json; charset=utf-8'}.merge(headers),
Array(({'message' => http_status(code) + " | " + message}.to_json))]
end
end

View File

@ -137,6 +137,9 @@ en:
exception_message: Access violation to this page!
500_message: Error 500. Something went wrong. We've been notified about this issue and we'll take a look at it shortly.
404_message: Error 404. Resource not found!
collaborators:
successfully_changed: Collaborators list successfully changed
error_in_changing: Collaborators list changing error

View File

@ -18,6 +18,8 @@ en:
tos: Terms Of Service
tos_url: http://www.rosalab.com/about
support: Support
developer_api: Developer API
developer_api_url: http://abf-doc.rosalinux.ru
project_menu:
project: Project
commits: Commits

View File

@ -18,6 +18,8 @@ ru:
tos: Условия использования
tos_url: http://www.rosalab.ru/about
support: Служба поддержки
developer_api: API для разработчиков
developer_api_url: http://abf-doc.rosalinux.ru
project_menu:
project: Проект
commits: Коммиты

View File

@ -60,7 +60,9 @@ en:
show: Show
cancel: Cancel build
cancel_success: 'Build canceled'
publish_success: 'Build published'
cancel_fail: 'Errors during build cancelation!'
publish_fail: 'Errors during build publishing!'
publish_success: 'Build is queued for publishing'
reject_publish_success: 'Publishing rejected'
publish_fail: 'Errors during build publishing!'
@ -144,3 +146,4 @@ en:
cannot_write: You can't build project to this repository.
can_not_published: Build can only be published with status "Build complete"
frozen_platform: In case of a repository for package storage with frozen platform allowed only bugfix and security updates
wrong_include_repos: Include repos have to belongs to build for platform

View File

@ -143,3 +143,4 @@ ru:
cannot_write: Вы не можете собирать пакет в этот репозиторий.
can_not_published: Опубликовать сборку можно только со статусом "Собран"
frozen_platform: В случае выбора репозитория для сохранения пакетов из замороженнной платформы разрешены только bugfix и security обновления
wrong_include_repos: Включаемые репозитории должны принадлежать платформе для сборки

View File

@ -137,6 +137,9 @@ ru:
exception_message: У Вас нет доступа к этой странице!
500_message: Ошибка 500. Что-то пошло не так. Мы уже в курсе данной проблемы и постараемся поскорее ее решить.
404_message: Ошибка 404. Страница не найдена!
collaborators:
successfully_changed: Список коллабораторов успешно изменен
error_in_changing: Ошибка изменения списка коллабораторов

View File

@ -10,6 +10,23 @@ Rosa::Application.routes.draw do
end
devise_for :users, :controllers => {:omniauth_callbacks => 'users/omniauth_callbacks'}
namespace :api do
namespace :v1 do
resources :build_lists, :only => [:index, :create, :show] do
member {
get :publish
get :reject_publish
get :cancel
}
end
resources :platforms, :only => [:index, :show]
resources :repositories, :only => [:show]
resources :projects, :only => [:show] do
collection { get :get_id }
end
end
end
resources :search, :only => [:index]
get '/forbidden' => 'pages#forbidden', :as => 'forbidden'

View File

@ -17,8 +17,8 @@ ActiveRecord::Schema.define(:version => 20120914160741) do
t.integer "user_id", :null => false
t.string "kind"
t.text "data"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
end
create_table "advisories", :force => true do |t|
@ -165,10 +165,10 @@ ActiveRecord::Schema.define(:version => 20120914160741) do
end
create_table "flash_notifies", :force => true do |t|
t.text "body_ru", :null => false
t.text "body_en", :null => false
t.string "status", :null => false
t.boolean "published", :default => true, :null => false
t.text "body_ru"
t.text "body_en"
t.string "status"
t.boolean "published"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
end
@ -327,11 +327,11 @@ ActiveRecord::Schema.define(:version => 20120914160741) do
t.text "description"
t.string "ancestry"
t.boolean "has_issues", :default => true
t.boolean "has_wiki", :default => false
t.string "srpm_file_name"
t.string "srpm_content_type"
t.integer "srpm_file_size"
t.datetime "srpm_updated_at"
t.string "srpm_content_type"
t.boolean "has_wiki", :default => false
t.string "default_branch", :default => "master"
t.boolean "is_package", :default => true, :null => false
t.integer "average_build_time", :default => 0, :null => false
@ -339,16 +339,14 @@ ActiveRecord::Schema.define(:version => 20120914160741) do
t.integer "maintainer_id"
end
add_index "projects", ["owner_id"], :name => "index_projects_on_name_and_owner_id_and_owner_type", :unique => true, :case_sensitive => false
create_table "register_requests", :force => true do |t|
t.string "name"
t.string "email"
t.string "token"
t.boolean "approved", :default => false
t.boolean "rejected", :default => false
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.string "interest"
t.text "more"
t.string "language"
@ -406,16 +404,19 @@ ActiveRecord::Schema.define(:version => 20120914160741) do
t.string "name"
t.string "email", :default => "", :null => false
t.string "encrypted_password", :limit => 128, :default => "", :null => false
t.string "password_salt", :default => "", :null => false
t.string "reset_password_token"
t.datetime "reset_password_sent_at"
t.datetime "remember_created_at"
t.datetime "created_at"
t.datetime "updated_at"
t.text "ssh_key"
t.string "uname"
t.string "role"
t.string "language", :default => "en"
t.string "confirmation_token"
t.datetime "confirmed_at"
t.datetime "confirmation_sent_at"
t.integer "own_projects_count", :default => 0, :null => false
t.datetime "reset_password_sent_at"
t.text "professional_experience"
t.string "site"
t.string "company"
@ -427,9 +428,6 @@ ActiveRecord::Schema.define(:version => 20120914160741) do
t.integer "failed_attempts", :default => 0
t.string "unlock_token"
t.datetime "locked_at"
t.string "confirmation_token"
t.datetime "confirmed_at"
t.datetime "confirmation_sent_at"
t.string "authentication_token"
t.integer "build_priority", :default => 50
end

