diff --git a/app/controllers/comments_controller.rb b/app/controllers/comments_controller.rb index 098167d2e..de1e56e82 100644 --- a/app/controllers/comments_controller.rb +++ b/app/controllers/comments_controller.rb @@ -68,7 +68,6 @@ class CommentsController < ApplicationController @comment = Comment.find(params[:id]) if @comment.commit_comment? @comment.project = @project - @comment.helper end end diff --git a/app/mailers/user_mailer.rb b/app/mailers/user_mailer.rb index d3c150d88..82b8be5b8 100644 --- a/app/mailers/user_mailer.rb +++ b/app/mailers/user_mailer.rb @@ -13,7 +13,6 @@ class UserMailer < ActionMailer::Base def new_comment_notification(comment, user) @user = user @comment = comment - @comment.helper mail(:to => user.email, :subject => I18n.t("notifications.subjects.new_#{comment.commit_comment? ? 'commit_' : ''}comment_notification")) do |format| format.html end diff --git a/app/models/comment.rb b/app/models/comment.rb index e4c4e3c2a..1eae5cc48 100644 --- a/app/models/comment.rb +++ b/app/models/comment.rb @@ -4,20 +4,19 @@ class Comment < ActiveRecord::Base belongs_to :user belongs_to :project - validates :body, :user_id, :commentable_id, :commentable_type, :presence => true + validates :body, :user_id, :commentable_id, :commentable_type, :project_id, :presence => true default_scope order('created_at') after_create :subscribe_on_reply, :unless => lambda {|c| c.commit_comment?} - after_create :helper, :if => lambda {|c| c.commit_comment?} after_create :subscribe_users - - attr_accessible :body, :commentable_id, :commentable_type - - def helper + after_initialize do |comment| class_eval { def commentable; project.git_repository.commit(commentable_id.to_s(16)); end } if commit_comment? end + attr_accessible :body, :commentable_id, :commentable_type + attr_readonly :commentable_id, :commentable_type + def own_comment?(user) user_id == user.id end diff --git a/app/models/project.rb b/app/models/project.rb index 8e343a172..75072922d 100644 --- a/app/models/project.rb +++ b/app/models/project.rb @@ -195,11 +195,8 @@ class Project < ActiveRecord::Base system("#{Rails.root.join('bin', 'import_srpm.sh')} #{srpm_path} #{path} #{branch_name} >> /dev/null 2>&1") end - class << self - def commit_comments(commit, project) - comments = Comment.where(:commentable_id => commit.id.hex, :commentable_type => 'Grit::Commit') - comments.each {|x| x.project = project; x.helper} - end + def self.commit_comments(commit, project) + comments = Comment.where(:commentable_id => commit.id.hex, :commentable_type => 'Grit::Commit') end def owner?(user) diff --git a/spec/controllers/comments_controller_for_commit_spec.rb b/spec/controllers/comments_controller_for_commit_spec.rb index 134bf3313..db9210afc 100644 --- a/spec/controllers/comments_controller_for_commit_spec.rb +++ b/spec/controllers/comments_controller_for_commit_spec.rb @@ -1,6 +1,12 @@ # -*- encoding : utf-8 -*- require 'spec_helper' +def create_comment user + comment = user.comments.create(:commentable_id => @commit.id.hex, :commentable_type => @commit.class.name, + :body => 'test', :project_id => @project.id) + comment +end + shared_examples_for 'user with create comment rights for commits' do it 'should be able to perform create action' do post :create, @create_params @@ -26,92 +32,85 @@ end shared_examples_for 'user with update stranger comment rights for commits' do it 'should be able to perform update action' do - put :update, {:id => @comment.id}.merge(@update_params) + put :update, {:id => @stranger_comment.id}.merge(@update_params) response.should redirect_to(commit_path(@project, @commit.id)) end it 'should update comment title' do - put :update, {:id => @comment.id}.merge(@update_params) - @comment.reload.body.should == 'updated' + put :update, {:id => @stranger_comment.id}.merge(@update_params) + @stranger_comment.reload.body.should == 'updated' end end shared_examples_for 'user without update stranger comment rights for commits' do it 'should not be able to perform update action' do - put :update, {:id => @comment.id}.merge(@update_params) + put :update, {:id => @stranger_comment.id}.merge(@update_params) response.should redirect_to(forbidden_path) end it 'should not update comment title' do - put :update, {:id => @comment.id}.merge(@update_params) - @comment.reload.body.should_not == 'updated' + put :update, {:id => @stranger_comment.id}.merge(@update_params) + @stranger_comment.reload.body.should_not == 'updated' end end shared_examples_for 'user without destroy comment rights for commits' do it 'should not be able to perform destroy action' do - delete :destroy, :id => @comment.id, :commit_id => @commit.id, :project_id => @project.id + delete :destroy, :id => @stranger_comment.id, :commit_id => @commit.id, :project_id => @project.id response.should redirect_to(forbidden_path) end it 'should not reduce comments count' do - lambda{ delete :destroy, :id => @comment.id, :commit_id => @commit.id, :project_id => @project.id }.should change{ Comment.count }.by(0) + lambda{ delete :destroy, :id => @stranger_comment.id, :commit_id => @commit.id, :project_id => @project.id }.should change{ Comment.count }.by(0) end end #shared_examples_for 'user with destroy rights' do # it 'should be able to perform destroy action' do -# delete :destroy, :id => @comment.id, :issue_id => @issue.serial_id, :project_id => @project.id -# response.should redirect_to([@project, @issue]) +# delete :destroy, :id => @stranger_comment.id, :project_id => @project.id +# response.should redirect_to(commit_path(@project, @commit.id)) # end # # it 'should reduce comments count' do -# lambda{ delete :destroy, :id => @comment.id, :issue_id => @issue.serial_id, :project_id => @project.id }.should change{ Comment.count }.by(-1) +# lambda{ delete :destroy, :id => @stranger_comment.id, :issue_id => @issue.serial_id, :project_id => @project.id }.should change{ Comment.count }.by(-1) # end #end describe CommentsController do before(:each) do stub_rsync_methods - @project = Factory(:project) %x(cp -Rf #{Rails.root}/spec/tests.git/* #{@project.git_repository.path}) # maybe FIXME ? @commit = @project.git_repository.commits.first - @comment = Factory(:commit_comment, :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id) - @comment.helper @create_params = {:comment => {:body => 'I am a comment!'}, :project_id => @project.id, :commit_id => @commit.id} @update_params = {:comment => {:body => 'updated'}, :project_id => @project.id, :commit_id => @commit.id} any_instance_of(Project, :versions => ['v1.0', 'v2.0']) - - @request.env['HTTP_REFERER'] = commit_path(@project, @commit.id) + @stranger_comment = create_comment Factory(:user) + @user = Factory(:user) + @own_comment = create_comment @user + set_session_for(@user) end context 'for project admin user' do before(:each) do - @user = Factory(:user) - set_session_for(@user) @project.relations.create!(:object_type => 'User', :object_id => @user.id, :role => 'admin') - @own_comment = Factory(:comment, :user => @user) - @own_comment.update_attributes(:commentable_type => @commit.class.name, :commentable_id => @commit.id) end it_should_behave_like 'user with create comment rights for commits' it_should_behave_like 'user with update stranger comment rights for commits' it_should_behave_like 'user with update own comment rights for commits' it_should_behave_like 'user without destroy comment rights for commits' + #it_should_behave_like 'user with destroy rights' end context 'for project owner user' do before(:each) do + @user.destroy @user = @project.owner set_session_for(@user) - @project.relations.create!(:object_type => 'User', :object_id => @user.id, :role => 'admin') - - @own_comment = Factory(:comment, :user => @user) - @own_comment.update_attributes(:commentable_type => @commit.class.name, :commentable_id => @commit.id) + @own_comment = create_comment @user end it_should_behave_like 'user with create comment rights for commits' @@ -122,12 +121,7 @@ describe CommentsController do context 'for project reader user' do before(:each) do - @user = Factory(:user) - set_session_for(@user) @project.relations.create!(:object_type => 'User', :object_id => @user.id, :role => 'reader') - - @own_comment = Factory(:comment, :user => @user) - @own_comment.update_attributes(:commentable_type => @commit.class.name, :commentable_id => @commit.id) end it_should_behave_like 'user with create comment rights for commits' @@ -138,12 +132,7 @@ describe CommentsController do context 'for project writer user' do before(:each) do - @user = Factory(:user) - set_session_for(@user) @project.relations.create!(:object_type => 'User', :object_id => @user.id, :role => 'writer') - - @own_comment = Factory(:comment, :user => @user) - @own_comment.update_attributes(:commentable_type => @commit.class.name, :commentable_id => @commit.id) end it_should_behave_like 'user with create comment rights for commits' diff --git a/spec/controllers/comments_controller_spec.rb b/spec/controllers/comments_controller_spec.rb index 79ba1e827..b84b63d67 100644 --- a/spec/controllers/comments_controller_spec.rb +++ b/spec/controllers/comments_controller_spec.rb @@ -83,16 +83,14 @@ describe CommentsController do any_instance_of(Project, :versions => ['v1.0', 'v2.0']) - @request.env['HTTP_REFERER'] = project_issue_path(@project, @issue) + @user = Factory(:user) + set_session_for(@user) + @own_comment = Factory(:comment, :commentable => @issue, :user => @user, :project_id => @project.id) end context 'for project admin user' do before(:each) do - @user = Factory(:user) - set_session_for(@user) @project.relations.create!