Software
/
rosa-build
mirror of https://github.com/OpenMandrivaSoftware/rosa-build.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

#465: Comment out a cancan code.

This commit is contained in:
Vokhmin Alexey V 2015-04-07 22:50:44 +03:00
parent 0625a941bd
commit 2bc7c9b2c3
7 changed files with 1329 additions and 1328 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

537
app/models/ability.rb
View File

@ -1,269 +1,268 @@
# If rules goes one by one CanCan joins them by 'OR' sql operator # # If rules goes one by one CanCan joins them by 'OR' sql operator
# If rule has multiple conditions CanCan joins them by 'AND' sql operator # # If rule has multiple conditions CanCan joins them by 'AND' sql operator
# WARNING: # # WARNING:
# - put cannot rules _after_ can rules and not before! # # - put cannot rules _after_ can rules and not before!
# - beware inner joins. Use sub queries against them! # # - beware inner joins. Use sub queries against them!
#
class Ability # class Ability
include CanCan::Ability # include CanCan::Ability
#
def initialize(user) # def initialize(user)
user ||= User.new # guest user (not logged in) # user ||= User.new # guest user (not logged in)
@user = user # @user = user
#
# Shared rights between guests and registered users # # Shared rights between guests and registered users
can [:show, :archive, :read], Project, visibility: 'open' # can [:show, :archive, :read], Project, visibility: 'open'
can :get_id, Project, visibility: 'open' # api # can :get_id, Project, visibility: 'open' # api
can(:refs_list, Project) {|project| can? :show, project} # can(:refs_list, Project) {|project| can? :show, project}
can :read, Issue, project: { visibility: 'open' } # can :read, Issue, project: { visibility: 'open' }
can [:read, :commits, :files], PullRequest, to_project: {visibility: 'open'} # can [:read, :commits, :files], PullRequest, to_project: {visibility: 'open'}
can [:read, :log, :everything], BuildList, project: {visibility: 'open'} # can [:read, :log, :everything], BuildList, project: {visibility: 'open'}
can [:read, :log], ProductBuildList#, product: {platform: {visibility: 'open'}} # double nested hash don't work # can [:read, :log], ProductBuildList#, product: {platform: {visibility: 'open'}} # double nested hash don't work
can [:read, :search], Advisory # can [:read, :search], Advisory
can :read, Statistic # can :read, Statistic
#
# Platforms block # # Platforms block
can [:show, :members, :advisories], Platform, visibility: 'open' # can [:show, :members, :advisories], Platform, visibility: 'open'
can :platforms_for_build, Platform, visibility: 'open', platform_type: 'main' # can :platforms_for_build, Platform, visibility: 'open', platform_type: 'main'
can([:read, :get_list], MassBuild) {|mass_build| can?(:show, mass_build.save_to_platform) } # can([:read, :get_list], MassBuild) {|mass_build| can?(:show, mass_build.save_to_platform) }
can [:read, :projects_list, :projects], Repository, platform: {visibility: 'open'} # can [:read, :projects_list, :projects], Repository, platform: {visibility: 'open'}
can :read, Product, platform: {visibility: 'open'} # can :read, Product, platform: {visibility: 'open'}
#
can :show, Group # can :show, Group
can :show, User # can :show, User
can :possible_forks, Project # can :possible_forks, Project
#
if user.guest? # Guest rights # if user.guest? # Guest rights
cannot :index, Project # cannot :index, Project
# can [:new, :create], RegisterRequest # # can [:new, :create], RegisterRequest
else # Registered user rights # else # Registered user rights
if user.admin? # if user.admin?
can :manage, :all # can :manage, :all
# Protection # # Protection
cannot :approve, RegisterRequest, approved: true # cannot :approve, RegisterRequest, approved: true
cannot :reject, RegisterRequest, rejected: true # cannot :reject, RegisterRequest, rejected: true
cannot [:destroy, :create], Subscribe # cannot [:destroy, :create], Subscribe
# Act admin as simple user # # Act admin as simple user
cannot :read, Product, platform: {platform_type: 'personal'} # cannot :read, Product, platform: {platform_type: 'personal'}
cannot [:owned, :related], [BuildList, Platform] # cannot [:owned, :related], [BuildList, Platform]
cannot :membered, Project # list products which user members # cannot :membered, Project # list products which user members
end # end
#
if user.user? # if user.user?
can :edit, User, id: user.id # can :edit, User, id: user.id
can [:read, :create], Group # can [:read, :create], Group
can [:update, :manage_members, :members, :add_member, :remove_member, :remove_members, :update_member], Group do |group| # can [:update, :manage_members, :members, :add_member, :remove_member, :remove_members, :update_member], Group do |group|
group.actors.exists?(actor_type: 'User', actor_id: user.id, role: 'admin') # or group.owner_id = user.id # group.actors.exists?(actor_type: 'User', actor_id: user.id, role: 'admin') # or group.owner_id = user.id
end # end
can :write, Group do |group| # can :write, Group do |group|
group.actors.exists?(actor_type: 'User', actor_id: user.id, role: ['writer', 'admin']) # group.actors.exists?(actor_type: 'User', actor_id: user.id, role: ['writer', 'admin'])
end # end
can :destroy, Group, owner_id: user.id # can :destroy, Group, owner_id: user.id
can :remove_user, Group # can :remove_user, Group
#
can :create, Project # can :create, Project
can([:mass_import, :run_mass_import], Project) if user.platforms.main.find{ |p| local_admin?(p) }.present? # can([:mass_import, :run_mass_import], Project) if user.platforms.main.find{ |p| local_admin?(p) }.present?
can :read, Project, visibility: 'open' # can :read, Project, visibility: 'open'
can [:read, :archive, :membered, :get_id], Project, owner_type: 'User', owner_id: user.id # can [:read, :archive, :membered, :get_id], Project, owner_type: 'User', owner_id: user.id
can [:read, :archive, :membered, :get_id], Project, owner_type: 'Group', owner_id: user_group_ids # can [:read, :archive, :membered, :get_id], Project, owner_type: 'Group', owner_id: user_group_ids
# can([:read, :archive, :membered, :get_id], Project, read_relations_for('projects')) {|project| local_reader? project} # # can([:read, :archive, :membered, :get_id], Project, read_relations_for('projects')) {|project| local_reader? project}
can([:read, :archive, :membered, :get_id], Project, read_relations_with_projects) {|project| local_reader? project} # can([:read, :archive, :membered, :get_id], Project, read_relations_with_projects) {|project| local_reader? project}
can(:write, Project) {|project| local_writer? project} # for grack # can(:write, Project) {|project| local_writer? project} # for grack
can [:update, :sections, :manage_collaborators, :autocomplete_maintainers, :add_member, :remove_member, :remove_members, :update_member, :members, :schedule], Project do |project| # can [:update, :sections, :manage_collaborators, :autocomplete_maintainers, :add_member, :remove_member, :remove_members, :update_member, :members, :schedule], Project do |project|
local_admin? project # local_admin? project
end # end
#
can(:fork, Project) {|project| can? :read, project} # can(:fork, Project) {|project| can? :read, project}
can(:alias, Project) {|project| local_admin?(project) } # can(:alias, Project) {|project| local_admin?(project) }
#
can(:destroy, Project) {|project| owner? project} # can(:destroy, Project) {|project| owner? project}
can(:destroy, Project) {|project| project.owner_type == 'Group' and project.owner.actors.exists?(actor_type: 'User', actor_id: user.id, role: 'admin')} # can(:destroy, Project) {|project| project.owner_type == 'Group' and project.owner.actors.exists?(actor_type: 'User', actor_id: user.id, role: 'admin')}
can :remove_user, Project # can :remove_user, Project
can :preview, Project # can :preview, Project
#
can([:read, :create, :edit, :destroy, :update], Hook) {|hook| can?(:edit, hook.project)} # can([:read, :create, :edit, :destroy, :update], Hook) {|hook| can?(:edit, hook.project)}
#
can [:read, :log, :owned, :everything], BuildList, user_id: user.id # can [:read, :log, :owned, :everything], BuildList, user_id: user.id
can [:read, :log, :related, :everything], BuildList, project: {owner_type: 'User', owner_id: user.id} # can [:read, :log, :related, :everything], BuildList, project: {owner_type: 'User', owner_id: user.id}
can [:read, :log, :related, :everything], BuildList, project: {owner_type: 'Group', owner_id: user_group_ids} # can [:read, :log, :related, :everything], BuildList, project: {owner_type: 'Group', owner_id: user_group_ids}
# can([:read, :log, :everything, :list], BuildList, read_relations_for('build_lists', 'projects')) {|build_list| can? :read, build_list.project} # # can([:read, :log, :everything, :list], BuildList, read_relations_for('build_lists', 'projects')) {|build_list| can? :read, build_list.project}
# can([:read, :log, :everything, :list], BuildList, read_relations_for_build_lists_and_projects) {|build_list| can? :read, build_list.project} # # can([:read, :log, :everything, :list], BuildList, read_relations_for_build_lists_and_projects) {|build_list| can? :read, build_list.project}
can([:read, :log, :everything, :list], BuildList, read_relations_with_projects('build_lists')) {|build_list| can? :read, build_list.project} # can([:read, :log, :everything, :list], BuildList, read_relations_with_projects('build_lists')) {|build_list| can? :read, build_list.project}
#
can(:publish_into_testing, BuildList) { |build_list| ( can?(:create, build_list) || can?(:publish, build_list) ) && build_list.save_to_platform.main? } # can(:publish_into_testing, BuildList) { |build_list| ( can?(:create, build_list) || can?(:publish, build_list) ) && build_list.save_to_platform.main? }
can([:create, :rerun_tests], BuildList) {|build_list| # can([:create, :rerun_tests], BuildList) {|build_list|
build_list.project && # build_list.project.is_package &&
build_list.project.is_package && # can?(:write, build_list.project) &&
can?(:write, build_list.project) && # (build_list.build_for_platform.blank? || can?(:show, build_list.build_for_platform))
(build_list.build_for_platform.blank? || can?(:show, build_list.build_for_platform)) # }
} #
# can(:publish, BuildList) do |build_list|
can(:publish, BuildList) do |build_list| # if build_list.build_published?
if build_list.build_published? # local_admin?(build_list.save_to_platform) || build_list.save_to_repository.members.exists?(id: user.id)
local_admin?(build_list.save_to_platform) || build_list.save_to_repository.members.exists?(id: user.id) # else
else # build_list.save_to_repository.publish_without_qa ?
build_list.save_to_repository.publish_without_qa ? # can?(:write, build_list.project) : local_admin?(build_list.save_to_platform)
can?(:write, build_list.project) : local_admin?(build_list.save_to_platform) # end
end # end
end # can(:create_container, BuildList) do |build_list|
can(:create_container, BuildList) do |build_list| # local_admin?(build_list.save_to_platform)
local_admin?(build_list.save_to_platform) # end
end # can(:reject_publish, BuildList) do |build_list|
can(:reject_publish, BuildList) do |build_list| # build_list.save_to_repository.publish_without_qa ?
build_list.save_to_repository.publish_without_qa ? # can?(:write, build_list.project) : local_admin?(build_list.save_to_platform)
can?(:write, build_list.project) : local_admin?(build_list.save_to_platform) # end
end # can([:cancel, :create_container], BuildList) {|build_list| can?(:write, build_list.project)}
can([:cancel, :create_container], BuildList) {|build_list| can?(:write, build_list.project)} #
# can [:read, :owned, :related, :members], Platform, owner_type: 'User', owner_id: user.id
can [:read, :owned, :related, :members], Platform, owner_type: 'User', owner_id: user.id # can [:read, :related, :members], Platform, owner_type: 'Group', owner_id: user_group_ids
can [:read, :related, :members], Platform, owner_type: 'Group', owner_id: user_group_ids # can([:read, :related, :members], Platform, read_relations_for('platforms')) {|platform| local_reader? platform}
can([:read, :related, :members], Platform, read_relations_for('platforms')) {|platform| local_reader? platform} # can [:read, :related], Platform, id: user.repositories.pluck(:platform_id)
can [:read, :related], Platform, id: user.repositories.pluck(:platform_id) # can([:update, :destroy, :change_visibility], Platform) {|platform| owner?(platform) }
can([:update, :destroy, :change_visibility], Platform) {|platform| owner?(platform) } # can([:local_admin_manage, :members, :add_member, :remove_member, :remove_members, :remove_file] , Platform) {|platform| owner?(platform) || local_admin?(platform) }
can([:local_admin_manage, :members, :add_member, :remove_member, :remove_members, :remove_file] , Platform) {|platform| owner?(platform) || local_admin?(platform) } #
# can([:create, :publish], MassBuild) {|mass_build| owner?(mass_build.save_to_platform) || local_admin?(mass_build.save_to_platform)}
can([:create, :publish], MassBuild) {|mass_build| owner?(mass_build.save_to_platform) || local_admin?(mass_build.save_to_platform)} # can(:cancel, MassBuild) {|mass_build| (owner?(mass_build.save_to_platform) || local_admin?(mass_build.save_to_platform)) && !mass_build.stop_build}
can(:cancel, MassBuild) {|mass_build| (owner?(mass_build.save_to_platform) || local_admin?(mass_build.save_to_platform)) && !mass_build.stop_build} #
