Merge pull request #680 from warpc/671-rest-API
[refs #671]: full rest API for Platforms; Add refs_list api for Project
This commit is contained in:
commit
2e0f4dc2eb
|
@ -3,7 +3,7 @@ class Api::V1::ArchesController < Api::V1::BaseController
|
|||
before_filter :authenticate_user! unless APP_CONFIG['anonymous_access']
|
||||
|
||||
def index
|
||||
@arches = Arch.order(:id).all
|
||||
@arches = Arch.order(:id).paginate(paginate_params)
|
||||
end
|
||||
|
||||
end
|
|
@ -1,7 +1,5 @@
|
|||
# -*- encoding : utf-8 -*-
|
||||
class Api::V1::BaseController < ApplicationController
|
||||
|
||||
before_filter :restrict_paginate, :only => :index
|
||||
#respond_to :json
|
||||
|
||||
rescue_from CanCan::AccessDenied do |exception|
|
||||
|
@ -12,9 +10,30 @@ class Api::V1::BaseController < ApplicationController
|
|||
|
||||
protected
|
||||
|
||||
def restrict_paginate
|
||||
params[:per_page] = 30 if params[:per_page].to_i < 1
|
||||
params[:per_page] = 100 if params[:per_page].to_i >100
|
||||
def paginate_params
|
||||
per_page = params[:per_page].to_i
|
||||
per_page = 20 if per_page < 1
|
||||
per_page = 100 if per_page >100
|
||||
{:page => params[:page], :per_page => per_page}
|
||||
end
|
||||
|
||||
def render_json_response(subject, message, status = 200)
|
||||
id = status != 200 ? nil : subject.id
|
||||
|
||||
render :json => {
|
||||
subject.class.name.downcase.to_sym => {
|
||||
:id => id,
|
||||
:message => message
|
||||
}
|
||||
}.to_json, :status => status
|
||||
end
|
||||
|
||||
def render_validation_error(subject, message)
|
||||
errors = subject.errors.full_messages.join('. ')
|
||||
if errors.present?
|
||||
message << '. ' << errors
|
||||
end
|
||||
render_json_response(subject, message, 422)
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
@ -10,7 +10,7 @@ class Api::V1::BuildListsController < Api::V1::BaseController
|
|||
def index
|
||||
filter = BuildList::Filter.new(nil, current_user, params[:filter] || {})
|
||||
@build_lists = filter.find.scoped(:include => [:save_to_platform, :project, :user, :arch])
|
||||
@build_lists = @build_lists.recent.paginate :page => params[:page], :per_page => params[:per_page]
|
||||
@build_lists = @build_lists.recent.paginate(paginate_params)
|
||||
end
|
||||
|
||||
def create
|
||||
|
|
|
@ -1,21 +1,97 @@
|
|||
# -*- encoding : utf-8 -*-
|
||||
class Api::V1::PlatformsController < Api::V1::BaseController
|
||||
|
||||
before_filter :authenticate_user!
|
||||
skip_before_filter :authenticate_user!, :only => [:show, :platforms_for_build] if APP_CONFIG['anonymous_access']
|
||||
skip_before_filter :authenticate_user!, :only => [:show, :platforms_for_build, :members] if APP_CONFIG['anonymous_access']
|
||||
|
||||
load_and_authorize_resource
|
||||
|
||||
def index
|
||||
@platforms = @platforms.accessible_by(current_ability, :related).