(:object_type => 'User', :object_id => @user.id, :role => 'admin') - - @own_comment = Factory(:comment, :commentable => @issue, :user => @user, :project_id => @project.id) end it_should_behave_like 'user with create comment rights' @@ -103,12 +101,7 @@ describe CommentsController do context 'for project owner user' do before(:each) do - @user = Factory(:user) - set_session_for(@user) @project.update_attribute(:owner, @user) - @project.relations.create!(:object_type => 'User', :object_id => @user.id, :role => 'admin') - - @own_comment = Factory(:comment, :commentable => @issue, :user => @user, :project_id => @project.id) end it_should_behave_like 'user with create comment rights' @@ -119,11 +112,7 @@ describe CommentsController do context 'for project reader user' do before(:each) do - @user = Factory(:user) - set_session_for(@user) @project.relations.create!(:object_type => 'User', :object_id => @user.id, :role => 'reader') - - @own_comment = Factory(:comment, :commentable => @issue, :user => @user, :project_id => @project.id) end it_should_behave_like 'user with create comment rights' @@ -134,11 +123,7 @@ describe CommentsController do context 'for project writer user' do before(:each) do - @user = Factory(:user) - set_session_for(@user) @project.relations.create!(:object_type => 'User', :object_id => @user.id, :role => 'writer') - - @own_comment = Factory(:comment, :commentable => @issue, :user => @user, :project_id => @project.id) end it_should_behave_like 'user with create comment rights' diff --git a/spec/factories/comments.rb b/spec/factories/comments.rb index db5639295..c787bebcd 100644 --- a/spec/factories/comments.rb +++ b/spec/factories/comments.rb @@ -4,11 +4,3 @@ Factory.define(:comment) do |p| p.association :user, :factory => :user p.association :commentable, :factory => :issue end - -Factory.define(:commit_comment, :class => 'Comment') do |p| - p.body { Factory.next(:string) } - p.association :user, :factory => :user - p.commentable_type 'Grit::Commit' - p.commentable_id 'asdf' - p.project nil -end diff --git a/spec/models/comment_for_commit_spec.rb b/spec/models/comment_for_commit_spec.rb index 66c17ec05..97e3ee643 100644 --- a/spec/models/comment_for_commit_spec.rb +++ b/spec/models/comment_for_commit_spec.rb @@ -2,6 +2,12 @@ require 'spec_helper' require "cancan/matchers" +def create_comment user + comment = user.comments.create(:commentable_id => @commit.id.hex, :commentable_type => @commit.class.name, + :body => 'test', :project_id => @project.id) + comment +end + def set_comments_data_for_commit @ability = Ability.new(@user) @@ -9,18 +15,11 @@ def set_comments_data_for_commit %x(cp -Rf #{Rails.root}/spec/tests.git/* #{@project.git_repository.path}) # maybe FIXME ? @commit = @project.git_repository.commits.first - #@comment = Factory(:comment, :user => @user, :commentable_type => @commit.class.name, :commentable_id => @commit.id, :project => @project) - @comment = Factory.build(:comment, :user => @user, :project => @project) - @comment.commentable_type = @commit.class.name - @comment.commentable_id = @commit.id.hex - puts @comment.inspect - @comment.save - #@comment.update_attributes(:commentable_type => @commit.class.name, :commentable_id => @commit.id) + @comment = create_comment(@user) + @stranger_comment = create_comment(@stranger) - @stranger_comment = Factory(:comment, :user => @stranger) - @stranger_comment.update_attributes(:commentable_type => @commit.class.name, :commentable_id => @commit.id, :project => @project) - - @create_params = {:commentable_type => @commit.class.name, :commentable_id => @commit.id, :user => @user, :project => @project} + @subscribe_params = {:project_id => @project.id, :subscribeable_id => @commit.id.hex, :subscribeable_type => @commit.class.name} + Subscribe.destroy_all any_instance_of(Project, :versions => ['v1.0', 'v2.0']) end @@ -36,7 +35,7 @@ describe Comment do end it 'should create comment' do - @ability.should be_able_to(:create, Comment.new(@create_params)) + @ability.should be_able_to(:create, @comment) end it 'should update comment' do @@ -62,11 +61,14 @@ describe Comment do @stranger = Factory(:user) set_comments_data_for_commit - #~ #@project.relations.create!(:object_type => 'User', :object_id => @user.id, :role => 'admin') + @admin = Factory(:user) + @ability = Ability.new(@admin) + @project.relations.create!