Merge pull request #392 from warpc/391-project
[Refs #391] Control assignment project group
This commit is contained in:
Vladimir Sharshov
commit
6c428169cf
|
|
@ -26,9 +26,10 @@ class ProjectsController < ApplicationController
|
|||
@project = Project.new params[:project]
|
||||
@project.owner = choose_owner
|
||||
@who_owns = (@project.owner_type == 'User' ? :me : :group)
|
||||
authorize! :update, @project.owner if @project.owner.class == Group
|
||||
|
||||
if @project.save
|
||||
flash[:notice] = t('flash.project.saved')
|
||||
flash[:notice] = t('flash.project.saved')
|
||||
redirect_to @project
|
||||
else
|
||||
flash[:error] = t('flash.project.save_error')
|
||||
|
|
|
|||
|
|
@ -2,17 +2,17 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe ProjectsController do
|
||||
|
||||
before(:each) do
|
||||
|
||||
before(:each) do
|
||||
stub_rsync_methods
|
||||
|
||||
@project = FactoryGirl.create(:project)
|
||||
@another_user = FactoryGirl.create(:user)
|
||||
@create_params = {:project => {:name => 'pro'}}
|
||||
@update_params = {:project => {:name => 'pro2'}}
|
||||
end
|
||||
end
|
||||
|
||||
context 'for guest' do
|
||||
context 'for guest' do
|
||||
it 'should not be able to perform index action' do
|
||||
get :index
|
||||
response.should redirect_to(new_user_session_path)
|
||||
|
|
@ -25,10 +25,10 @@ describe ProjectsController do
|
|||
end
|
||||
|
||||
context 'for admin' do
|
||||
before(:each) do
|
||||
@admin = FactoryGirl.create(:admin)
|
||||
set_session_for(@admin)
|
||||
end
|
||||
before(:each) do
|
||||
@admin = FactoryGirl.create(:admin)
|
||||
set_session_for(@admin)
|
||||
end
|
||||
|
||||
it_should_behave_like 'projects user with admin rights'
|
||||
it_should_behave_like 'projects user with reader rights'
|
||||
|
|
@ -44,12 +44,12 @@ describe ProjectsController do
|
|||
end
|
||||
|
||||
context 'for owner user' do
|
||||
before(:each) do
|
||||
@user = FactoryGirl.create(:user)
|
||||
set_session_for(@user)
|
||||
@project.update_attribute(:owner, @user)
|
||||
@project.relations.create!(:object_type => 'User', :object_id => @user.id, :role => 'admin')
|
||||
end
|
||||
before(:each) do
|
||||
@user = FactoryGirl.create(:user)
|
||||
set_session_for(@user)
|
||||
@project.update_attribute(:owner, @user)
|
||||
@project.relations.create!(:object_type => 'User', :object_id => @user.id, :role => 'admin')
|
||||
end
|
||||
|
||||
it_should_behave_like 'projects user with admin rights'
|
||||
it_should_behave_like 'user with rights to view projects'
|
||||
|
|
@ -67,27 +67,34 @@ describe ProjectsController do
|
|||
post :fork, :id => @project.id
|
||||
response.should redirect_to(forbidden_path)
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
context 'for reader user' do
|
||||
before(:each) do
|
||||
@user = FactoryGirl.create(:user)
|
||||
set_session_for(@user)
|
||||
@project.relations.create!(:object_type => 'User', :object_id => @user.id, :role => 'reader')
|
||||
end
|
||||
before(:each) do
|
||||
@user = FactoryGirl.create(:user)
|
||||
set_session_for(@user)
|
||||
@project.relations.create!(:object_type => 'User', :object_id => @user.id, :role => 'reader')
|
||||
end
|
||||
|
||||
it_should_behave_like 'projects user with reader rights'
|
||||
end
|
||||
|
||||
context 'for writer user' do
|
||||
before(:each) do
|
||||
@user = FactoryGirl.create(:user)
|
||||
set_session_for(@user)
|
||||
@project.relations.create!(:object_type => 'User', :object_id => @user.id, :role => 'writer')
|
||||
end
|
||||
before(:each) do
|
||||
@user = FactoryGirl.create(:user)
|
||||
set_session_for(@user)
|
||||
@project.relations.create!(:object_type => 'User', :object_id => @user.id, :role => 'writer')
|
||||
end
|
||||
|
||||
it_should_behave_like 'projects user with reader rights'
|
||||
|
||||
it 'should not be able to create project to other group' do
|
||||
group = FactoryGirl.create(:group)
|
||||
post :create, @create_params.merge({:who_owns => 'group', :owner_id => group.id})
|
||||
response.should redirect_to(forbidden_path)
|
||||
end
|
||||
|
||||
it 'should not be able to fork project to other group' do
|
||||
group = FactoryGirl.create(:group)
|
||||
post :fork, :id => @project.id, :group => group.id
|
||||
|
|
@ -100,11 +107,9 @@ describe ProjectsController do
|
|||
post :fork, :id => @project.id, :group => group.id
|
||||
response.should redirect_to(project_path(group.projects.first.id))
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
context 'search projects' do
|
||||
|
||||
before(:each) do
|
||||
@admin = FactoryGirl.create(:admin)
|
||||
@project1 = FactoryGirl.create(:project, :name => 'perl-debug')
|
||||
|
|
@ -117,4 +122,14 @@ describe ProjectsController do
|
|||
assigns(:projects).should eq([@project2, @project1])
|
||||
end
|
||||
end
|
||||
|
||||
context 'for other user' do
|
||||
it 'should not be able to fork hidden project' do
|
||||
@user = FactoryGirl.create(:user)
|
||||
set_session_for(@user)
|
||||
@project.update_attribute(:visibility, 'hidden')
|
||||
post :fork, :id => @project.id
|
||||
response.should redirect_to(forbidden_path)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
Loading…
Reference in New Issue