From 0ff8f92b62e4aada6795f31c08255ee3059ab13b Mon Sep 17 00:00:00 2001 From: Pavel Chipiga Date: Wed, 15 Aug 2012 16:52:32 +0300 Subject: [PATCH 1/9] Upgrade gems. Fix and refactor some specs. Fix deprecation warnings. Add capistrano task to dump remote db. Refs #263 --- Gemfile | 12 +- Gemfile.lock | 117 +++++++++--------- .../product_build_lists_controller.rb | 2 +- .../projects/comments_controller.rb | 2 +- app/models/ability.rb | 2 +- app/models/mass_build.rb | 4 +- app/models/platform.rb | 6 +- app/models/subscribe.rb | 2 +- config/deploy.rb | 29 +++++ .../20120306212914_add_project_to_comment.rb | 2 +- db/schema.rb | 71 ++++++----- .../groups/profile_controller_spec.rb | 2 +- .../platforms/key_pairs_controller_spec.rb | 2 +- .../platforms/mass_builds_controller_spec.rb | 4 +- .../platforms/platforms_controller_spec.rb | 2 +- .../platforms/repositories_controller_spec.rb | 2 +- .../projects/build_lists_controller_spec.rb | 26 ++-- .../projects/collaborators_controller_spec.rb | 80 ++++++------ .../projects/comments_controller_spec.rb | 54 ++++---- .../projects/issues_controller_spec.rb | 79 +++++++----- .../projects/projects_controller_spec.rb | 6 +- spec/factories/build_lists.rb | 1 + spec/factories/product_build_lists.rb | 1 + spec/models/cancan_spec.rb | 8 +- spec/models/comment_for_commit_spec.rb | 48 +++---- spec/models/comment_spec.rb | 2 +- spec/models/group_spec.rb | 2 +- spec/models/user_spec.rb | 2 +- 28 files changed, 314 insertions(+), 256 deletions(-) diff --git a/Gemfile b/Gemfile index 60869b4bb..e4ae78e4d 100644 --- a/Gemfile +++ b/Gemfile @@ -1,6 +1,6 @@ source 'http://rubygems.org' -gem 'rails', '3.2.7' #, :git => 'git://github.com/rails/rails.git' +gem 'rails', '3.2.8' #, :git => 'git://github.com/rails/rails.git' gem 'pg', '~> 0.14.0' # gem 'silent-postgres', :git => 'git://github.com/dolzenko/silent-postgres.git' #'~> 0.1.1' @@ -25,13 +25,13 @@ gem 'state_machine' # gem 'rugged', '~> 0.16.0' gem 'grack', :git => 'git://github.com/rdblue/grack.git', :require => 'git_http' gem "grit", :git => 'git://github.com/warpc/grit.git' #, :path => '~/Sites/code/grit' -gem 'charlock_holmes', '~> 0.6.8' #, :git => 'git://github.com/brianmario/charlock_holmes.git', :branch => 'bundle-icu' +gem 'charlock_holmes', '~> 0.6.9' #, :git => 'git://github.com/brianmario/charlock_holmes.git', :branch => 'bundle-icu' # gem 'ruby-filemagic', '~> 0.4.2', :require => 'filemagic/ext' -gem 'github-linguist', '~> 2.1.2', :require => 'linguist' +gem 'github-linguist', '~> 2.2.1', :require => 'linguist' gem 'diff-display', '~> 0.0.1' # Wiki -gem "gollum", :git => 'git://github.com/github/gollum.git' +gem "gollum", '~> 2.1.3' gem "redcarpet", "1.17.2" gem 'creole' gem 'rdiscount' @@ -58,7 +58,7 @@ group :assets do gem 'coffee-rails', '~> 3.2.2' gem 'compass-rails', '~> 1.0.3' gem 'uglifier', '~> 1.2.4' - gem 'therubyracer', '~> 0.10.1', :platforms => [:mri, :rbx] + gem 'therubyracer', '~> 0.10.2', :platforms => [:mri, :rbx] gem 'therubyrhino', '~> 1.73.1', :platforms => :jruby end @@ -81,7 +81,7 @@ end group :test do gem 'rspec-rails', '~> 2.11.0', :group => 'development' - gem 'factory_girl_rails', '~> 3.6.0' + gem 'factory_girl_rails', '~> 4.0.0' gem 'rr', '~> 1.0.4' gem 'shoulda' end diff --git a/Gemfile.lock b/Gemfile.lock index 896f7a8ab..fa631de11 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -6,23 +6,6 @@ GIT redhillonrails_core (2.0.0.pre) activerecord (>= 3.1.0.rc) -GIT - remote: git://github.com/github/gollum.git - revision: 8422b712048656c8ea391c2d7ef27fb29f66746b - specs: - gollum (2.1.0) - github-markdown - github-markup (>= 0.7.0, < 1.0.0) - grit (~> 2.5.0) - mustache (>= 0.11.2, < 1.0.0) - nokogiri (~> 1.4) - posix-spawn (~> 0.3.0) - pygments.rb (~> 0.2.0) - sanitize (~> 2.0.0) - sinatra (~> 1.0) - stringex (~> 1.4.0) - useragent (~> 0.4.9) - GIT remote: git://github.com/rdblue/grack.git revision: 020be3fef3fb308b9d214252522aa5945bf6584a @@ -42,12 +25,12 @@ GEM remote: http://rubygems.org/ specs: RedCloth (4.2.9) - actionmailer (3.2.7) - actionpack (= 3.2.7) + actionmailer (3.2.8) + actionpack (= 3.2.8) mail (~> 2.4.4) - actionpack (3.2.7) - activemodel (= 3.2.7) - activesupport (= 3.2.7) + actionpack (3.2.8) + activemodel (= 3.2.8) + activesupport (= 3.2.8) builder (~> 3.0.0) erubis (~> 2.7.0) journey (~> 1.0.4) @@ -55,18 +38,18 @@ GEM rack-cache (~> 1.2) rack-test (~> 0.6.1) sprockets (~> 2.1.3) - activemodel (3.2.7) - activesupport (= 3.2.7) + activemodel (3.2.8) + activesupport (= 3.2.8) builder (~> 3.0.0) - activerecord (3.2.7) - activemodel (= 3.2.7) - activesupport (= 3.2.7) + activerecord (3.2.8) + activemodel (= 3.2.8) + activesupport (= 3.2.8) arel (~> 3.0.2) tzinfo (~> 0.3.29) - activeresource (3.2.7) - activemodel (= 3.2.7) - activesupport (= 3.2.7) - activesupport (3.2.7) + activeresource (3.2.8) + activemodel (= 3.2.8) + activesupport (= 3.2.8) + activesupport (3.2.8) i18n (~> 0.6) multi_json (~> 1.0) airbrake (3.1.2) @@ -92,9 +75,9 @@ GEM net-ssh (>= 2.0.14) net-ssh-gateway (>= 1.1.0) capistrano_colors (0.5.5) - charlock_holmes (0.6.8) + charlock_holmes (0.6.9) chronic (0.6.7) - chunky_png (1.2.5) + chunky_png (1.2.6) cocaine (0.2.1) coffee-rails (3.2.2) coffee-script (>= 2.2.0) @@ -125,21 +108,33 @@ GEM execjs (1.4.0) multi_json (~> 1.0) expression_parser (0.9.0) - factory_girl (3.6.0) + factory_girl (4.0.0) activesupport (>= 3.0.0) - factory_girl_rails (3.6.0) - factory_girl (~> 3.6.0) + factory_girl_rails (4.0.0) + factory_girl (~> 4.0.0) railties (>= 3.0.0) ffi (1.0.11) fssm (0.2.9) - github-linguist (2.1.2) + github-linguist (2.2.1) charlock_holmes (~> 0.6.6) escape_utils (~> 0.2.3) mime-types (~> 1.18) pygments.rb (>= 0.2.13) github-markdown (0.5.0) github-markup (0.7.4) - haml (3.1.6) + gollum (2.1.3) + github-markdown + github-markup (>= 0.7.0, < 1.0.0) + grit (~> 2.5.0) + mustache (>= 0.11.2, < 1.0.0) + nokogiri (~> 1.4) + posix-spawn (~> 0.3.0) + pygments.rb (~> 0.2.0) + sanitize (~> 2.0.0) + sinatra (~> 1.0) + stringex (~> 1.4.0) + useragent (~> 0.4.9) + haml (3.1.7) haml-rails (0.3.4) actionpack (~> 3.0) activesupport (~> 3.0) @@ -150,7 +145,7 @@ GEM hike (1.2.1) hirb (0.7.0) i18n (0.6.0) - jbuilder (0.4.0) + jbuilder (0.4.3) activesupport (>= 3.0.0) blankslate (>= 2.1.2.4) journey (1.0.4) @@ -223,14 +218,14 @@ GEM rack rack-test (0.6.1) rack (>= 1.0) - rails (3.2.7) - actionmailer (= 3.2.7) - actionpack (= 3.2.7) - activerecord (= 3.2.7) - activeresource (= 3.2.7) - activesupport (= 3.2.7) + rails (3.2.8) + actionmailer (= 3.2.8) + actionpack (= 3.2.8) + activerecord (= 3.2.8) + activeresource (= 3.2.8) + activesupport (= 3.2.8) bundler (~> 1.0) - railties (= 3.2.7) + railties (= 3.2.8) rails-backbone (0.7.2) coffee-script (~> 2.2.0) ejs (~> 1.0.0) @@ -239,9 +234,9 @@ GEM railties (>= 3.0.0) rails3-jquery-autocomplete (1.0.7) rails (~> 3.0) - railties (3.2.7) - actionpack (= 3.2.7) - activesupport (= 3.2.7) + railties (3.2.8) + actionpack (= 3.2.8) + activesupport (= 3.2.8) rack-ssl (~> 1.3.2) rake (>= 0.8.7) rdoc (~> 3.4) @@ -253,7 +248,7 @@ GEM json (~> 1.4) redcarpet (1.17.2) redis (3.0.1) - redis-namespace (1.2.0) + redis-namespace (1.2.1) redis (~> 3.0.0) redisk (0.2.2) redis (>= 0.1.1) @@ -277,7 +272,7 @@ GEM rspec-core (2.11.1) rspec-expectations (2.11.2) diff-lcs (~> 1.1.3) - rspec-mocks (2.11.1) + rspec-mocks (2.11.2) rspec-rails (2.11.0) actionpack (>= 3.0) activesupport (>= 3.0) @@ -296,7 +291,7 @@ GEM capistrano (>= 2.0.0) sanitize (2.0.3) nokogiri (>= 1.4.4, < 1.6) - sass (3.1.20) + sass (3.2.0) sass-rails (3.2.5) railties (~> 3.2.0) sass (>= 3.1.10) @@ -324,19 +319,19 @@ GEM state_machine (1.1.2) stringex (1.4.0) systemu (2.5.2) - therubyracer (0.10.1) + therubyracer (0.10.2) libv8 (~> 3.3.10) thin (1.4.1) daemons (>= 1.0.9) eventmachine (>= 0.12.6) rack (>= 1.0.0) - thor (0.15.4) + thor (0.16.0) tilt (1.3.3) treetop (1.4.10) polyglot polyglot (>= 0.3.1) tzinfo (0.3.33) - uglifier (1.2.6) + uglifier (1.2.7) execjs (>= 0.3.0) multi_json (~> 1.3) unicorn (4.3.1) @@ -370,15 +365,15 @@ DEPENDENCIES cape capistrano capistrano_colors - charlock_holmes (~> 0.6.8) + charlock_holmes (~> 0.6.9) coffee-rails (~> 3.2.2) compass-rails (~> 1.0.3) creole devise (~> 2.1.2) diff-display (~> 0.0.1) - factory_girl_rails (~> 3.6.0) - github-linguist (~> 2.1.2) - gollum! + factory_girl_rails (~> 4.0.0) + github-linguist (~> 2.2.1) + gollum (~> 2.1.3) grack! grit! haml-rails (~> 0.3.4) @@ -394,7 +389,7 @@ DEPENDENCIES paperclip (~> 