# can [:read, :projects_list, :projects], Repository, platform: {owner_type: 'User', owner_id: user.id}
can [:read, :projects_list, :projects], Repository, platform: {owner_type: 'User', owner_id: user.id} # can [:read, :projects_list, :projects], Repository, platform: {owner_type: 'Group', owner_id: user_group_ids}
can [:read, :projects_list, :projects], Repository, platform: {owner_type: 'Group', owner_id: user_group_ids} # can([:read, :projects_list, :projects], Repository, read_relations_for('repositories')) {|repository| can? :show, repository.platform}
can([:read, :projects_list, :projects], Repository, read_relations_for('repositories')) {|repository| can? :show, repository.platform} # can([:read, :projects_list, :projects], Repository, read_relations_for('repositories', 'platforms')) {|repository| local_reader? repository.platform}
can([:read, :projects_list, :projects], Repository, read_relations_for('repositories', 'platforms')) {|repository| local_reader? repository.platform} # can([:create, :edit, :update, :destroy, :projects_list, :projects, :add_project, :remove_project, :regenerate_metadata, :sync_lock_file, :add_repo_lock_file, :remove_repo_lock_file], Repository) {|repository| local_admin? repository.platform}
can([:create, :edit, :update, :destroy, :projects_list, :projects, :add_project, :remove_project, :regenerate_metadata, :sync_lock_file, :add_repo_lock_file, :remove_repo_lock_file], Repository) {|repository| local_admin? repository.platform} # can([:remove_member, :remove_members, :add_member, :signatures, :packages], Repository) {|repository| owner?(repository.platform) || local_admin?(repository.platform)}
can([:remove_member, :remove_members, :add_member, :signatures, :packages], Repository) {|repository| owner?(repository.platform) || local_admin?(repository.platform)} # can([:add_project, :remove_project], Repository) {|repository| repository.members.exists?(id: user.id)}
can([:add_project, :remove_project], Repository) {|repository| repository.members.exists?(id: user.id)} # can(:clear, Platform) {|platform| owner?(platform) && platform.personal?}
can(:clear, Platform) {|platform| owner?(platform) && platform.personal?} # can(:regenerate_metadata, Platform) {|platform| owner?(platform) || local_admin?(platform)}
can(:regenerate_metadata, Platform) {|platform| owner?(platform) || local_admin?(platform)} # can([:settings, :destroy, :edit, :update], Repository) {|repository| owner? repository.platform}
can([:settings, :destroy, :edit, :update], Repository) {|repository| owner? repository.platform} #
# can([:create, :destroy], KeyPair) {|key_pair| key_pair.repository.blank? || owner?(key_pair.repository.platform) || local_admin?(key_pair.repository.platform)}
can([:create, :destroy], KeyPair) {|key_pair| key_pair.repository.blank? || owner?(key_pair.repository.platform) || local_admin?(key_pair.repository.platform)} #
# can([:read, :create, :withdraw], Token) {|token| local_admin?(token.subject)}
can([:read, :create, :withdraw], Token) {|token| local_admin?(token.subject)} #
# can :read, Product, platform: {owner_type: 'User', owner_id: user.id, platform_type: 'main'}
can :read, Product, platform: {owner_type: 'User', owner_id: user.id, platform_type: 'main'} # can :read, Product, platform: {owner_type: 'Group', owner_id: user_group_ids, platform_type: 'main'}
can :read, Product, platform: {owner_type: 'Group', owner_id: user_group_ids, platform_type: 'main'} # can(:read, Product, read_relations_for('products', 'platforms')) {|product| product.platform.main?}
can(:read, Product, read_relations_for('products', 'platforms')) {|product| product.platform.main?} # can([:create, :update, :destroy, :clone], Product) {|product| local_admin? product.platform and product.platform.main?}
can([:create, :update, :destroy, :clone], Product) {|product| local_admin? product.platform and product.platform.main?} #
# can([:create, :cancel], ProductBuildList) {|pbl| can?(:write, pbl.project)}
can([:create, :cancel], ProductBuildList) {|pbl| can?(:write, pbl.project)} # can([:create, :cancel, :update], ProductBuildList) {|pbl| can?(:update, pbl.product)}
can([:create, :cancel, :update], ProductBuildList) {|pbl| can?(:update, pbl.product)} # can(:destroy, ProductBuildList) {|pbl| can?(:destroy, pbl.product)}
can(:destroy, ProductBuildList) {|pbl| can?(:destroy, pbl.product)} #
# can :read, Issue, project: {owner_type: 'User', owner_id: user.id}
can :read, Issue, project: {owner_type: 'User', owner_id: user.id} # can :read, Issue, project: {owner_type: 'Group', owner_id: user_group_ids}
can :read, Issue, project: {owner_type: 'Group', owner_id: user_group_ids} # can(:read, Issue, read_relations_for('issues', 'projects')) {|issue| can? :read, issue.project rescue nil}
can(:read, Issue, read_relations_for('issues', 'projects')) {|issue| can? :read, issue.project rescue nil} # can(:create, Issue) {|issue| can? :read, issue.project}
can(:create, Issue) {|issue| can? :read, issue.project} # can(:update, Issue) {|issue| issue.user_id == user.id or local_admin?(issue.project)}
can(:update, Issue) {|issue| issue.user_id == user.id or local_admin?(issue.project)} # cannot :manage, Issue, project: {has_issues: false} # switch off issues
cannot :manage, Issue, project: {has_issues: false} # switch off issues #
# can [:read, :commits, :files], PullRequest, to_project: {owner_type: 'User', owner_id: user.id}
can [:read, :commits, :files], PullRequest, to_project: {owner_type: 'User', owner_id: user.id} # can [:read, :commits, :files], PullRequest, to_project: {owner_type: 'Group', owner_id: user_group_ids}
can [:read, :commits, :files], PullRequest, to_project: {owner_type: 'Group', owner_id: user_group_ids} # can([:read, :commits, :files], PullRequest, read_relations_for('pull_requests', 'to_projects')) {|pull| can? :read, pull.to_project}
can([:read, :commits, :files], PullRequest, read_relations_for('pull_requests', 'to_projects')) {|pull| can? :read, pull.to_project} # can :create, PullRequest
can :create, PullRequest # can(:update, PullRequest) {|pull| pull.user_id == user.id or local_writer?(pull.to_project)}
can(:update, PullRequest) {|pull| pull.user_id == user.id or local_writer?(pull.to_project)} # can(:merge, PullRequest) {|pull| local_writer?(pull.to_project)}
can(:merge, PullRequest) {|pull| local_writer?(pull.to_project)} #
# can([:create, :new_line], Comment) {|comment| can? :read, comment.project}
can([:create, :new_line], Comment) {|comment| can? :read, comment.project} # can([:update, :destroy], Comment) {|comment| comment.user == user or comment.project.owner == user or local_admin?(comment.project)}
can([:update, :destroy], Comment) {|comment| comment.user == user or comment.project.owner == user or local_admin?(comment.project)} # cannot :manage, Comment do |c|
cannot :manage, Comment do |c| # c.commentable_type == 'Issue' && !c.project.has_issues && !c.commentable.pull_request # when switch off issues
c.commentable_type == 'Issue' && !c.project.has_issues && !c.commentable.pull_request # when switch off issues # end
end # end
end #
# # Shared cannot rights for all users (registered, admin)
# Shared cannot rights for all users (registered, admin) # cannot [:regenerate_metadata, :destroy], Platform, platform_type: 'personal'
cannot [:regenerate_metadata, :destroy], Platform, platform_type: 'personal' # cannot [:create, :destroy], Repository, platform: {platform_type: 'personal'}, name: 'main'
cannot [:create, :destroy], Repository, platform: {platform_type: 'personal'}, name: 'main' # cannot [:packages], Repository, platform: {platform_type: 'personal'}
cannot [:packages], Repository, platform: {platform_type: 'personal'} # cannot [:remove_member, :remove_members, :add_member, :sync_lock_file, :add_repo_lock_file, :remove_repo_lock_file], Repository, platform: {platform_type: 'personal'}
cannot [:remove_member, :remove_members, :add_member, :sync_lock_file, :add_repo_lock_file, :remove_repo_lock_file], Repository, platform: {platform_type: 'personal'} #
# cannot :clear, Platform, platform_type: 'main'
cannot :clear, Platform, platform_type: 'main' # cannot :destroy, Issue
cannot :destroy, Issue #
# cannot [:members, :add_member, :remove_member, :remove_members], Platform, platform_type: 'personal'
cannot [:members, :add_member, :remove_member, :remove_members], Platform, platform_type: 'personal' #
# cannot [:create, :update, :destroy, :clone], Product, platform: {platform_type: 'personal'}
cannot [:create, :update, :destroy, :clone], Product, platform: {platform_type: 'personal'} # cannot [:clone], Platform, platform_type: 'personal'
cannot [:clone], Platform, platform_type: 'personal' #
# cannot [:publish, :publish_into_testing], BuildList, new_core: false
cannot [:publish, :publish_into_testing], BuildList, new_core: false # cannot :create_container, BuildList, new_core: false
cannot :create_container, BuildList, new_core: false # cannot(:publish, BuildList) {|build_list| !build_list.can_publish? }
cannot(:publish, BuildList) {|build_list| !build_list.can_publish? } # cannot(:publish_into_testing, BuildList) {|build_list| !build_list.can_publish_into_testing? }
cannot(:publish_into_testing, BuildList) {|build_list| !build_list.can_publish_into_testing? } # cannot :publish_into_testing, BuildList, save_to_platform: {platform_type: 'personal'}
cannot :publish_into_testing, BuildList, save_to_platform: {platform_type: 'personal'} #
# cannot(:cancel, MassBuild) {|mass_build| mass_build.stop_build}
cannot(:cancel, MassBuild) {|mass_build| mass_build.stop_build} #
# if @user.system?
if @user.system? # can %i(key_pair add_repo_lock_file remove_repo_lock_file), Repository
can %i(key_pair add_repo_lock_file remove_repo_lock_file), Repository # else
else # cannot :key_pair, Repository
cannot :key_pair, Repository # end
end #
# can :create, Subscribe do |subscribe|
can :create, Subscribe do |subscribe| # !subscribe.subscribeable.subscribes.exists?(user_id: user.id)
!subscribe.subscribeable.subscribes.exists?(user_id: user.id) # end
end # can :destroy, Subscribe do |subscribe|
can :destroy, Subscribe do |subscribe| # subscribe.subscribeable.subscribes.exists?(user_id: user.id) && user.id == subscribe.user_id
subscribe.subscribeable.subscribes.exists?(user_id: user.id) && user.id == subscribe.user_id # end
end # end
end # end
end #
# def read_relations_for(table, parent = nil)
def read_relations_for(table, parent = nil) # key = parent ? "#{parent.singularize}_id" : 'id'
key = parent ? "#{parent.singularize}_id" : 'id' # parent ||= table
parent ||= table #
# ["#{table}.#{key} = ANY (
["#{table}.#{key} = ANY ( # ARRAY (
ARRAY ( # SELECT target_id
SELECT target_id # FROM relations
FROM relations # WHERE relations.target_type = ? AND
WHERE relations.target_type = ? AND # (relations.actor_type = 'User' AND relations.actor_id = ? OR
(relations.actor_type = 'User' AND relations.actor_id = ? OR # relations.actor_type = 'Group' AND relations.actor_id IN (?))
relations.actor_type = 'Group' AND relations.actor_id IN (?)) # )
) # )", parent.classify, @user, user_group_ids
)", parent.classify, @user, user_group_ids # ]
] # end
end #
# def read_relations_with_projects(table = 'projects')
def read_relations_with_projects(table = 'projects') # key = table == 'projects' ? 'id' : 'project_id'
key = table == 'projects' ? 'id' : 'project_id' # ["#{table}.#{key} = ANY (
["#{table}.#{key} = ANY ( # ARRAY (
ARRAY ( # SELECT target_id
SELECT target_id # FROM relations
FROM relations # INNER JOIN projects ON projects.id = relations.target_id
INNER JOIN projects ON projects.id = relations.target_id # WHERE relations.target_type = 'Project' AND
WHERE relations.target_type = 'Project' AND # (
( # projects.owner_type = 'User' AND projects.owner_id != :user OR
projects.owner_type = 'User' AND projects.owner_id != :user OR # projects.owner_type = 'Group' AND projects.owner_id NOT IN (:groups)
projects.owner_type = 'Group' AND projects.owner_id NOT IN (:groups) # ) AND (
) AND ( # relations.actor_type = 'User' AND relations.actor_id = :user OR
relations.actor_type = 'User' AND relations.actor_id = :user OR # relations.actor_type = 'Group' AND relations.actor_id IN (:groups)
relations.actor_type = 'Group' AND relations.actor_id IN (:groups) # )
) # )
) # )", { user: @user, groups: user_group_ids }
)", { user: @user, groups: user_group_ids } # ]
] # end
end #
# def local_reader?(target)
def local_reader?(target) # %w{reader writer admin}.include? @user.best_role(target)
%w{reader writer admin}.include? @user.best_role(target) # end
end #
# def local_writer?(target)
def local_writer?(target) # %w{writer admin}.include? @user.best_role(target)
%w{writer admin}.include? @user.best_role(target) # end
end #
# def local_admin?(target)
def local_admin?(target) # @user.best_role(target) == 'admin'
@user.best_role(target) == 'admin' # end
end #
# def owner?(target)
def owner?(target) # target.owner == @user or user_own_groups.include?(target.owner)
target.owner == @user or user_own_groups.include?(target.owner) # end
end #
# def user_own_groups
def user_own_groups # @user_own_groups ||= @user.own_groups
@user_own_groups ||= @user.own_groups # end
end #
# def user_group_ids
def user_group_ids # @user_group_ids ||= @user.group_ids
@user_group_ids ||= @user.group_ids # end
end # end
end

