From 2bc7c9b2c37276a1315b14225af4e806216b79b4 Mon Sep 17 00:00:00 2001 From: Vokhmin Alexey V Date: Tue, 7 Apr 2015 22:50:44 +0300 Subject: [PATCH] #465: Comment out a cancan code. --- app/models/ability.rb | 537 +++++++++--------- config/initializers/active_admin.rb | 2 + spec/models/cancan_spec.rb | 720 ++++++++++++------------- spec/models/comment_for_commit_spec.rb | 650 +++++++++++----------- spec/models/comment_spec.rb | 392 +++++++------- spec/models/group_spec.rb | 200 +++---- spec/models/subscribe_spec.rb | 156 +++--- 7 files changed, 1329 insertions(+), 1328 deletions(-) diff --git a/app/models/ability.rb b/app/models/ability.rb index cccafbd9f..e31059b20 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -1,269 +1,268 @@ -# If rules goes one by one CanCan joins them by 'OR' sql operator -# If rule has multiple conditions CanCan joins them by 'AND' sql operator -# WARNING: -# - put cannot rules _after_ can rules and not before! -# - beware inner joins. Use sub queries against them! - -class Ability - include CanCan::Ability - - def initialize(user) - user ||= User.new # guest user (not logged in) - @user = user - - # Shared rights between guests and registered users - can [:show, :archive, :read], Project, visibility: 'open' - can :get_id, Project, visibility: 'open' # api - can(:refs_list, Project) {|project| can? :show, project} - can :read, Issue, project: { visibility: 'open' } - can [:read, :commits, :files], PullRequest, to_project: {visibility: 'open'} - can [:read, :log, :everything], BuildList, project: {visibility: 'open'} - can [:read, :log], ProductBuildList#, product: {platform: {visibility: 'open'}} # double nested hash don't work - can [:read, :search], Advisory - can :read, Statistic - - # Platforms block - can [:show, :members, :advisories], Platform, visibility: 'open' - can :platforms_for_build, Platform, visibility: 'open', platform_type: 'main' - can([:read, :get_list], MassBuild) {|mass_build| can?(:show, mass_build.save_to_platform) } - can [:read, :projects_list, :projects], Repository, platform: {visibility: 'open'} - can :read, Product, platform: {visibility: 'open'} - - can :show, Group - can :show, User - can :possible_forks, Project - - if user.guest? # Guest rights - cannot :index, Project - # can [:new, :create], RegisterRequest - else # Registered user rights - if user.admin? - can :manage, :all - # Protection - cannot :approve, RegisterRequest, approved: true - cannot :reject, RegisterRequest, rejected: true - cannot [:destroy, :create], Subscribe - # Act admin as simple user - cannot :read, Product, platform: {platform_type: 'personal'} - cannot [:owned, :related], [BuildList, Platform] - cannot :membered, Project # list products which user members - end - - if user.user? - can :edit, User, id: user.id - can [:read, :create], Group - can [:update, :manage_members, :members, :add_member, :remove_member, :remove_members, :update_member], Group do |group| - group.actors.exists?(actor_type: 'User', actor_id: user.id, role: 'admin') # or group.owner_id = user.id - end - can :write, Group do |group| - group.actors.exists?(actor_type: 'User', actor_id: user.id, role: ['writer', 'admin']) - end - can :destroy, Group, owner_id: user.id - can :remove_user, Group - - can :create, Project - can([:mass_import, :run_mass_import], Project) if user.platforms.main.find{ |p| local_admin?(p) }.present? - can :read, Project, visibility: 'open' - can [:read, :archive, :membered, :get_id], Project, owner_type: 'User', owner_id: user.id - can [:read, :archive, :membered, :get_id], Project, owner_type: 'Group', owner_id: user_group_ids - # can([:read, :archive, :membered, :get_id], Project, read_relations_for('projects')) {|project| local_reader? project} - can([:read, :archive, :membered, :get_id], Project, read_relations_with_projects) {|project| local_reader? project} - can(:write, Project) {|project| local_writer? project} # for grack - can [:update, :sections, :manage_collaborators, :autocomplete_maintainers, :add_member, :remove_member, :remove_members, :update_member, :members, :schedule], Project do |project| - local_admin? project - end - - can(:fork, Project) {|project| can? :read, project} - can(:alias, Project) {|project| local_admin?(project) } - - can(:destroy, Project) {|project| owner? project} - can(:destroy, Project) {|project| project.owner_type == 'Group' and project.owner.actors.exists?(actor_type: 'User', actor_id: user.id, role: 'admin')} - can :remove_user, Project - can :preview, Project - - can([:read, :create, :edit, :destroy, :update], Hook) {|hook| can?(:edit, hook.project)} - - can [:read, :log, :owned, :everything], BuildList, user_id: user.id - can [:read, :log, :related, :everything], BuildList, project: {owner_type: 'User', owner_id: user.id} - can [:read, :log, :related, :everything], BuildList, project: {owner_type: 'Group', owner_id: user_group_ids} - # can([:read, :log, :everything, :list], BuildList, read_relations_for('build_lists', 'projects')) {|build_list| can? :read, build_list.project} - # can([:read, :log, :everything, :list], BuildList, read_relations_for_build_lists_and_projects) {|build_list| can? :read, build_list.project} - can([:read, :log, :everything, :list], BuildList, read_relations_with_projects('build_lists')) {|build_list| can? :read, build_list.project} - - can(:publish_into_testing, BuildList) { |build_list| ( can?(:create, build_list) || can?(:publish, build_list) ) && build_list.save_to_platform.main? } - can([:create, :rerun_tests], BuildList) {|build_list| - build_list.project && - build_list.project.is_package && - can?(:write, build_list.project) && - (build_list.build_for_platform.blank? || can?(:show, build_list.build_for_platform)) - } - - can(:publish, BuildList) do |build_list| - if build_list.build_published? - local_admin?(build_list.save_to_platform) || build_list.save_to_repository.members.exists?(id: user.id) - else - build_list.save_to_repository.publish_without_qa ? - can?(:write, build_list.project) : local_admin?(build_list.save_to_platform) - end - end - can(:create_container, BuildList) do |build_list| - local_admin?(build_list.save_to_platform) - end - can(:reject_publish, BuildList) do |build_list| - build_list.save_to_repository.publish_without_qa ? - can?(:write, build_list.project) : local_admin?(build_list.save_to_platform) - end - can([:cancel, :create_container], BuildList) {|build_list| can?(:write, build_list.project)} - - can [:read, :owned, :related, :members], Platform, owner_type: 'User', owner_id: user.id - can [:read, :related, :members], Platform, owner_type: 'Group', owner_id: user_group_ids - can([:read, :related, :members], Platform, read_relations_for('platforms')) {|platform| local_reader? platform} - can [:read, :related], Platform, id: user.repositories.pluck(:platform_id) - can([:update, :destroy, :change_visibility], Platform) {|platform| owner?(platform) } - can([:local_admin_manage, :members, :add_member, :remove_member, :remove_members, :remove_file] , Platform) {|platform| owner?(platform) || local_admin?(platform) } - - can([:create, :publish], MassBuild) {|mass_build| owner?(mass_build.save_to_platform) || local_admin?(mass_build.save_to_platform)} - can(:cancel, MassBuild) {|mass_build| (owner?(mass_build.save_to_platform) || local_admin?(mass_build.save_to_platform)) && !mass_build.stop_build} - - can [:read, :projects_list, :projects], Repository, platform: {owner_type: 'User', owner_id: user.id} - can [:read, :projects_list, :projects], Repository, platform: {owner_type: 'Group', owner_id: user_group_ids} - can([:read, :projects_list, :projects], Repository, read_relations_for('repositories')) {|repository| can? :show, repository.platform} - can([:read, :projects_list, :projects], Repository, read_relations_for('repositories', 'platforms')) {|repository| local_reader? repository.platform} - can([:create, :edit, :update, :destroy, :projects_list, :projects, :add_project, :remove_project, :regenerate_metadata, :sync_lock_file, :add_repo_lock_file, :remove_repo_lock_file], Repository) {|repository| local_admin? repository.platform} - can([:remove_member, :remove_members, :add_member, :signatures, :packages], Repository) {|repository| owner?(repository.platform) || local_admin?(repository.platform)} - can([:add_project, :remove_project], Repository) {|repository| repository.members.exists?(id: user.id)} - can(:clear, Platform) {|platform| owner?(platform) && platform.personal?} - can(:regenerate_metadata, Platform) {|platform| owner?(platform) || local_admin?(platform)} - can([:settings, :destroy, :edit, :update], Repository) {|repository| owner? repository.platform} - - can([:create, :destroy], KeyPair) {|key_pair| key_pair.repository.blank? || owner?(key_pair.repository.platform) || local_admin?(key_pair.repository.platform)} - - can([:read, :create, :withdraw], Token) {|token| local_admin?(token.subject)} - - can :read, Product, platform: {owner_type: 'User', owner_id: user.id, platform_type: 'main'} - can :read, Product, platform: {owner_type: 'Group', owner_id: user_group_ids, platform_type: 'main'} - can(:read, Product, read_relations_for('products', 'platforms')) {|product| product.platform.main?} - can([:create, :update, :destroy, :clone], Product) {|product| local_admin? product.platform and product.platform.main?} - - can([:create, :cancel], ProductBuildList) {|pbl| can?(:write, pbl.project)} - can([:create, :cancel, :update], ProductBuildList) {|pbl| can?(:update, pbl.product)} - can(:destroy, ProductBuildList) {|pbl| can?(:destroy, pbl.product)} - - can :read, Issue, project: {owner_type: 'User', owner_id: user.id} - can :read, Issue, project: {owner_type: 'Group', owner_id: user_group_ids} - can(:read, Issue, read_relations_for('issues', 'projects')) {|issue| can? :read, issue.project rescue nil} - can(:create, Issue) {|issue| can? :read, issue.project} - can(:update, Issue) {|issue| issue.user_id == user.id or local_admin?(issue.project)} - cannot :manage, Issue, project: {has_issues: false} # switch off issues - - can [:read, :commits, :files], PullRequest, to_project: {owner_type: 'User', owner_id: user.id} - can [:read, :commits, :files], PullRequest, to_project: {owner_type: 'Group', owner_id: user_group_ids} - can([:read, :commits, :files], PullRequest, read_relations_for('pull_requests', 'to_projects')) {|pull| can? :read, pull.to_project} - can :create, PullRequest - can(:update, PullRequest) {|pull| pull.user_id == user.id or local_writer?(pull.to_project)} - can(:merge, PullRequest) {|pull| local_writer?(pull.to_project)} - - can([:create, :new_line], Comment) {|comment| can? :read, comment.project} - can([:update, :destroy], Comment) {|comment| comment.user == user or comment.project.owner == user or local_admin?(comment.project)} - cannot :manage, Comment do |c| - c.commentable_type == 'Issue' && !c.project.has_issues && !c.commentable.pull_request # when switch off issues - end - end - - # Shared cannot rights for all users (registered, admin) - cannot [:regenerate_metadata, :destroy], Platform, platform_type: 'personal' - cannot [:create, :destroy], Repository, platform: {platform_type: 'personal'}, name: 'main' - cannot [:packages], Repository, platform: {platform_type: 'personal'} - cannot [:remove_member, :remove_members, :add_member, :sync_lock_file, :add_repo_lock_file, :remove_repo_lock_file], Repository, platform: {platform_type: 'personal'} - - cannot :clear, Platform, platform_type: 'main' - cannot :destroy, Issue - - cannot [:members, :add_member, :remove_member, :remove_members], Platform, platform_type: 'personal' - - cannot [:create, :update, :destroy, :clone], Product, platform: {platform_type: 'personal'} - cannot [:clone], Platform, platform_type: 'personal' - - cannot [:publish, :publish_into_testing], BuildList, new_core: false - cannot :create_container, BuildList, new_core: false - cannot(:publish, BuildList) {|build_list| !build_list.can_publish? } - cannot(:publish_into_testing, BuildList) {|build_list| !build_list.can_publish_into_testing? } - cannot :publish_into_testing, BuildList, save_to_platform: {platform_type: 'personal'} - - cannot(:cancel, MassBuild) {|mass_build| mass_build.stop_build} - - if @user.system? - can %i(key_pair add_repo_lock_file remove_repo_lock_file), Repository - else - cannot :key_pair, Repository - end - - can :create, Subscribe do |subscribe| - !subscribe.subscribeable.subscribes.exists?