From 735f4af84eee5a6eb301ad4c8cec0c8d9bf1c20f Mon Sep 17 00:00:00 2001
From: Vokhmin Alexey V <avokhmin@gmail.com>
Date: Wed, 26 Jun 2013 12:04:40 +0400
Subject: [PATCH] #192: added request specs

---
 .../platforms/tokens_controller.rb            |   5 +-
 .../platforms/tokens_controller_spec.rb       | 127 ++++++++++++++++++
 2 files changed, 128 insertions(+), 4 deletions(-)
 create mode 100644 spec/controllers/platforms/tokens_controller_spec.rb

diff --git a/app/controllers/platforms/tokens_controller.rb b/app/controllers/platforms/tokens_controller.rb
index 6a80debc9..d192b9906 100644
--- a/app/controllers/platforms/tokens_controller.rb
+++ b/app/controllers/platforms/tokens_controller.rb
@@ -1,14 +1,11 @@
 class Platforms::TokensController < Platforms::BaseController
   before_filter :authenticate_user!
 
-  # load_and_authorize_resource :platform
-  # load_and_authorize_resource #:token#, :through => :subject
-  # load_and_authorize_resource :token, :through => :subject
-
   load_resource :platform
   load_and_authorize_resource :through  => :platform, :shallow  => true
 
   def index
+    authorize! :local_admin_manage, @platform
     @tokens = @platform.tokens.includes(:creator, :updater)
                               .paginate(:per_page => 20, :page => params[:page])
   end
diff --git a/spec/controllers/platforms/tokens_controller_spec.rb b/spec/controllers/platforms/tokens_controller_spec.rb
new file mode 100644
index 000000000..5e27049d9
--- /dev/null
+++ b/spec/controllers/platforms/tokens_controller_spec.rb
@@ -0,0 +1,127 @@
+require 'spec_helper'
+
+def create_key_pair(repository, user)
+  @key_pair = FactoryGirl.create(:key_pair, :repository => repository, :user => user)
+end
+
+shared_examples_for 'token of platform for owner' do
+  [:index, :new].each do |action|
+    it "should be able to perform #{action} action" do
+      get action, :platform_id => @platform
+      response.should render_template(action)
+    end
+  end
+
+  it 'should not be able to perform show action' do
+    get :show, :platform_id => @platform, :id => @platform_token
+    response.should render_template(:show)
+  end
+
+  it 'should be able to perform create action' do
+    post :create, @create_params
+    response.should redirect_to(platform_tokens_path(@platform))
+  end
+
+  it 'should create key pair into db on create action' do
+    lambda { post :create, @create_params }.should change{Token.count}.by(1)
+  end
+end
+
+shared_examples_for 'token of platform for simple user or guest' do
+  [:index, :new].each do |action|
+    it "should not be able to perform #{ action } action" do
+      get action, :platform_id => @platform
+      response.should redirect_to(redirected_url)
+    end
+  end
+
+  it 'should not be able to perform show action' do
+    get :show, :platform_id => @platform, :id => @platform_token
+    response.should redirect_to(redirected_url)
+  end
+
+  it 'should not be able to perform show action' do
+    post :create, @create_params
+    response.should redirect_to(redirected_url)
+  end
+
+  it 'should not change objects count on create success' do
+    lambda { post :create, @create_params }.should change{ Token.count }.by(0)
+  end
+end
+
+describe Platforms::TokensController do
+  before do
+    stub_symlink_methods
+
+    @platform = FactoryGirl.create(:platform)
+    @user = FactoryGirl.create(:user)
+    @platform_token = FactoryGirl.create(:platform_token, :subject => @platform)
+    @create_params = {
+      :platform_id => @platform,
+      :tokens => {
+        :description => 'description'
+      }
+    }
+  end
+
+  it_should_behave_like 'token of platform for simple user or guest' do
+    let(:redirected_url) { new_user_session_path }
+  end
+
+  context 'for global admin' do
+    before(:each) do
+      @admin = FactoryGirl.create(:admin)
+      @user = FactoryGirl.create(:user)
+      set_session_for(@admin)
+    end
+
+    it_should_behave_like 'token of platform for owner'
+  end
+
+  context 'for owner user' do
+    before(:each) do
+      @user = FactoryGirl.create(:user)
+      set_session_for(@user)
+      
+      @platform.owner = @user
+      @platform.save
+    end
+
+    it_should_behave_like 'token of platform for owner'
+  end
+
+  context 'for admin user' do
+    before(:each) do
+      @user = FactoryGirl.create(:user)
+      set_session_for(@user)
+      @platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin')
+    end
+
+    it_should_behave_like 'token of platform for owner'
+  end
+
+  context 'for reader user' do
+    before do
+      @user = FactoryGirl.create(:user)
+      set_session_for(@user)
+      @platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader')
+    end
+
+    it_should_behave_like 'token of platform for simple user or guest' do
+      let(:redirected_url) { forbidden_url }
+    end
+  end
+
+  context 'for simple user' do
+    before do
+      @user = FactoryGirl.create(:user)
+      set_session_for(@user)
+    end
+
+    it_should_behave_like 'token of platform for simple user or guest' do
+      let(:redirected_url) { forbidden_url }
+    end
+  end
+
+end