3.1.4) perform_later (~> 1.3.0) pg (~> 0.14.0) - rails (= 3.2.7) + rails (= 3.2.8) rails-backbone (~> 0.7.2) rails3-generators rails3-jquery-autocomplete (~> 1.0.7) @@ -413,7 +408,7 @@ DEPENDENCIES shotgun shoulda state_machine - therubyracer (~> 0.10.1) + therubyracer (~> 0.10.2) therubyrhino (~> 1.73.1) trinidad (~> 1.0.2) uglifier (~> 1.2.4) diff --git a/app/controllers/platforms/product_build_lists_controller.rb b/app/controllers/platforms/product_build_lists_controller.rb index bed67a54b..64bf45541 100644 --- a/app/controllers/platforms/product_build_lists_controller.rb +++ b/app/controllers/platforms/product_build_lists_controller.rb @@ -23,7 +23,7 @@ class Platforms::ProductBuildListsController < Platforms::BaseController end def destroy - if @product_build_list.destroy + if @product_build_list.destroy flash[:notice] = t('flash.product_build_list.delete') else flash[:error] = t('flash.product_build_list.delete_error') diff --git a/app/controllers/projects/comments_controller.rb b/app/controllers/projects/comments_controller.rb index 3b36c3456..2a8b82685 100644 --- a/app/controllers/projects/comments_controller.rb +++ b/app/controllers/projects/comments_controller.rb @@ -4,7 +4,7 @@ class Projects::CommentsController < Projects::BaseController load_and_authorize_resource :project before_filter :find_commentable before_filter :find_or_build_comment - load_and_authorize_resource + load_and_authorize_resource #:through => :commentable include CommentsHelper diff --git a/app/models/ability.rb b/app/models/ability.rb index 6a0d2d96c..ffddae8f0 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -119,7 +119,7 @@ class Ability cannot :manage, Issue, :project => {:has_issues => false} # switch off issues can(:create, Comment) {|comment| can? :read, comment.project} - can(:update, Comment) {|comment| comment.user_id == user.id or local_admin?(comment.project || comment.commentable.project)} + can(:update, Comment) {|comment| comment.user == user or comment.project.owner == user or local_admin?(comment.project)} cannot :manage, Comment, :commentable_type => 'Issue', :commentable => {:project => {:has_issues => false}} # switch off issues end diff --git a/app/models/mass_build.rb b/app/models/mass_build.rb index 4fa18720e..3fb14bb29 100644 --- a/app/models/mass_build.rb +++ b/app/models/mass_build.rb @@ -45,8 +45,8 @@ class MassBuild < ActiveRecord::Base end def cancel_all - self.update_attribute(:stop_build, true) - self.build_lists.find_each(:batch_size => 100) do |bl| + self.stop_build = true; save(:validate => false) + build_lists.find_each(:batch_size => 100) do |bl| bl.cancel end end diff --git a/app/models/platform.rb b/app/models/platform.rb index c0b13246a..bd5856f3f 100644 --- a/app/models/platform.rb +++ b/app/models/platform.rb @@ -131,11 +131,11 @@ class Platform < ActiveRecord::Base end def change_visibility - if !self.hidden? - self.update_attribute(:visibility, 'hidden') + if !hidden? + update_attributes(:visibility => 'hidden') remove_symlink_directory else - self.update_attribute(:visibility, 'open') + update_attributes(:visibility => 'open') symlink_directory end end diff --git a/app/models/subscribe.rb b/app/models/subscribe.rb index 8b6907d98..8145286e1 100644 --- a/app/models/subscribe.rb +++ b/app/models/subscribe.rb @@ -34,7 +34,7 @@ class Subscribe < ActiveRecord::Base def self.set_subscribe_to_commit(options, status) if subscribe = Subscribe.where(options).first - subscribe.update_attribute(:status, status) + subscribe.update_attributes(:status => status) else Subscribe.create(options.merge(:status => status)) end diff --git a/config/deploy.rb b/config/deploy.rb index 41f67ab13..c626728a7 100644 --- a/config/deploy.rb +++ b/config/deploy.rb @@ -101,3 +101,32 @@ namespace :rake_tasks do mirror_rake_tasks 'db:seeds' end end + +namespace :update do + desc "Copy remote production shared files to localhost" + task :shared do + run_locally "rsync --recursive --times --rsh=ssh --compress --human-readable --progress #{user}@#{domain}:#{shared_path}/shared_contents/uploads public/uploads" + end + + desc "Dump remote production postgresql database, rsync to localhost" + task :postgresql do + get("#{current_path}/config/database.yml", "tmp/database.yml") + + remote_settings = YAML::load_file("tmp/database.yml")[rails_env] + local_settings = YAML::load_file("config/database.yml")["development"] + + run "export PGPASSWORD=#{remote_settings["password"]} && pg_dump --host=#{remote_settings["host"]} --port=#{remote_settings["port"]} --username #{remote_settings["username"]} --file #{current_path}/tmp/#{remote_settings["database"]}_dump -Fc #{remote_settings["database"]}" + + run_locally "rsync --recursive --times --rsh=ssh --compress --human-readable --progress #{user}@#{domain}:#{current_path}/tmp/#{remote_settings["database"]}_dump tmp/" + + run_locally "dropdb -U #{local_settings["username"]} --host=#{local_settings["host"]} --port=#{local_settings["port"]} #{local_settings["database"]}" + run_locally "createdb -U #{local_settings["username"]} --host=#{local_settings["host"]} --port=#{local_settings["port"]} -T template0 #{local_settings["database"]}" + run_locally "pg_restore -U #{local_settings["username"]} --host=#{local_settings["host"]} --port=#{local_settings["port"]} -d #{local_settings["database"]} tmp/#{remote_settings["database"]}_dump" + end + + desc "Dump all remote data to localhost" + task :all do + # update.shared + update.postgresql + end +end diff --git a/db/migrate/20120306212914_add_project_to_comment.rb b/db/migrate/20120306212914_add_project_to_comment.rb index 94b6f8361..1e8ef5abe 100644 --- a/db/migrate/20120306212914_add_project_to_comment.rb +++ b/db/migrate/20120306212914_add_project_to_comment.rb @@ -5,7 +5,7 @@ class AddProjectToComment < ActiveRecord::Migration Subscribe.reset_column_information Comment.where(:commentable_type => 'Grit::Commit').destroy_all Comment.where(:commentable_type => 'Issue').each do |comment| - comment.update_attribute(:project_id, comment.commentable.project) + comment.update_column(:project_id, comment.commentable.project.id) end end diff --git a/db/schema.rb b/db/schema.rb index fa167f2e8..df055fe17 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -53,8 +53,8 @@ ActiveRecord::Schema.define(:version => 20120730214052) do create_table "arches", :force => true do |t| t.string "name", :null => false - t.datetime "created_at" - t.datetime "updated_at" + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false end add_index "arches", ["name"], :name => "index_arches_on_name", :unique => true @@ -63,8 +63,8 @@ ActiveRecord::Schema.define(:version => 20120730214052) do t.integer "user_id" t.string "provider" t.string "uid" - t.datetime "created_at" - t.datetime "updated_at" + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false end add_index "authentications", ["provider", "uid"], :name => "index_authentications_on_provider_and_uid", :unique => true @@ -75,8 +75,8 @@ ActiveRecord::Schema.define(:version => 20120730214052) do t.integer "level" t.integer "status" t.integer "build_list_id" - t.datetime "created_at" - t.datetime "updated_at" + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false t.string "version" end @@ -169,12 +169,10 @@ ActiveRecord::Schema.define(:version => 20120730214052) do t.datetime "updated_at", :null => false end - add_index "projects", ["owner_id"], :name => "index_projects_on_name_and_owner_id_and_owner_type", :unique => true, :case_sensitive => false - create_table "groups", :force => true do |t| t.integer "owner_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false t.string "uname" t.integer "own_projects_count", :default => 0, :null => false t.text "description" @@ -255,7 +253,7 @@ ActiveRecord::Schema.define(:version => 20120730214052) do t.string "owner_type" t.string "visibility", :default => "open", :null => false t.string "platform_type", :default => "main", :null => false - t.string "distrib_type", :null => false + t.string "distrib_type" end add_index "platforms", ["name"], :name => "index_platforms_on_name", :unique => true, :case_sensitive => false @@ -264,16 +262,16 @@ ActiveRecord::Schema.define(:version => 20120730214052) do t.integer "platform_id" t.string "login" t.string "password" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false t.integer "user_id" end create_table "product_build_lists", :force => true do |t| t.integer "product_id" t.integer "status", :default => 2, :null => false - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false end add_index "product_build_lists", ["product_id"], :name => "index_product_build_lists_on_product_id" @@ -281,8 +279,8 @@ ActiveRecord::Schema.define(:version => 20120730214052) do create_table "products", :force => true do |t| t.string "name", :null => false t.integer "platform_id", :null => false - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false t.text "build_script" t.text "counter" t.text "ks" @@ -301,8 +299,8 @@ ActiveRecord::Schema.define(:version => 20120730214052) do t.string "name" t.string "version" t.datetime "file_mtime" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false t.integer "platform_id" end @@ -311,8 +309,8 @@ ActiveRecord::Schema.define(:version => 20120730214052) do create_table "project_to_repositories", :force => true do |t| t.integer "project_id" t.integer "repository_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false end create_table "projects", :force => true do |t| @@ -344,8 +342,8 @@ ActiveRecord::Schema.define(:version => 20120730214052) do t.string "token" t.boolean "approved", :default => false t.boolean "rejected", :default => false - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false t.string "interest" t.text "more" end @@ -358,16 +356,16 @@ ActiveRecord::Schema.define(:version => 20120730214052) do t.string "actor_type" t.integer "target_id" t.string "target_type" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false t.string "role" end create_table "repositories", :force => true do |t| t.string "description", :null => false t.integer "platform_id", :null => false - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false t.string "name", :null => false end @@ -378,8 +376,8 @@ ActiveRecord::Schema.define(:version => 20120730214052) do t.boolean "new_comment_reply", :default => true t.boolean "new_issue", :default => true t.boolean "issue_assign", :default => true - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false t.boolean "new_comment_commit_owner", :default => true t.boolean "new_comment_commit_repo_owner", :default => true t.boolean "new_comment_commit_commentor", :default => true @@ -388,8 +386,8 @@ ActiveRecord::Schema.define(:version => 20120730214052) do create_table "subscribes", :force => true do |t| t.string "subscribeable_type" t.integer "user_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false t.boolean "status", :default => true t.integer "project_id" t.decimal "subscribeable_id", :precision => 50, :scale => 0 @@ -404,10 +402,14 @@ ActiveRecord::Schema.define(:version => 20120730214052) do t.datetime "remember_created_at" t.datetime "created_at", :null => false t.datetime "updated_at", :null => false + t.text "ssh_key" t.string "uname" t.string "role" - t.string "language", :default => "en" - t.integer "own_projects_count", :default => 0, :null => false + t.string "language", :default => "en" + t.integer "own_projects_count", :default => 0, :null => false + t.string "confirmation_token" + t.datetime "confirmed_at" + t.datetime "confirmation_sent_at" t.text "professional_experience" t.string "site" t.string "company" @@ -419,9 +421,6 @@ ActiveRecord::Schema.define(:version => 20120730214052) do t.integer "failed_attempts", :default => 0 t.string "unlock_token" t.datetime "locked_at" - t.string "confirmation_token" - t.datetime "confirmed_at" - t.datetime "confirmation_sent_at" t.string "authentication_token" t.integer "build_priority", :default => 50 end diff --git a/spec/controllers/groups/profile_controller_spec.rb b/spec/controllers/groups/profile_controller_spec.rb index a0e29c31b..c058ed79e 100644 --- a/spec/controllers/groups/profile_controller_spec.rb +++ b/spec/controllers/groups/profile_controller_spec.rb @@ -129,7 +129,7 @@ describe Groups::ProfileController do before(:each) do @user = FactoryGirl.create(:user) set_session_for(@user) - @group.update_attribute(:owner, @user) + @group.owner = @user; @group.save @group.actors.create(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') end diff --git a/spec/controllers/platforms/key_pairs_controller_spec.rb b/spec/controllers/platforms/key_pairs_controller_spec.rb index 