(user_id: user.id) - end - can :destroy, Subscribe do |subscribe| - subscribe.subscribeable.subscribes.exists?(user_id: user.id) && user.id == subscribe.user_id - end - end - end - - def read_relations_for(table, parent = nil) - key = parent ? "#{parent.singularize}_id" : 'id' - parent ||= table - - ["#{table}.#{key} = ANY ( - ARRAY ( - SELECT target_id - FROM relations - WHERE relations.target_type = ? AND - (relations.actor_type = 'User' AND relations.actor_id = ? OR - relations.actor_type = 'Group' AND relations.actor_id IN (?)) - ) - )", parent.classify, @user, user_group_ids - ] - end - - def read_relations_with_projects(table = 'projects') - key = table == 'projects' ? 'id' : 'project_id' - ["#{table}.#{key} = ANY ( - ARRAY ( - SELECT target_id - FROM relations - INNER JOIN projects ON projects.id = relations.target_id - WHERE relations.target_type = 'Project' AND - ( - projects.owner_type = 'User' AND projects.owner_id != :user OR - projects.owner_type = 'Group' AND projects.owner_id NOT IN (:groups) - ) AND ( - relations.actor_type = 'User' AND relations.actor_id = :user OR - relations.actor_type = 'Group' AND relations.actor_id IN (:groups) - ) - ) - )", { user: @user, groups: user_group_ids } - ] - end - - def local_reader?(target) - %w{reader writer admin}.include? @user.best_role(target) - end - - def local_writer?(target) - %w{writer admin}.include? @user.best_role(target) - end - - def local_admin?(target) - @user.best_role(target) == 'admin' - end - - def owner?(target) - target.owner == @user or user_own_groups.include?(target.owner) - end - - def user_own_groups - @user_own_groups ||= @user.own_groups - end - - def user_group_ids - @user_group_ids ||= @user.group_ids - end -end +# # If rules goes one by one CanCan joins them by 'OR' sql operator +# # If rule has multiple conditions CanCan joins them by 'AND' sql operator +# # WARNING: +# # - put cannot rules _after_ can rules and not before! +# # - beware inner joins. Use sub queries against them! +# +# class Ability +# include CanCan::Ability +# +# def initialize(user) +# user ||= User.new # guest user (not logged in) +# @user = user +# +# # Shared rights between guests and registered users +# can [:show, :archive, :read], Project, visibility: 'open' +# can :get_id, Project, visibility: 'open' # api +# can(:refs_list, Project) {|project| can? :show, project} +# can :read, Issue, project: { visibility: 'open' } +# can [:read, :commits, :files], PullRequest, to_project: {visibility: 'open'} +# can [:read, :log, :everything], BuildList, project: {visibility: 'open'} +# can [:read, :log], ProductBuildList#, product: {platform: {visibility: 'open'}} # double nested hash don't work +# can [:read, :search], Advisory +# can :read, Statistic +# +# # Platforms block +# can [:show, :members, :advisories], Platform, visibility: 'open' +# can :platforms_for_build, Platform, visibility: 'open', platform_type: 'main' +# can([:read, :get_list], MassBuild) {|mass_build| can?(:show, mass_build.save_to_platform) } +# can [:read, :projects_list, :projects], Repository, platform: {visibility: 'open'} +# can :read, Product, platform: {visibility: 'open'} +# +# can :show, Group +# can :show, User +# can :possible_forks, Project +# +# if user.guest? # Guest rights +# cannot :index, Project +# # can [:new, :create], RegisterRequest +# else # Registered user rights +# if user.admin? +# can :manage, :all +# # Protection +# cannot :approve, RegisterRequest, approved: true +# cannot :reject, RegisterRequest, rejected: true +# cannot [:destroy, :create], Subscribe +# # Act admin as simple user +# cannot :read, Product, platform: {platform_type: 'personal'} +# cannot [:owned, :related], [BuildList, Platform] +# cannot :membered, Project # list products which user members +# end +# +# if user.user? +# can :edit, User, id: user.id +# can [:read, :create], Group +# can [:update, :manage_members, :members, :add_member, :remove_member, :remove_members, :update_member], Group do |group| +# group.actors.exists?(actor_type: 'User', actor_id: user.id, role: 'admin') # or group.owner_id = user.id +# end +# can :write, Group do |group| +# group.actors.exists?(actor_type: 'User', actor_id: user.id, role: ['writer', 'admin']) +# end +# can :destroy, Group, owner_id: user.id +# can :remove_user, Group +# +# can :create, Project +# can([:mass_import, :run_mass_import], Project) if user.platforms.main.find{ |p| local_admin?(p) }.present? +# can :read, Project, visibility: 'open' +# can [:read, :archive, :membered, :get_id], Project, owner_type: 'User', owner_id: user.id +# can [:read, :archive, :membered, :get_id], Project, owner_type: 'Group', owner_id: user_group_ids +# # can([:read, :archive, :membered, :get_id], Project, read_relations_for('projects')) {|project| local_reader? project} +# can([:read, :archive, :membered, :get_id], Project, read_relations_with_projects) {|project| local_reader? project} +# can(:write, Project) {|project| local_writer? project} # for grack +# can [:update, :sections, :manage_collaborators, :autocomplete_maintainers, :add_member, :remove_member, :remove_members, :update_member, :members, :schedule], Project do |project| +# local_admin? project +# end +# +# can(:fork, Project) {|project| can? :read, project} +# can(:alias, Project) {|project| local_admin?(project) } +# +# can(:destroy, Project) {|project| owner? project} +# can(:destroy, Project) {|project| project.owner_type == 'Group' and project.owner.actors.exists?(actor_type: 'User', actor_id: user.id, role: 'admin')} +# can :remove_user, Project +# can :preview, Project +# +# can([:read, :create, :edit, :destroy, :update], Hook) {|hook| can?(:edit, hook.project)} +# +# can [:read, :log, :owned, :everything], BuildList, user_id: user.id +# can [:read, :log, :related, :everything], BuildList, project: {owner_type: 'User', owner_id: user.id} +# can [:read, :log, :related, :everything], BuildList, project: {owner_type: 'Group', owner_id: user_group_ids} +# # can([:read, :log, :everything, :list], BuildList, read_relations_for('build_lists', 'projects')) {|build_list| can? :read, build_list.project} +# # can([:read, :log, :everything, :list], BuildList, read_relations_for_build_lists_and_projects) {|build_list| can? :read, build_list.project} +# can([:read, :log, :everything, :list], BuildList, read_relations_with_projects('build_lists')) {|build_list| can? :read, build_list.project} +# +# can(:publish_into_testing, BuildList) { |build_list| ( can?(:create, build_list) || can?(:publish, build_list) ) && build_list.save_to_platform.main? } +# can([:create, :rerun_tests], BuildList) {|build_list| +# build_list.project.is_package && +# can?(:write, build_list.project) && +# (build_list.build_for_platform.blank? || can?(:show, build_list.build_for_platform)) +# } +# +# can(:publish, BuildList) do |build_list| +# if build_list.build_published? +# local_admin?(build_list.save_to_platform) || build_list.save_to_repository.members.exists?(id: user.id) +# else +# build_list.save_to_repository.publish_without_qa ? +# can?(:write, build_list.project) : local_admin?(build_list.save_to_platform) +# end +# end +# can(:create_container, BuildList) do |build_list| +# local_admin?(build_list.save_to_platform) +# end +# can(:reject_publish, BuildList) do |build_list| +# build_list.save_to_repository.publish_without_qa ? +# can?(:write, build_list.project) : local_admin?(build_list.save_to_platform) +# end +# can([:cancel, :create_container], BuildList) {|build_list| can?(:write, build_list.project)} +# +# can [:read, :owned, :related, :members], Platform, owner_type: 'User', owner_id: user.id +# can [:read, :related, :members], Platform, owner_type: 'Group', owner_id: user_group_ids +# can([:read, :related, :members], Platform, read_relations_for('platforms')) {|platform| local_reader? platform} +# can [:read, :related], Platform, id: user.repositories.pluck(:platform_id) +# can([:update, :destroy, :change_visibility], Platform) {|platform| owner?(platform) } +# can([:local_admin_manage, :members, :add_member, :remove_member, :remove_members, :remove_file] , Platform) {|platform| owner?(platform) || local_admin?(platform) } +# +# can([:create, :publish], MassBuild) {|mass_build| owner?(mass_build.save_to_platform) || local_admin?(mass_build.save_to_platform)} +# can(:cancel, MassBuild) {|mass_build| (owner?(mass_build.save_to_platform) || local_admin?(mass_build.save_to_platform)) && !mass_build.stop_build} +# +# can [:read, :projects_list, :projects], Repository, platform: {owner_type: 'User', owner_id: user.id} +# can [:read, :projects_list, :projects], Repository, platform: {owner_type: 'Group', owner_id: user_group_ids} +# can([:read, :projects_list, :projects], Repository, read_relations_for('repositories')) {|repository| can? :show, repository.platform} +# can([:read, :projects_list, :projects], Repository, read_relations_for('repositories', 'platforms')) {|repository| local_reader? repository.platform} +# can([:create, :edit, :update, :destroy, :projects_list, :projects, :add_project, :remove_project, :regenerate_metadata, :sync_lock_file, :add_repo_lock_file, :remove_repo_lock_file], Repository) {|repository| local_admin? repository.platform} +# can([:remove_member, :remove_members, :add_member, :signatures, :packages], Repository) {|repository| owner?(repository.platform) || local_admin?(repository.platform)} +# can([:add_project, :remove_project], Repository) {|repository| repository.members.exists?(id: user.id)} +# can(:clear, Platform) {|platform| owner?(platform) && platform.personal?} +# can(:regenerate_metadata, Platform) {|platform| owner?(platform) || local_admin?(platform)} +# can([:settings, :destroy, :edit, :update], Repository) {|repository| owner? repository.platform} +# +# can([:create, :destroy], KeyPair) {|key_pair| key_pair.repository.blank? || owner?(key_pair.repository.platform) || local_admin?(key_pair.repository.platform)} +# +# can([:read, :create, :withdraw], Token) {|token| local_admin?(token.subject)} +# +# can :read, Product, platform: {owner_type: 'User', owner_id: user.id, platform_type: 'main'} +# can :read, Product, platform: {owner_type: 'Group', owner_id: user_group_ids, platform_type: 'main'} +# can(:read, Product, read_relations_for('products', 'platforms')) {|product| product.platform.main?} +# can([:create, :update, :destroy, :clone], Product) {|product| local_admin? product.platform and product.platform.main?} +# +# can([:create, :cancel], ProductBuildList) {|pbl| can?(:write, pbl.project)} +# can([:create, :cancel, :update], ProductBuildList) {|pbl| can?(:update, pbl.product)} +# can(:destroy, ProductBuildList) {|pbl| can?(:destroy, pbl.product)} +# +# can :read, Issue, project: {owner_type: 'User', owner_id: user.id} +# can :read, Issue, project: {owner_type: 'Group', owner_id: user_group_ids} +# can(:read, Issue, read_relations_for('issues', 'projects')) {|issue| can? :read, issue.project rescue nil} +# can(:create, Issue) {|issue| can? :read, issue.project} +# can(:update, Issue) {|issue| issue.user_id == user.id or local_admin?(issue.project)} +# cannot :manage, Issue, project: {has_issues: false} # switch off issues +# +# can [:read, :commits, :files], PullRequest, to_project: {owner_type: 'User', owner_id: user.id} +# can [:read, :commits, :files], PullRequest, to_project: {owner_type: 'Group', owner_id: user_group_ids} +# can([:read, :commits, :files], PullRequest, read_relations_for('pull_requests', 'to_projects')) {|pull| can? :read, pull.to_project} +# can :create, PullRequest +# can(:update, PullRequest) {|pull| pull.user_id == user.id or local_writer?(pull.to_project)} +# can(:merge, PullRequest) {|pull| local_writer?(pull.to_project)} +# +# can([:create, :new_line], Comment) {|comment| can? :read, comment.project} +# can([:update, :destroy], Comment) {|comment| comment.user == user or comment.project.owner == user or local_admin?