2
config/initializers/active_admin.rb
View File

@ -84,6 +84,8 @@ end
# Block admin access to non-admin-users. # Block admin access to non-admin-users.
ActiveAdmin::BaseController.class_eval do ActiveAdmin::BaseController.class_eval do
skip_after_action :verify_authorized
# include ActionController::Caching::Sweeping # include ActionController::Caching::Sweeping
protected protected
def check_admin_role def check_admin_role

720
spec/models/cancan_spec.rb
View File

@ -1,360 +1,360 @@
require 'spec_helper' # require 'spec_helper'
require "cancan/matchers" # require "cancan/matchers"
#
def admin_create # def admin_create
@admin = FactoryGirl.create(:admin) # @admin = FactoryGirl.create(:admin)
@ability = Ability.new(@admin) # @ability = Ability.new(@admin)
end # end
#
def user_create # def user_create
@user = FactoryGirl.create(:user) # @user = FactoryGirl.create(:user)
@ability = Ability.new(@user) # @ability = Ability.new(@user)
end # end
#
def guest_create # def guest_create
@ability = Ability.new(User.new) # @ability = Ability.new(User.new)
end # end
#
describe CanCan do # describe CanCan do
let(:open_platform) { FactoryGirl.create(:platform, visibility: 'open') } # let(:open_platform) { FactoryGirl.create(:platform, visibility: 'open') }
#
before(:each) do # before(:each) do
stub_symlink_methods # stub_symlink_methods
end # end
#
context 'Site admin' do # context 'Site admin' do
let(:personal_platform) { FactoryGirl.create(:platform, platform_type: 'personal') } # let(:personal_platform) { FactoryGirl.create(:platform, platform_type: 'personal') }
let(:personal_repository_main) { FactoryGirl.create(:personal_repository, name: 'main') } # let(:personal_repository_main) { FactoryGirl.create(:personal_repository, name: 'main') }
let(:personal_repository) { FactoryGirl.create(:personal_repository) } # let(:personal_repository) { FactoryGirl.create(:personal_repository) }
before(:each) do # before(:each) do
admin_create # admin_create
end # end
#
it 'should manage all' do # it 'should manage all' do
#(@ability.can? :manage, :all).should be_truthy # #(@ability.can? :manage, :all).should be_truthy
@ability.should be_able_to(:manage, :all) # @ability.should be_able_to(:manage, :all)
end # end
#
it 'should not be able to destroy personal platforms' do # it 'should not be able to destroy personal platforms' do
@ability.should_not be_able_to(:destroy, personal_platform) # @ability.should_not be_able_to(:destroy, personal_platform)
end # end
#
it 'should not be able to destroy personal repositories with name "main"' do # it 'should not be able to destroy personal repositories with name "main"' do
@ability.should_not be_able_to(:destroy, personal_repository_main) # @ability.should_not be_able_to(:destroy, personal_repository_main)
end # end
it 'should be able to destroy personal repositories with name not "main"' do # it 'should be able to destroy personal repositories with name not "main"' do
@ability.should be_able_to(:destroy, personal_repository) # @ability.should be_able_to(:destroy, personal_repository)
end # end
end # end
#
context 'Site guest' do # context 'Site guest' do
let(:register_request) { FactoryGirl.create(:register_request) } # let(:register_request) { FactoryGirl.create(:register_request) }
#
before(:each) do # before(:each) do
guest_create # guest_create
end # end
#
it 'should not be able to read open platform' do # it 'should not be able to read open platform' do
@ability.should_not be_able_to(:read, open_platform) # @ability.should_not be_able_to(:read, open_platform)
end # end
#
[:publish, :cancel, :reject_publish, :create_container].each do |action| # [:publish, :cancel, :reject_publish, :create_container].each do |action|
it "should not be able to #{ action } build list" do # it "should not be able to #{ action } build list" do
@ability.should_not be_able_to(action, BuildList) # @ability.should_not be_able_to(action, BuildList)
end # end
end # end
#
[:mass_import, :run_mass_import].each do |action| # [:mass_import, :run_mass_import].each do |action|
it "should not be able to #{ action } project" do # it "should not be able to #{ action } project" do
@ability.should_not be_able_to(action, Project) # @ability.should_not be_able_to(action, Project)
end # end
end # end
#
it 'should not be able to update register request' do # it 'should not be able to update register request' do
@ability.should_not be_able_to(:update, register_request) # @ability.should_not be_able_to(:update, register_request)
end # end
#
it 'should not be able to list register requests' do # it 'should not be able to list register requests' do
@ability.should_not be_able_to(:read, register_request) # @ability.should_not be_able_to(:read, register_request)
end # end
#
it 'should not be able to destroy register requests' do # it 'should not be able to destroy register requests' do
@ability.should_not be_able_to(:destroy, register_request) # @ability.should_not be_able_to(:destroy, register_request)
end # end
#
pending 'should be able to register new user' do # while self registration is closed # pending 'should be able to register new user' do # while self registration is closed
@ability.should be_able_to(:create, User) # @ability.should be_able_to(:create, User)
end # end
end # end
#
context 'Site user' do # context 'Site user' do
before(:each) do # before(:each) do
user_create # user_create
end # end
#
[Platform, Repository].each do |model_name| # [Platform, Repository].each do |model_name|
it "should be able to read #{model_name}" do # it "should be able to read #{model_name}" do
@ability.should be_able_to(:read, model_name) # @ability.should be_able_to(:read, model_name)
end # end
end # end
#
[:mass_import, :run_mass_import].each do |action| # [:mass_import, :run_mass_import].each do |action|
it "should not be able to #{ action } project" do # it "should not be able to #{ action } project" do
@ability.should_not be_able_to(action, Project) # @ability.should_not be_able_to(action, Project)
end # end
end # end
#
it "shoud be able to show user profile" do # it "shoud be able to show user profile" do
@ability.should be_able_to(:show, User) # @ability.should be_able_to(:show, User)
end # end
#
it "shoud be able to read another user object" do # it "shoud be able to read another user object" do
admin_create # admin_create
@ability.should be_able_to(:read, @admin) # @ability.should be_able_to(:read, @admin)
end # end
#
it "shoud be able to read open projects" do # it "shoud be able to read open projects" do
@project = FactoryGirl.create(:project, visibility: 'open') # @project = FactoryGirl.create(:project, visibility: 'open')
@ability.should be_able_to(:read, @project) # @ability.should be_able_to(:read, @project)
end # end
#
it 'should be able to see open platform' do # it 'should be able to see open platform' do
@ability.should be_able_to(:show, open_platform) # @ability.should be_able_to(:show, open_platform)
end # end
#
it "shoud be able to create project" do # it "shoud be able to create project" do
@ability.should be_able_to(:create, Project) # @ability.should be_able_to(:create, Project)
end # end
#
it "should not be able to manage register requests" do # it "should not be able to manage register requests" do
@ability.should_not be_able_to(:manage, RegisterRequest) # @ability.should_not be_able_to(:manage, RegisterRequest)
end # end
#
context 'as project collaborator' do # context 'as project collaborator' do
before(:each) do # before(:each) do
@project = FactoryGirl.create(:project_with_commit) # @project = FactoryGirl.create(:project_with_commit)
@issue = FactoryGirl.create(:issue, project_id: @project.id) # @issue = FactoryGirl.create(:issue, project_id: @project.id)
end # end
#
context 'with read rights' do # context 'with read rights' do
before(:each) do # before(:each) do
create_relation(@project, @user, 'reader') # create_relation(@project, @user, 'reader')
end # end
#
it 'should be able to read project' do # it 'should be able to read project' do
@ability.should be_able_to(:read, @project) # @ability.should be_able_to(:read, @project)
end # end
#
it 'should be able to read issue' do # it 'should be able to read issue' do
@ability.should be_able_to(:read, @issue) # @ability.should be_able_to(:read, @issue)
end # end
end # end
#
context 'with writer rights' do # context 'with writer rights' do
before(:each) do # before(:each) do
create_relation(@project, @user, 'writer') # create_relation(@project, @user, 'writer')
end # end
#
[:read, :create, :new].each do |action| # [:read, :create, :new].each do |action|
it "should be able to #{ action } project" do # it "should be able to #{ action } project" do
@ability.should be_able_to(action, @project) # @ability.should be_able_to(action, @project)
end # end
end # end
#
[:new, :create].each do |action| # [:new, :create].each do |action|
it "should be able to #{action} build_list" do # it "should be able to #{action} build_list" do
@build_list = FactoryGirl.create(:build_list_with_attaching_project, project: @project) # @build_list = FactoryGirl.create(:build_list_with_attaching_project, project: @project)
@ability.should be_able_to(action, @build_list) # @ability.should be_able_to(action, @build_list)
end # end
end # end
end # end
#
context 'with admin rights' do # context 'with admin rights' do
before(:each) do # before(:each) do
create_relation(@project, @user, 'admin') # create_relation(@project, @user, 'admin')
end # end