(:object_type => 'User', :object_id => @admin.id, :role => 'admin') + ActionMailer::Base.deliveries = [] end it 'should create comment' do - @ability.should be_able_to(:create, Comment.new(@create_params)) + @ability.should be_able_to(:create, @comment) end it 'should update comment' do @@ -82,10 +84,8 @@ describe Comment do end context 'for default settings' do - it 'should send an e-mail' do - ActionMailer::Base.deliveries = [] - comment = Comment.create(:user => @stranger, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + it 'should not send an e-mail' do + comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 1 ActionMailer::Base.deliveries.last.to.include?(@user.email).should == true end @@ -93,20 +93,16 @@ describe Comment do context 'for disabled notify setting new_comment_commit_repo_owner' do it 'should not send an e-mail' do - ActionMailer::Base.deliveries = [] @user.notifier.update_attribute :new_comment_commit_repo_owner, false - comment = Comment.create(:user => @stranger, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) - ActionMailer::Base.deliveries.count.should == 0 + comment = create_comment(@stranger) + ActionMailer::Base.deliveries.count.should == 1 end end context 'for disabled notify setting new_comment_commit_owner' do it 'should send an e-mail' do - ActionMailer::Base.deliveries = [] @user.notifier.update_attribute :new_comment_commit_owner, false - comment = Comment.create(:user => @stranger, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 1 ActionMailer::Base.deliveries.last.to.include?(@user.email).should == true end @@ -114,10 +110,8 @@ describe Comment do context 'for disabled notify setting new_comment_commit_commentor' do it 'should send an e-mail' do - ActionMailer::Base.deliveries = [] @user.notifier.update_attribute :new_comment_commit_commentor, false - comment = Comment.create(:user => @stranger, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 1 ActionMailer::Base.deliveries.last.to.include?(@user.email).should == true end @@ -125,32 +119,26 @@ describe Comment do context 'for disabled all notify setting expect global' do it 'should not send an e-mail' do - ActionMailer::Base.deliveries = [] @user.notifier.update_attribute :new_comment_commit_repo_owner, false @user.notifier.update_attribute :new_comment_commit_owner, false @user.notifier.update_attribute :new_comment_commit_commentor, false - comment = Comment.create(:user => @stranger, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 0 end end context 'for unsubscribe commit' do it 'should not send an e-mail' do - ActionMailer::Base.deliveries = [] - Subscribe.unsubscribe_from_commit(:project_id => @project.id, :subscribeable_id => @commit.id.hex, :subscribeable_type => @commit.class.name, :user_id => @user.id) - comment = Comment.create(:user => @stranger, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + Subscribe.unsubscribe_from_commit @subscribe_params.merge(:user_id => @user.id) + comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 0 end end context 'for disabled global notify setting' do it 'should not send an e-mail' do - ActionMailer::Base.deliveries = [] @user.notifier.update_attribute :can_notify, false - comment = Comment.create(:user => @stranger, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 0 end end @@ -163,10 +151,11 @@ describe Comment do @stranger = Factory(:user) set_comments_data_for_commit @project.update_attribute(:owner, @user) + ActionMailer::Base.deliveries = [] end it 'should create comment' do - @ability.should be_able_to(:create, Comment.create(@create_params)) + @ability.should be_able_to(:create, @comment) end it 'should update comment' do @@ -183,9 +172,7 @@ describe Comment do context 'for default enabled settings' do it 'should send an e-mail by default settings' do - ActionMailer::Base.deliveries = [] - comment = Comment.create(:user => @stranger, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 1 ActionMailer::Base.deliveries.last.to.include?(@project.owner.email).should == true end @@ -193,20 +180,17 @@ describe Comment do context 'for disabled notify setting new_comment_commit_repo_owner' do it 'should not send an e-mail' do - ActionMailer::Base.deliveries = [] @user.notifier.update_attribute :new_comment_commit_repo_owner, false - comment = Comment.create(:user => @stranger, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + Comment.destroy_all + comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 0 end end context 'for disabled notify setting new_comment_commit_owner' do it 'should send an e-mail' do - ActionMailer::Base.deliveries = [] @user.notifier.update_attribute :new_comment_commit_owner, false - comment = Comment.create(:user => @stranger, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 1 ActionMailer::Base.deliveries.last.to.include?