(comment.project)} +# cannot :manage, Comment do |c| +# c.commentable_type == 'Issue' && !c.project.has_issues && !c.commentable.pull_request # when switch off issues +# end +# end +# +# # Shared cannot rights for all users (registered, admin) +# cannot [:regenerate_metadata, :destroy], Platform, platform_type: 'personal' +# cannot [:create, :destroy], Repository, platform: {platform_type: 'personal'}, name: 'main' +# cannot [:packages], Repository, platform: {platform_type: 'personal'} +# cannot [:remove_member, :remove_members, :add_member, :sync_lock_file, :add_repo_lock_file, :remove_repo_lock_file], Repository, platform: {platform_type: 'personal'} +# +# cannot :clear, Platform, platform_type: 'main' +# cannot :destroy, Issue +# +# cannot [:members, :add_member, :remove_member, :remove_members], Platform, platform_type: 'personal' +# +# cannot [:create, :update, :destroy, :clone], Product, platform: {platform_type: 'personal'} +# cannot [:clone], Platform, platform_type: 'personal' +# +# cannot [:publish, :publish_into_testing], BuildList, new_core: false +# cannot :create_container, BuildList, new_core: false +# cannot(:publish, BuildList) {|build_list| !build_list.can_publish? } +# cannot(:publish_into_testing, BuildList) {|build_list| !build_list.can_publish_into_testing? } +# cannot :publish_into_testing, BuildList, save_to_platform: {platform_type: 'personal'} +# +# cannot(:cancel, MassBuild) {|mass_build| mass_build.stop_build} +# +# if @user.system? +# can %i(key_pair add_repo_lock_file remove_repo_lock_file), Repository +# else +# cannot :key_pair, Repository +# end +# +# can :create, Subscribe do |subscribe| +# !subscribe.subscribeable.subscribes.exists?(user_id: user.id) +# end +# can :destroy, Subscribe do |subscribe| +# subscribe.subscribeable.subscribes.exists?(user_id: user.id) && user.id == subscribe.user_id +# end +# end +# end +# +# def read_relations_for(table, parent = nil) +# key = parent ? "#{parent.singularize}_id" : 'id' +# parent ||= table +# +# ["#{table}.#{key} = ANY ( +# ARRAY ( +# SELECT target_id +# FROM relations +# WHERE relations.target_type = ? AND +# (relations.actor_type = 'User' AND relations.actor_id = ? OR +# relations.actor_type = 'Group' AND relations.actor_id IN (?)) +# ) +# )", parent.classify, @user, user_group_ids +# ] +# end +# +# def read_relations_with_projects(table = 'projects') +# key = table == 'projects' ? 'id' : 'project_id' +# ["#{table}.#{key} = ANY ( +# ARRAY ( +# SELECT target_id +# FROM relations +# INNER JOIN projects ON projects.id = relations.target_id +# WHERE relations.target_type = 'Project' AND +# ( +# projects.owner_type = 'User' AND projects.owner_id != :user OR +# projects.owner_type = 'Group' AND projects.owner_id NOT IN (:groups) +# ) AND ( +# relations.actor_type = 'User' AND relations.actor_id = :user OR +# relations.actor_type = 'Group' AND relations.actor_id IN (:groups) +# ) +# ) +# )", { user: @user, groups: user_group_ids } +# ] +# end +# +# def local_reader?(target) +# %w{reader writer admin}.include? @user.best_role(target) +# end +# +# def local_writer?(target) +# %w{writer admin}.include? @user.best_role(target) +# end +# +# def local_admin?(target) +# @user.best_role(target) == 'admin' +# end +# +# def owner?(target) +# target.owner == @user or user_own_groups.include?(target.owner) +# end +# +# def user_own_groups +# @user_own_groups ||= @user.own_groups +# end +# +# def user_group_ids +# @user_group_ids ||= @user.group_ids +# end +# end diff --git a/config/initializers/active_admin.rb b/config/initializers/active_admin.rb index 41a9ef41c..069c53509 100644 --- a/config/initializers/active_admin.rb +++ b/config/initializers/active_admin.rb @@ -84,6 +84,8 @@ end # Block admin access to non-admin-users. ActiveAdmin::BaseController.class_eval do + skip_after_action :verify_authorized + # include ActionController::Caching::Sweeping protected def check_admin_role diff --git a/spec/models/cancan_spec.rb b/spec/models/cancan_spec.rb index 4123718e0..58fabf1d2 100644 --- a/spec/models/cancan_spec.rb +++ b/spec/models/cancan_spec.rb @@ -1,360 +1,360 @@ -require 'spec_helper' -require "cancan/matchers" - -def admin_create - @admin = FactoryGirl.create(:admin) - @ability = Ability.new(@admin) -end - -def user_create - @user = FactoryGirl.create(:user) - @ability = Ability.new(@user) -end - -def guest_create - @ability = Ability.new(User.new) -end - -describe CanCan do - let(:open_platform) { FactoryGirl.create(:platform, visibility: 'open') } - - before(:each) do - stub_symlink_methods - end - - context 'Site admin' do - let(:personal_platform) { FactoryGirl.create(:platform, platform_type: 'personal') } - let(:personal_repository_main) { FactoryGirl.create(:personal_repository, name: 'main') } - let(:personal_repository) { FactoryGirl.create(:personal_repository) } - before(:each) do - admin_create - end - - it 'should manage all' do - #(@ability.can? :manage, :all).should be_truthy - @ability.should be_able_to(:manage, :all) - end - - it 'should not be able to destroy personal platforms' do - @ability.should_not be_able_to(:destroy, personal_platform) - end - - it 'should not be able to destroy personal repositories with name "main"' do - @ability.should_not be_able_to(:destroy, personal_repository_main) - end - it 'should be able to destroy personal repositories with name not "main"' do - @ability.should be_able_to(:destroy, personal_repository) - end - end - - context 'Site guest' do - let(:register_request) { FactoryGirl.create(:register_request) } - - before(:each) do - guest_create - end - - it 'should not be able to read open platform' do - @ability.should_not be_able_to(:read, open_platform) - end - - [:publish, :cancel, :reject_publish, :create_container].each do |action| - it "should not be able to #{ action } build list" do - @ability.should_not be_able_to(action, BuildList) - end - end - - [:mass_import, :run_mass_import].each do |action| - it "should not be able to #{ action } project" do - @ability.should_not be_able_to(action, Project) - end - end - - it 'should not be able to update register request' do - @ability.should_not be_able_to(:update, register_request) - end - - it 'should not be able to list register requests' do - @ability.should_not be_able_to(:read, register_request) - end - - it 'should not be able to destroy register requests' do - @ability.should_not be_able_to(:destroy, register_request) - end - - pending 'should be able to register new user' do # while self registration is closed - @ability.should be_able_to(:create, User) - end - end - - context 'Site user' do - before(:each) do - user_create - end - - [Platform, Repository].each do |model_name| - it "should be able to read #{model_name}" do - @ability.should be_able_to(:read, model_name) - end - end - - [:mass_import, :run_mass_import].each do |action| - it "should not be able to #{ action } project" do - @ability.should_not be_able_to(action, Project) - end - end - - it "shoud be able to show user profile" do - @ability.should be_able_to(:show, User) - end - - it "shoud be able to read another user object" do - admin_create - @ability.should be_able_to(:read, @admin) - end - - it "shoud be able to read open projects" do - @project = FactoryGirl.create(:project, visibility: 'open') - @ability.should be_able_to(:read, @project) - end - - it 'should be able to see open platform' do - @ability.should be_able_to(:show, open_platform) - end - - it "shoud be able to create project" do - @ability.should be_able_to(:create, Project) - end - - it "should not be able to manage register requests" do - @ability.should_not be_able_to(:manage, RegisterRequest) - end - - context 'as project collaborator' do - before(:each) do - @project = FactoryGirl.create(:project_with_commit) - @issue = FactoryGirl.create(:issue, project_id: @project.id) - end - - context 'with read rights' do - before(:each) do - create_relation(@project, @user, 'reader') - end - - it 'should be able to read project' do - @ability.should be_able_to(:read, @project) - end - - it 'should be able to read issue' do - @ability.should be_able_to(:read, @issue) - end - end - - context 'with writer rights' do - before(:each) do - create_relation(@project, @user, 'writer') - end - - [:read, :create, :new].each do |action| - it "should be able to #{ action } project" do - @ability.should be_able_to(action, @project) - end - end - - [:new, :create].each do |action| - it "should be able to #{action} build_list" do - @build_list = FactoryGirl.create(:build_list_with_attaching_project, project: @project) - @ability.should be_able_to(action, @build_list) - end - end - end - - context 'with admin rights' do - before(:each) do - create_relation(@project, @user, 'admin') - end - - [:read, :update].each do |action| - it "should be able to #{ action } project" do - @ability.should be_able_to(action, @project) - end - end - - [:new, :create].each do |action| - it "should be able to #{action} build_list" do - @build_list = FactoryGirl.create(:build_list_with_attaching_project, project: @project) - @ability.should be_able_to(action, @build_list) - end - end - - it "should be able to manage collaborators of project" do - @ability.should be_able_to(:manage_collaborators, @project) - end - - [:read, :create, :new, :update, :edit].each do |action| - it "should be able to #{ action } issue" do - @ability.should be_able_to(action, @issue) - end - end - end - - context 'with owner rights' do - before(:each) do - @project = FactoryGirl.create(:project_with_commit, owner: @user) - @issue = FactoryGirl.create(:issue, project_id: @project.id) - end - - [:read, :update, :destroy].each do |action| - it "should be able to #{ action } project" do - @ability.should be_able_to(action, @project) - end - end - - [:new, :create].each do |action| - it "should be able to #{action} build_list" do - @build_list = FactoryGirl.create(:build_list_with_attaching_project, project: @project) - @ability.should be_able_to(action, @build_list) - end - end - - [:read, :update, :edit].each do |action| - it "should be able to #{ action } issue" do - @ability.should be_able_to(action, @issue) - end - end - end - - context 'through group-member' do - before(:each) do - @group_member = FactoryGirl.create(:group) - create_relation(@project, @group_member, 'reader') - @group_member_ability = Ability.new(@group_member.owner) - end - - it 'should be able to read open project' do - @group_member_ability.should be_able_to(:read, @project) - end - - it 'should be able to read closed project' do - @project.update_attribute :visibility, 'hidden' - @group_member_ability.should be_able_to(:read, @project) - end - - it 'should include hidden project in list' do - @project.update_attribute :visibility, 'hidden' - Project.accessible_by(@group_member_ability, :show).where(projects: {id: @project.id}).count.should == 1 - end - end - end - - context 'platform relations' do - before(:each) do - @platform = FactoryGirl.create(:platform) - end - - context 'with owner rights' do - before(:each) do - @platform.owner = @user - @platform.save - @ability = Ability.new(@user) - end - - [:mass_import, :run_mass_import].each do |action| - it "should be able to #{ action } project" do - @ability.should be_able_to(action, Project) - end - end - - [:read, :update, :destroy, :change_visibility].each do |action| - it "should be able to #{action} platform" do - @ability.should be_able_to(action, @platform) - end - end - end - - context 'with read rights' do - before(:each) do - create_relation(@platform, @user, 'reader') - @ability = Ability.new(@user) - end - - [:mass_import, :run_mass_import].each do |action| - it "should not be able to #{ action } project" do - @ability.should_not be_able_to(action, Project) - end - end - - it "should be able to read platform" do - @ability.should be_able_to(:read, @platform) - end - end - end - - context 'repository relations' do - before(:each) do - @repository = FactoryGirl.create(:repository) - end - - context 'with owner rights' do - before(:each) do - @repository.platform.owner = @user - @repository.platform.save - end - - [:read, :create, :update, :destroy, :add_project, :remove_project, :settings].each do |action| - it "should be able to #{action} repository" do - @ability.should be_able_to(action, @repository) - end - end - end - - context 'with read rights' do - before(:each) do - create_relation(@repository.platform, @user, 'reader') - end - - it "should be able to read repository" do - @ability.should be_able_to(:read, @repository) - end - end - end # 'repository relations' - - context 'product build list relations' do - let(:product_build_list) { FactoryGirl.create(:product_build_list) } - - before { FactoryGirl.create(:arch, name: 'x86_64') } - - context 'with platform admin rights' do - before do - product_build_list.product.platform.owner = @user - product_build_list.product.platform.save - end - - [:read, :create, :update, :destroy, :log, :cancel].each do |action| - it "should be able to #{action} product build list" do - @ability.should be_able_to(action, product_build_list) - end - end - end - - context 'with project writer rights' do - before do - create_relation(product_build_list.project, @user, 'writer') - end - - [:read, :create, :log, :cancel].each do |action| - it "should be able to #{action} product build list" do - @ability.should be_able_to(action, product_build_list) - end - end - - [:update, :destroy].each do |action| - it "should not be able to #{action} product build list" do - @ability.should_not be_able_to(action, product_build_list) - end - end - end - end # 'product build list relations' - - end # 'Site user' -end +# require 'spec_helper' +# require "cancan/matchers" +# +# def admin_create +# @admin = FactoryGirl.create(:admin) +# @ability = Ability.new(@admin) +# end +# +# def user_create +# @user = FactoryGirl.create(:user) +# @ability = Ability.new(@user) +# end +# +# def guest_create +# @ability = Ability.new(User.new) +# end +# +# describe CanCan do +# let(:open_platform) { FactoryGirl.create(:platform, visibility: 'open') } +# +# before(:each) do +# stub_symlink_methods +# end +# +# context 'Site admin' do +# let(:personal_platform) { FactoryGirl.create(:platform, platform_type: 'personal') } +# let(:personal_repository_main) { FactoryGirl.create(:personal_repository, name: 'main') } +# let(:personal_repository) { FactoryGirl.create(:personal_repository) } +# before(:each) do +# admin_create +# end +# +# it 'should manage all' do +# #(@ability.can? :manage, :all).should be_truthy +# @ability.should be_able_to(:manage, :all) +# end +# +# it 'should not be able to destroy personal platforms' do +# @ability.should_not be_able_to(:destroy, personal_platform) +# end +# +# it 'should not be able to destroy personal repositories with name "main"' do +# @ability.should_not be_able_to(:destroy, personal_repository_main) +# end +# it 'should be able to destroy personal repositories with name not "main"' do +# @ability.should be_able_to(:destroy, personal_repository) +# end +# end +# +# context 'Site guest' do +# let(:register_request) { FactoryGirl.create(:register_request) } +# +# before(:each) do +# guest_create +# end +# +# it 'should not be able to read open platform' do +# @ability.should_not be_able_to(:read, open_platform) +# end +# +# [:publish, :cancel, :reject_publish, :create_container].each do |action| +# it "should not be able to #{ action } build list" do +# @ability.should_not be_able_to(action, BuildList) +# end +# end +# +# [:mass_import, :run_mass_import].each do |action| +# it "should not be able to #{ action } project" do +# @ability.should_not be_able_to(action, Project) +# end +# end +# +# it 'should not be able to update register request' do +# @ability.should_not be_able_to(:update, register_request) +# end +# +# it 'should not be able to list register requests' do +# @ability.should_not be_able_to(:read, register_request) +# end +# +# it 'should not be able to destroy register requests' do +# @ability.should_not be_able_to(:destroy, register_request) +# end +# +# pending 'should be able to register new user' do # while self registration is closed +# @ability.should be_able_to(:create, User) +# end +# end +# +# context 'Site user' do +# before(:each) do +# user_create +# end +# +# [Platform, Repository].each do |model_name| +# it "should be able to read #{model_name}" do +# @ability.should be_able_to(:read, model_name) +# end +# end +# +# [:mass_import, :run_mass_import].each do |action| +# it "should not be able to #{ action } project" do +# @ability.should_not be_able_to(action, Project) +# end +# end +# +# it "shoud be able to show user profile" do +# @ability.should be_able_to(:show, User) +# end +# +# it "shoud be able to read another user object" do +# admin_create +# @ability.should be_able_to(:read, @admin) +# end +# +# it "shoud be able to read open projects" do +# @project = FactoryGirl.create(:project, visibility: 'open') +# @ability.should be_able_to(:read, @project) +# end +# +# it 'should be able to see open platform' do +# @ability.should be_able_to(:show, open_platform) +# end +# +# it "shoud be able to create project" do +# @ability.should be_able_to(:create, Project) +# end +# +# it "should not be able to manage register requests" do +# @ability.should_not be_able_to(:manage, RegisterRequest) +# end +# +# context 'as project collaborator' do +# before(:each) do +# @project = FactoryGirl.create(:project_with_commit) +# @issue = FactoryGirl.create(:issue, project_id: @project.id) +# end +# +# context 'with read rights' do +# before(:each) do +# create_relation(@project, @user, 'reader') +# end +# +# it 'should be able to read project' do +# @ability.should be_able_to(:read, @project) +# end +# +# it 'should be able to read issue' do +# @ability.should be_able_to(:read, @issue) +# end +# end +# +# context 'with writer rights' do +# before(:each) do +# create_relation(@project, @user, 'writer') +# end +# +# [:read, :create, :new].each do |action| +# it "should be able to #{ action } project" do +# @ability.should be_able_to(action, @project) +# end +# end +# +# [:new, :create].each do |action| +# it "should be able to #{action} build_list" do +# @build_list = FactoryGirl.create(:build_list_with_attaching_project, project: @project) +# @ability.should be_able_to(action, @build_list) +# end +# end +# end +# +# context 'with admin rights' do +# before(:each) do +# create_relation(@project, @user, 'admin') +# end +# +# [:read, :update].each do |action| +# it "should be able to #{ action } project" do +# @ability.should be_able_to(action, @project) +# end +# end +# +# [:new, :create].each do |action| +# it "should be able to #{action} build_list" do +# @build_list = FactoryGirl.create(:build_list_with_attaching_project, project: @project) +# @ability.should be_able_to(action, @build_list) +# end +# end +# +# it "should be able to manage collaborators of project" do +# @ability.should be_able_to(:manage_collaborators, @project) +# end +# +# [:read, :create, :new, :update, :edit].each do |action| +# it "should be able to #{ action } issue" do +# @ability.should be_able_to(action, @issue) +# end +# end +# end +# +# context 'with owner rights' do +# before(:each) do +# @project = FactoryGirl.create(:project_with_commit, owner: @user) +# @issue = FactoryGirl.create(:issue, project_id: @project.id) +# end +# +# [:read, :update, :destroy].each do |action| +# it "should be able to #{ action } project" do +# @ability.should be_able_to(action, @project) +# end +# end +# +# [:new, :create].each do |action| +# it "should be able to #{action} build_list" do +# @build_list = FactoryGirl.create(:build_list_with_attaching_project, project: @project) +# @ability.should be_able_to(action, @build_list) +# end +# end +# +# [:read, :update, :edit].each do |action| +# it "should be able to #{ action } issue" do +# @ability.should be_able_to(action, @issue) +# end +# end +# end +# +# context 'through group-member' do +# before(:each) do +# @group_member = FactoryGirl.create(:group) +# create_relation(@project, @group_member, 'reader') +# @group_member_ability = Ability.new(@group_member.owner) +# end +# +# it 'should be able to read open project' do +# @group_member_ability.should be_able_to(:read, @project) +# end +# +# it 'should be able to read closed project' do +# @project.update_attribute :visibility, 'hidden' +# @group_member_ability.should be_able_to(:read, @project) +# end +# +# it 'should include hidden project in list' do +# @project.update_attribute :visibility, 'hidden' +# Project.accessible_by(@group_member_ability, :show).where(projects: {id: @project.id}).count.should == 1 +# end +# end +# end +# +# context 'platform relations' do +# before(:each) do +# @platform = FactoryGirl.create(:platform) +# end +# +# context 'with owner rights' do +# before(:each) do +# @platform.owner = @user +# @platform.save +# @ability = Ability.new(@user) +# end +# +# [:mass_import, :run_mass_import].each do |action| +# it "should be able to #{ action } project" do +# @ability.should be_able_to(action, Project) +# end +# end +# +# [:read, :update, :destroy, :change_visibility].each do |action| +# it "should be able to #{action} platform" do +# @ability.should be_able_to(action, @platform) +# end +# end +# end +# +# context 'with read rights' do +# before(:each) do +# create_relation(@platform, @user, 'reader') +# @ability = Ability.new(@user) +# end +# +# [:mass_import, :run_mass_import].each do |action| +# it "should not be able to #{ action } project" do +# @ability.should_not be_able_to(action, Project) +# end +# end +# +# it "should be able to read platform" do +# @ability.should be_able_to(:read, @platform) +# end +# end +# end +# +# context 'repository relations' do +# before(:each) do +# @repository = FactoryGirl.create(:repository) +# end +# +# context 'with owner rights' do +# before(:each) do +# @repository.platform.owner = @user +# @repository.platform.save +# end +# +# [:read, :create, :update, :destroy, :add_project, :remove_project, :settings].each do |action| +# it "should be able to #{action} repository" do +# @ability.should be_able_to(action, @repository) +# end +# end +# end +# +# context 'with read rights' do +# before(:each) do +# create_relation(@repository.platform, @user, 'reader') +# end +# +# it "should be able to read repository" do +# @ability.should be_able_to(:read, @repository) +# end +# end +# end # 'repository relations' +# +# context 'product build list relations' do +# let(:product_build_list) { FactoryGirl.create(:product_build_list) } +# +# before { FactoryGirl.create(:arch, name: 'x86_64') } +# +# context 'with platform admin rights' do +# before do +# product_build_list.product.platform.owner = @user +# product_build_list.product.platform.save +# end +# +# [:read, :create, :update, :destroy, :log, :cancel].each do |action| +# it "should be able to #{action} product build list" do +# @ability.should be_able_to(action, product_build_list) +# end +# end +# end +# +# context 'with project writer rights' do +# before do +# create_relation(product_build_list.project, @user, 'writer') +# end +# +# [:read, :create, :log, :cancel].each do |action| +# it "should be able to #{action} product build list" do +# @ability.should be_able_to(action, product_build_list) +# end +# end +# +# [:update, :destroy].each do |action| +# it "should not be able to #{action} product build list" do +# @ability.should_not be_able_to(action, product_build_list) +# end +# end +# end +# end # 'product build list relations' +# +# end # 'Site user' +# end diff --git a/spec/models/comment_for_commit_spec.rb b/spec/models/comment_for_commit_spec.rb index 7b920e395..606d0b512 100644 --- a/spec/models/comment_for_commit_spec.rb +++ b/spec/models/comment_for_commit_spec.rb @@ -1,325 +1,325 @@ -require 'spec_helper' -require "cancan/matchers" - -def create_comment user - FactoryGirl.create(:comment, user: user, commentable: @commit, project: @project) -end - -def create_comment_in_commit commit, project, body - FactoryGirl.create(:comment, user: @user, commentable: commit, project: project, body: body) -end - -def set_comments_data_for_commit - @ability = Ability.new(@user) - - @project = FactoryGirl.create(:project_with_commit, owner: @user) - @commit = @project.repo.commits.first - - @comment = create_comment(@user) - @stranger_comment = create_comment(@stranger) - - @subscribe_params = {project_id: @project.id, subscribeable_id: @commit.id.hex, subscribeable_type: @commit.class.name} - Subscribe.destroy_all - - allow_any_instance_of(Project).to receive(:versions).and_return(%w(v1.0 