#
[:read, :update].each do |action| # [:read, :update].each do |action|
it "should be able to #{ action } project" do # it "should be able to #{ action } project" do
@ability.should be_able_to(action, @project) # @ability.should be_able_to(action, @project)
end # end
end # end
#
[:new, :create].each do |action| # [:new, :create].each do |action|
it "should be able to #{action} build_list" do # it "should be able to #{action} build_list" do
@build_list = FactoryGirl.create(:build_list_with_attaching_project, project: @project) # @build_list = FactoryGirl.create(:build_list_with_attaching_project, project: @project)
@ability.should be_able_to(action, @build_list) # @ability.should be_able_to(action, @build_list)
end # end
end # end
#
it "should be able to manage collaborators of project" do # it "should be able to manage collaborators of project" do
@ability.should be_able_to(:manage_collaborators, @project) # @ability.should be_able_to(:manage_collaborators, @project)
end # end
#
[:read, :create, :new, :update, :edit].each do |action| # [:read, :create, :new, :update, :edit].each do |action|
it "should be able to #{ action } issue" do # it "should be able to #{ action } issue" do
@ability.should be_able_to(action, @issue) # @ability.should be_able_to(action, @issue)
end # end
end # end
end # end
#
context 'with owner rights' do # context 'with owner rights' do
before(:each) do # before(:each) do
@project = FactoryGirl.create(:project_with_commit, owner: @user) # @project = FactoryGirl.create(:project_with_commit, owner: @user)
@issue = FactoryGirl.create(:issue, project_id: @project.id) # @issue = FactoryGirl.create(:issue, project_id: @project.id)
end # end
#
[:read, :update, :destroy].each do |action| # [:read, :update, :destroy].each do |action|
it "should be able to #{ action } project" do # it "should be able to #{ action } project" do
@ability.should be_able_to(action, @project) # @ability.should be_able_to(action, @project)
end # end
end # end
#
[:new, :create].each do |action| # [:new, :create].each do |action|
it "should be able to #{action} build_list" do # it "should be able to #{action} build_list" do
@build_list = FactoryGirl.create(:build_list_with_attaching_project, project: @project) # @build_list = FactoryGirl.create(:build_list_with_attaching_project, project: @project)
@ability.should be_able_to(action, @build_list) # @ability.should be_able_to(action, @build_list)
end # end
end # end
#
[:read, :update, :edit].each do |action| # [:read, :update, :edit].each do |action|
it "should be able to #{ action } issue" do # it "should be able to #{ action } issue" do
@ability.should be_able_to(action, @issue) # @ability.should be_able_to(action, @issue)
end # end
end # end
end # end
#
context 'through group-member' do # context 'through group-member' do
before(:each) do # before(:each) do
@group_member = FactoryGirl.create(:group) # @group_member = FactoryGirl.create(:group)
create_relation(@project, @group_member, 'reader') # create_relation(@project, @group_member, 'reader')
@group_member_ability = Ability.new(@group_member.owner) # @group_member_ability = Ability.new(@group_member.owner)
end # end
#
it 'should be able to read open project' do # it 'should be able to read open project' do
@group_member_ability.should be_able_to(:read, @project) # @group_member_ability.should be_able_to(:read, @project)
end # end
#
it 'should be able to read closed project' do # it 'should be able to read closed project' do
@project.update_attribute :visibility, 'hidden' # @project.update_attribute :visibility, 'hidden'
@group_member_ability.should be_able_to(:read, @project) # @group_member_ability.should be_able_to(:read, @project)
end # end
#
it 'should include hidden project in list' do # it 'should include hidden project in list' do
@project.update_attribute :visibility, 'hidden' # @project.update_attribute :visibility, 'hidden'
Project.accessible_by(@group_member_ability, :show).where(projects: {id: @project.id}).count.should == 1 # Project.accessible_by(@group_member_ability, :show).where(projects: {id: @project.id}).count.should == 1
end # end
end # end
end # end
#
context 'platform relations' do # context 'platform relations' do
before(:each) do # before(:each) do
@platform = FactoryGirl.create(:platform) # @platform = FactoryGirl.create(:platform)
end # end
#
context 'with owner rights' do # context 'with owner rights' do
before(:each) do # before(:each) do
@platform.owner = @user # @platform.owner = @user
@platform.save # @platform.save
@ability = Ability.new(@user) # @ability = Ability.new(@user)
end # end
#
[:mass_import, :run_mass_import].each do |action| # [:mass_import, :run_mass_import].each do |action|
it "should be able to #{ action } project" do # it "should be able to #{ action } project" do
@ability.should be_able_to(action, Project) # @ability.should be_able_to(action, Project)
end # end
end # end
#
[:read, :update, :destroy, :change_visibility].each do |action| # [:read, :update, :destroy, :change_visibility].each do |action|
it "should be able to #{action} platform" do # it "should be able to #{action} platform" do
@ability.should be_able_to(action, @platform) # @ability.should be_able_to(action, @platform)
end # end
end # end
end # end
#
context 'with read rights' do # context 'with read rights' do
before(:each) do # before(:each) do
create_relation(@platform, @user, 'reader') # create_relation(@platform, @user, 'reader')
@ability = Ability.new(@user) # @ability = Ability.new(@user)
end # end
#
[:mass_import, :run_mass_import].each do |action| # [:mass_import, :run_mass_import].each do |action|
it "should not be able to #{ action } project" do # it "should not be able to #{ action } project" do
@ability.should_not be_able_to(action, Project) # @ability.should_not be_able_to(action, Project)
end # end
end # end
#
it "should be able to read platform" do # it "should be able to read platform" do
@ability.should be_able_to(:read, @platform) # @ability.should be_able_to(:read, @platform)
end # end
end # end
end # end
#
context 'repository relations' do # context 'repository relations' do
before(:each) do # before(:each) do
@repository = FactoryGirl.create(:repository) # @repository = FactoryGirl.create(:repository)
end # end
#
context 'with owner rights' do # context 'with owner rights' do
before(:each) do # before(:each) do
@repository.platform.owner = @user # @repository.platform.owner = @user
@repository.platform.save # @repository.platform.save
end # end
#
[:read, :create, :update, :destroy, :add_project, :remove_project, :settings].each do |action| # [:read, :create, :update, :destroy, :add_project, :remove_project, :settings].each do |action|
it "should be able to #{action} repository" do # it "should be able to #{action} repository" do
@ability.should be_able_to(action, @repository) # @ability.should be_able_to(action, @repository)
end # end
end # end
end # end
#
context 'with read rights' do # context 'with read rights' do
before(:each) do # before(:each) do
create_relation(@repository.platform, @user, 'reader') # create_relation(@repository.platform, @user, 'reader')
end # end
#
it "should be able to read repository" do # it "should be able to read repository" do
@ability.should be_able_to(:read, @repository) # @ability.should be_able_to(:read, @repository)
end # end
end # end
end # 'repository relations' # end # 'repository relations'
#
context 'product build list relations' do # context 'product build list relations' do
let(:product_build_list) { FactoryGirl.create(:product_build_list) } # let(:product_build_list) { FactoryGirl.create(:product_build_list) }
#
before { FactoryGirl.create(:arch, name: 'x86_64') } # before { FactoryGirl.create(:arch, name: 'x86_64') }
#
context 'with platform admin rights' do # context 'with platform admin rights' do
before do # before do
product_build_list.product.platform.owner = @user # product_build_list.product.platform.owner = @user
product_build_list.product.platform.save # product_build_list.product.platform.save
end # end
#
[:read, :create, :update, :destroy, :log, :cancel].each do |action| # [:read, :create, :update, :destroy, :log, :cancel].each do |action|
it "should be able to #{action} product build list" do # it "should be able to #{action} product build list" do
@ability.should be_able_to(action, product_build_list) # @ability.should be_able_to(action, product_build_list)
end # end
end # end
end # end
#
context 'with project writer rights' do # context 'with project writer rights' do
before do # before do
create_relation(product_build_list.project, @user, 'writer') # create_relation(product_build_list.project, @user, 'writer')
end # end
#
[:read, :create, :log, :cancel].each do |action| # [:read, :create, :log, :cancel].each do |action|
it "should be able to #{action} product build list" do # it "should be able to #{action} product build list" do
@ability.should be_able_to(action, product_build_list) # @ability.should be_able_to(action, product_build_list)
end # end
end # end
#
[:update, :destroy].each do |action| # [:update, :destroy].each do |action|
it "should not be able to #{action} product build list" do # it "should not be able to #{action} product build list" do
@ability.should_not be_able_to(action, product_build_list) # @ability.should_not be_able_to(action, product_build_list)
end # end
end # end
end # end
end # 'product build list relations' # end # 'product build list relations'
#
end # 'Site user' # end # 'Site user'
end # end