View File

@ -0,0 +1,595 @@
# -*- encoding : utf-8 -*-
require 'spec_helper'
shared_examples_for 'show build list via api' do
it 'should be able to perform show action' do
get :show, @show_params
response.should render_template("api/v1/build_lists/show")
end
it 'should be able to perform index action' do
get :index, :format => :json
response.should render_template("api/v1/build_lists/index")
end
end
shared_examples_for 'not show build list via api' do
it 'should not be able to perform show action' do
get :show, @show_params
response.body.should == {"message" => "Access violation to this page!"}.to_json
end
pending 'should not be able to perform index action' do
get :index, :format => :json
response.body.should == {"message" => "Access violation to this page!"}.to_json
end
end
shared_examples_for 'create build list via api' do
before {
#@project.update_attributes({:repositories => @platform.repositories})
#test_git_commit(@project)
}
it 'should create one more build list' do
lambda { post :create, @create_params }.should change{ BuildList.count }.by(1)
end
it 'should save correct commit_hash for branch based build' do
post :create, @create_params
#@project.build_lists.last.commit_hash.should == @project.repo.commits('master').last.id
@project.build_lists.last.commit_hash.should == @params[:commit_hash]
end
it 'should save correct commit_hash for tag based build' do
system("cd #{@project.repo.path} && git tag 4.7.5.3") # TODO REDO through grit
post :create, @create_params
#@project.build_lists.last.commit_hash.should == @project.repo.commits('4.7.5.3').last.id
@project.build_lists.last.commit_hash.should == @params[:commit_hash]
end
end
shared_examples_for 'not create build list via api' do
before {
#@project.update_attributes({:repositories => @platform.repositories})
#test_git_commit(@project)
}
it 'should not be able to perform create action' do
post :create, @create_params
response.body.should == {"message" => "Access violation to this page!"}.to_json
end
it 'should not create one more build list' do
lambda { post :create, @create_params }.should change{ BuildList.count }.by(0)
end
end
describe Api::V1::BuildListsController do
before(:each) do
stub_symlink_methods
end
context 'create and update abilities' do
context 'for user' do
before(:each) do
Arch.destroy_all
User.destroy_all
@build_list = FactoryGirl.create(:build_list_core)
@params = @build_list.attributes.symbolize_keys
@project = @build_list.project
@platform = @build_list.save_to_platform
#@platform = FactoryGirl.create(:platform_with_repos)
stub_symlink_methods
@user = FactoryGirl.create(:user)
@owner_user = @project.owner
@member_user = FactoryGirl.create(:user)
@project.relations.create(:role => 'reader', :actor => @member_user)
@build_list.save_to_platform.relations.create(:role => 'admin', :actor => @owner_user) # Why it's really need it??
# Create and show params:
@create_params = {:build_list => @build_list.attributes.symbolize_keys.except(:bs_id)}
@create_params = @create_params.merge(:arches => [@params[:arch_id]], :build_for_platforms => [@params[:build_for_platform_id]], :format => :json)
any_instance_of(Project, :versions => ['v1.0', 'v2.0'])
http_login(@user)
end
context "do cancel" do
def do_cancel
get :cancel, :id => @build_list, :format => :json
end
context 'if user is project owner' do
before(:each) {http_login(@owner_user)}
context "if it has :build_pending status" do
it "should return correct json message" do
@build_list.update_column(:status, BuildList::BUILD_PENDING)
do_cancel
response.body.should == {:is_canceled => true, :url => api_v1_build_list_path(@build_list, :format => :json), :message => I18n.t('layout.build_lists.cancel_success')}.to_json
end
it "should cancel build list" do
@build_list.update_column(:status, BuildList::BUILD_PENDING)
do_cancel
@build_list.reload.status.should == BuildList::BUILD_CANCELED
end
end
context "if it has another status" do
it "should return correct json error message" do
@build_list.update_column(:status, BuildServer::PROJECT_NOT_FOUND)
do_cancel
response.body.should == {:is_canceled => false, :url => api_v1_build_list_path(@build_list, :format => :json), :message => I18n.t('layout.build_lists.cancel_fail')}.to_json
end
it "should not cancel build list" do
@build_list.update_column(:status, BuildServer::PROJECT_NOT_FOUND)
do_cancel
@build_list.reload.status.should == BuildServer::PROJECT_NOT_FOUND
end
end
end
context 'if user is not project owner' do
before(:each) do
@build_list.update_column(:status, BuildList::BUILD_PENDING)
do_cancel
end
it "should return access violation message" do
response.body.should == {"message" => "Access violation to this page!"}.to_json
end
it "should not cancel build list" do
@build_list.reload.status.should == BuildList::BUILD_PENDING
end
end
end
context "do publish" do
def do_publish
get :publish, :id => @build_list, :format => :json
end
context 'if user is project owner' do
before(:each) do
http_login(@owner_user)
@build_list.update_column(:status, BuildList::FAILED_PUBLISH)
do_publish
end
context "if it has :failed_publish status" do
it "should return correct json message" do
response.body.should == {:is_published => true, :url => api_v1_build_list_path(@build_list, :format => :json), :message => I18n.t('layout.build_lists.publish_success')}.to_json
end
it "should cancel build list" do
@build_list.reload.status.should == BuildList::BUILD_PUBLISH
end
end
context "if it has another status" do
before(:each) do
@build_list.update_column(:status, BuildServer::PROJECT_NOT_FOUND)
do_publish
end
it "should return correct json error message" do
response.body.should == {:is_published => false, :url => api_v1_build_list_path(@build_list, :format => :json), :message => I18n.t('layout.build_lists.publish_fail')}.to_json
end
it "should not cancel build list" do
@build_list.reload.status.should == BuildServer::PROJECT_NOT_FOUND
end
end
end
context 'if user is not project owner' do
before(:each) do
@build_list.update_column(:status, BuildList::FAILED_PUBLISH)
do_publish
end
it "should return access violation message" do