|
||||
by_type(params[:type]).paginate(:page => params[:page], :per_page => 20)
|
||||
by_type(params[:type]).paginate(paginate_params)
|
||||
end
|
||||
|
||||
def show
|
||||
end
|
||||
|
||||
def platforms_for_build
|
||||
@platforms = Platform.main.opened.paginate(:page => params[:page], :per_page => 20)
|
||||
@platforms = Platform.main.opened.paginate(paginate_params)
|
||||
render :index
|
||||
end
|
||||
|
||||
def create
|
||||
platform_params = params[:platform] || {}
|
||||
owner = User.where(:id => platform_params[:owner_id]).first
|
||||
@platform.owner = owner || get_owner
|
||||
if @platform.save
|
||||
render_json_response @platform, 'Platform has been created successfully'
|
||||
else
|
||||
render_validation_error @platform, 'Platform has not been created'
|
||||
end
|
||||
end
|
||||
|
||||
def update
|
||||
platform_params = params[:platform] || {}
|
||||
owner = User.where(:id => platform_params[:owner_id]).first
|
||||
platform_params[:owner] = owner if owner
|
||||
if @platform.update_attributes(platform_params)
|
||||
render_json_response @platform, 'Platform has been updated successfully'
|
||||
else
|
||||
render_validation_error @platform, 'Platform has not been updated'
|
||||
end
|
||||
end
|
||||
|
||||
def members
|
||||
@members = @platform.members.order('name').paginate(paginate_params)
|
||||
end
|
||||
|
||||
def add_member
|
||||
if member.present? && @platform.add_member(member)
|
||||
render_json_response @platform, "#{member.class.to_s} '#{member.id}' has been added to platform successfully"
|
||||
else
|
||||
render_validation_error @platform, 'Member has not been added to platform'
|
||||
end
|
||||
end
|
||||
|
||||
def remove_member
|
||||
if member.present? && @platform.remove_member(member)
|
||||
render_json_response @platform, "#{member.class.to_s} '#{member.id}' has been removed from platform successfully"
|
||||
else
|
||||
render_validation_error @platform, 'Member has not been removed from platform'
|
||||
end
|
||||
end
|
||||
|
||||
def clone
|
||||
platform_params = params[:platform] || {}
|
||||
platform_params[:owner] = current_user
|
||||
@cloned = @platform.full_clone(platform_params)
|
||||
if @cloned.persisted?
|
||||
render_json_response @platform, 'Platform has been cloned successfully'
|
||||
else
|
||||
render_validation_error @platform, 'Platform has not been cloned'
|
||||
end
|
||||
end
|
||||
|
||||
def clear
|
||||
@platform.clear
|
||||
render_json_response @platform, 'Platform has been cleared successfully'
|
||||
end
|
||||
|
||||
def destroy
|
||||
@platform.destroy # later with resque
|
||||
render_json_response @platform, 'Platform has been destroyed successfully'
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def member
|
||||
return @member if @member
|
||||
if params[:type] == 'User'
|
||||
member = User
|
||||
elsif params[:type] == 'Group'
|
||||
member = Group
|
||||
end
|
||||
@member = member.where(:id => params[:member_id]).first if member
|
||||
@member ||= ''
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
class Api::V1::ProjectsController < Api::V1::BaseController
|
||||
|
||||
before_filter :authenticate_user!
|
||||
skip_before_filter :authenticate_user!, :only => [:get_id, :show] if APP_CONFIG['anonymous_access']
|
||||
skip_before_filter :authenticate_user!, :only => [:get_id, :show, :refs] if APP_CONFIG['anonymous_access']
|
||||
|
||||
load_and_authorize_resource
|
||||
|
||||
|
@ -15,6 +15,9 @@ class Api::V1::ProjectsController < Api::V1::BaseController
|
|||
end
|
||||
|
||||
def show
|
||||
end
|
||||
|
||||
def refs_list
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
@ -20,9 +20,15 @@ class Platform < ActiveRecord::Base
|
|||
has_many :mass_builds
|
||||
|
||||
validates :description, :presence => true
|
||||
validates :owner, :presence => true
|
||||
validates :visibility, :presence => true, :inclusion => {:in => VISIBILITIES}
|
||||
validates :name, :uniqueness => {:case_sensitive => false}, :presence => true, :format => { :with => /^[a-zA-Z0-9_\-\.]+$/ }
|
||||
validates :distrib_type, :presence => true, :inclusion => {:in => APP_CONFIG['distr_types']}
|
||||
validate lambda {
|
||||
if released_was && !released
|
||||
errors.add(:released, I18n.t('flash.platform.released_status_can_not_be_changed'))
|
||||
end
|
||||
}
|
||||
|
||||
before_create :create_directory, :if => lambda {Thread.current[:skip]} # TODO remove this when core will be ready