(@user.email).should == true end @@ -214,10 +198,8 @@ describe Comment do context 'for disabled notify setting new_comment_commit_commentor' do it 'should send an e-mail' do - ActionMailer::Base.deliveries = [] @user.notifier.update_attribute :new_comment_commit_commentor, false - comment = Comment.create(:user => @stranger, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 1 ActionMailer::Base.deliveries.last.to.include?(@user.email).should == true end @@ -225,43 +207,34 @@ describe Comment do context 'for disabled all notify setting expect global' do it 'should not send an e-mail' do - ActionMailer::Base.deliveries = [] @user.notifier.update_attribute :new_comment_commit_repo_owner, false @user.notifier.update_attribute :new_comment_commit_owner, false @user.notifier.update_attribute :new_comment_commit_commentor, false - comment = Comment.create(:user => @stranger, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 0 end end context 'for unsubscribe project' do it 'should not send an e-mail' do - ActionMailer::Base.deliveries = [] - Subscribe.unsubscribe_from_commit(:project_id => @project.id, :subscribeable_id => @commit.id.hex, :subscribeable_type => @commit.class.name, :user_id => @user.id) - comment = Comment.create(:user => @stranger, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + Subscribe.unsubscribe_from_commit @subscribe_params.merge(:user_id => @user.id) + comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 0 end end context 'for disabled global notify setting' do it 'should not send an e-mail' do - ActionMailer::Base.deliveries = [] @user.notifier.update_attribute :can_notify, false - comment = Comment.create(:user => @stranger, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 0 end end context 'for own commit' do it 'should send a one e-mail' do - ActionMailer::Base.deliveries = [] @project.owner.update_attribute :email, 'code@tpope.net' - comment = Comment.create(:user => @stranger, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) - + comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 1 ActionMailer::Base.deliveries.last.to.include?(@project.owner.email).should == true end @@ -275,15 +248,14 @@ describe Comment do @simple = Factory(:user) @stranger = Factory(:user) set_comments_data_for_commit - @create_params = {:commentable_type => @commit.class.name, :commentable_id => @commit.id, - :user => @simple, :project => @project} - @comment = Factory(:comment, :user => @simple) - @comment.update_attributes(:commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + @comment = create_comment(@simple) @ability = Ability.new(@simple) + ActionMailer::Base.deliveries = [] + Subscribe.unsubscribe_from_commit @subscribe_params.merge(:user_id => [@stranger.id, @project.owner.id]) end it 'should create comment' do - @ability.should be_able_to(:create, Comment.create(@create_params)) + @ability.should be_able_to(:create, @comment) end it 'should update comment' do @@ -299,92 +271,68 @@ describe Comment do end context 'for default enabled settings' do - it 'should not send an e-mail' do - ActionMailer::Base.deliveries = [] - comment = Comment.create(:user => @stranger, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + it 'should send an e-mail' do + comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 1 - ActionMailer::Base.deliveries.last.to.include?(@stranger.email).should == false + ActionMailer::Base.deliveries.last.to.include?(@simple.email).should == true end it 'should send an e-mail for comments after his comment' do - comment = Comment.create(:user => @simple, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) - + comment = create_comment(@simple) ActionMailer::Base.deliveries = [] - comment = Comment.create(:user => @user, :body => 'owner comment', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + comment = create_comment(@user) ActionMailer::Base.deliveries.count.should == 1 ActionMailer::Base.deliveries.last.to.include?(@simple.email).should == true end it 'should send an e-mail when subscribed to project' do - ActionMailer::Base.deliveries = [] - @project.owner.notifier.update_attribute :can_notify, false - @stranger.notifier.update_attribute :new_comment_commit_repo_owner, false - @stranger.notifier.update_attribute :new_comment_commit_owner, false - - Subscribe.subscribe_to_commit(:project_id => @project.id, :subscribeable_id => @commit.id.hex, :subscribeable_type => @commit.class.name, :user_id => @stranger.id) - comment = Comment.create(:user => @project.owner, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + Subscribe.subscribe_to_commit @subscribe_params.merge(:user_id => @simple.id) + comment = create_comment(@project.owner) ActionMailer::Base.deliveries.count.should == 1 - ActionMailer::Base.deliveries.last.to.include?