response.body.should == {"message" => "Access violation to this page!"}.to_json
end
it "should not cancel build list" do
@build_list.reload.status.should == BuildList::FAILED_PUBLISH
end
end
end
context "do reject_publish" do
before(:each) do
any_instance_of(BuildList, :current_duration => 100)
@build_list.save_to_repository.update_column(:publish_without_qa, false)
end
def do_reject_publish
get :reject_publish, :id => @build_list, :format => :json
end
context 'if user is project owner' do
before(:each) do
http_login(@owner_user)
@build_list.update_column(:status, BuildServer::SUCCESS)
@build_list.save_to_platform.update_column(:released, true)
do_reject_publish
end
context "if it has :success status" do
it "should return correct json message" do
response.body.should == {:is_reject_published => true, :url => api_v1_build_list_path(@build_list, :format => :json), :message => I18n.t('layout.build_lists.reject_publish_success')}.to_json
end
it "should reject publish build list" do
@build_list.reload.status.should == BuildList::REJECTED_PUBLISH
end
end
context "if it has another status" do
before(:each) do
@build_list.update_column(:status, BuildServer::PROJECT_NOT_FOUND)
do_reject_publish
end
it "should return correct json error message" do
response.body.should == {:is_reject_published => false, :url => api_v1_build_list_path(@build_list, :format => :json), :message => I18n.t('layout.build_lists.reject_publish_fail')}.to_json
end
it "should not cancel build list" do
@build_list.reload.status.should == BuildServer::PROJECT_NOT_FOUND
end
end
end
context 'if user is not project owner' do
before(:each) do
@build_list.update_column(:status, BuildServer::SUCCESS)
@build_list.save_to_platform.update_column(:released, true)
do_reject_publish
end
it "should return access violation message" do
response.body.should == {"message" => "Access violation to this page!"}.to_json
end
it "should not cancel build list" do
do_reject_publish
@build_list.reload.status.should == BuildServer::SUCCESS
end
end
end
context 'for open project' do
it_should_behave_like 'not create build list via api'
context 'if user is project owner' do
before(:each) {http_login(@owner_user)}
it_should_behave_like 'create build list via api'
end
context 'if user is project read member' do
before(:each) {http_login(@member_user)}
end
end
context 'for hidden project' do
before(:each) do
@project.update_column(:visibility, 'hidden')
end
it_should_behave_like 'not create build list via api'
context 'if user is project owner' do
before(:each) {http_login(@owner_user)}
it_should_behave_like 'create build list via api'
end
context 'if user is project read member' do
before(:each) {http_login(@member_user)}
it_should_behave_like 'not create build list via api'
end
end
end
context 'for group' do
before(:each) do
Arch.destroy_all
User.destroy_all
@build_list = FactoryGirl.create(:build_list_core)
@params = @build_list.attributes.symbolize_keys
@project = @build_list.project
@platform = @build_list.save_to_platform
stub_symlink_methods
@user = FactoryGirl.create(:user)
@owner_user = FactoryGirl.create(:user)
@member_user = FactoryGirl.create(:user)
# Create and show params:
@create_params = {:build_list => @build_list.attributes.symbolize_keys.except(:bs_id)}
@create_params = @create_params.merge(:arches => [@params[:arch_id]], :build_for_platforms => [@params[:build_for_platform_id]], :format => :json)
any_instance_of(Project, :versions => ['v1.0', 'v2.0'])
# Groups:
@owner_group = FactoryGirl.create(:group, :owner => @owner_user)
@member_group = FactoryGirl.create(:group)
@member_group.actors.create :role => 'reader', :actor_id => @member_user.id, :actor_type => 'User'
@group = FactoryGirl.create(:group)
@user = FactoryGirl.create(:user)
@group.actors.create :role => 'reader', :actor_id => @user.id, :actor_type => 'User'
@project.owner = @owner_group
@project.save
@project.relations.create :role => 'reader', :actor_id => @member_group.id, :actor_type => 'Group'
@project.relations.create :role => 'admin', :actor_id => @owner_group.id, :actor_type => 'Group'
@build_list.save_to_platform.relations.create(:role => 'admin', :actor => @owner_group) # Why it's really need it??
@build_list.save_to_platform.relations.create(:role => 'reader', :actor => @member_group) # Why it's really need it??
http_login(@user)
end
context 'for open project' do
it_should_behave_like 'not create build list via api'
context 'if user is group owner' do
before(:each) {http_login(@owner_user)}
it_should_behave_like 'create build list via api'
end
context 'if user is group read member' do
before(:each) {http_login(@member_user)}
it_should_behave_like 'not create build list via api'
end
end
context 'for hidden project' do
before(:each) do
@build_list.project.update_column(:visibility, 'hidden')
end
it_should_behave_like 'not create build list via api'
context 'if user is group owner' do
before(:each) {http_login(@owner_user)}
it_should_behave_like 'create build list via api'
end
context 'if user is group read member' do
before(:each) {http_login(@member_user)}
it_should_behave_like 'not create build list via api'
end
end
end
end
context 'read and accessible abilities' do
before(:each) do
Arch.destroy_all
User.destroy_all
@user = FactoryGirl.create(:user)
# Build Lists:
@build_list1 = FactoryGirl.create(:build_list_core)
@build_list2 = FactoryGirl.create(:build_list_core)
@build_list2.project.update_column(:visibility, 'hidden')
project = FactoryGirl.create(:project, :visibility => 'hidden', :owner => @user)
@build_list3 = FactoryGirl.create(:build_list_core, :project => project)
@build_list4 = FactoryGirl.create(:build_list_core)
@build_list4.project.update_column(:visibility, 'hidden')
@build_list4.project.relations.create! :role => 'reader', :actor_id => @user.id, :actor_type => 'User'
@filter_build_list1 = FactoryGirl.create(:build_list_core)
@filter_build_list2 = FactoryGirl.create(:build_list_core)
@filter_build_list3 = FactoryGirl.create(:build_list_core)
@filter_build_list4 = FactoryGirl.create(:build_list_core, :updated_at => (Time.now - 1.day),