|
||||
before_create :xml_rpc_create, :unless => lambda {Thread.current[:skip]}
|
||||
|
@ -167,7 +173,7 @@ class Platform < ActiveRecord::Base
|
|||
|
||||
def update_owner_relation
|
||||
if owner_id_was != owner_id
|
||||
r = relations.where(:actor_id => owner_id_was, :actor_type => owner_type_was)[0]
|
||||
r = relations.where(:actor_id => owner_id_was, :actor_type => owner_type_was).first
|
||||
r.update_attributes(:actor_id => owner_id, :actor_type => owner_type)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -7,7 +7,7 @@ json.platforms @platforms do |json, platform|
|
|||
end
|
||||
json.repositories platform.repositories do |json_repos, repo|
|
||||
json_repos.(repo, :id, :name)
|
||||
json_repos.url api_v1_repository_path(repo.name, :format => :json)
|
||||
json_repos.url api_v1_repository_path(repo.id, :format => :json)
|
||||
end
|
||||
json.url api_v1_platform_path(platform.name, :format => :json)
|
||||
end
|
||||
|
|
|
@ -0,0 +1,8 @@
|
|||
json.platform do |json|
|
||||
json.(@platform, :id)
|
||||
json.members @members do |json_members, member|
|
||||
json_members.(member, :id)
|
||||
json_members.type member.class.name
|
||||
end
|
||||
end
|
||||
json.url members_api_v1_platform_path(@platform, :format => :json)
|
|
@ -9,7 +9,7 @@ json.platform do |json|
|
|||
end
|
||||
json.repositories @platform.repositories do |json_repos, repo|
|
||||
json_repos.(repo, :id, :name)
|
||||
json_repos.url api_v1_repository_path(repo.name, :format => :json)
|
||||
json_repos.url api_v1_repository_path(repo.id, :format => :json)
|
||||
end
|
||||
end
|
||||
json.url api_v1_platform_path(@platform, :format => :json)
|
||||
|
|
|
@ -0,0 +1,8 @@
|
|||
json.refs_list (@project.repo.branches + @project.repo.tags) do |json_grit, grit|
|
||||
json_grit.ref grit.name
|
||||
json_grit.object do |json_object|
|
||||
json_object.type (grit.class.name =~ /Tag/ ? 'tag' : 'commit')
|
||||
json_object.sha grit.commit.id
|
||||
end
|
||||
end
|
||||
json.url refs_list_api_v1_project_path(@project.id, :format => :json)
|
|
@ -49,6 +49,7 @@ en:
|
|||
|
||||
flash:
|
||||
platform:
|
||||
released_status_can_not_be_changed: Released status can't be changed if platform has been released
|
||||
saved: Platform saved
|
||||
created: Platform created
|
||||
save_error: Platform save error
|
||||
|
|
|
@ -49,6 +49,7 @@ ru:
|
|||
|
||||
flash:
|
||||
platform:
|
||||
released_status_can_not_be_changed: Released статус платформы не может быть изменен, если платформа уже выпущена
|
||||
saved: Платформа успешно сохранена
|
||||
created: Платформа успешно добавлена
|
||||
save_error: Не удалось сохранить платформу
|
||||
|
|
|
@ -20,12 +20,24 @@ Rosa::Application.routes.draw do
|
|||
}
|
||||
end
|
||||
resources :arches, :only => [:index]
|
||||
resources :platforms, :only => [:index, :show] do
|
||||
collection { get :platforms_for_build }
|
||||
resources :platforms, :only => [:index, :show, :update, :destroy, :create] do
|
||||
collection {
|
||||
get :platforms_for_build
|
||||
}
|
||||
member {
|
||||
get :members
|
||||
put :add_member
|
||||
delete :remove_member
|
||||
post :clone
|
||||
put :clear
|
||||
}
|
||||
end
|
||||
resources :repositories, :only => [:show]
|
||||
resources :projects, :only => [:show] do
|
||||
collection { get :get_id }
|
||||
member {
|
||||
get :refs_list
|
||||
}
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -9,6 +9,175 @@ shared_examples_for 'api platform user with reader rights' do
|
|||
response.should render_template(:index)
|
||||
end
|
||||
|
||||
it 'should be able to perform members action' do
|
||||
get :members, :id => @platform.id, :format => :json
|
||||
response.should render_template(:members)
|
||||
end
|
||||
end
|
||||
|
||||
shared_examples_for 'api platform user with writer rights' do
|
||||
|
||||
context 'api platform user with update rights' do
|
||||
before do
|
||||
put :update, {:platform => {:description => 'new description'}, :id => @platform.id}, :format => :json
|
||||
end
|
||||
|
||||
it 'should be able to perform update action' do
|
||||
response.should be_success
|
||||
end
|
||||
it 'ensures that platform has been updated' do
|
||||
@platform.reload
|
||||
@platform.description.should == 'new description'
|
||||
end
|
||||
end
|
||||
|
||||
context 'api platform user with add_member rights' do
|
||||
let(:member) { FactoryGirl.create(:user) }
|
||||
before do
|
||||