v2.0)) -end - -def should_send_email(args={}) - user_mailer = double(:user_mailer) - expect(UserMailer).to receive(:new_comment_notification).with(kind_of(Comment), args[:receiver].id).and_return(user_mailer) - expect(user_mailer).to receive(:deliver) - - create_comment args[:commentor] -end - -def should_not_send_email(args={}) - expect(UserMailer).to_not receive(:new_comment_notification) - create_comment args[:commentor] -end - -describe Comment do - before { stub_symlink_methods } - context 'for global admin user' do - before(:each) do - @user = FactoryGirl.create(:admin) - @stranger = FactoryGirl.create(:user) - - set_comments_data_for_commit - end - - it_should_behave_like 'user with create comment ability (for model)' - it_should_behave_like 'user with update own comment ability (for model)' - it_should_behave_like 'user with update stranger comment ability (for model)' - it_should_behave_like 'user with destroy comment ability (for model)' - it_should_behave_like 'user with destroy stranger comment ability (for model)' - end - - context 'for project admin user' do - before do - @user = FactoryGirl.create(:user) - @stranger = FactoryGirl.create(:user) - - set_comments_data_for_commit - @admin = FactoryGirl.create(:user) - @ability = Ability.new(@admin) - create_relation(@project, @admin, 'admin') - end - - it_should_behave_like 'user with create comment ability (for model)' - it_should_behave_like 'user with update own comment ability (for model)' - it_should_behave_like 'user with update stranger comment ability (for model)' - it_should_behave_like 'user with destroy comment ability (for model)' - it_should_behave_like 'user with destroy stranger comment ability (for model)' - - it 'should send an e-mail by default settings' do - should_send_email(commentor: @stranger, receiver: @user) - end - - context 'for disabled notify setting new_comment_commit_repo_owner' do - it 'should send an e-mail' do - @user.notifier.update_column :new_comment_commit_repo_owner, false - should_send_email(commentor: @stranger, receiver: @user) - end - end - - context 'for disabled notify setting new_comment_commit_owner' do - it 'should send an e-mail' do - @user.notifier.update_column :new_comment_commit_owner, false - should_send_email(commentor: @stranger, receiver: @user) - end - end - - context 'for disabled notify setting new_comment_commit_commentor' do - it 'should send an e-mail' do - @user.notifier.update_column :new_comment_commit_commentor, false - should_send_email(commentor: @stranger, receiver: @user) - end - end - - context 'for disabled all notify setting expect global' do - it 'should not send an e-mail' do - @user.notifier.update_column :new_comment_commit_repo_owner, false - @user.notifier.update_column :new_comment_commit_owner, false - @user.notifier.update_column :new_comment_commit_commentor, false - should_not_send_email(commentor: @stranger) - end - end - - context 'for unsubscribe commit' do - it 'should not send an e-mail' do - Subscribe.unsubscribe_from_commit @subscribe_params.merge(user_id: @user.id) - should_not_send_email(commentor: @stranger) - end - end - - context 'for disabled global notify setting' do - it 'should not send an e-mail' do - @user.notifier.update_column :can_notify, false - should_not_send_email(commentor: @stranger) - end - end - end - - context 'for project owner user' do - before(:each) do - @user = FactoryGirl.create(:user) - @stranger = FactoryGirl.create(:user) - set_comments_data_for_commit - - @project.owner = @user - @project.save - end - - it_should_behave_like 'user with create comment ability (for model)' - it_should_behave_like 'user with update own comment ability (for model)' - it_should_behave_like 'user with update stranger comment ability (for model)' - it_should_behave_like 'user with destroy comment ability (for model)' - it_should_behave_like 'user with destroy stranger comment ability (for model)' - - context 'for default enabled settings' do - it 'should send an e-mail by default settings' do - should_send_email(commentor: @stranger, receiver: @project.owner) - end - end - - context 'for disabled notify setting new_comment_commit_repo_owner' do - it 'should not send an e-mail' do - @user.notifier.update_column :new_comment_commit_repo_owner, false - Comment.destroy_all - should_not_send_email(commentor: @stranger) - end - end - - context 'for disabled notify setting new_comment_commit_owner' do - it 'should send an e-mail' do - @user.notifier.update_column :new_comment_commit_owner, false - should_send_email(commentor: @stranger, receiver: @user) - end - end - - context 'for disabled notify setting new_comment_commit_commentor' do - it 'should send an e-mail' do - @user.notifier.update_column :new_comment_commit_commentor, false - should_send_email(commentor: @stranger, receiver: @user) - end - end - - context 'for disabled all notify setting expect global' do - it 'should not send an e-mail' do - @user.notifier.update_column :new_comment_commit_repo_owner, false - @user.notifier.update_column :new_comment_commit_owner, false - @user.notifier.update_column :new_comment_commit_commentor, false - should_not_send_email(commentor: @stranger) - end - end - - context 'for unsubscribe project' do - it 'should not send an e-mail' do - Subscribe.unsubscribe_from_commit @subscribe_params.merge(user_id: @user.id) - should_not_send_email(commentor: @stranger) - end - end - - context 'for disabled global notify setting' do - it 'should not send an e-mail' do - @user.notifier.update_column :can_notify, false - should_not_send_email(commentor: @stranger) - end - end - - context 'for own commit' do - it 'should send a one e-mail' do - @project.owner.update_column :email, 'code@tpope.net' - should_send_email(commentor: @stranger, receiver: @project.owner) - end - end - end - - context 'for simple user' do - before(:each) do - @user = FactoryGirl.create(:user) - @simple = FactoryGirl.create(:user) - @stranger = FactoryGirl.create(:user) - set_comments_data_for_commit - @comment = create_comment(@simple) - @ability = Ability.new(@simple) - Subscribe.unsubscribe_from_commit @subscribe_params.merge(user_id: [@stranger.id, @project.owner.id]) - end - - it_should_behave_like 'user with create comment ability (for model)' - it_should_behave_like 'user with update own comment ability (for model)' - it_should_behave_like 'user without update stranger comment ability (for model)' - it_should_behave_like 'user with destroy comment ability (for model)' - it_should_behave_like 'user without destroy stranger comment ability (for model)' - - context 'for default enabled settings' do - it 'should send an e-mail' do - should_send_email(commentor: @stranger, receiver: @simple) - end - - it 'should send an e-mail for comments after his comment' do - comment = create_comment(@simple) - should_send_email(commentor: @stranger, receiver: @simple) - end - - it 'should send an e-mail when subscribed to project' do - Subscribe.subscribe_to_commit @subscribe_params.merge(user_id: @simple.id) - should_send_email(commentor: @project.owner, receiver: @simple) - end - - it 'should not send an e-mail for own comment' do - should_not_send_email(commentor: @simple) - end - end - - context 'for committer' do - it 'should send an e-mail' do - @simple.update_column :email, 'test@test.test' - should_send_email commentor: @stranger, receiver: @simple - end - - it 'should send a one e-mail when subscribed to commit' do - Subscribe.subscribe_to_commit @subscribe_params.merge(user_id: @simple.id) - @simple.update_column :email, 'test@test.test' - should_send_email(commentor: @stranger, receiver: @simple) - end - - it 'should not send an e-mail for own comment' do - @simple.update_column :email, 'test@test.test' - should_not_send_email(commentor: @simple) - end - - it 'should not send an e-mail if global notify off' do - @project.owner.notifier.update_column :can_notify, false - @simple.update_column :email, 'test@test.test' - @simple.notifier.update_column :can_notify, false - should_not_send_email(commentor: @user) - end - - it 'should not send an e-mail if notify for my commits off' do - Comment.destroy_all - @simple.notifier.update_column :new_comment_commit_owner, false - @simple.update_column :email, 'test@test.test' - should_not_send_email(commentor: @user) - end - end - - context 'automatic issue linking' do - before(:each) do - @same_name_project = FactoryGirl.create(:project, name: @project.name) - @issue_in_same_name_project = FactoryGirl.create(:issue, project: @same_name_project, user: @same_name_project.owner) - @another_project = FactoryGirl.create(:project, owner: @user) - @other_user_project = FactoryGirl.create(:project) - @issue = FactoryGirl.create(:issue, project: @project, user: @user) - @second_issue = FactoryGirl.create(:issue, project: @project, user: @user) - @issue_in_another_project = FactoryGirl.create(:issue, project: @another_project, user: @user) - @issue_in_other_user_project = FactoryGirl.create(:issue, project: @other_user_project, user: @other_user_project.owner) - end - - it 'should create automatic comment' do - create_comment_in_commit(@commit, @project, "test link to ##{@issue.serial_id}; [##{@second_issue.serial_id}]") - Comment.where(automatic: true, commentable_type: 'Issue', - commentable_id: @second_issue.id, - created_from_commit_hash: @commit.id.hex).count.should == 1 - end - - it 'should create automatic comment in the another project issue' do - body = "[#{@another_project.name_with_owner}##{@issue_in_another_project.serial_id}]" - create_comment_in_commit(@commit, @project, body) - Comment.where(automatic: true, commentable_type: 'Issue', - commentable_id: @issue_in_another_project.id, - created_from_commit_hash: @commit.id.hex).count.should == 1 - end - - it 'should create automatic comment in the same name project issue' do - body = "[#{@same_name_project.owner.uname}##{@issue_in_same_name_project.serial_id}]" - create_comment_in_commit(@commit, @project, body) - Comment.where(automatic: true, commentable_type: 'Issue', - commentable_id: @issue_in_same_name_project.id, - created_from_commit_hash: @commit.id.hex).count.should == 1 - end - - it 'should not create duplicate automatic comment' do - create_comment_in_commit(@commit, @project, "test link to [##{@second_issue.serial_id}]") - create_comment_in_commit(@commit, @project, "test duplicate link to [##{@second_issue.serial_id}]") - Comment.where(automatic: true, commentable_type: 'Issue', - commentable_id: @second_issue.id, - created_from_commit_hash: @commit.id.hex).count.should == 1 - end - - it 'should not create duplicate automatic comment from one' do - create_comment_in_commit(@commit, @project, "test link to [##{@second_issue.serial_id}]; ##{@second_issue.serial_id}") - Comment.where(automatic: true, commentable_type: 'Issue', - commentable_id: @second_issue.id, - created_from_commit_hash: @commit.id.hex).count.should == 1 - end - it 'should create two automatic comment' do - body = "test ##{@second_issue.serial_id}" + - " && [#{@another_project.name_with_owner}##{@issue_in_another_project.serial_id}]" - create_comment_in_commit(@commit, @project, body) - Comment.where(automatic: true, - created_from_commit_hash: @commit.id.hex).count.should == 2 - end - end - end -end +# require 'spec_helper' +# require "cancan/matchers" +# +# def create_comment user +# FactoryGirl.create(:comment, user: user, commentable: @commit, project: @project) +# end +# +# def create_comment_in_commit commit, project, body +# FactoryGirl.create(:comment, user: @user, commentable: commit, project: project, body: body) +# end +# +# def set_comments_data_for_commit +# @ability = Ability.new(@user) +# +# @project = FactoryGirl.create(:project_with_commit, owner: @user) +# @commit = @project.repo.commits.first +# +# @comment = create_comment(@user) +# @stranger_comment = create_comment(@stranger) +# +# @subscribe_params = {project_id: @project.id, subscribeable_id: @commit.id.hex, subscribeable_type: @commit.class.name} +# Subscribe.destroy_all +# +# allow_any_instance_of(Project).to receive(:versions).and_return(%w(v1.0 v2.0)) +# end +# +# def should_send_email(args={}) +# user_mailer = double(:user_mailer) +# expect(UserMailer).to