:project => @build_list3.project, :save_to_platform => @build_list3.save_to_platform,
:arch => @build_list3.arch)
end
context 'for guest' do
it 'should be able to perform index action', :anonymous_access => true do
get :index, :format => :json
response.should be_success
end
it 'should not be able to perform index action', :anonymous_access => false do
get :index, :format => :json
response.status.should == 401
end
end
context 'for all build lists' do
before(:each) {
http_login(@user)
}
it 'should be able to perform index action' do
get :index, :format => :json
response.should be_success
end
it 'should show only accessible build_lists' do
get :index, :filter => {:ownership => 'index'}, :format => :json
assigns(:build_lists).should include(@build_list1)
assigns(:build_lists).should_not include(@build_list2)
assigns(:build_lists).should include(@build_list3)
assigns(:build_lists).should include(@build_list4)
assigns(:build_lists).count.should eq 7
end
end
context 'filter' do
before(:each) do
http_login FactoryGirl.create(:admin)
end
it 'should filter by bs_id' do
get :index, :filter => {:bs_id => @filter_build_list1.bs_id, :project_name => 'fdsfdf', :any_other_field => 'do not matter'}, :format => :json
assigns[:build_lists].should include(@filter_build_list1)
assigns[:build_lists].should_not include(@filter_build_list2)
assigns[:build_lists].should_not include(@filter_build_list3)
end
it 'should filter by project_name' do
get :index, :filter => {:project_name => @filter_build_list2.project.name, :ownership => 'index'}, :format => :json
assigns[:build_lists].should_not include(@filter_build_list1)
assigns[:build_lists].should include(@filter_build_list2)
assigns[:build_lists].should_not include(@filter_build_list3)
end
it 'should filter by project_name and start_date' do
get :index, :filter => {:project_name => @filter_build_list3.project.name, :ownership => 'index',
:"updated_at_start(1i)" => @filter_build_list3.updated_at.year.to_s,
:"updated_at_start(2i)" => @filter_build_list3.updated_at.month.to_s,
:"updated_at_start(3i)" => @filter_build_list3.updated_at.day.to_s}, :format => :json
assigns[:build_lists].should_not include(@filter_build_list1)
assigns[:build_lists].should_not include(@filter_build_list2)
assigns[:build_lists].should include(@filter_build_list3)
assigns[:build_lists].should_not include(@filter_build_list4)
end
end
context "for user" do
before(:each) do
@build_list = FactoryGirl.create(:build_list_core)
@params = @build_list.attributes.symbolize_keys
@project = @build_list.project
stub_symlink_methods
@owner_user = @project.owner
@member_user = FactoryGirl.create(:user)
@project.relations.create(:role => 'reader', :actor => @member_user)
@build_list.save_to_platform.relations.create(:role => 'admin', :actor => @owner_user) # Why it's really need it??
# Show params:
@show_params = {:id => @build_list.id, :format => :json}
end
context 'for open project' do
context 'for simple user' do
before(:each) {http_login(@user)}
it_should_behave_like 'show build list via api'
end
context 'if user is project owner' do
before(:each) {http_login(@owner_user)}
it_should_behave_like 'show build list via api'
end
context 'if user is project read member' do
before(:each) {http_login(@member_user)}
it_should_behave_like 'show build list via api'
end
end
context 'for hidden project' do
before(:each) do
@project.update_column(:visibility, 'hidden')
end
context 'for simple user' do
before(:each) {http_login(@user)}
it_should_behave_like 'not show build list via api'
end
context 'if user is project owner' do
before(:each) {http_login(@owner_user)}
it_should_behave_like 'show build list via api'
end
context 'if user is project read member' do
before(:each) {http_login(@member_user)}
it_should_behave_like 'show build list via api'
end
end
end
context "for group" do
before(:each) do
@platform = FactoryGirl.create(:platform_with_repos)
@build_list = FactoryGirl.create(:build_list_core, :save_to_platform => @platform)
@project = @build_list.project
@params = @build_list.attributes.symbolize_keys
stub_symlink_methods
@owner_user = @project.owner#FactoryGirl.create(:user)
@member_user = FactoryGirl.create(:user)
#@project.relations.create(:role => 'reader', :actor => @member_user)
# Show params:
@show_params = {:id => @build_list.id, :format => :json}
# Groups:
@owner_group = FactoryGirl.create(:group, :owner => @owner_user)
@member_group = FactoryGirl.create(:group)
@member_group.actors.create :role => 'reader', :actor_id => @member_user.id, :actor_type => 'User'
@group = FactoryGirl.create(:group)
@group.actors.create :role => 'reader', :actor_id => @user.id, :actor_type => 'User'
#@project = FactoryGirl.create(:project, :owner => @owner_group, :repositories => @platform.repositories)
#@project.owner = @owner_group
#@project.save
@project.relations.create :role => 'reader', :actor_id => @member_group.id, :actor_type => 'Group'
#@build_list.save_to_platform.relations.create(:role => 'reader', :actor => @member_group) # Why it's really need it??
#@build_list.save_to_platform.relations.create(:role => 'admin', :actor => @owner_group) # Why it's really need it??
end
context 'for open project' do
context 'for simple user' do
before(:each) {http_login(@user)}
it_should_behave_like 'show build list via api'
end
context 'if user is group owner' do
before(:each) {http_login(@owner_user)}
it_should_behave_like 'show build list via api'
end
context 'if user is group read member' do
before(:each) {http_login(@member_user)}
it_should_behave_like 'show build list via api'
end
end
context 'for hidden project' do
before(:each) do
@build_list.project.update_column(:visibility, 'hidden')
end
context 'for simple user' do
before(:each) {http_login(@user)}
it_should_behave_like 'not show build list via api'
end
context 'if user is group owner' do
before(:each) { http_login(@owner_user) }
it_should_behave_like 'show build list via api'
end
context 'if user is group read member' do
before(:each) {http_login(@member_user)}
it_should_behave_like 'show build list via api'
end
end
end
end
end