650
spec/models/comment_for_commit_spec.rb
View File

@ -1,325 +1,325 @@
require 'spec_helper' # require 'spec_helper'
require "cancan/matchers" # require "cancan/matchers"
#
def create_comment user # def create_comment user
FactoryGirl.create(:comment, user: user, commentable: @commit, project: @project) # FactoryGirl.create(:comment, user: user, commentable: @commit, project: @project)
end # end
#
def create_comment_in_commit commit, project, body # def create_comment_in_commit commit, project, body
FactoryGirl.create(:comment, user: @user, commentable: commit, project: project, body: body) # FactoryGirl.create(:comment, user: @user, commentable: commit, project: project, body: body)
end # end
#
def set_comments_data_for_commit # def set_comments_data_for_commit
@ability = Ability.new(@user) # @ability = Ability.new(@user)
#
@project = FactoryGirl.create(:project_with_commit, owner: @user) # @project = FactoryGirl.create(:project_with_commit, owner: @user)
@commit = @project.repo.commits.first # @commit = @project.repo.commits.first
#
@comment = create_comment(@user) # @comment = create_comment(@user)
@stranger_comment = create_comment(@stranger) # @stranger_comment = create_comment(@stranger)
#
@subscribe_params = {project_id: @project.id, subscribeable_id: @commit.id.hex, subscribeable_type: @commit.class.name} # @subscribe_params = {project_id: @project.id, subscribeable_id: @commit.id.hex, subscribeable_type: @commit.class.name}
Subscribe.destroy_all # Subscribe.destroy_all
#
allow_any_instance_of(Project).to receive(:versions).and_return(%w(v1.0 v2.0)) # allow_any_instance_of(Project).to receive(:versions).and_return(%w(v1.0 v2.0))
end # end
#
def should_send_email(args={}) # def should_send_email(args={})
user_mailer = double(:user_mailer) # user_mailer = double(:user_mailer)
expect(UserMailer).to receive(:new_comment_notification).with(kind_of(Comment), args[:receiver].id).and_return(user_mailer) # expect(UserMailer).to receive(:new_comment_notification).with(kind_of(Comment), args[:receiver].id).and_return(user_mailer)
expect(user_mailer).to receive(:deliver) # expect(user_mailer).to receive(:deliver)
#
create_comment args[:commentor] # create_comment args[:commentor]
end # end
#
def should_not_send_email(args={}) # def should_not_send_email(args={})
expect(UserMailer).to_not receive(:new_comment_notification) # expect(UserMailer).to_not receive(:new_comment_notification)
create_comment args[:commentor] # create_comment args[:commentor]
end # end
#
describe Comment do # describe Comment do
before { stub_symlink_methods } # before { stub_symlink_methods }
context 'for global admin user' do # context 'for global admin user' do
before(:each) do # before(:each) do
@user = FactoryGirl.create(:admin) # @user = FactoryGirl.create(:admin)
@stranger = FactoryGirl.create(:user) # @stranger = FactoryGirl.create(:user)
#
set_comments_data_for_commit # set_comments_data_for_commit
end # end
#
it_should_behave_like 'user with create comment ability (for model)' # it_should_behave_like 'user with create comment ability (for model)'
it_should_behave_like 'user with update own comment ability (for model)' # it_should_behave_like 'user with update own comment ability (for model)'
it_should_behave_like 'user with update stranger comment ability (for model)' # it_should_behave_like 'user with update stranger comment ability (for model)'
it_should_behave_like 'user with destroy comment ability (for model)' # it_should_behave_like 'user with destroy comment ability (for model)'
it_should_behave_like 'user with destroy stranger comment ability (for model)' # it_should_behave_like 'user with destroy stranger comment ability (for model)'
end # end
#
context 'for project admin user' do # context 'for project admin user' do
before do # before do
@user = FactoryGirl.create(:user) # @user = FactoryGirl.create(:user)
@stranger = FactoryGirl.create(:user) # @stranger = FactoryGirl.create(:user)
#
set_comments_data_for_commit # set_comments_data_for_commit
@admin = FactoryGirl.create(:user) # @admin = FactoryGirl.create(:user)
@ability = Ability.new(@admin) # @ability = Ability.new(@admin)
create_relation(@project, @admin, 'admin') # create_relation(@project, @admin, 'admin')
end # end
#
it_should_behave_like 'user with create comment ability (for model)' # it_should_behave_like 'user with create comment ability (for model)'
it_should_behave_like 'user with update own comment ability (for model)' # it_should_behave_like 'user with update own comment ability (for model)'
it_should_behave_like 'user with update stranger comment ability (for model)' # it_should_behave_like 'user with update stranger comment ability (for model)'
it_should_behave_like 'user with destroy comment ability (for model)' # it_should_behave_like 'user with destroy comment ability (for model)'
it_should_behave_like 'user with destroy stranger comment ability (for model)' # it_should_behave_like 'user with destroy stranger comment ability (for model)'
#
it 'should send an e-mail by default settings' do # it 'should send an e-mail by default settings' do
should_send_email(commentor: @stranger, receiver: @user) # should_send_email(commentor: @stranger, receiver: @user)
end # end
#
context 'for disabled notify setting new_comment_commit_repo_owner' do # context 'for disabled notify setting new_comment_commit_repo_owner' do
it 'should send an e-mail' do # it 'should send an e-mail' do
@user.notifier.update_column :new_comment_commit_repo_owner, false # @user.notifier.update_column :new_comment_commit_repo_owner, false
should_send_email(commentor: @stranger, receiver: @user) # should_send_email(commentor: @stranger, receiver: @user)
end # end
end # end
#
context 'for disabled notify setting new_comment_commit_owner' do # context 'for disabled notify setting new_comment_commit_owner' do
it 'should send an e-mail' do # it 'should send an e-mail' do
@user.notifier.update_column :new_comment_commit_owner, false # @user.notifier.update_column :new_comment_commit_owner, false
should_send_email(commentor: @stranger, receiver: @user) # should_send_email(commentor: @stranger, receiver: @user)
end # end
end # end
#
context 'for disabled notify setting new_comment_commit_commentor' do # context 'for disabled notify setting new_comment_commit_commentor' do
it 'should send an e-mail' do # it 'should send an e-mail' do
@user.notifier.update_column :new_comment_commit_commentor, false # @user.notifier.update_column :new_comment_commit_commentor, false
should_send_email(commentor: @stranger, receiver: @user) # should_send_email(commentor: @stranger, receiver: @user)
end # end
end # end
#
context 'for disabled all notify setting expect global' do # context 'for disabled all notify setting expect global' do
it 'should not send an e-mail' do # it 'should not send an e-mail' do
@user.notifier.update_column :new_comment_commit_repo_owner, false # @user.notifier.update_column :new_comment_commit_repo_owner, false
@user.notifier.update_column :new_comment_commit_owner, false # @user.notifier.update_column :new_comment_commit_owner, false
@user.notifier.update_column :new_comment_commit_commentor, false # @user.notifier.update_column :new_comment_commit_commentor, false
should_not_send_email(commentor: @stranger) # should_not_send_email(commentor: @stranger)
end # end
end # end
#
context 'for unsubscribe commit' do # context 'for unsubscribe commit' do
it 'should not send an e-mail' do # it 'should not send an e-mail' do
Subscribe.unsubscribe_from_commit @subscribe_params.merge(user_id: @user.id) # Subscribe.unsubscribe_from_commit @subscribe_params.merge(user_id: @user.id)
should_not_send_email(commentor: @stranger) # should_not_send_email(commentor: @stranger)
end # end
end # end
#
context 'for disabled global notify setting' do # context 'for disabled global notify setting' do
it 'should not send an e-mail' do # it 'should not send an e-mail' do
@user.notifier.update_column :can_notify, false # @user.notifier.update_column :can_notify, false
should_not_send_email(commentor: @stranger) # should_not_send_email(commentor: @stranger)
end # end
end # end
end # end
#
context 'for project owner user' do # context 'for project owner user' do
before(:each) do # before(:each) do
@user = FactoryGirl.create(:user) # @user = FactoryGirl.create(:user)
@stranger = FactoryGirl.create(:user) # @stranger = FactoryGirl.create(:user)
set_comments_data_for_commit # set_comments_data_for_commit
#
@project.owner = @user # @project.owner = @user
@project.save # @project.save
end # end
#
it_should_behave_like 'user with create comment ability (for model)' # it_should_behave_like 'user with create comment ability (for model)'
it_should_behave_like 'user with update own comment ability (for model)' # it_should_behave_like 'user with update own comment ability (for model)'
it_should_behave_like 'user with update stranger comment ability (for model)' # it_should_behave_like 'user with update stranger comment ability (for model)'
it_should_behave_like 'user with destroy comment ability (for model)' # it_should_behave_like 'user with destroy comment ability (for model)'
it_should_behave_like 'user with destroy stranger comment ability (for model)' # it_should_behave_like 'user with destroy stranger comment ability (for model)'
#
context 'for default enabled settings' do # context 'for default enabled settings' do
it 'should send an e-mail by default settings' do # it 'should send an e-mail by default settings' do
should_send_email(commentor: @stranger, receiver: @project.owner) # should_send_email(commentor: @stranger, receiver: @project.owner)
end # end
end # end
#
context 'for disabled notify setting new_comment_commit_repo_owner' do # context 'for disabled notify setting new_comment_commit_repo_owner' do
it 'should not send an e-mail' do # it 'should not send an e-mail' do
@user.notifier.update_column :new_comment_commit_repo_owner, false # @user.notifier.update_column :new_comment_commit_repo_owner, false
Comment.destroy_all # Comment.destroy_all
should_not_send_email(commentor: @stranger) # should_not_send_email(commentor: @stranger)
end # end
end # end
#
context 'for disabled notify setting new_comment_commit_owner' do # context 'for disabled notify setting new_comment_commit_owner' do
it 'should send an e-mail' do # it 'should send an e-mail' do
@user.notifier.update_column :new_comment_commit_owner, false # @user.notifier.update_column :new_comment_commit_owner, false
should_send_email(commentor: @stranger, receiver: @user) # should_send_email(commentor: @stranger, receiver: @user)
end # end
end # end
#
context 'for disabled notify setting new_comment_commit_commentor' do # context 'for disabled notify setting new_comment_commit_commentor' do
it 'should send an e-mail' do # it 'should send an e-mail' do
@user.notifier.update_column :new_comment_commit_commentor, false # @user.notifier.update_column :new_comment_commit_commentor, false
should_send_email(commentor: @stranger, receiver: @user) # should_send_email(commentor: @stranger, receiver: @user)
end # end
end # end
#
context 'for disabled all notify setting expect global' do # context 'for disabled all notify setting expect global' do
it 'should not send an e-mail' do # it 'should not send an e-mail' do
@user.notifier.update_column :new_comment_commit_repo_owner, false # @user.notifier.update_column :new_comment_commit_repo_owner, false
@user.notifier.update_column :new_comment_commit_owner, false # @user.notifier.update_column :new_comment_commit_owner, false
@user.notifier.update_column :new_comment_commit_commentor, false # @user.notifier.update_column :new_comment_commit_commentor, false
should_not_send_email(commentor: @stranger) # should_not_send_email(commentor: @stranger)
end # end
end # end
#
context 'for unsubscribe project' do # context 'for unsubscribe project' do