receive(:new_comment_notification).with(kind_of(Comment), args[:receiver].id).and_return(user_mailer) +# expect(user_mailer).to receive(:deliver) +# +# create_comment args[:commentor] +# end +# +# def should_not_send_email(args={}) +# expect(UserMailer).to_not receive(:new_comment_notification) +# create_comment args[:commentor] +# end +# +# describe Comment do +# before { stub_symlink_methods } +# context 'for global admin user' do +# before(:each) do +# @user = FactoryGirl.create(:admin) +# @stranger = FactoryGirl.create(:user) +# +# set_comments_data_for_commit +# end +# +# it_should_behave_like 'user with create comment ability (for model)' +# it_should_behave_like 'user with update own comment ability (for model)' +# it_should_behave_like 'user with update stranger comment ability (for model)' +# it_should_behave_like 'user with destroy comment ability (for model)' +# it_should_behave_like 'user with destroy stranger comment ability (for model)' +# end +# +# context 'for project admin user' do +# before do +# @user = FactoryGirl.create(:user) +# @stranger = FactoryGirl.create(:user) +# +# set_comments_data_for_commit +# @admin = FactoryGirl.create(:user) +# @ability = Ability.new(@admin) +# create_relation(@project, @admin, 'admin') +# end +# +# it_should_behave_like 'user with create comment ability (for model)' +# it_should_behave_like 'user with update own comment ability (for model)' +# it_should_behave_like 'user with update stranger comment ability (for model)' +# it_should_behave_like 'user with destroy comment ability (for model)' +# it_should_behave_like 'user with destroy stranger comment ability (for model)' +# +# it 'should send an e-mail by default settings' do +# should_send_email(commentor: @stranger, receiver: @user) +# end +# +# context 'for disabled notify setting new_comment_commit_repo_owner' do +# it 'should send an e-mail' do +# @user.notifier.update_column :new_comment_commit_repo_owner, false +# should_send_email(commentor: @stranger, receiver: @user) +# end +# end +# +# context 'for disabled notify setting new_comment_commit_owner' do +# it 'should send an e-mail' do +# @user.notifier.update_column :new_comment_commit_owner, false +# should_send_email(commentor: @stranger, receiver: @user) +# end +# end +# +# context 'for disabled notify setting new_comment_commit_commentor' do +# it 'should send an e-mail' do +# @user.notifier.update_column :new_comment_commit_commentor, false +# should_send_email(commentor: @stranger, receiver: @user) +# end +# end +# +# context 'for disabled all notify setting expect global' do +# it 'should not send an e-mail' do +# @user.notifier.update_column :new_comment_commit_repo_owner, false +# @user.notifier.update_column :new_comment_commit_owner, false +# @user.notifier.update_column :new_comment_commit_commentor, false +# should_not_send_email(commentor: @stranger) +# end +# end +# +# context 'for unsubscribe commit' do +# it 'should not send an e-mail' do +# Subscribe.unsubscribe_from_commit @subscribe_params.merge(user_id: @user.id) +# should_not_send_email(commentor: @stranger) +# end +# end +# +# context 'for disabled global notify setting' do +# it 'should not send an e-mail' do +# @user.notifier.update_column :can_notify, false +# should_not_send_email(commentor: @stranger) +# end +# end +# end +# +# context 'for project owner user' do +# before(:each) do +# @user = FactoryGirl.create(:user) +# @stranger = FactoryGirl.create(:user) +# set_comments_data_for_commit +# +# @project.owner = @user +# @project.save +# end +# +# it_should_behave_like 'user with create comment ability (for model)' +# it_should_behave_like 'user with update own comment ability (for model)' +# it_should_behave_like 'user with update stranger comment ability (for model)' +# it_should_behave_like 'user with destroy comment ability (for model)' +# it_should_behave_like 'user with destroy stranger comment ability (for model)' +# +# context 'for default enabled settings' do +# it 'should send an e-mail by default settings' do +# should_send_email(commentor: @stranger, receiver: @project.owner) +# end +# end +# +# context 'for disabled notify setting new_comment_commit_repo_owner' do +# it 'should not send an e-mail' do +# @user.notifier.update_column :new_comment_commit_repo_owner, false +# Comment.destroy_all +# should_not_send_email(commentor: @stranger) +# end +# end +# +# context 'for disabled notify setting new_comment_commit_owner' do +# it 'should send an e-mail' do +# @user.notifier.update_column :new_comment_commit_owner, false +# should_send_email(commentor: @stranger, receiver: @user) +# end +# end +# +# context 'for disabled notify setting new_comment_commit_commentor' do +# it 'should send an e-mail' do +# @user.notifier.update_column :new_comment_commit_commentor, false +# should_send_email(commentor: @stranger, receiver: @user) +# end +# end +# +# context 'for disabled all notify setting expect global' do +# it 'should not send an e-mail' do +# @user.notifier.update_column :new_comment_commit_repo_owner, false +# @user.notifier.update_column :new_comment_commit_owner, false +# @user.notifier.update_column :new_comment_commit_commentor, false +# should_not_send_email(commentor: @stranger) +# end +# end +# +# context 'for unsubscribe project' do +# it 'should not send an e-mail' do +# Subscribe.unsubscribe_from_commit @subscribe_params.merge(user_id: @user.id) +# should_not_send_email(commentor: @stranger) +# end +# end +# +# context 'for disabled global notify setting' do +# it 'should not send an e-mail' do +# @user.notifier.update_column :can_notify, false +# should_not_send_email(commentor: @stranger) +# end +# end +# +# context 'for own commit' do +# it 'should send a one e-mail' do +# @project.owner.update_column :email, 'code@tpope.net' +# should_send_email(commentor: @stranger, receiver: @project.owner) +# end +# end +# end +# +# context 'for simple user' do +# before(:each) do +# @user = FactoryGirl.create(:user) +# @simple = FactoryGirl.create(:user) +# @stranger = FactoryGirl.create(:user) +# set_comments_data_for_commit +# @comment = create_comment(@simple) +# @ability = Ability.new(@simple) +# Subscribe.unsubscribe_from_commit @subscribe_params.merge(user_id: [@stranger.id, @project.owner.id]) +# end +# +# it_should_behave_like 'user with create comment ability (for model)' +# it_should_behave_like 'user with update own comment ability (for model)' +# it_should_behave_like 'user without update stranger comment ability (for model)' +# it_should_behave_like 'user with destroy comment ability (for model)' +# it_should_behave_like 'user without destroy stranger comment ability (for model)' +# +# context 'for default enabled settings' do +# it 'should send an e-mail' do +# should_send_email(commentor: @stranger, receiver: @simple) +# end +# +# it 'should send an e-mail for comments after his comment' do +# comment = create_comment(@simple) +# should_send_email(commentor: @stranger, receiver: @simple) +# end +# +# it 'should send an e-mail when subscribed to project' do +# Subscribe.subscribe_to_commit @subscribe_params.merge(user_id: @simple.id) +# should_send_email(commentor: @project.owner, receiver: @simple) +# end +# +# it 'should not send an e-mail for own comment' do +# should_not_send_email(commentor: @simple) +# end +# end +# +# context 'for committer' do +# it 'should send an e-mail' do +# @simple.update_column :email, 'test@test.test' +# should_send_email commentor: @stranger, receiver: @simple +# end +# +# it 'should send a one e-mail when subscribed to commit' do +# Subscribe.subscribe_to_commit @subscribe_params.merge(user_id: @simple.id) +# @simple.update_column :email, 'test@test.test' +# should_send_email(commentor: @stranger, receiver: @simple) +# end +# +# it 'should not send an e-mail for own comment' do +# @simple.update_column :email, 'test@test.test' +# should_not_send_email(commentor: @simple) +# end +# +# it 'should not send an e-mail if global notify off' do +# @project.owner.notifier.update_column :can_notify, false +# @simple.update_column :email, 'test@test.test' +# @simple.notifier.update_column :can_notify, false +# should_not_send_email(commentor: @user) +# end +# +# it 'should not send an e-mail if notify for my commits off' do +# Comment.destroy_all +# @simple.notifier.update_column :new_comment_commit_owner, false +# @simple.update_column :email, 'test@test.test' +# should_not_send_email(commentor: @user) +# end +# end +# +# context 'automatic issue linking' do +# before(:each) do +# @same_name_project = FactoryGirl.create(:project, name: @project.name) +# @issue_in_same_name_project = FactoryGirl.create(:issue, project: @same_name_project, user: @same_name_project.owner) +# @another_project = FactoryGirl.create(:project, owner: @user) +# @other_user_project = FactoryGirl.create(:project) +# @issue = FactoryGirl.create(:issue, project: @project, user: @user) +# @second_issue = FactoryGirl.create(:issue, project: @project, user: @user) +# @issue_in_another_project = FactoryGirl.create(:issue, project: @another_project, user: @user) +# @issue_in_other_user_project = FactoryGirl.create(:issue, project: @other_user_project, user: @other_user_project.owner) +# end +# +# it 'should create automatic comment' do +# create_comment_in_commit(@commit, @project, "test link to ##{@issue.serial_id}; [##{@second_issue.serial_id}]") +# Comment.where(automatic: true, commentable_type: 'Issue', +# commentable_id: @second_issue.id, +# created_from_commit_hash: @commit.id.hex).count.should == 1 +# end +# +# it 'should create automatic comment in the another project issue' do +# body = "[#{@another_project.name_with_owner}##{@issue_in_another_project.serial_id}]" +# create_comment_in_commit(@commit, @project, body) +# Comment.where(automatic: true, commentable_type: 'Issue', +# commentable_id: @issue_in_another_project.id, +# created_from_commit_hash: @commit.id.hex).count.should == 1 +# end +# +# it 'should create automatic comment in the same name project issue' do +# body = "[#{@same_name_project.owner.uname}##{@issue_in_same_name_project.serial_id}]" +# create_comment_in_commit(@commit, @project, body) +# Comment.where(automatic: true, commentable_type: 'Issue', +# commentable_id: @issue_in_same_name_project.id, +# created_from_commit_hash: @commit.id.hex).count.should == 1 +# end +# +# it 'should not create duplicate automatic comment' do +# create_comment_in_commit(@commit, @project, "test link to [##{@second_issue.serial_id}]") +# create_comment_in_commit(@commit, @project, "test duplicate link to [##{@second_issue.serial_id}]") +# Comment.where(automatic: true, commentable_type: 'Issue', +# commentable_id: @second_issue.id, +# created_from_commit_hash: @commit.id.hex).count.should == 1 +# end +# +# it 'should not create duplicate automatic comment from one' do +# create_comment_in_commit(@commit, @project, "test link to [##{@second_issue.serial_id}]; ##{@second_issue.serial_id}") +# Comment.where(automatic: true, commentable_type: 'Issue', +# commentable_id: @second_issue.id, +# created_from_commit_hash: @commit.id.hex).count.should == 1 +# end +# it 'should create two automatic comment' do +# body = "test ##{@second_issue.serial_id}" + +# " && [#{@another_project.name_with_owner}##{@issue_in_another_project.serial_id}]" +# create_comment_in_commit(@commit, @project, body) +# Comment.where(automatic: true, +# created_from_commit_hash: @commit.id.hex).count.should == 2 +# end +# end +# end +# end diff --git a/spec/models/comment_spec.rb b/spec/models/comment_spec.rb index c18a45446..9f4f0c610 100644 --- a/spec/models/comment_spec.rb +++ b/spec/models/comment_spec.rb @@ -1,196 +1,196 @@ -require 'spec_helper' -require "cancan/matchers" - -def set_commentable_data - @ability = Ability.new(@user) - - @project = FactoryGirl.create(:project) - @issue = FactoryGirl.create(:issue, project_id: @project.id, user: @user) - - @comment = FactoryGirl.create(:comment, commentable: @issue, user: @user, project: @project) - @stranger_comment = FactoryGirl.create(:comment, commentable: @issue, user: @stranger, project: @project) - - allow_any_instance_of(Project).to receive(:versions).and_return(%w(v1.0 v2.0)) -end - -def create_comment_in_issue issue, body - FactoryGirl.create(:comment, user: issue.user, commentable: issue, project: issue.project, body: body) -end - -describe Comment do - before { stub_symlink_methods } - context 'for global admin user' do - before(:each) do - @user = FactoryGirl.create(:admin) - @stranger = FactoryGirl.create(:user) - - set_commentable_data - end - - it_should_behave_like 'user with create comment ability (for model)' - it_should_behave_like 'user with update own comment ability (for model)' - it_should_behave_like 'user with update stranger comment ability (for model)' - it_should_behave_like 'user with destroy comment ability (for model)' - it_should_behave_like 'user with destroy stranger comment ability (for model)' - end - - context 'for project admin user' do - before(:each) do - @user = FactoryGirl.create(:user) - @stranger = FactoryGirl.create(:user) - - set_commentable_data - create_relation(@project, @user, 'admin') - end - - it_should_behave_like 'user with create comment ability (for model)' - it_should_behave_like 'user with update own comment ability (for model)' - it_should_behave_like 'user with update stranger comment ability (for model)' - it_should_behave_like 'user with destroy comment ability (for model)' - it_should_behave_like 'user with destroy stranger comment ability (for model)' - - pending "sends an e-mail" do - ActionMailer::Base.deliveries.last.to.include?