View File

@ -0,0 +1,112 @@
# -*- encoding : utf-8 -*-
require 'spec_helper'
shared_examples_for 'api platform user with reader rights' do
include_examples "api platform user with show rights"
it 'should be able to perform index action' do
get :index, :format => :json
response.should render_template(:index)
end
end
shared_examples_for 'api platform user with reader rights for hidden platform' do
before(:each) do
@platform.update_column(:visibility, 'hidden')
end
it_should_behave_like 'api platform user with show rights'
end
shared_examples_for 'api platform user without reader rights for hidden platform' do
before(:each) do
@platform.update_column(:visibility, 'hidden')
end
it_should_behave_like 'api platform user without show rights'
end
shared_examples_for "api platform user with show rights" do
it 'should be able to perform show action' do
get :show, :id => @platform.id, :format => :json
response.should render_template(:show)
end
end
shared_examples_for "api platform user without show rights" do
it 'should not be able to perform show action' do
get :show, :id => @platform.id, :format => :json
response.body.should == {"message" => "Access violation to this page!"}.to_json
end
end
describe Api::V1::PlatformsController do
before(:each) do
stub_symlink_methods
@platform = FactoryGirl.create(:platform)
@personal_platform = FactoryGirl.create(:platform, :platform_type => 'personal')
@user = FactoryGirl.create(:user)
end
context 'for guest' do
it "should not be able to perform index action" do
get :index, :format => :json
response.status.should == 401
end
it "should not be able to perform show action", :anonymous_access => false do
get :show, :id => @platform.id, :format => :json
response.status.should == 401
end
it_should_behave_like 'api platform user with show rights' if APP_CONFIG['anonymous_access']
it_should_behave_like 'api platform user without reader rights for hidden platform' if APP_CONFIG['anonymous_access']
end
context 'for global admin' do
before(:each) do
@admin = FactoryGirl.create(:admin)
@user = FactoryGirl.create(:user)
http_login(@admin)
end
it_should_behave_like 'api platform user with reader rights'
it_should_behave_like 'api platform user with reader rights for hidden platform'
end
context 'for owner user' do
before(:each) do
@user = FactoryGirl.create(:user)
http_login(@user)
@platform.owner = @user; @platform.save
@platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin')
end
it_should_behave_like 'api platform user with reader rights'
it_should_behave_like 'api platform user with reader rights for hidden platform'
end
context 'for reader user' do
before(:each) do
@user = FactoryGirl.create(:user)
http_login(@user)
@platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader')
end
it_should_behave_like 'api platform user with reader rights'
it_should_behave_like 'api platform user with reader rights for hidden platform'
end
context 'for simple user' do
before(:each) do
@user = FactoryGirl.create(:user)
http_login(@user)
end
it_should_behave_like 'api platform user with reader rights'
it_should_behave_like 'api platform user without reader rights for hidden platform'
end
end