5b27e41b0..b0a507477 100644 --- a/spec/controllers/platforms/key_pairs_controller_spec.rb +++ b/spec/controllers/platforms/key_pairs_controller_spec.rb @@ -126,7 +126,7 @@ describe Platforms::KeyPairsController do before(:each) do @user = FactoryGirl.create(:user) set_session_for(@user) - @platform.update_attribute(:owner, @user) + @platform.owner = @user; @platform.save end it_should_behave_like 'key_pair platform owner' diff --git a/spec/controllers/platforms/mass_builds_controller_spec.rb b/spec/controllers/platforms/mass_builds_controller_spec.rb index 1cd611d72..f1dd87a9d 100644 --- a/spec/controllers/platforms/mass_builds_controller_spec.rb +++ b/spec/controllers/platforms/mass_builds_controller_spec.rb @@ -23,7 +23,7 @@ shared_examples_for 'mass_build platform owner' do end it 'should not be able to perform cancel action if stop_build is true' do - @mass_build.update_attribute(:stop_build, true) + @mass_build.stop_build = true; @mass_build.save post :cancel, :platform_id => @platform, :id => @mass_build response.should redirect_to(forbidden_path) end @@ -133,7 +133,7 @@ describe Platforms::MassBuildsController do before(:each) do @user = FactoryGirl.create(:user) set_session_for(@user) - @platform.update_attribute(:owner, @user) + @platform.owner = @user; @platform.save end it_should_behave_like 'mass_build platform owner' diff --git a/spec/controllers/platforms/platforms_controller_spec.rb b/spec/controllers/platforms/platforms_controller_spec.rb index 242315f10..e9732608a 100644 --- a/spec/controllers/platforms/platforms_controller_spec.rb +++ b/spec/controllers/platforms/platforms_controller_spec.rb @@ -104,7 +104,7 @@ describe Platforms::PlatformsController do before(:each) do @user = FactoryGirl.create(:user) set_session_for(@user) - @platform.update_attribute(:owner, @user) + @platform.owner = @user; @platform.save @platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') end diff --git a/spec/controllers/platforms/repositories_controller_spec.rb b/spec/controllers/platforms/repositories_controller_spec.rb index 82c4a5712..06c75fd85 100644 --- a/spec/controllers/platforms/repositories_controller_spec.rb +++ b/spec/controllers/platforms/repositories_controller_spec.rb @@ -107,7 +107,7 @@ describe Platforms::RepositoriesController do before(:each) do @user = FactoryGirl.create(:user) set_session_for(@user) - @repository.platform.update_attribute(:owner, @user) + @repository.platform.owner = @user; @repository.platform.save @repository.platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') end diff --git a/spec/controllers/projects/build_lists_controller_spec.rb b/spec/controllers/projects/build_lists_controller_spec.rb index b2aa0d17d..c8f7b0f91 100644 --- a/spec/controllers/projects/build_lists_controller_spec.rb +++ b/spec/controllers/projects/build_lists_controller_spec.rb @@ -326,8 +326,8 @@ describe Projects::BuildListsController do describe 'publish_build' do before { test_git_commit(build_list.project) - build_list.update_attribute :commit_hash, build_list.project.repo.commits('master').last.id - build_list.update_attribute(:status, BuildList::BUILD_PUBLISH) + build_list.update_column :commit_hash, build_list.project.repo.commits('master').last.id + build_list.update_column(:status, BuildList::BUILD_PUBLISH) build_list_package } @@ -337,7 +337,7 @@ describe Projects::BuildListsController do end it(:passes) { - build_list.update_attribute(:status, BuildServer::BUILD_STARTED) + build_list.update_column(:status, BuildServer::BUILD_STARTED) do_get(BuildServer::SUCCESS) response.should be_ok } @@ -401,7 +401,7 @@ describe Projects::BuildListsController do describe 'pre_build' do before do - build_list.update_attribute :status, BuildList::BUILD_PENDING + build_list.update_column :status, BuildList::BUILD_PENDING end def do_get @@ -428,29 +428,29 @@ describe Projects::BuildListsController do context 'with auto_publish' do it(:passes) { - build_list.update_attribute(:started_at, (Time.now - 1.day)) - build_list.update_attribute(:status, BuildServer::BUILD_STARTED) + build_list.update_column(:started_at, (Time.now - 1.day)) + build_list.update_column(:status, BuildServer::BUILD_STARTED) build_list.reload lambda{ do_get(BuildServer::SUCCESS) }.should change(build_list, :status).to(BuildList::BUILD_PUBLISH) } it(:passes) { - build_list.update_attribute(:started_at, (Time.now - 1.day)) - build_list.update_attribute(:status, BuildServer::BUILD_STARTED) + build_list.update_column(:started_at, (Time.now - 1.day)) + build_list.update_column(:status, BuildServer::BUILD_STARTED) lambda{ do_get(BuildServer::BUILD_ERROR) }.should change(build_list, :status).to(BuildServer::BUILD_ERROR) } end context 'without auto_publish' do - before { build_list.update_attribute(:auto_publish, false) } + before { build_list.update_column(:auto_publish, false) } it(:passes) { - build_list.update_attribute(:started_at, (Time.now - 1.day)) - build_list.update_attribute(:status, BuildServer::BUILD_STARTED) + build_list.update_column(:started_at, (Time.now - 1.day)) + build_list.update_column(:status, BuildServer::BUILD_STARTED) lambda{ do_get(BuildServer::SUCCESS) }.should change(build_list, :status).to(BuildServer::SUCCESS) } it(:passes) { - build_list.update_attribute(:started_at, (Time.now - 1.day)) - build_list.update_attribute(:status, BuildServer::BUILD_STARTED) + build_list.update_column(:started_at, (Time.now - 1.day)) + build_list.update_column(:status, BuildServer::BUILD_STARTED) lambda{ do_get(BuildServer::BUILD_ERROR) }.should change(build_list, :status).to(BuildServer::BUILD_ERROR) } end diff --git a/spec/controllers/projects/collaborators_controller_spec.rb b/spec/controllers/projects/collaborators_controller_spec.rb index 5c8d320c2..48d32f723 100644 --- a/spec/controllers/projects/collaborators_controller_spec.rb +++ b/spec/controllers/projects/collaborators_controller_spec.rb @@ -1,21 +1,37 @@ # -*- encoding : utf-8 -*- require 'spec_helper' -def create_params - @user_params = { - :actor_id => @another_user.id.to_s, - :actor_type => 'user', - :role => 'reader' - } - @group_params = { - :actor_id => @group.id.to_s, - :actor_type => 'group', - :role => 'reader' - } - @create_params = { - :owner_name => @project.owner.uname, :project_name => @project.name, - :format => :json - } +shared_context "collaborators controller" do + before(:each) do + stub_symlink_methods + @project = FactoryGirl.create(:project) + @another_user = FactoryGirl.create(:user) + @member_user = FactoryGirl.create(:user) + # Create relation with 'writer' rights + @collaborator = Collaborator.create(:actor => @member_user, :project => @project, :role => 'writer') + end + + def set_params + @user_params = { + :actor_id => @another_user.id.to_s, + :actor_type => 'user', + :role => 'reader' + } + @group_params = { + :actor_id => @group.id.to_s, + :actor_type => 'group', + :role => 'reader' + } if @group + @create_params = { + :owner_name => @project.owner.uname, :project_name => @project.name, + :format => :json + } + @update_params = { + :owner_name => @project.owner.uname, :project_name => @project.name, + :collaborator => {:role => 'reader'}, + :format => :json + } + end end shared_examples_for 'project admin user' do @@ -25,7 +41,7 @@ shared_examples_for 'project admin user' do end it 'should be able to perform update action' do - put :update, {:owner_name => @project.owner.uname, :project_name => @project.name, :id => @collaborator.id}.merge(@update_params) + put :update, {:id => @collaborator.id}.merge(@update_params) response.should be_success end @@ -40,7 +56,7 @@ shared_examples_for 'project admin user' do end it 'should be able to set reader role for any user' do - put :update, {:owner_name => @project.owner.uname, :project_name => @project.name, :id => @collaborator.id}.merge(@update_params) + put :update, {:id => @collaborator.id}.merge(@update_params) @another_user.relations.exists? :target_id => @project.id, :target_type => 'Project', :role => 'read' end end @@ -52,35 +68,28 @@ shared_examples_for 'user with no rights for this project' do end it 'should not be able to perform update action' do - put :update, {:owner_name => @project.owner.uname, :project_name => @project.name, :id => @collaborator.id}.merge(@update_params) + put :update, {:id => @collaborator.id}.merge(@update_params) response.should redirect_to(forbidden_path) end it 'should not be able to set reader role for any user' do - put :update, {:owner_name => @project.owner.uname, :project_name => @project.name, :id => @collaborator.id}.merge(@update_params) + put :update, {:id => @collaborator.id}.merge(@update_params) !