it 'should not send an e-mail' do # it 'should not send an e-mail' do
Subscribe.unsubscribe_from_commit @subscribe_params.merge(user_id: @user.id) # Subscribe.unsubscribe_from_commit @subscribe_params.merge(user_id: @user.id)
should_not_send_email(commentor: @stranger) # should_not_send_email(commentor: @stranger)
end # end
end # end
#
context 'for disabled global notify setting' do # context 'for disabled global notify setting' do
it 'should not send an e-mail' do # it 'should not send an e-mail' do
@user.notifier.update_column :can_notify, false # @user.notifier.update_column :can_notify, false
should_not_send_email(commentor: @stranger) # should_not_send_email(commentor: @stranger)
end # end
end # end
#
context 'for own commit' do # context 'for own commit' do
it 'should send a one e-mail' do # it 'should send a one e-mail' do
@project.owner.update_column :email, 'code@tpope.net' # @project.owner.update_column :email, 'code@tpope.net'
should_send_email(commentor: @stranger, receiver: @project.owner) # should_send_email(commentor: @stranger, receiver: @project.owner)
end # end
end # end
end # end
#
context 'for simple user' do # context 'for simple user' do
before(:each) do # before(:each) do
@user = FactoryGirl.create(:user) # @user = FactoryGirl.create(:user)
@simple = FactoryGirl.create(:user) # @simple = FactoryGirl.create(:user)
@stranger = FactoryGirl.create(:user) # @stranger = FactoryGirl.create(:user)
set_comments_data_for_commit # set_comments_data_for_commit
@comment = create_comment(@simple) # @comment = create_comment(@simple)
@ability = Ability.new(@simple) # @ability = Ability.new(@simple)
Subscribe.unsubscribe_from_commit @subscribe_params.merge(user_id: [@stranger.id, @project.owner.id]) # Subscribe.unsubscribe_from_commit @subscribe_params.merge(user_id: [@stranger.id, @project.owner.id])
end # end
#
it_should_behave_like 'user with create comment ability (for model)' # it_should_behave_like 'user with create comment ability (for model)'
it_should_behave_like 'user with update own comment ability (for model)' # it_should_behave_like 'user with update own comment ability (for model)'
it_should_behave_like 'user without update stranger comment ability (for model)' # it_should_behave_like 'user without update stranger comment ability (for model)'
it_should_behave_like 'user with destroy comment ability (for model)' # it_should_behave_like 'user with destroy comment ability (for model)'
it_should_behave_like 'user without destroy stranger comment ability (for model)' # it_should_behave_like 'user without destroy stranger comment ability (for model)'
#
context 'for default enabled settings' do # context 'for default enabled settings' do
it 'should send an e-mail' do # it 'should send an e-mail' do
should_send_email(commentor: @stranger, receiver: @simple) # should_send_email(commentor: @stranger, receiver: @simple)
end # end
#
it 'should send an e-mail for comments after his comment' do # it 'should send an e-mail for comments after his comment' do
comment = create_comment(@simple) # comment = create_comment(@simple)
should_send_email(commentor: @stranger, receiver: @simple) # should_send_email(commentor: @stranger, receiver: @simple)
end # end
#
it 'should send an e-mail when subscribed to project' do # it 'should send an e-mail when subscribed to project' do
Subscribe.subscribe_to_commit @subscribe_params.merge(user_id: @simple.id) # Subscribe.subscribe_to_commit @subscribe_params.merge(user_id: @simple.id)
should_send_email(commentor: @project.owner, receiver: @simple) # should_send_email(commentor: @project.owner, receiver: @simple)
end # end
#
it 'should not send an e-mail for own comment' do # it 'should not send an e-mail for own comment' do
should_not_send_email(commentor: @simple) # should_not_send_email(commentor: @simple)
end # end
end # end
#
context 'for committer' do # context 'for committer' do
it 'should send an e-mail' do # it 'should send an e-mail' do
@simple.update_column :email, 'test@test.test' # @simple.update_column :email, 'test@test.test'
should_send_email commentor: @stranger, receiver: @simple # should_send_email commentor: @stranger, receiver: @simple
end # end
#
it 'should send a one e-mail when subscribed to commit' do # it 'should send a one e-mail when subscribed to commit' do
Subscribe.subscribe_to_commit @subscribe_params.merge(user_id: @simple.id) # Subscribe.subscribe_to_commit @subscribe_params.merge(user_id: @simple.id)
@simple.update_column :email, 'test@test.test' # @simple.update_column :email, 'test@test.test'
should_send_email(commentor: @stranger, receiver: @simple) # should_send_email(commentor: @stranger, receiver: @simple)
end # end
#
it 'should not send an e-mail for own comment' do # it 'should not send an e-mail for own comment' do
@simple.update_column :email, 'test@test.test' # @simple.update_column :email, 'test@test.test'
should_not_send_email(commentor: @simple) # should_not_send_email(commentor: @simple)
end # end
#
it 'should not send an e-mail if global notify off' do # it 'should not send an e-mail if global notify off' do
@project.owner.notifier.update_column :can_notify, false # @project.owner.notifier.update_column :can_notify, false
@simple.update_column :email, 'test@test.test' # @simple.update_column :email, 'test@test.test'
@simple.notifier.update_column :can_notify, false # @simple.notifier.update_column :can_notify, false
should_not_send_email(commentor: @user) # should_not_send_email(commentor: @user)
end # end
#
it 'should not send an e-mail if notify for my commits off' do # it 'should not send an e-mail if notify for my commits off' do
Comment.destroy_all # Comment.destroy_all
@simple.notifier.update_column :new_comment_commit_owner, false # @simple.notifier.update_column :new_comment_commit_owner, false
@simple.update_column :email, 'test@test.test' # @simple.update_column :email, 'test@test.test'
should_not_send_email(commentor: @user) # should_not_send_email(commentor: @user)
end # end
end # end
#
context 'automatic issue linking' do # context 'automatic issue linking' do
before(:each) do # before(:each) do
@same_name_project = FactoryGirl.create(:project, name: @project.name) # @same_name_project = FactoryGirl.create(:project, name: @project.name)
@issue_in_same_name_project = FactoryGirl.create(:issue, project: @same_name_project, user: @same_name_project.owner) # @issue_in_same_name_project = FactoryGirl.create(:issue, project: @same_name_project, user: @same_name_project.owner)
@another_project = FactoryGirl.create(:project, owner: @user) # @another_project = FactoryGirl.create(:project, owner: @user)
@other_user_project = FactoryGirl.create(:project) # @other_user_project = FactoryGirl.create(:project)
@issue = FactoryGirl.create(:issue, project: @project, user: @user) # @issue = FactoryGirl.create(:issue, project: @project, user: @user)
@second_issue = FactoryGirl.create(:issue, project: @project, user: @user) # @second_issue = FactoryGirl.create(:issue, project: @project, user: @user)
@issue_in_another_project = FactoryGirl.create(:issue, project: @another_project, user: @user) # @issue_in_another_project = FactoryGirl.create(:issue, project: @another_project, user: @user)
@issue_in_other_user_project = FactoryGirl.create(:issue, project: @other_user_project, user: @other_user_project.owner) # @issue_in_other_user_project = FactoryGirl.create(:issue, project: @other_user_project, user: @other_user_project.owner)
end # end
#
it 'should create automatic comment' do # it 'should create automatic comment' do
create_comment_in_commit(@commit, @project, "test link to ##{@issue.serial_id}; [##{@second_issue.serial_id}]") # create_comment_in_commit(@commit, @project, "test link to ##{@issue.serial_id}; [##{@second_issue.serial_id}]")
Comment.where(automatic: true, commentable_type: 'Issue', # Comment.where(automatic: true, commentable_type: 'Issue',
commentable_id: @second_issue.id, # commentable_id: @second_issue.id,
created_from_commit_hash: @commit.id.hex).count.should == 1 # created_from_commit_hash: @commit.id.hex).count.should == 1
end # end
#
it 'should create automatic comment in the another project issue' do # it 'should create automatic comment in the another project issue' do
body = "[#{@another_project.name_with_owner}##{@issue_in_another_project.serial_id}]" # body = "[#{@another_project.name_with_owner}##{@issue_in_another_project.serial_id}]"
create_comment_in_commit(@commit, @project, body) # create_comment_in_commit(@commit, @project, body)
Comment.where(automatic: true, commentable_type: 'Issue', # Comment.where(automatic: true, commentable_type: 'Issue',
commentable_id: @issue_in_another_project.id, # commentable_id: @issue_in_another_project.id,
created_from_commit_hash: @commit.id.hex).count.should == 1 # created_from_commit_hash: @commit.id.hex).count.should == 1
end # end
#
it 'should create automatic comment in the same name project issue' do # it 'should create automatic comment in the same name project issue' do
body = "[#{@same_name_project.owner.uname}##{@issue_in_same_name_project.serial_id}]" # body = "[#{@same_name_project.owner.uname}##{@issue_in_same_name_project.serial_id}]"
create_comment_in_commit(@commit, @project, body) # create_comment_in_commit(@commit, @project, body)
Comment.where(automatic: true, commentable_type: 'Issue', # Comment.where(automatic: true, commentable_type: 'Issue',
commentable_id: @issue_in_same_name_project.id, # commentable_id: @issue_in_same_name_project.id,
created_from_commit_hash: @commit.id.hex).count.should == 1 # created_from_commit_hash: @commit.id.hex).count.should == 1
end # end
#
it 'should not create duplicate automatic comment' do # it 'should not create duplicate automatic comment' do
create_comment_in_commit(@commit, @project, "test link to [##{@second_issue.serial_id}]") # create_comment_in_commit(@commit, @project, "test link to [##{@second_issue.serial_id}]")
create_comment_in_commit(@commit, @project, "test duplicate link to [##{@second_issue.serial_id}]") # create_comment_in_commit(@commit, @project, "test duplicate link to [##{@second_issue.serial_id}]")
Comment.where(automatic: true, commentable_type: 'Issue', # Comment.where(automatic: true, commentable_type: 'Issue',
commentable_id: @second_issue.id, # commentable_id: @second_issue.id,
created_from_commit_hash: @commit.id.hex).count.should == 1 # created_from_commit_hash: @commit.id.hex).count.should == 1
end # end
#
it 'should not create duplicate automatic comment from one' do # it 'should not create duplicate automatic comment from one' do
create_comment_in_commit(@commit, @project, "test link to [##{@second_issue.serial_id}]; ##{@second_issue.serial_id}") # create_comment_in_commit(@commit, @project, "test link to [##{@second_issue.serial_id}]; ##{@second_issue.serial_id}")
Comment.where(automatic: true, commentable_type: 'Issue', # Comment.where(automatic: true, commentable_type: 'Issue',
commentable_id: @second_issue.id, # commentable_id: @second_issue.id,
created_from_commit_hash: @commit.id.hex).count.should == 1 # created_from_commit_hash: @commit.id.hex).count.should == 1
end # end
it 'should create two automatic comment' do # it 'should create two automatic comment' do
body = "test ##{@second_issue.serial_id}" + # body = "test ##{@second_issue.serial_id}" +
" && [#{@another_project.name_with_owner}##{@issue_in_another_project.serial_id}]" # " && [#{@another_project.name_with_owner}##{@issue_in_another_project.serial_id}]"
create_comment_in_commit(@commit, @project, body) # create_comment_in_commit(@commit, @project, body)
Comment.where(automatic: true, # Comment.where(automatic: true,
created_from_commit_hash: @commit.id.hex).count.should == 2 # created_from_commit_hash: @commit.id.hex).count.should == 2
end # end
end # end
end # end
end # end