put :add_member, {:member_id => member.id, :type => 'User', :id => @platform.id}, :format => :json
|
||||
end
|
||||
|
||||
it 'should be able to perform add_member action' do
|
||||
response.should be_success
|
||||
end
|
||||
it 'ensures that new member has been added to platform' do
|
||||
@platform.members.should include(member)
|
||||
end
|
||||
end
|
||||
|
||||
context 'api platform user with remove_member rights' do
|
||||
let(:member) { FactoryGirl.create(:user) }
|
||||
before do
|
||||
@platform.add_member(member)
|
||||
delete :remove_member, {:member_id => member.id, :type => 'User', :id => @platform.id}, :format => :json
|
||||
end
|
||||
|
||||
it 'should be able to perform update action' do
|
||||
response.should be_success
|
||||
end
|
||||
it 'ensures that member has been removed from platform' do
|
||||
@platform.members.should_not include(member)
|
||||
end
|
||||
end
|
||||
|
||||
context 'api platform user with destroy rights for main platforms only' do
|
||||
it 'should be able to perform destroy action for main platform' do
|
||||
delete :destroy, :id => @platform.id, :format => :json
|
||||
response.should be_success
|
||||
end
|
||||
it 'ensures that main platform has been destroyed' do
|
||||
lambda { delete :destroy, :id => @platform.id, :format => :json }.should change{ Platform.count }.by(-1)
|
||||
end
|
||||
it 'should not be able to perform destroy action for personal platform' do
|
||||
delete :destroy, :id => @personal_platform.id, :format => :json
|
||||
response.should_not be_success
|
||||
end
|
||||
it 'ensures that personal platform has not been destroyed' do
|
||||
lambda { delete :destroy, :id => @personal_platform.id, :format => :json }.should_not change{ Platform.count }
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
shared_examples_for 'api platform user without writer rights' do
|
||||
|
||||
context 'api platform user without update rights' do
|
||||
before do
|
||||
put :update, {:platform => {:description => 'new description'}, :id => @platform.id}, :format => :json
|
||||
end
|
||||
|
||||
it 'should not be able to perform update action' do
|
||||
response.should_not be_success
|
||||
end
|
||||
it 'ensures that platform has not been updated' do
|
||||
@platform.reload
|
||||
@platform.description.should_not == 'new description'
|
||||
end
|
||||
end
|
||||
|
||||
context 'api platform user without add_member rights' do
|
||||
let(:member) { FactoryGirl.create(:user) }
|
||||
before do
|
||||
put :add_member, {:member_id => member.id, :type => 'User', :id => @platform.id}, :format => :json
|
||||
end
|
||||
|
||||
it 'should not be able to perform add_member action' do
|
||||
response.should_not be_success
|
||||
end
|
||||
it 'ensures that new member has not been added to platform' do
|
||||
@platform.members.should_not include(member)
|
||||
end
|
||||
end
|
||||
|
||||
context 'api platform user without remove_member rights' do
|
||||
let(:member) { FactoryGirl.create(:user) }
|
||||
before do
|
||||
@platform.add_member(member)
|
||||
delete :remove_member, {:member_id => member.id, :type => 'User', :id => @platform.id}, :format => :json
|
||||
end
|
||||
|
||||
it 'should be able to perform update action' do
|
||||
response.should_not be_success
|
||||
end
|
||||
it 'ensures that member has not been removed from platform' do
|
||||
@platform.members.should include(member)
|
||||
end
|
||||
end
|
||||
|
||||
context 'should not be able to perform clear action' do
|
||||
it 'for personal platform' do
|
||||
put :clear, :id => @personal_platform.id, :format => :json
|
||||
response.should_not be_success
|
||||
end
|
||||
it 'for main platform' do
|
||||
put :clear, :id => @platform.id, :format => :json
|
||||
response.should_not be_success
|
||||
end
|
||||
end
|
||||
|
||||
context 'api platform user without destroy rights' do
|
||||
it 'should not be able to perform destroy action for main platform' do
|
||||
delete :destroy, :id => @platform.id, :format => :json
|
||||
response.should_not be_success
|
||||
end
|
||||
it 'ensures that main platform has not been destroyed' do
|
||||
lambda { delete :destroy, :id => @platform.id, :format => :json }.should_not change{ Platform.count }
|
||||
end
|
||||
it 'should not be able to perform destroy action for personal platform' do
|
||||
delete :destroy, :id => @personal_platform.id, :format => :json
|
||||
response.should_not be_success
|
||||
end
|
||||
it 'ensures that personal platform has not been destroyed' do