(@stranger.email).should == true - end - end - - context 'for project owner user' do - before(:each) do - @user = FactoryGirl.create(:user) - @stranger = FactoryGirl.create(:user) - - set_commentable_data - - @project.owner = @user - @project.save - create_relation(@project, @user, 'admin') - end - - it_should_behave_like 'user with create comment ability (for model)' - it_should_behave_like 'user with update own comment ability (for model)' - it_should_behave_like 'user with update stranger comment ability (for model)' - it_should_behave_like 'user with destroy comment ability (for model)' - it_should_behave_like 'user with destroy stranger comment ability (for model)' - end - - context 'for simple user' do - before(:each) do - @user = FactoryGirl.create(:user) - @stranger = FactoryGirl.create(:user) - - set_commentable_data - end - - it_should_behave_like 'user with create comment ability (for model)' - it_should_behave_like 'user with update own comment ability (for model)' - it_should_behave_like 'user without update stranger comment ability (for model)' - it_should_behave_like 'user with destroy comment ability (for model)' - it_should_behave_like 'user without destroy stranger comment ability (for model)' - - context 'with mass assignment' do - it 'should not be able to update commentable' do - @comment.update_attributes({commentable_type: 'Grit::Commit', commentable_id: 0}) - @comment.reload.commentable_id.should eql @issue.id - @comment.reload.commentable_type.should eql @issue.class.name - end - - it 'should not be able to update owner' do - @comment.should_not allow_mass_assignment_of :user_id - end - - it 'should not be able to update project' do - @comment.should_not allow_mass_assignment_of :project_id - end - end - - context 'automatic issue linking' do - before(:each) do - @same_name_project = FactoryGirl.create(:project, name: @project.name) - @issue_in_same_name_project = FactoryGirl.create(:issue, project: @same_name_project, user: @same_name_project.owner) - @another_project = FactoryGirl.create(:project, owner: @user) - @other_user_project = FactoryGirl.create(:project) - @issue = FactoryGirl.create(:issue, project: @project, user: @user) - @second_issue = FactoryGirl.create(:issue, project: @project, user: @user) - @issue_in_another_project = FactoryGirl.create(:issue, project: @another_project, user: @user) - @issue_in_other_user_project = FactoryGirl.create(:issue, project: @other_user_project, user: @other_user_project.owner) - end - - it 'should create automatic comment' do - create_comment_in_issue(@issue, "test link to ##{@issue.serial_id}; [##{@second_issue.serial_id}]") - Comment.where(automatic: true, commentable_type: 'Issue', - commentable_id: @second_issue.id, - created_from_issue_id: @issue.id).count.should == 1 - end - - it 'should not create automatic comment to the same issue' do - create_comment_in_issue(@issue, "test link to ##{@issue.serial_id}; [##{@second_issue.serial_id}]") - Comment.where(automatic: true, - created_from_issue_id: @issue.id).count.should == 1 - end - - it 'should create automatic comment in the another project issue' do - body = "[#{@another_project.name_with_owner}##{@issue_in_another_project.serial_id}]" - create_comment_in_issue(@issue, body) - Comment.where(automatic: true, commentable_type: 'Issue', - commentable_id: @issue_in_another_project.id, - created_from_issue_id: @issue.id).count.should == 1 - end - - it 'should create automatic comment in the same name project issue' do - body = "[#{@same_name_project.owner.uname}##{@issue_in_same_name_project.serial_id}]" - create_comment_in_issue(@issue, body) - Comment.where(automatic: true, commentable_type: 'Issue', - commentable_id: @issue_in_same_name_project.id, - created_from_issue_id: @issue.id).count.should == 1 - end - - it 'should not create duplicate automatic comment' do - create_comment_in_issue(@issue, "test link to [##{@second_issue.serial_id}]") - create_comment_in_issue(@issue, "test duplicate link to [##{@second_issue.serial_id}]") - Comment.where(automatic: true, commentable_type: 'Issue', - commentable_id: @second_issue.id, - created_from_issue_id: @issue.id).count.should == 1 - end - - it 'should not create duplicate automatic comment from one' do - create_comment_in_issue(@issue, "test link to [##{@second_issue.serial_id}]; ##{@second_issue.serial_id}") - Comment.where(automatic: true, commentable_type: 'Issue', - commentable_id: @second_issue.id, - created_from_issue_id: @issue.id).count.should == 1 - end - - it 'should create two automatic comment' do - body = "test ##{@second_issue.serial_id}" + - " && [#{@another_project.name_with_owner}##{@issue_in_another_project.serial_id}]" - create_comment_in_issue(@issue, body) - Comment.where(automatic: true, - created_from_issue_id: @issue.id).count.should == 2 - end - - it 'should create automatic comment by issue title' do - issue = FactoryGirl.create(:issue, project: @project, user: @user, - title: "link to ##{@issue.serial_id}") - expect(Comment.where(automatic: true, - created_from_issue_id: issue.id).count).to eq 1 - end - - it 'should create automatic comment from issue body' do - issue = FactoryGirl.create(:issue, project: @project, user: @user, - body: "link to ##{@issue.serial_id}") - Comment.where(automatic: true, - created_from_issue_id: issue.id).count.should == 1 - end - - it 'should create only one automatic comment from issue title and body' do - issue = FactoryGirl.create(:issue, project: @project, user: @user, - title: "link to ##{@issue.serial_id} in title", - :body => "link to ##{@issue.serial_id} in body") - Comment.where(automatic: true, - created_from_issue_id: issue.id).count.should == 1 - end - - - - end - end -end +# require 'spec_helper' +# require "cancan/matchers" +# +# def set_commentable_data +# @ability = Ability.new(@user) +# +# @project = FactoryGirl.create(:project) +# @issue = FactoryGirl.create(:issue, project_id: @project.id, user: @user) +# +# @comment = FactoryGirl.create(:comment, commentable: @issue, user: @user, project: @project) +# @stranger_comment = FactoryGirl.create(:comment, commentable: @issue, user: @stranger, project: @project) +# +# allow_any_instance_of(Project).to receive(:versions).and_return(%w(v1.0 v2.0)) +# end +# +# def create_comment_in_issue issue, body +# FactoryGirl.create(:comment, user: issue.user, commentable: issue, project: issue.project, body: body) +# end +# +# describe Comment do +# before { stub_symlink_methods } +# context 'for global admin user' do +# before(:each) do +# @user = FactoryGirl.create(:admin) +# @stranger = FactoryGirl.create(:user) +# +# set_commentable_data +# end +# +# it_should_behave_like 'user with create comment ability (for model)' +# it_should_behave_like 'user with update own comment ability (for model)' +# it_should_behave_like 'user with update stranger comment ability (for model)' +# it_should_behave_like 'user with destroy comment ability (for model)' +# it_should_behave_like 'user with destroy stranger comment ability (for model)' +# end +# +# context 'for project admin user' do +# before(:each) do +# @user = FactoryGirl.create(:user) +# @stranger = FactoryGirl.create(:user) +# +# set_commentable_data +# create_relation(@project, @user, 'admin') +# end +# +# it_should_behave_like 'user with create comment ability (for model)' +# it_should_behave_like 'user with update own comment ability (for model)' +# it_should_behave_like 'user with update stranger comment ability (for model)' +# it_should_behave_like 'user with destroy comment ability (for model)' +# it_should_behave_like 'user with destroy stranger comment ability (for model)' +# +# pending "sends an e-mail" do +# ActionMailer::Base.deliveries.last.to.include?(@stranger.email).should == true +# end +# end +# +# context 'for project owner user' do +# before(:each) do +# @user = FactoryGirl.create(:user) +# @stranger = FactoryGirl.create(:user) +# +# set_commentable_data +# +# @project.owner = @user +# @project.save +# create_relation(@project, @user, 'admin') +# end +# +# it_should_behave_like 'user with create comment ability (for model)' +# it_should_behave_like 'user with update own comment ability (for model)' +# it_should_behave_like 'user with update stranger comment ability (for model)' +# it_should_behave_like 'user with destroy comment ability (for model)' +# it_should_behave_like 'user with destroy stranger comment ability (for model)' +# end +# +# context 'for simple user' do +# before(:each) do +# @user = FactoryGirl.create(:user) +# @stranger = FactoryGirl.create(:user) +# +# set_commentable_data +# end +# +# it_should_behave_like 'user with create comment ability (for model)' +# it_should_behave_like 'user with update own comment ability (for model)' +# it_should_behave_like 'user without update stranger comment ability (for model)' +# it_should_behave_like 'user with destroy comment ability (for model)' +# it_should_behave_like 'user without destroy stranger comment ability (for model)' +# +# context 'with mass assignment' do +# it 'should not be able to update commentable' do +# @comment.update_attributes({commentable_type: 'Grit::Commit', commentable_id: 0}) +# @comment.reload.commentable_id.should eql @issue.id +# @comment.reload.commentable_type.should eql @issue.class.name +# end +# +# it 'should not be able to update owner' do +# @comment.should_not allow_mass_assignment_of :user_id +# end +# +# it 'should not be able to update project' do +# @comment.should_not allow_mass_assignment_of :project_id +# end +# end +# +# context 'automatic issue linking' do +# before(:each) do +# @same_name_project = FactoryGirl.create(:project, name: @project.name) +# @issue_in_same_name_project = FactoryGirl.create(:issue, project: @same_name_project, user: @same_name_project.owner) +# @another_project = FactoryGirl.create(:project, owner: @user) +# @other_user_project = FactoryGirl.create(:project) +# @issue = FactoryGirl.create(:issue, project: @project, user: @user) +# @second_issue = FactoryGirl.create(:issue, project: @project, user: @user) +# @issue_in_another_project = FactoryGirl.create(:issue, project: @another_project, user: @user) +# @issue_in_other_user_project = FactoryGirl.create(:issue, project: @other_user_project, user: @other_user_project.owner) +# end +# +# it 'should create automatic comment' do +# create_comment_in_issue(@issue, "test link to ##{@issue.serial_id}; [##{@second_issue.serial_id}]") +# Comment.where(automatic: true, commentable_type: 'Issue', +# commentable_id: @second_issue.id, +# created_from_issue_id: @issue.id).count.should == 1 +# end +# +# it 'should not create automatic comment to the same issue' do +# create_comment_in_issue(@issue, "test link to ##{@issue.serial_id}; [##{@second_issue.serial_id}]") +# Comment.where(automatic: true, +# created_from_issue_id: @issue.id).count.should == 1 +# end +# +# it 'should create automatic comment in the another project issue' do +# body = "[#{@another_project.name_with_owner}##{@issue_in_another_project.serial_id}]" +# create_comment_in_issue(@issue, body) +# Comment.where(automatic: true, commentable_type: 'Issue', +# commentable_id: @issue_in_another_project.id, +# created_from_issue_id: @issue.id).count.should == 1 +# end +# +# it 'should create automatic comment in the same name project issue' do +# body = "[#{@same_name_project.owner.uname}##{@issue_in_same_name_project.serial_id}]" +# create_comment_in_issue(@issue, body) +# Comment.where(automatic: true, commentable_type: 'Issue', +# commentable_id: @issue_in_same_name_project.id, +# created_from_issue_id: @issue.id).count.should == 1 +# end +# +# it 'should not create duplicate automatic comment' do +# create_comment_in_issue(@issue, "test link to [##{@second_issue.serial_id}]") +# create_comment_in_issue(@issue, "test duplicate link to [##{@second_issue.serial_id}]") +# Comment.where(automatic: true, commentable_type: 'Issue', +# commentable_id: @second_issue.id, +# created_from_issue_id: @issue.id).count.should == 1 +# end +# +# it 'should not create duplicate automatic comment from one' do +# create_comment_in_issue(@issue, "test link to [##{@second_issue.serial_id}]; ##{@second_issue.serial_id}") +# Comment.where(automatic: true, commentable_type: 'Issue', +# commentable_id: @second_issue.id, +# created_from_issue_id: @issue.id).count.should == 1 +# end +# +# it 'should create two automatic comment' do +# body = "test ##{@second_issue.serial_id}" + +# " && [#{@another_project.name_with_owner}##{@issue_in_another_project.serial_id}]" +# create_comment_in_issue(@issue, body) +# Comment.where(automatic: true, +# created_from_issue_id: @issue.id).count.should == 2 +# end +# +# it 'should create automatic comment by issue title' do +# issue = FactoryGirl.create(:issue, project: @project, user: @user, +# title: "link to ##{@issue.serial_id}") +# expect(Comment.where(automatic: true, +# created_from_issue_id: issue.id).count).to eq 1 +# end +# +# it 'should create automatic comment from issue body' do +# issue = FactoryGirl.create(:issue, project: @project, user: @user, +# body: "link to ##{@issue.serial_id}") +# Comment.where(automatic: true, +# created_from_issue_id: issue.id).count.should == 1 +# end +# +# it 'should create only one automatic comment from issue title and body' do +# issue = FactoryGirl.create(:issue, project: @project, user: @user, +# title: "link to ##{@issue.serial_id} in title", +# :body => "link to ##{@issue.serial_id} in body") +# Comment.where(automatic: true, +# created_from_issue_id: issue.id).count.should == 1 +# end +# +# +# +# end +# end +# end diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb index a93cf59dd..8bc5a0955 100644 --- a/spec/models/group_spec.rb +++ b/spec/models/group_spec.rb @@ -1,100 +1,100 @@ -require 'spec_helper' -require "cancan/matchers" - -describe Group do - before(:each) do - stub_symlink_methods - @group = FactoryGirl.create(:group) - @ability = Ability.new(User.new) - end - - context 'for guest' do - [:read, :update, :destroy, :manage_members].each do |action| - it "should not be able to #{action} group" do - @ability.should_not be_able_to(action, @group) - end - end - end - - context 'for global admin' do - before(:each) do - @admin = FactoryGirl.create(:admin) - @ability = Ability.new(@admin) - end - - [:read, :update, :destroy, :manage_members].each do |action| - it "should be able to #{action} group" do - @ability.should be_able_to(action, @group) - end - end - end - - context 'for group admin' do - before(:each) do - @user = FactoryGirl.create(:user) - @another_user = FactoryGirl.create(:user) - create_actor_relation(@group, @user, 'admin') - @ability = Ability.new(@user) - end - - [:read, :update, :manage_members].each do |action| - it "should be able to #{action} group" do - @ability.should be_able_to(action, @group) - end - end - - it "should not be able to destroy group" do - @ability.should_not be_able_to(:destroy, @group) - end - - context 'with mass assignment' do - it 'should not be able to update uname' do - @group.should_not allow_mass_assignment_of uname: 'new_uname' - end - - it 'should not be able to update owner' do - @group.should_not allow_mass_assignment_of owner_type: 'User', owner_id: @another_user.id - end - end - end - - context 'for group owner' do - before(:each) do - @user = FactoryGirl.create(:user) - - @group.owner = @user - @group.save - - create_actor_relation(@group, @user, 'admin') - @ability = Ability.new(@user) - end - - [:read, :update, :destroy, :manage_members].each do |action| - it "should be able to #{action} group" do - @ability.should be_able_to(action, @group) - end - end - end - - context 'for group reader and writer user' do - before(:each) do - @user = FactoryGirl.create(:user) - create_actor_relation(@group, @user, 'reader') - @ability = Ability.new(@user) - end - - [:read].each do |action| - it "should be able to #{action} group" do - @ability.should be_able_to(action, @group) - end - end - - [:update, :destroy, :manage_members].each do |action| - it "should not be able to #{action} group" do - @ability.should_not be_able_to(action, @group) - end - end - end - - it {should_not allow_value("How do you do...\nmy_group").for(:uname)} -end +# require 'spec_helper' +# require "cancan/matchers" +# +# describe Group do +# before(:each) do +# stub_symlink_methods +# @group = FactoryGirl.create(:group) +# @ability = Ability.new(User.new) +# end +# +# context 'for guest' do +# [:read, :update, :destroy, :manage_members].each do |action| +# it "should not be able to #{action} group" do +# @ability.should_not be_able_to(action, @group) +# end +# end +# end +# +# context 'for global admin' do +# before(:each) do +# @admin = FactoryGirl.create(:admin) +# @ability = Ability.new(@admin) +# end +# +# [:read, :update, :destroy, :manage_members].each do |action| +# it "should be able to #{action} group" do +# @ability.should be_able_to(action, @group) +# end +# end +# end +# +# context 'for group admin' do +# before(:each) do +# @user = FactoryGirl.create(:user) +# @another_user = FactoryGirl.create(:user) +# create_actor_relation(@group, @user, 'admin') +# @ability = Ability.new(@user) +# end +# +# [:read, :update, :manage_members].each do |action| +# it "should be able to #{action} group" do +# @ability.should be_able_to(action, @group) +# end +# end +# +# it "should not be able to destroy group" do +# @ability.should_not be_able_to(:destroy, @group) +# end +# +# context 'with mass assignment' do +# it 'should not be able to update uname' do +# @group.should_not allow_mass_assignment_of uname: 'new_uname' +# end +# +# it 'should not be able to update owner' do +# @group.should_not allow_mass_assignment_of owner_type: 'User', owner_id: @another_user.id +# end +# end +# end +# +# context 'for group owner' do +# before(:each) do +# @user = FactoryGirl.create(:user) +# +# @group.owner = @user +# @group.save +# +# create_actor_relation(@group, @user, 'admin') +# @ability = Ability.new(@user) +# end +# +# [:read, :update, :destroy, :manage_members].each do |action| +# it "should be able to #{action} group" do +# @ability.should be_able_to(action, @group) +# end +# end +# end +# +# context 'for group reader and writer user' do +# before(:each) do +# @user = FactoryGirl.create(:user) +# create_actor_relation(@group, @user, 'reader') +# @ability = Ability.new(@user) +# end +# +# [:read].each do |action| +# it "should be able to #{action} group" do +# @ability.should be_able_to(action, @group) +# end +# end +# +# [:update, :destroy, :manage_members].each do |action| +# it "should not be able to #{action} group" do +# @ability.should_not be_able_to(action, @group) +# end +# end +# end +# +# it {should_not allow_value("How do you do...\nmy_group").for(:uname)} +# end diff --git a/spec/models/subscribe_spec.rb b/spec/models/subscribe_spec.rb index 263d142c3..15b164db6 100644 --- a/spec/models/subscribe_spec.rb +++ b/spec/models/subscribe_spec.rb @@ -1,78 +1,78 @@ -require 'spec_helper' -require "cancan/matchers" - -def set_testable_data - @ability = Ability.new(@user) - - @project = FactoryGirl.create(:project) - @issue = FactoryGirl.create(:issue, project_id: @project.id) - - allow_any_instance_of(Project).to receive(:versions).and_return(%w(v1.0 v2.0)) -end - -describe Subscribe do - before { stub_symlink_methods } - context 'for global admin user' do - before(:each) do - @user = FactoryGirl.create(:admin) - @stranger = FactoryGirl.create(:user) - - set_testable_data - end - - it 'should create subscribe' do - @ability.should be_able_to(:create, FactoryGirl.build(:subscribe, subscribeable: @issue, user: @user)) - end - - context 'destroy' do - before(:each) do - @subscribe = FactoryGirl.create(:subscribe, subscribeable: @issue, user: @user) - @stranger_subscribe = FactoryGirl.create(:subscribe, subscribeable: @issue, user: @stranger) - end - - context 'own subscribe' do - it 'should destroy subscribe' do - @ability.should be_able_to(:destroy, @subscribe) - end - end - - context 'stranger subscribe' do - it 'should not destroy subscribe' do - @ability.should_not be_able_to(:destroy, @stranger_subscribe) - end - end - end - end - - context 'for simple user' do - before(:each) do - @user = FactoryGirl.create(:user) - @stranger = FactoryGirl.create(:user) - - set_testable_data - end - - it 'should create subscribe' do - @ability.should be_able_to(:create, FactoryGirl.build(:subscribe, subscribeable: @issue, user: @user)) - end - - context 'destroy' do - before(:each) do - @subscribe = FactoryGirl.create(:subscribe, subscribeable: @issue, user: @user) - @stranger_subscribe = FactoryGirl.create(:subscribe, subscribeable: @issue, user: @stranger) - end - - context 'own subscribe' do - it 'should destroy subscribe' do - @ability.should be_able_to(:destroy, @subscribe) - end - end - - context 'stranger subscribe' do - it 'should not destroy subscribe' do - @ability.should_not be_able_to(:destroy, @stranger_subscribe) - end - end - end - end -end +# require 'spec_helper' +# require "cancan/matchers" +# +# def set_testable_data +# @ability = Ability.new(@user) +# +# @project = FactoryGirl.create(:project) +# @issue = FactoryGirl.create(:issue, project_id: @project.id) +# +# allow_any_instance_of(Project).to receive(:versions).and_return(%w(v1.0 v2.0)) +# end +# +# describe Subscribe do +# before { stub_symlink_methods } +# context 'for global admin user' do +# before(:each) do +# @user = FactoryGirl.create(:admin) +# @stranger = FactoryGirl.create(:user) +# +# set_testable_data +# end +# +# it 'should create subscribe' do +# @ability.should be_able_to(:create, FactoryGirl.build(:subscribe, subscribeable: @issue, user: @user)) +# end +# +# context 'destroy' do +# before(:each) do +# @subscribe = FactoryGirl.create(:subscribe, subscribeable: @issue, user: @user) +# @stranger_subscribe = FactoryGirl.create(:subscribe, subscribeable: @issue, user: @stranger) +# end +# +# context 'own subscribe' do +# it 'should destroy subscribe' do +# @ability.should be_able_to(:destroy, @subscribe) +# end +# end +# +# context 'stranger subscribe' do +# it 'should not destroy subscribe' do +# @ability.should_not be_able_to(:destroy, @stranger_subscribe) +# end +# end +# end +# end +# +# context 'for simple user' do +# before(:each) do +# @user = FactoryGirl.create(:user) +# @stranger = FactoryGirl.create(:user) +# +# set_testable_data +# end +# +# it 'should create subscribe' do +# @ability.should be_able_to(:create, FactoryGirl.build(:subscribe, subscribeable: @issue, user: @user)) +# end +# +# context 'destroy' do +# before(:each) do +# @subscribe = FactoryGirl.create(:subscribe, subscribeable: @issue, user: @user) +# @stranger_subscribe = FactoryGirl.create(:subscribe, subscribeable: @issue, user: @stranger) +# end +# +# context 'own subscribe' do +# it 'should destroy subscribe' do +# @ability.should be_able_to(:destroy, @subscribe) +# end +# end +# +# context 'stranger subscribe' do +# it 'should not destroy subscribe' do +# @ability.should_not be_able_to(:destroy, @stranger_subscribe) +# end +# end +# end +# end +# end