View File

@ -0,0 +1,237 @@
# -*- encoding : utf-8 -*-
require 'spec_helper'
shared_examples_for "api projects user with reader rights" do
include_examples "api projects user with show rights"
end
shared_examples_for "api projects user with reader rights for hidden project" do
before(:each) do
@project.update_column(:visibility, 'hidden')
end
it_should_behave_like 'api projects user with show rights'
end
shared_examples_for "api projects user without reader rights for hidden project" do
before(:each) do
@project.update_column(:visibility, 'hidden')
end
it_should_behave_like 'api projects user without show rights'
end
shared_examples_for "api projects user without show rights" do
it "should show access violation instead of project data" do
get :show, :id => @project.id, :format => :json
response.body.should == {"message" => "Access violation to this page!"}.to_json
end
it "should access violation instead of project data by get_id" do
get :get_id, :name => @project.name, :owner => @project.owner.uname, :format => :json
response.body.should == {"message" => "Access violation to this page!"}.to_json
end
end
shared_examples_for "api projects user with show rights" do
it "should show project data" do
get :show, :id => @project.id, :format => :json
render_template(:show)
end
context 'project find by get_id' do
it "should find project by name and owner name" do
@project.reload
get :get_id, :name => @project.name, :owner => @project.owner.uname, :format => :json
assigns[:project].id.should == @project.id
end
it "should not find project by non existing name and owner name" do
get :get_id, :name => 'NONE_EXISTING_NAME', :owner => @project.owner.uname, :format => :json
assigns[:project].should be_blank
end
it "should render 404 for non existing name and owner name" do
get :get_id, :name => 'NONE_EXISTING_NAME', :owner => @project.owner.uname, :format => :json
response.body.should == {:message => I18n.t("flash.404_message")}.to_json
end
end
end
describe Api::V1::ProjectsController do
before(:each) do
stub_symlink_methods
@project = FactoryGirl.create(:project)
@hidden_project = FactoryGirl.create(:project)
@another_user = FactoryGirl.create(:user)
end
context 'for guest' do
it 'should be able to perform get_id action', :anonymous_access => false do
get :get_id, :format => :json
response.status.should == 401
end
it 'should be able to perform show action', :anonymous_access => false do
get :show, :id => @project.id, :format => :json
response.status.should == 401
end
it_should_behave_like 'api projects user with reader rights' if APP_CONFIG['anonymous_access']
it_should_behave_like 'api projects user without reader rights for hidden project' if APP_CONFIG['anonymous_access']
end
context 'for simple user' do
before(:each) do
@user = FactoryGirl.create(:user)
http_login(@user)
end
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user without reader rights for hidden project'
end
context 'for admin' do
before(:each) do
@admin = FactoryGirl.create(:admin)
http_login(@admin)
end
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with reader rights for hidden project'
end
context 'for owner user' do
before(:each) do
@user = FactoryGirl.create(:user)
http_login(@user)
@project.owner = @user; @project.save
@project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin')
end
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with reader rights for hidden project'
end
context 'for reader user' do
before(:each) do
@user = FactoryGirl.create(:user)
http_login(@user)
@project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader')
end
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with reader rights for hidden project'
end
context 'for writer user' do
before(:each) do
@user = FactoryGirl.create(:user)
http_login(@user)
@project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'writer')
end
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with reader rights for hidden project'
end
context 'for group' do
before(:each) do
@group = FactoryGirl.create(:group)
@group_user = FactoryGirl.create(:user)
@project.relations.destroy_all
http_login(@group_user)
end
context 'with no relations to project' do
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user without reader rights for hidden project'
end
context 'owner of the project' do
before(:each) do
@project.owner = @group; @project.save
@project.relations.create :actor_id => @project.owner.id, :actor_type => @project.owner.class.to_s, :role => 'admin'
end
context 'reader user' do
before(:each) do
@group.actors.create(:actor_id => @group_user.id, :actor_type => 'User', :role => 'reader')
end
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with reader rights for hidden project'
end
context 'admin user' do
before(:each) do
@group.actors.create(:actor_id => @group_user.id, :actor_type => 'User', :role => 'admin')
end
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with reader rights for hidden project'
end
end
context 'member of the project' do
context 'with admin rights' do
before(:each) do
@project.relations.create :actor_id => @group.id, :actor_type => @group.class.to_s, :role => 'admin'
end
context 'reader user' do
before(:each) do
@group.actors.create(:actor_id => @group_user.id, :actor_type => 'User', :role => 'reader')
end
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with reader rights for hidden project'
end
context 'admin user' do
before(:each) do
@group.actors.create(:actor_id => @group_user.id, :actor_type => 'User', :role => 'admin')
end
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with reader rights for hidden project'
end
end
context 'with reader rights' do
before(:each) do
@project.relations.create :actor_id => @group.id, :actor_type => @group.class.to_s, :role => 'reader'
end
context 'reader user' do
before(:each) do
@group.actors.create(:actor_id => @group_user.id, :actor_type => 'User', :role => 'reader')
end
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with reader rights for hidden project'
context 'user should has best role' do
before(:each) do
@project.relations.create :actor_id => @group_user.id, :actor_type => @group_user.class.to_s, :role => 'admin'
end
it_should_behave_like 'api projects user with reader rights'
end
end
context 'admin user' do
before(:each) do
@group.actors.create(:actor_id => @group_user.id, :actor_type => 'User', :role => 'admin')
end
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with reader rights for hidden project'
end
end
end
end
end