|
||||
lambda { delete :destroy, :id => @personal_platform.id, :format => :json }.should_not change{ Platform.count }
|
||||
end
|
||||
end
|
||||
|
||||
it_should_behave_like 'api platform user without global admin rights'
|
||||
end
|
||||
|
||||
shared_examples_for 'api platform user without global admin rights' do
|
||||
context 'should not be able to perform clear action' do
|
||||
it 'for personal platform' do
|
||||
put :clear, :id => @personal_platform.id, :format => :json
|
||||
response.should_not be_success
|
||||
end
|
||||
it 'for main platform' do
|
||||
put :clear, :id => @platform.id, :format => :json
|
||||
response.should_not be_success
|
||||
end
|
||||
end
|
||||
|
||||
[:create, :clone].each do |action|
|
||||
context "api platform user without #{action} rights" do
|
||||
before { any_instance_of(Platform, :create_directory => true) }
|
||||
it "should not be able to perform #{action} action" do
|
||||
post action, clone_or_create_params, :format => :json
|
||||
response.should_not be_success
|
||||
end
|
||||
it "ensures that platform has not been #{action}d" do
|
||||
lambda { post action, clone_or_create_params, :format => :json }.should_not change{ Platform.count }
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
shared_examples_for 'api platform user with reader rights for hidden platform' do
|
||||
|
@ -32,20 +201,28 @@ shared_examples_for "api platform user with show rights" do
|
|||
get :show, :id => @platform.id, :format => :json
|
||||
response.should render_template(:show)
|
||||
end
|
||||
|
||||
it 'should be able to perform platforms_for_build action' do
|
||||
get :platforms_for_build, :format => :json
|
||||
response.should render_template(:index)
|
||||
end
|
||||
end
|
||||
|
||||
shared_examples_for "api platform user without show rights" do
|
||||
it 'should not be able to perform show action' do
|
||||
get :show, :id => @platform.id, :format => :json
|
||||
[:show, :members].each do |action|
|
||||
it "should not be able to perform #{ action } action" do
|
||||
get action, :id => @platform.id, :format => :json
|
||||
response.body.should == {"message" => "Access violation to this page!"}.to_json
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe Api::V1::PlatformsController do
|
||||
let(:clone_or_create_params) { {:id => @platform.id, :platform => {:description => 'new description', :name => 'new_name', :owner_id => @user.id, :distrib_type => APP_CONFIG['distr_types'].first}} }
|
||||
before do
|
||||
stub_symlink_methods
|
||||
|
||||
@platform = FactoryGirl.create(:platform)
|
||||
@platform = FactoryGirl.create(:platform, :visibility => 'open')
|
||||
@personal_platform = FactoryGirl.create(:platform, :platform_type => 'personal')
|
||||
@user = FactoryGirl.create(:user)
|
||||
end
|
||||
|
@ -57,30 +234,53 @@ describe Api::V1::PlatformsController do
|
|||
response.status.should == 401
|
||||
end
|
||||
|
||||
it "should not be able to perform show action", :anonymous_access => false do
|
||||
get :show, :id => @platform.id, :format => :json
|
||||
[:show, :platforms_for_build].each do |action|
|
||||
it "should not be able to perform #{ action } action", :anonymous_access => false do
|
||||
get action, :format => :json
|
||||
response.status.should == 401
|
||||
end
|
||||
end
|
||||
|
||||
it 'should be able to perform members action', :anonymous_access => true do
|
||||
get :members, :id => @platform.id, :format => :json
|
||||
response.should render_template(:members)
|
||||
end
|
||||
|
||||
it_should_behave_like 'api platform user with show rights' if APP_CONFIG['anonymous_access']
|
||||
it_should_behave_like 'api platform user without reader rights for hidden platform' if APP_CONFIG['anonymous_access']
|
||||
|
||||
it_should_behave_like 'api platform user without writer rights'
|
||||
end
|
||||
|
||||
context 'for global admin' do
|
||||
before do
|
||||
@admin = FactoryGirl.create(:admin)
|
||||
@user = FactoryGirl.create(:user)
|
||||
http_login(@admin)
|
||||
end
|
||||
|
||||
it_should_behave_like 'api platform user with reader rights'
|
||||
it_should_behave_like 'api platform user with reader rights for hidden platform'
|
||||
it_should_behave_like 'api platform user with writer rights'
|
||||
|
||||
[:clone, :create].each do |action|
|
||||
context "with #{action} rights" do
|
||||
before do
|
||||
any_instance_of(Platform, :create_directory => true)
|
||||