392
spec/models/comment_spec.rb
View File

@ -1,196 +1,196 @@
require 'spec_helper' # require 'spec_helper'
require "cancan/matchers" # require "cancan/matchers"
#
def set_commentable_data # def set_commentable_data
@ability = Ability.new(@user) # @ability = Ability.new(@user)
#
@project = FactoryGirl.create(:project) # @project = FactoryGirl.create(:project)
@issue = FactoryGirl.create(:issue, project_id: @project.id, user: @user) # @issue = FactoryGirl.create(:issue, project_id: @project.id, user: @user)
#
@comment = FactoryGirl.create(:comment, commentable: @issue, user: @user, project: @project) # @comment = FactoryGirl.create(:comment, commentable: @issue, user: @user, project: @project)
@stranger_comment = FactoryGirl.create(:comment, commentable: @issue, user: @stranger, project: @project) # @stranger_comment = FactoryGirl.create(:comment, commentable: @issue, user: @stranger, project: @project)
#
allow_any_instance_of(Project).to receive(:versions).and_return(%w(v1.0 v2.0)) # allow_any_instance_of(Project).to receive(:versions).and_return(%w(v1.0 v2.0))
end # end
#
def create_comment_in_issue issue, body # def create_comment_in_issue issue, body
FactoryGirl.create(:comment, user: issue.user, commentable: issue, project: issue.project, body: body) # FactoryGirl.create(:comment, user: issue.user, commentable: issue, project: issue.project, body: body)
end # end
#
describe Comment do # describe Comment do
before { stub_symlink_methods } # before { stub_symlink_methods }
context 'for global admin user' do # context 'for global admin user' do
before(:each) do # before(:each) do
@user = FactoryGirl.create(:admin) # @user = FactoryGirl.create(:admin)
@stranger = FactoryGirl.create(:user) # @stranger = FactoryGirl.create(:user)
#
set_commentable_data # set_commentable_data
end # end
#
it_should_behave_like 'user with create comment ability (for model)' # it_should_behave_like 'user with create comment ability (for model)'
it_should_behave_like 'user with update own comment ability (for model)' # it_should_behave_like 'user with update own comment ability (for model)'
it_should_behave_like 'user with update stranger comment ability (for model)' # it_should_behave_like 'user with update stranger comment ability (for model)'
it_should_behave_like 'user with destroy comment ability (for model)' # it_should_behave_like 'user with destroy comment ability (for model)'
it_should_behave_like 'user with destroy stranger comment ability (for model)' # it_should_behave_like 'user with destroy stranger comment ability (for model)'
end # end
#
context 'for project admin user' do # context 'for project admin user' do
before(:each) do # before(:each) do
@user = FactoryGirl.create(:user) # @user = FactoryGirl.create(:user)
@stranger = FactoryGirl.create(:user) # @stranger = FactoryGirl.create(:user)
#
set_commentable_data # set_commentable_data
create_relation(@project, @user, 'admin') # create_relation(@project, @user, 'admin')
end # end
#
it_should_behave_like 'user with create comment ability (for model)' # it_should_behave_like 'user with create comment ability (for model)'
it_should_behave_like 'user with update own comment ability (for model)' # it_should_behave_like 'user with update own comment ability (for model)'
it_should_behave_like 'user with update stranger comment ability (for model)' # it_should_behave_like 'user with update stranger comment ability (for model)'
it_should_behave_like 'user with destroy comment ability (for model)' # it_should_behave_like 'user with destroy comment ability (for model)'
it_should_behave_like 'user with destroy stranger comment ability (for model)' # it_should_behave_like 'user with destroy stranger comment ability (for model)'
#
pending "sends an e-mail" do # pending "sends an e-mail" do
ActionMailer::Base.deliveries.last.to.include?(@stranger.email).should == true # ActionMailer::Base.deliveries.last.to.include?(@stranger.email).should == true
end # end
end # end
#
context 'for project owner user' do # context 'for project owner user' do
before(:each) do # before(:each) do
@user = FactoryGirl.create(:user) # @user = FactoryGirl.create(:user)
@stranger = FactoryGirl.create(:user) # @stranger = FactoryGirl.create(:user)
#
set_commentable_data # set_commentable_data
#
@project.owner = @user # @project.owner = @user
@project.save # @project.save
create_relation(@project, @user, 'admin') # create_relation(@project, @user, 'admin')
end # end
#
it_should_behave_like 'user with create comment ability (for model)' # it_should_behave_like 'user with create comment ability (for model)'
it_should_behave_like 'user with update own comment ability (for model)' # it_should_behave_like 'user with update own comment ability (for model)'
it_should_behave_like 'user with update stranger comment ability (for model)' # it_should_behave_like 'user with update stranger comment ability (for model)'
it_should_behave_like 'user with destroy comment ability (for model)' # it_should_behave_like 'user with destroy comment ability (for model)'
it_should_behave_like 'user with destroy stranger comment ability (for model)' # it_should_behave_like 'user with destroy stranger comment ability (for model)'
end # end
#
context 'for simple user' do # context 'for simple user' do
before(:each) do # before(:each) do
@user = FactoryGirl.create(:user) # @user = FactoryGirl.create(:user)
@stranger = FactoryGirl.create(:user) # @stranger = FactoryGirl.create(:user)
#
set_commentable_data # set_commentable_data
end # end
#
it_should_behave_like 'user with create comment ability (for model)' # it_should_behave_like 'user with create comment ability (for model)'
it_should_behave_like 'user with update own comment ability (for model)' # it_should_behave_like 'user with update own comment ability (for model)'
it_should_behave_like 'user without update stranger comment ability (for model)' # it_should_behave_like 'user without update stranger comment ability (for model)'
it_should_behave_like 'user with destroy comment ability (for model)' # it_should_behave_like 'user with destroy comment ability (for model)'
it_should_behave_like 'user without destroy stranger comment ability (for model)' # it_should_behave_like 'user without destroy stranger comment ability (for model)'
#
context 'with mass assignment' do # context 'with mass assignment' do
it 'should not be able to update commentable' do # it 'should not be able to update commentable' do
@comment.update_attributes({commentable_type: 'Grit::Commit', commentable_id: 0}) # @comment.update_attributes({commentable_type: 'Grit::Commit', commentable_id: 0})
@comment.reload.commentable_id.should eql @issue.id # @comment.reload.commentable_id.should eql @issue.id
@comment.reload.commentable_type.should eql @issue.class.name # @comment.reload.commentable_type.should eql @issue.class.name
end # end
#
it 'should not be able to update owner' do # it 'should not be able to update owner' do
@comment.should_not allow_mass_assignment_of :user_id # @comment.should_not allow_mass_assignment_of :user_id
end # end
#
it 'should not be able to update project' do # it 'should not be able to update project' do
@comment.should_not allow_mass_assignment_of :project_id # @comment.should_not allow_mass_assignment_of :project_id
end # end
end # end
#
context 'automatic issue linking' do # context 'automatic issue linking' do
before(:each) do # before(:each) do
@same_name_project = FactoryGirl.create(:project, name: @project.name) # @same_name_project = FactoryGirl.create(:project, name: @project.name)
@issue_in_same_name_project = FactoryGirl.create(:issue, project: @same_name_project, user: @same_name_project.owner) # @issue_in_same_name_project = FactoryGirl.create(:issue, project: @same_name_project, user: @same_name_project.owner)
@another_project = FactoryGirl.create(:project, owner: @user) # @another_project = FactoryGirl.create(:project, owner: @user)
@other_user_project = FactoryGirl.create(:project) # @other_user_project = FactoryGirl.create(:project)
@issue = FactoryGirl.create(:issue, project: @project, user: @user) # @issue = FactoryGirl.create(:issue, project: @project, user: @user)
@second_issue = FactoryGirl.create(:issue, project: @project, user: @user) # @second_issue = FactoryGirl.create(:issue, project: @project, user: @user)
@issue_in_another_project = FactoryGirl.create(:issue, project: @another_project, user: @user) # @issue_in_another_project = FactoryGirl.create(:issue, project: @another_project, user: @user)
@issue_in_other_user_project = FactoryGirl.create(:issue, project: @other_user_project, user: @other_user_project.owner) # @issue_in_other_user_project = FactoryGirl.create(:issue, project: @other_user_project, user: @other_user_project.owner)
end # end
#
it 'should create automatic comment' do # it 'should create automatic comment' do
create_comment_in_issue(@issue, "test link to ##{@issue.serial_id}; [##{@second_issue.serial_id}]") # create_comment_in_issue(@issue, "test link to ##{@issue.serial_id}; [##{@second_issue.serial_id}]")
Comment.where(automatic: true, commentable_type: 'Issue', # Comment.where(automatic: true, commentable_type: 'Issue',
commentable_id: @second_issue.id, # commentable_id: @second_issue.id,
created_from_issue_id: @issue.id).count.should == 1 # created_from_issue_id: @issue.id).count.should == 1
end # end
#
it 'should not create automatic comment to the same issue' do # it 'should not create automatic comment to the same issue' do
create_comment_in_issue(@issue, "test link to ##{@issue.serial_id}; [##{@second_issue.serial_id}]") # create_comment_in_issue(@issue, "test link to ##{@issue.serial_id}; [##{@second_issue.serial_id}]")
Comment.where(automatic: true, # Comment.where(automatic: true,
created_from_issue_id: @issue.id).count.should == 1 # created_from_issue_id: @issue.id).count.should == 1
end # end
#
it 'should create automatic comment in the another project issue' do # it 'should create automatic comment in the another project issue' do
body = "[#{@another_project.name_with_owner}##{@issue_in_another_project.serial_id}]" # body = "[#{@another_project.name_with_owner}##{@issue_in_another_project.serial_id}]"
create_comment_in_issue(@issue, body) # create_comment_in_issue(@issue, body)
Comment.where(automatic: true, commentable_type: 'Issue', # Comment.where(automatic: true, commentable_type: 'Issue',
commentable_id: @issue_in_another_project.id, # commentable_id: @issue_in_another_project.id,
created_from_issue_id: @issue.id).count.should == 1 # created_from_issue_id: @issue.id).count.should == 1
end # end
#
it 'should create automatic comment in the same name project issue' do # it 'should create automatic comment in the same name project issue' do
body = "[#{@same_name_project.owner.uname}##{@issue_in_same_name_project.serial_id}]" # body = "[#{@same_name_project.owner.uname}##{@issue_in_same_name_project.serial_id}]"
create_comment_in_issue(@issue, body) # create_comment_in_issue(@issue, body)
Comment.where(automatic: true, commentable_type: 'Issue', # Comment.where(automatic: true, commentable_type: 'Issue',
commentable_id: @issue_in_same_name_project.id, # commentable_id: @issue_in_same_name_project.id,
created_from_issue_id: @issue.id).count.should == 1 # created_from_issue_id: @issue.id).count.should == 1
end # end
#
it 'should not create duplicate automatic comment' do # it 'should not create duplicate automatic comment' do
create_comment_in_issue(@issue, "test link to [##{@second_issue.serial_id}]") # create_comment_in_issue(@issue, "test link to [##{@second_issue.serial_id}]")
create_comment_in_issue(@issue, "test duplicate link to [##{@second_issue.serial_id}]") # create_comment_in_issue(@issue, "test duplicate link to [##{@second_issue.serial_id}]")
Comment.where(automatic: true, commentable_type: 'Issue', # Comment.where(automatic: true, commentable_type: 'Issue',
commentable_id: @second_issue.id, # commentable_id: @second_issue.id,
created_from_issue_id: @issue.id).count.should == 1 # created_from_issue_id: @issue.id).count.should == 1
end # end
#
it 'should not create duplicate automatic comment from one' do # it 'should not create duplicate automatic comment from one' do
create_comment_in_issue(@issue, "test link to [##{@second_issue.serial_id}]; ##{@second_issue.serial_id}") # create_comment_in_issue(@issue, "test link to [##{@second_issue.serial_id}]; ##{@second_issue.serial_id}")
Comment.where(automatic: true, commentable_type: 'Issue', # Comment.where(automatic: true, commentable_type: 'Issue',
commentable_id: @second_issue.id, # commentable_id: @second_issue.id,
created_from_issue_id: @issue.id).count.should == 1 # created_from_issue_id: @issue.id).count.should == 1
end # end
#
it 'should create two automatic comment' do # it 'should create two automatic comment' do
body = "test ##{@second_issue.serial_id}" + # body = "test ##{@second_issue.serial_id}" +
" && [#{@another_project.name_with_owner}##{@issue_in_another_project.serial_id}]" # " && [#{@another_project.name_with_owner}##{@issue_in_another_project.serial_id}]"
create_comment_in_issue(@issue, body) # create_comment_in_issue(@issue, body)
Comment.where(automatic: true, # Comment.where(automatic: true,
created_from_issue_id: @issue.id).count.should == 2 # created_from_issue_id: @issue.id).count.should == 2
end # end
#
it 'should create automatic comment by issue title' do # it 'should create automatic comment by issue title' do
issue = FactoryGirl.create(:issue, project: @project, user: @user, # issue = FactoryGirl.create(:issue, project: @project, user: @user,
title: "link to ##{@issue.serial_id}") # title: "link to ##{@issue.serial_id}")
expect(Comment.where(automatic: true, # expect(Comment.where(automatic: true,
created_from_issue_id: issue.id).count).to eq 1 # created_from_issue_id: issue.id).count).to eq 1
end # end
#
it 'should create automatic comment from issue body' do # it 'should create automatic comment from issue body' do
issue = FactoryGirl.create(:issue, project: @project, user: @user, # issue = FactoryGirl.create(:issue, project: @project, user: @user,
body: "link to ##{@issue.serial_id}") # body: "link to ##{@issue.serial_id}")
Comment.where(automatic: true, # Comment.where(automatic: true,
created_from_issue_id: issue.id).count.should == 1 # created_from_issue_id: issue.id).count.should == 1
end # end
#
it 'should create only one automatic comment from issue title and body' do # it 'should create only one automatic comment from issue title and body' do
issue = FactoryGirl.create(:issue, project: @project, user: @user, # issue = FactoryGirl.create(:issue, project: @project, user: @user,
title: "link to ##{@issue.serial_id} in title", # title: "link to ##{@issue.serial_id} in title",
:body => "link to ##{@issue.serial_id} in body") # :body => "link to ##{@issue.serial_id} in body")
Comment.where(automatic: true, # Comment.where(automatic: true,
created_from_issue_id: issue.id).count.should == 1 # created_from_issue_id: issue.id).count.should == 1
end # end
#
#
#
end # end
end # end
end # end