View File

@ -0,0 +1,92 @@
# -*- encoding : utf-8 -*-
require 'spec_helper'
shared_examples_for 'api repository user with reader rights' do
it_should_behave_like 'api repository user with show rights'
end
shared_examples_for 'api repository user with reader rights for hidden platform' do
before(:each) do
@platform.update_column(:visibility, 'hidden')
end
it_should_behave_like 'api repository user with show rights'
end
shared_examples_for 'api repository user without reader rights for hidden platform' do
before(:each) do
@platform.update_column(:visibility, 'hidden')
end
it_should_behave_like 'api repository user without show rights'
end
shared_examples_for "api repository user with show rights" do
it 'should be able to perform show action' do
get :show, :id => @repository.id, :format => :json
response.should render_template(:show)
end
end
shared_examples_for "api repository user without show rights" do
it 'should not be able to perform show action' do
get :show, :id => @repository.id, :format => :json
response.body.should == {"message" => "Access violation to this page!"}.to_json
end
end
describe Api::V1::RepositoriesController do
before(:each) do
stub_symlink_methods
@platform = FactoryGirl.create(:platform)
@repository = FactoryGirl.create(:repository, :platform => @platform)
@personal_repository = FactoryGirl.create(:personal_repository)
@project = FactoryGirl.create(:project)
@another_user = FactoryGirl.create(:user)
end
context 'for guest' do
it "should not be able to perform show action", :anonymous_access => false do
get :show, :id => @repository.id, :format => :json
response.status.should == 401
end
it_should_behave_like 'api repository user without reader rights for hidden platform' if APP_CONFIG['anonymous_access']
it_should_behave_like 'api repository user with show rights' if APP_CONFIG['anonymous_access']
end
context 'for admin' do
before(:each) do
@admin = FactoryGirl.create(:admin)
http_login(@admin)
end
it_should_behave_like 'api repository user with reader rights'
it_should_behave_like 'api repository user with reader rights for hidden platform'
end
context 'for platform owner user' do
before(:each) do
@user = FactoryGirl.create(:user)
http_login(@user)
platform = @repository.platform
platform.owner = @user; platform.save
@repository.platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin')
end
it_should_behave_like 'api repository user with reader rights'
it_should_behave_like 'api repository user with reader rights for hidden platform'
end
context 'for user' do
before(:each) do
@user = FactoryGirl.create(:user)
http_login(@user)
end
it_should_behave_like 'api repository user with reader rights'
it_should_behave_like 'api repository user without reader rights for hidden platform'
it_should_behave_like 'api repository user with show rights'
end
end

View File

@ -28,7 +28,10 @@ describe Projects::BuildListsController do
end
shared_examples_for 'create build list' do
before {test_git_commit(@project)}
before {
@project.update_attribute(:repositories, @platform.repositories)
test_git_commit(@project)
}
it 'should be able to perform new action' do
get :new, :owner_name => @project.owner.uname, :project_name => @project.name
@ -53,6 +56,11 @@ describe Projects::BuildListsController do
end
shared_examples_for 'not create build list' do
before {
@project.update_attribute(:repositories, @platform.repositories)
test_git_commit(@project)
}
it 'should not be able to perform new action' do
get :new, :owner_name => @project.owner.uname, :project_name => @project.name
response.should redirect_to(forbidden_url)
@ -68,33 +76,31 @@ describe Projects::BuildListsController do
context 'crud' do
before(:each) do
platform = FactoryGirl.create(:platform_with_repos)
@platform = FactoryGirl.create(:platform_with_repos)
@create_params = {
:build_list => {
:project_version => 'latest_master',
:save_to_platform_id => platform.id,
:save_to_repository_id => @platform.repositories.first.id,
:update_type => 'security',
:include_repos => [platform.repositories.first.id]
:include_repos => [@platform.repositories.first.id]
},
:arches => [FactoryGirl.create(:arch).id],
:build_for_platforms => [platform.id]
:build_for_platforms => [@platform.id]
}
any_instance_of(Project, :versions => ['v1.0', 'v2.0'])
end
context 'for guest' do
if APP_CONFIG['anonymous_access']
it 'should be able to perform index action' do
it 'should be able to perform index action', :anonymous_access => true do
get :index
response.should be_success
end
else
it 'should not be able to perform index action' do
it 'should not be able to perform index action', :anonymous_access => false do
get :index
response.should redirect_to(new_user_session_path)
end
end
end
context 'for user' do
before(:each) do
@ -113,10 +119,16 @@ describe Projects::BuildListsController do
context 'for all build lists' do
before(:each) do
@build_list1 = FactoryGirl.create(:build_list_core)
@build_list2 = FactoryGirl.create(:build_list_core, :project => FactoryGirl.create(:project, :visibility => 'hidden'))
@build_list3 = FactoryGirl.create(:build_list_core, :project => FactoryGirl.create(:project, :owner => @user, :visibility => 'hidden'))
@build_list4 = FactoryGirl.create(:build_list_core, :project => FactoryGirl.create(:project, :visibility => 'hidden'))
@build_list4.project.relations.create :role => 'reader', :actor_id => @user.id, :actor_type => 'User'
@build_list2 = FactoryGirl.create(:build_list_core)
@build_list2.project.update_column(:visibility, 'hidden')
project = FactoryGirl.create(:project, :visibility => 'hidden', :owner => @user)
@build_list3 = FactoryGirl.create(:build_list_core, :project => project)
@build_list4 = FactoryGirl.create(:build_list_core)
@build_list4.project.update_column(:visibility, 'hidden')
@build_list4.project.relations.create! :role => 'reader', :actor_id => @user.id, :actor_type => 'User'
end
it 'should be able to perform index action' do
@ -175,33 +187,36 @@ describe Projects::BuildListsController do
context 'for group' do
before(:each) do
@owner_group = FactoryGirl.create(:group)
@owner_user = FactoryGirl.create(:user)
@owner_group.actors.create :role => 'admin', :actor_id => @owner_user.id, :actor_type => 'User'
@user = FactoryGirl.create(:user)
set_session_for(@user)
@build_list = FactoryGirl.create(:build_list_by_group_project)
@project = @build_list.project
@owner_group = @build_list.project.owner
@owner_user = @owner_group.owner
@member_group = FactoryGirl.create(:group)
@member_user = FactoryGirl.create(:user)
@member_group.actors.create :role => 'reader', :actor_id => @member_user.id, :actor_type => 'User'
@group = FactoryGirl.create(:group)
@user = FactoryGirl.create(:user)
@group.actors.create :role => 'reader', :actor_id => @user.id, :actor_type => 'User'
@project = FactoryGirl.create(:project, :owner => @owner_group)
@project.relations.create :role => 'reader', :actor_id => @member_group.id, :actor_type => 'Group'
@build_list = FactoryGirl.create(:build_list_core, :project => @project)
set_session_for(@user)
@show_params = {:owner_name => @project.owner.uname, :project_name => @project.name, :id => @build_list.id}
end
context 'for all build lists' do
before(:each) do
@build_list1 = FactoryGirl.create(:build_list_core)
@build_list2 = FactoryGirl.create(:build_list_core, :project => FactoryGirl.create(:project, :visibility => 'hidden'))
@build_list3 = FactoryGirl.create(:build_list_core, :project => FactoryGirl.create(:project, :owner => @group, :visibility => 'hidden'))
@build_list4 = FactoryGirl.create(:build_list_core, :project => FactoryGirl.create(:project, :visibility => 'hidden'))
@build_list4.project.relations.create :role => 'reader', :actor_id => @group.id, :actor_type => 'Group'
@build_list2 = FactoryGirl.create(:build_list_core)
@build_list2.project.update_column(:visibility, 'hidden')
project = FactoryGirl.create(:project, :visibility => 'hidden', :owner => @user)
@build_list3 = FactoryGirl.create(:build_list_core, :project => project)
@build_list4 = FactoryGirl.create(:build_list_core)
@build_list4.project.update_column(:visibility, 'hidden')
@build_list4.project.relations.create! :role => 'reader', :actor_id => @user.id, :actor_type => 'User'
end
it 'should be able to perform index action' do
@ -317,7 +332,7 @@ describe Projects::BuildListsController do
context 'callbacks' do
let(:build_list) { FactoryGirl.create(:build_list_core) }
let(:build_list_package) { FactoryGirl.create(:build_list_package, :build_list_id => build_list.id, :platform_id => build_list.project.repositories.first.platform_id, :project_id => build_list.project_id, :version => "4.7.5.3", :release => 1) }
let(:build_list_package) { FactoryGirl.create(:build_list_package, :build_list_id => build_list.id, :platform_id => build_list.save_to_platform_id, :project_id => build_list.project_id, :version => "4.7.5.3", :release => 1) }
before(:each) do
mock(controller).authenticate_build_service! {true}
@ -357,7 +372,6 @@ describe Projects::BuildListsController do
before do
@item = build_list.items.create(:name => build_list.project.name, :version => build_list.project_version, :level => 0)
repo = build_list.save_to_platform.repositories.first
repo.projects << build_list.project
@project2 = FactoryGirl.create(:project)
repo.projects << @project2
end

