[issue #349] Guest user can show open platforms.
This commit is contained in:
George Vinogradov
parent
ff20c0b199
commit
3e69d7d0f4
|
|
@ -2,7 +2,7 @@
|
|||
class Platforms::PlatformsController < Platforms::BaseController
|
||||
|
||||
before_filter :authenticate_user!
|
||||
skip_before_filter :authenticate_user!, :only => [:advisories] if APP_CONFIG['anonymous_access']
|
||||
skip_before_filter :authenticate_user!, :only => [:advisories, :members, :show] if APP_CONFIG['anonymous_access']
|
||||
load_and_authorize_resource
|
||||
|
||||
autocomplete :user, :uname
|
||||
|
|
|
|||
|
|
@ -1,7 +1,8 @@
|
|||
# -*- encoding : utf-8 -*-
|
||||
class Platforms::ProductsController < Platforms::BaseController
|
||||
before_filter :authenticate_user!
|
||||
|
||||
skip_before_filter :authenticate_user!, :only => [:index, :show] if APP_CONFIG['anonymous_access']
|
||||
|
||||
load_and_authorize_resource :platform
|
||||
load_and_authorize_resource :product, :through => :platform
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
# -*- encoding : utf-8 -*-
|
||||
class Platforms::RepositoriesController < Platforms::BaseController
|
||||
before_filter :authenticate_user!
|
||||
skip_before_filter :authenticate_user!, :only => [:index, :show, :projects_list] if APP_CONFIG['anonymous_access']
|
||||
|
||||
load_and_authorize_resource :platform
|
||||
load_and_authorize_resource :repository, :through => :platform, :shallow => true
|
||||
|
|
|
|||
|
|
@ -26,6 +26,13 @@ class Ability
|
|||
|
||||
if user.guest? # Guest rights
|
||||
# can [:new, :create], RegisterRequest
|
||||
if APP_CONFIG['anonymous_access']
|
||||
can [:read, :members, :read_advisories], Platform, :visibility == 'open'
|
||||
can [:read, :projects_list], Repository, :platform => {:visibility => 'open'}
|
||||
can :read, Product, :platform => {:visibility => 'open'}
|
||||
can :read, Project, :visibility => 'open'
|
||||
#can :read, Repository, :platform => {:visibility => 'open'}
|
||||
end
|
||||
else # Registered user rights
|
||||
if user.admin?
|
||||
can :manage, :all
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
require 'spec_helper'
|
||||
|
||||
shared_examples_for 'guest user' do
|
||||
|
||||
|
||||
# Only one action for now here
|
||||
guest_actions = [:index]
|
||||
|
||||
|
|
@ -36,11 +36,6 @@ describe Platforms::MaintainersController do
|
|||
|
||||
context 'for guest' do
|
||||
it_should_behave_like 'guest user'
|
||||
|
||||
it 'should not be able to get api' do
|
||||
get :assignee, @assignee_rq
|
||||
response.response_code.should == 403
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
|||
|
|
@ -49,7 +49,6 @@ describe Platforms::PlatformsController do
|
|||
end
|
||||
|
||||
context 'for guest' do
|
||||
|
||||
[:index, :create].each do |action|
|
||||
it "should not be able to perform #{ action } action" do
|
||||
get action
|
||||
|
|
@ -57,12 +56,24 @@ describe Platforms::PlatformsController do
|
|||
end
|
||||
end
|
||||
|
||||
[:show, :new, :edit, :clone, :destroy].each do |action|
|
||||
[:new, :edit, :clone, :destroy].each do |action|
|
||||
it "should not be able to perform #{ action } action" do
|
||||
get action, :id => @platform
|
||||
response.should redirect_to(new_user_session_path)
|
||||
end
|
||||
end
|
||||
|
||||
if APP_CONFIG[:anonymous_access]
|
||||
it "should be able to perform show action" do
|
||||
get :show, :id => @platform
|
||||
response.should render_template(:show)
|
||||
end
|
||||
else
|
||||
it "should not be able to perform show action" do
|
||||
get :show, :id => @platform
|
||||
response.should redirect_to(new_user_session_path)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'for global admin' do
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ describe Platforms::ProductsController do
|
|||
@update_params = {:product => {:name => 'pro2'}, :platform_id => @platform.id}
|
||||
end
|
||||
|
||||
context 'for guest' do
|
||||
context 'for guest' do
|
||||
[:create].each do |action|
|
||||
it "should not be able to perform #{ action } action" do
|
||||
get action, :platform_id => @platform.id
|
||||
|
|
@ -41,40 +41,52 @@ describe Platforms::ProductsController do
|
|||
end
|
||||
end
|
||||
|
||||
[:show, :new, :edit, :update, :destroy].each do |action|
|
||||
[:new, :edit, :update, :destroy].each do |action|
|
||||
it "should not be able to perform #{ action } action" do
|
||||
get action, :id => @product.id, :platform_id => @platform.id
|
||||
response.should redirect_to(new_user_session_path)
|
||||
end
|
||||
end
|
||||
|
||||
if APP_CONFIG['anonymous_access']
|
||||
it "should be able to perform show action" do
|
||||
get :show, :id => @product.id, :platform_id => @platform.id
|
||||
response.should render_template(:show)
|
||||
end
|
||||
else
|
||||
it "should not be able to perform show action" do
|
||||
get :show, :id => @product.id, :platform_id => @platform.id
|
||||
response.should redirect_to(new_user_session_path)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'for global admin' do
|
||||
before(:each) do
|
||||
@admin = FactoryGirl.create(:admin)
|
||||