(@stranger.email).should == true + ActionMailer::Base.deliveries.last.to.include?(@simple.email).should == true end it 'should not send an e-mail for own comment' do - ActionMailer::Base.deliveries = [] - Subscribe.subscribe_to_commit(:project_id => @project.id, :subscribeable_id => @commit.id.hex, :subscribeable_type => @commit.class.name, :user_id => @stranger.id) - comment = Comment.create(:user => @owner, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + comment = create_comment(@simple) ActionMailer::Base.deliveries.count.should == 0 end end context 'for committer' do it 'should send an e-mail' do - ActionMailer::Base.deliveries = [] - @stranger.update_attribute :email, 'code@tpope.net' - comment = Comment.create(:user => @user, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + @simple.update_attribute :email, 'code@tpope.net' + comment = create_comment(@user) ActionMailer::Base.deliveries.count.should == 1 - ActionMailer::Base.deliveries.last.to.include?(@stranger.email).should == true + ActionMailer::Base.deliveries.last.to.include?(@simple.email).should == true end it 'should send a one e-mail when subscribed to commit' do - ActionMailer::Base.deliveries = [] - Subscribe.subscribe_to_commit(:project_id => @project.id, :subscribeable_id => @commit.id.hex, :subscribeable_type => @commit.class.name, :user_id => @stranger.id) - @stranger.update_attribute :email, 'code@tpope.net' - comment = Comment.create(:user => @user, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + Subscribe.subscribe_to_commit @subscribe_params.merge(:user_id => @simple.id) + @simple.update_attribute :email, 'code@tpope.net' + comment = create_comment(@user) ActionMailer::Base.deliveries.count.should == 1 - ActionMailer::Base.deliveries.last.to.include?(@stranger.email).should == true + ActionMailer::Base.deliveries.last.to.include?(@simple.email).should == true end it 'should not send an e-mail for own comment' do - ActionMailer::Base.deliveries = [] - @stranger.update_attribute :email, 'code@tpope.net' - comment = Comment.create(:user => @stranger, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) - ActionMailer::Base.deliveries.count.should == 1 - ActionMailer::Base.deliveries.last.to.include?(@stranger.email).should == false + @simple.update_attribute :email, 'code@tpope.net' + comment = create_comment(@simple) + ActionMailer::Base.deliveries.count.should == 0 end it 'should not send an e-mail if global notify off' do - ActionMailer::Base.deliveries = [] @project.owner.notifier.update_attribute :can_notify, false - @stranger.update_attribute :email, 'code@tpope.net' - @stranger.notifier.update_attribute :can_notify, false - comment = Comment.create(:user => @user, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + @simple.update_attribute :email, 'code@tpope.net' + @simple.notifier.update_attribute :can_notify, false + comment = create_comment(@user) ActionMailer::Base.deliveries.count.should == 0 end it 'should not send an e-mail if notify for my commits off' do - ActionMailer::Base.deliveries = [] - @stranger.notifier.update_attribute :new_comment_commit_owner, false - @stranger.update_attribute :email, 'code@tpope.net' - comment = Comment.create(:user => @user, :body => 'hello!', :project => @project, - :commentable_type => @commit.class.name, :commentable_id => @commit.id.hex) + Comment.destroy_all + @simple.notifier.update_attribute :new_comment_commit_owner, false + @simple.update_attribute :email, 'code@tpope.net' + comment = create_comment(@user) ActionMailer::Base.deliveries.count.should == 0 end end diff --git a/spec/models/comment_spec.rb b/spec/models/comment_spec.rb index 97fe4425d..d62d961d7 100644 --- a/spec/models/comment_spec.rb +++ b/spec/models/comment_spec.rb @@ -128,5 +128,22 @@ describe Comment do it 'should not destroy comment' do @ability.should_not be_able_to(:destroy, @comment) end + + context 'with mass assignment' do + it 'should not be able to update commentable' do + @comment.update_attributes({:commentable_type => 'Grit::Commit', :commentable_id => 0}) + @comment.reload.commentable_id.should eql @issue.id + @comment.reload.commentable_type.should eql @issue.class.name + end + + it 'should not be able to update owner' do + @comment.should_not allow_mass_assignment_of :user_id + end + + it 'should not be able to update project' do + @comment.should_not allow_mass_assignment_of :project_id + end + end + end end