View File

@ -2,8 +2,9 @@
FactoryGirl.define do
factory :build_list do
association :user
association :project
#association :project
association :save_to_platform, :factory => :platform_with_repos
project { |bl| FactoryGirl.create(:project, :repositories => [bl.save_to_platform.repositories.first]) }
association :arch
build_for_platform {|bl| bl.save_to_platform}
save_to_repository {|bl| bl.save_to_platform.repositories.first}
@ -18,6 +19,10 @@ FactoryGirl.define do
bs_id { FactoryGirl.generate(:integer) }
end
factory :build_list_by_group_project, :parent => :build_list_core do
project { |bl| FactoryGirl.create(:group_project, :repositories => [bl.save_to_platform.repositories.first]) }
end
factory :build_list_package, :class => BuildList::Package do
association :build_list
association :project

View File

@ -5,4 +5,8 @@ FactoryGirl.define do
name { FactoryGirl.generate(:unixname) }
association :owner, :factory => :user
end
factory :group_project, :parent => :project do
association :owner, :factory => :group
end
end

View File

@ -290,26 +290,6 @@ describe CanCan do
@ability.should be_able_to(:read, @repository)
end
end
end
context 'build list relations' do
before(:each) do
@project = FactoryGirl.create(:project)
@project.relations.create!(:actor_id => @user.id, :actor_type => 'User', :role => 'writer')
@build_list = FactoryGirl.create(:build_list, :project => @project)
end
it 'should be able to publish build list with SUCCESS status' do
@build_list.status = BuildServer::SUCCESS
@ability.should be_able_to(:publish, @build_list)
end
it 'should not be able to publish build list with another status' do
@build_list.status = BuildServer::BUILD_ERROR
@ability.should_not be_able_to(:publish, @build_list)
end
end
end
end # 'repository relations'
end # 'Site user'
end

View File

@ -36,6 +36,11 @@ def set_session_for(user=nil)
sign_in current_user
end
def http_login(user=nil)
# FIXME: password constant is a bad choice...
request.env['HTTP_AUTHORIZATION'] = ActionController::HttpAuthentication::Basic.encode_credentials(user.email,'123456')
end
def stub_symlink_methods
any_instance_of(Platform, :symlink_directory => true)
any_instance_of(Platform, :remove_symlink_directory => true)