200
spec/models/group_spec.rb
View File

@ -1,100 +1,100 @@
require 'spec_helper' # require 'spec_helper'
require "cancan/matchers" # require "cancan/matchers"
#
describe Group do # describe Group do
before(:each) do # before(:each) do
stub_symlink_methods # stub_symlink_methods
@group = FactoryGirl.create(:group) # @group = FactoryGirl.create(:group)
@ability = Ability.new(User.new) # @ability = Ability.new(User.new)
end # end
#
context 'for guest' do # context 'for guest' do
[:read, :update, :destroy, :manage_members].each do |action| # [:read, :update, :destroy, :manage_members].each do |action|
it "should not be able to #{action} group" do # it "should not be able to #{action} group" do
@ability.should_not be_able_to(action, @group) # @ability.should_not be_able_to(action, @group)
end # end
end # end
end # end
#
context 'for global admin' do # context 'for global admin' do
before(:each) do # before(:each) do
@admin = FactoryGirl.create(:admin) # @admin = FactoryGirl.create(:admin)
@ability = Ability.new(@admin) # @ability = Ability.new(@admin)
end # end
#
[:read, :update, :destroy, :manage_members].each do |action| # [:read, :update, :destroy, :manage_members].each do |action|
it "should be able to #{action} group" do # it "should be able to #{action} group" do
@ability.should be_able_to(action, @group) # @ability.should be_able_to(action, @group)
end # end
end # end
end # end
#
context 'for group admin' do # context 'for group admin' do
before(:each) do # before(:each) do
@user = FactoryGirl.create(:user) # @user = FactoryGirl.create(:user)
@another_user = FactoryGirl.create(:user) # @another_user = FactoryGirl.create(:user)
create_actor_relation(@group, @user, 'admin') # create_actor_relation(@group, @user, 'admin')
@ability = Ability.new(@user) # @ability = Ability.new(@user)
end # end
#
[:read, :update, :manage_members].each do |action| # [:read, :update, :manage_members].each do |action|
it "should be able to #{action} group" do # it "should be able to #{action} group" do
@ability.should be_able_to(action, @group) # @ability.should be_able_to(action, @group)
end # end
end # end
#
it "should not be able to destroy group" do # it "should not be able to destroy group" do
@ability.should_not be_able_to(:destroy, @group) # @ability.should_not be_able_to(:destroy, @group)
end # end
#
context 'with mass assignment' do # context 'with mass assignment' do
it 'should not be able to update uname' do # it 'should not be able to update uname' do
@group.should_not allow_mass_assignment_of uname: 'new_uname' # @group.should_not allow_mass_assignment_of uname: 'new_uname'
end # end
#
it 'should not be able to update owner' do # it 'should not be able to update owner' do
@group.should_not allow_mass_assignment_of owner_type: 'User', owner_id: @another_user.id # @group.should_not allow_mass_assignment_of owner_type: 'User', owner_id: @another_user.id
end # end
end # end
end # end
#
context 'for group owner' do # context 'for group owner' do
before(:each) do # before(:each) do
@user = FactoryGirl.create(:user) # @user = FactoryGirl.create(:user)
#
@group.owner = @user # @group.owner = @user
@group.save # @group.save
#
create_actor_relation(@group, @user, 'admin') # create_actor_relation(@group, @user, 'admin')
@ability = Ability.new(@user) # @ability = Ability.new(@user)
end # end
#
[:read, :update, :destroy, :manage_members].each do |action| # [:read, :update, :destroy, :manage_members].each do |action|
it "should be able to #{action} group" do # it "should be able to #{action} group" do
@ability.should be_able_to(action, @group) # @ability.should be_able_to(action, @group)
end # end
end # end
end # end
#
context 'for group reader and writer user' do # context 'for group reader and writer user' do
before(:each) do # before(:each) do
@user = FactoryGirl.create(:user) # @user = FactoryGirl.create(:user)
create_actor_relation(@group, @user, 'reader') # create_actor_relation(@group, @user, 'reader')
@ability = Ability.new(@user) # @ability = Ability.new(@user)
end # end
#
[:read].each do |action| # [:read].each do |action|
it "should be able to #{action} group" do # it "should be able to #{action} group" do
@ability.should be_able_to(action, @group) # @ability.should be_able_to(action, @group)
end # end
end # end
#
[:update, :destroy, :manage_members].each do |action| # [:update, :destroy, :manage_members].each do |action|
it "should not be able to #{action} group" do # it "should not be able to #{action} group" do
@ability.should_not be_able_to(action, @group) # @ability.should_not be_able_to(action, @group)
end # end
end # end
end # end
#
it {should_not allow_value("How do you do...\nmy_group").for(:uname)} # it {should_not allow_value("How do you do...\nmy_group").for(:uname)}
end # end

156
spec/models/subscribe_spec.rb
View File

@ -1,78 +1,78 @@
require 'spec_helper' # require 'spec_helper'
require "cancan/matchers" # require "cancan/matchers"
#
def set_testable_data # def set_testable_data
@ability = Ability.new(@user) # @ability = Ability.new(@user)
#
@project = FactoryGirl.create(:project) # @project = FactoryGirl.create(:project)
@issue = FactoryGirl.create(:issue, project_id: @project.id) # @issue = FactoryGirl.create(:issue, project_id: @project.id)
#
allow_any_instance_of(Project).to receive(:versions).and_return(%w(v1.0 v2.0)) # allow_any_instance_of(Project).to receive(:versions).and_return(%w(v1.0 v2.0))
end # end
#
describe Subscribe do # describe Subscribe do
before { stub_symlink_methods } # before { stub_symlink_methods }
context 'for global admin user' do # context 'for global admin user' do
before(:each) do # before(:each) do
@user = FactoryGirl.create(:admin) # @user = FactoryGirl.create(:admin)
@stranger = FactoryGirl.create(:user) # @stranger = FactoryGirl.create(:user)
#
set_testable_data # set_testable_data
end # end
#
it 'should create subscribe' do # it 'should create subscribe' do
@ability.should be_able_to(:create, FactoryGirl.build(:subscribe, subscribeable: @issue, user: @user)) # @ability.should be_able_to(:create, FactoryGirl.build(:subscribe, subscribeable: @issue, user: @user))
end # end
#
context 'destroy' do # context 'destroy' do
before(:each) do # before(:each) do
@subscribe = FactoryGirl.create(:subscribe, subscribeable: @issue, user: @user) # @subscribe = FactoryGirl.create(:subscribe, subscribeable: @issue, user: @user)
@stranger_subscribe = FactoryGirl.create(:subscribe, subscribeable: @issue, user: @stranger) # @stranger_subscribe = FactoryGirl.create(:subscribe, subscribeable: @issue, user: @stranger)
end # end
#
context 'own subscribe' do # context 'own subscribe' do
it 'should destroy subscribe' do # it 'should destroy subscribe' do
@ability.should be_able_to(:destroy, @subscribe) # @ability.should be_able_to(:destroy, @subscribe)
end # end
end # end
#
context 'stranger subscribe' do # context 'stranger subscribe' do
it 'should not destroy subscribe' do # it 'should not destroy subscribe' do
@ability.should_not be_able_to(:destroy, @stranger_subscribe) # @ability.should_not be_able_to(:destroy, @stranger_subscribe)
end # end
end # end
end # end
end # end
#
context 'for simple user' do # context 'for simple user' do
before(:each) do # before(:each) do
@user = FactoryGirl.create(:user) # @user = FactoryGirl.create(:user)
@stranger = FactoryGirl.create(:user) # @stranger = FactoryGirl.create(:user)
#
set_testable_data # set_testable_data
end # end
#
it 'should create subscribe' do # it 'should create subscribe' do
@ability.should be_able_to(:create, FactoryGirl.build(:subscribe, subscribeable: @issue, user: @user)) # @ability.should be_able_to(:create, FactoryGirl.build(:subscribe, subscribeable: @issue, user: @user))
end # end
#
context 'destroy' do # context 'destroy' do
before(:each) do # before(:each) do
@subscribe = FactoryGirl.create(:subscribe, subscribeable: @issue, user: @user) # @subscribe = FactoryGirl.create(:subscribe, subscribeable: @issue, user: @user)
@stranger_subscribe = FactoryGirl.create(:subscribe, subscribeable: @issue, user: @stranger) # @stranger_subscribe = FactoryGirl.create(:subscribe, subscribeable: @issue, user: @stranger)
end # end
#
context 'own subscribe' do # context 'own subscribe' do
it 'should destroy subscribe' do # it 'should destroy subscribe' do
@ability.should be_able_to(:destroy, @subscribe) # @ability.should be_able_to(:destroy, @subscribe)
end # end
end # end
#
context 'stranger subscribe' do # context 'stranger subscribe' do
it 'should not destroy subscribe' do # it 'should not destroy subscribe' do
@ability.should_not be_able_to(:destroy, @stranger_subscribe) # @ability.should_not be_able_to(:destroy, @stranger_subscribe)
end # end
end # end
end # end
end # end
end # end