set_session_for(@admin)
|
||||
end
|
||||
before(:each) do
|
||||
@admin = FactoryGirl.create(:admin)
|
||||
set_session_for(@admin)
|
||||
end
|
||||
|
||||
it_should_behave_like 'admin user'
|
||||
end
|
||||
|
||||
|
||||
|
||||
|
||||
context 'for admin relation user' do
|
||||
before(:each) do
|
||||
@user = FactoryGirl.create(:user)
|
||||
set_session_for(@user)
|
||||
before(:each) do
|
||||
@user = FactoryGirl.create(:user)
|
||||
set_session_for(@user)
|
||||
@platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin')
|
||||
end
|
||||
end
|
||||
|
||||
it_should_behave_like 'admin user'
|
||||
end
|
||||
|
||||
context 'for no relation user' do
|
||||
before(:each) do
|
||||
@user = FactoryGirl.create(:user)
|
||||
set_session_for(@user)
|
||||
end
|
||||
before(:each) do
|
||||
@user = FactoryGirl.create(:user)
|
||||
set_session_for(@user)
|
||||
end
|
||||
|
||||
it 'should not be able to create product' do
|
||||
lambda { post :create, @create_params }.should change{ Product.count }.by(0)
|
||||
|
|
|
|||
|
|
@ -19,13 +19,13 @@ shared_examples_for 'user with change projects in repository rights' do
|
|||
it 'should be able to add project to repository' do
|
||||
get :add_project, :id => @repository.id, :platform_id => @platform.id, :project_id => @project.id
|
||||
response.should redirect_to(platform_repository_path(@repository.platform, @repository))
|
||||
@repository.projects.should include (@project)
|
||||
@repository.projects.should include(@project)
|
||||
end
|
||||
|
||||
it 'should be able to remove project from repository' do
|
||||
get :remove_project, :id => @repository.id, :platform_id => @platform.id, :project_id => @project.id
|
||||
response.should redirect_to(platform_repository_path(@repository.platform, @repository))
|
||||
@repository.projects.should_not include (@project)
|
||||
@repository.projects.should_not include(@project)
|
||||
end
|
||||
|
||||
end
|
||||
|
|
@ -91,6 +91,18 @@ describe Platforms::RepositoriesController do
|
|||
response.should redirect_to(new_user_session_path)
|
||||
end
|
||||
end
|
||||
|
||||
if APP_CONFIG[:anonymous_access]
|
||||
it "should be able to perform show action" do
|
||||
get :show, :id => @repository
|
||||
response.should render_template(:show)
|
||||
end
|
||||
else
|
||||
it "should not be able to perform show action" do
|
||||
get :show, :id => @repository
|
||||
response.should redirect_to(new_user_session_path)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'for admin' do
|
||||
|
|
@ -102,7 +114,7 @@ describe Platforms::RepositoriesController do
|
|||
it_should_behave_like 'platform admin user'
|
||||
|
||||
end
|
||||
|
||||
|
||||
context 'for platform owner user' do
|
||||
before(:each) do
|
||||
@user = FactoryGirl.create(:user)
|
||||
|
|
@ -119,7 +131,7 @@ describe Platforms::RepositoriesController do
|
|||
@user = FactoryGirl.create(:user)
|
||||
set_session_for(@user)
|
||||
end
|
||||
|
||||
|
||||
it_should_behave_like 'registered user'
|
||||
|
||||
it 'should not be able to perform new action' do
|
||||
|
|
@ -132,7 +144,7 @@ describe Platforms::RepositoriesController do
|
|||
lambda { post :create, @create_params }.should change{ Repository.count }.by(0)
|
||||
response.should redirect_to(forbidden_path)
|
||||
end
|
||||
|
||||
|
||||
it 'should not be able to destroy repository in main platform' do
|
||||
delete :destroy, :id => @repository.id
|
||||
response.should redirect_to(forbidden_path)
|
||||
|
|
@ -142,13 +154,13 @@ describe Platforms::RepositoriesController do
|
|||
it 'should not be able to add project to repository' do
|
||||
get :add_project, :id => @repository.id, :platform_id => @platform.id, :project_id => @project.id
|
||||
response.should redirect_to(forbidden_path)
|
||||
@repository.projects.should_not include (@project)
|
||||
@repository.projects.should_not include(@project)
|
||||
end
|
||||
|
||||
it 'should not be able to remove project from repository' do
|
||||
get :remove_project, :id => @repository.id, :platform_id => @platform.id, :project_id => @project.id
|
||||
response.should redirect_to(forbidden_path)
|
||||
@repository.projects.should_not include (@project)
|
||||
@repository.projects.should_not include(@project)
|
||||
end
|
||||
|
||||
it_should_behave_like 'not destroy personal repository'
|
||||
|
|
|
|||
|
|
@ -109,7 +109,7 @@ describe Projects::BuildListsController do
|
|||
set_session_for(@user)
|
||||
@show_params = {:owner_name => @project.owner.uname, :project_name => @project.name, :id => @build_list.id}
|
||||
end
|
||||
|
||||
|
||||
context 'for all build lists' do
|
||||
before(:each) do
|
||||
@build_list1 = FactoryGirl.create(:build_list_core)
|
||||
|
|
|
|||
|
|
@ -6,6 +6,7 @@ FactoryGirl.define do
|
|||
association :save_to_platform, :factory => :platform_with_repos
|
||||
association :arch
|
||||
build_for_platform {|bl| bl.save_to_platform}
|
||||
save_to_repository {|bl| bl.save_to_platform.repositories.first }
|
||||
project_version "1.0"
|
||||
build_requires true
|
||||
update_type 'security'
|
||||
|
|
|
|||
Loading…
Reference in New Issue