clone_or_create_params[:platform][:owner_id] = @admin.id
|
||||
end
|
||||
it "should be able to perform #{action} action" do
|
||||
post action, clone_or_create_params, :format => :json
|
||||
response.should be_success
|
||||
end
|
||||
it "ensures that platform has been #{action}d" do
|
||||
lambda { post action, clone_or_create_params, :format => :json }.should change{ Platform.count }.by(1)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
context 'for owner user' do
|
||||
before do
|
||||
@user = FactoryGirl.create(:user)
|
||||
http_login(@user)
|
||||
@platform.owner = @user; @platform.save
|
||||
@platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin')
|
||||
|
@ -88,11 +288,12 @@ describe Api::V1::PlatformsController do
|
|||
|
||||
it_should_behave_like 'api platform user with reader rights'
|
||||
it_should_behave_like 'api platform user with reader rights for hidden platform'
|
||||
it_should_behave_like 'api platform user with writer rights'
|
||||
it_should_behave_like 'api platform user without global admin rights'
|
||||
end
|
||||
|
||||
context 'for reader user' do
|
||||
before do
|
||||
@user = FactoryGirl.create(:user)
|
||||
http_login(@user)
|
||||
@platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader')
|
||||
@personal_platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader')
|
||||
|
@ -111,15 +312,16 @@ describe Api::V1::PlatformsController do
|
|||
|
||||
it_should_behave_like 'api platform user with reader rights'
|
||||
it_should_behave_like 'api platform user with reader rights for hidden platform'
|
||||
it_should_behave_like 'api platform user without writer rights'
|
||||
end
|
||||
|
||||
context 'for simple user' do
|
||||
before do
|
||||
@user = FactoryGirl.create(:user)
|
||||
http_login(@user)
|
||||
end
|
||||
|
||||
it_should_behave_like 'api platform user with reader rights'
|
||||
it_should_behave_like 'api platform user without reader rights for hidden platform'
|
||||
it_should_behave_like 'api platform user without writer rights'
|
||||
end
|
||||
end
|
||||
|
|
|
@ -24,12 +24,17 @@ end
|
|||
shared_examples_for "api projects user without show rights" do
|
||||
it "should show access violation instead of project data" do
|
||||
get :show, :id => @project.id, :format => :json
|
||||
response.body.should == {"message" => "Access violation to this page!"}.to_json
|
||||
response.should_not be_success
|
||||
end
|
||||
|
||||
it "should show access violation instead of project refs_list" do
|
||||
get :refs_list, :id => @project.id, :format => :json
|
||||
response.should_not be_success
|
||||
end
|
||||
|
||||
it "should access violation instead of project data by get_id" do
|
||||
get :get_id, :name => @project.name, :owner => @project.owner.uname, :format => :json
|
||||
response.body.should == {"message" => "Access violation to this page!"}.to_json
|
||||
response.should_not be_success
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -39,6 +44,11 @@ shared_examples_for "api projects user with show rights" do
|
|||
render_template(:show)
|
||||
end
|
||||
|
||||
it "should show refs_list of project" do
|
||||
get :refs_list, :id => @project.id, :format => :json
|
||||
render_template(:refs_list)
|
||||
end
|
||||
|
||||
context 'project find by get_id' do
|
||||
it "should find project by name and owner name" do
|
||||
@project.reload
|
||||
|
@ -70,19 +80,13 @@ describe Api::V1::ProjectsController do
|
|||
|
||||
context 'for guest' do
|
||||
|
||||
it 'should be able to perform get_id action', :anonymous_access => false do
|
||||
get :get_id, :format => :json
|
||||
response.status.should == 401
|
||||
if APP_CONFIG['anonymous_access']
|
||||
it_should_behave_like 'api projects user with reader rights'
|
||||
it_should_behave_like 'api projects user without reader rights for hidden project'
|
||||
else
|
||||
it_should_behave_like 'api projects user without show rights'
|
||||
end
|
||||
|
||||
it 'should be able to perform show action', :anonymous_access => false do
|
||||
get :show, :id => @project.id, :format => :json
|
||||
response.status.should == 401
|
||||
end
|
||||
|
||||
it_should_behave_like 'api projects user with reader rights' if APP_CONFIG['anonymous_access']
|
||||
it_should_behave_like 'api projects user without reader rights for hidden project' if APP_CONFIG['anonymous_access']
|
||||
|
||||
end
|
||||
|
||||
context 'for simple user' do
|
||||
|
|
Loading…
Reference in New Issue