@another_user.relations.exists? :target_id => @project.id, :target_type => 'Project', :role => 'read' end end describe Projects::CollaboratorsController do - before(:each) do - stub_symlink_methods - @project = FactoryGirl.create(:project) - @another_user = FactoryGirl.create(:user) - @member_user = FactoryGirl.create(:user) - @update_params = {:collaborator => {:role => :reader}, :format => :json} - # Create relation with 'writer' rights - @collaborator = Collaborator.create(:actor => @member_user, :project => @project, :role => 'writer') - end + include_context "collaborators controller" context 'for guest' do + before {set_params} it 'should not be able to perform index action' do get :index, :owner_name => @project.owner.uname, :project_name => @project.name response.should redirect_to(new_user_session_path) end it 'should not be able to perform update action' do - put :update, {:owner_name => @project.owner.uname, :project_name => @project.name, :id => @collaborator.id}.merge(@update_params) + put :update, {:id => @collaborator.id}.merge(@update_params) response.code.should == '401' end end @@ -90,7 +99,7 @@ describe Projects::CollaboratorsController do @admin = FactoryGirl.create(:admin) set_session_for(@admin) @group = FactoryGirl.create(:group) - create_params + set_params end it_should_behave_like 'project admin user' @@ -99,15 +108,13 @@ describe Projects::CollaboratorsController do context 'for admin user' do before(:each) do @user = FactoryGirl.create(:user) -# @user.relations set_session_for(@user) @group = FactoryGirl.create(:group) @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') - create_params + set_params end it_should_behave_like 'project admin user' - end context 'for owner user' do @@ -116,10 +123,9 @@ describe Projects::CollaboratorsController do set_session_for(@user) @group = FactoryGirl.create(:group) - @project.update_attribute(:owner, @user) + @project.owner = @user; @project.save!; @project.reload @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') - - create_params + set_params end it_should_behave_like 'project admin user' @@ -130,6 +136,7 @@ describe Projects::CollaboratorsController do @user = FactoryGirl.create(:user) set_session_for(@user) @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader') + set_params end it_should_behave_like 'user with no rights for this project' @@ -140,6 +147,7 @@ describe Projects::CollaboratorsController do @user = FactoryGirl.create(:user) set_session_for(@user) @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'writer') + set_params end it_should_behave_like 'user with no rights for this project' diff --git a/spec/controllers/projects/comments_controller_spec.rb b/spec/controllers/projects/comments_controller_spec.rb index 1e0501495..ead01eca2 100644 --- a/spec/controllers/projects/comments_controller_spec.rb +++ b/spec/controllers/projects/comments_controller_spec.rb @@ -1,6 +1,27 @@ # -*- encoding : utf-8 -*- require 'spec_helper' +shared_context "comments controller" do + before(:each) do + stub_symlink_methods + + @project = FactoryGirl.create(:project) + @issue = FactoryGirl.create(:issue, :project_id => @project.id, :user => FactoryGirl.create(:user)) + @comment = FactoryGirl.create(:comment, :commentable => @issue, :project_id => @project.id) + + any_instance_of(Project, :versions => ['v1.0', 'v2.0']) + + @user = FactoryGirl.create(:user) + set_session_for(@user) + @own_comment = FactoryGirl.create(:comment, :commentable => @issue, :user => @user, :project_id => @project.id) + end + + def set_params + @create_params = {:comment => {:body => 'I am a comment!'}, :owner_name => @project.owner.uname, :project_name => @project.name, :issue_id => @issue.serial_id} + @update_params = {:comment => {:body => 'updated'}, :owner_name => @project.owner.uname, :project_name => @project.name, :issue_id => @issue.serial_id} + end +end + shared_examples_for 'user with create comment rights' do it 'should be able to perform create action' do post :create, @create_params @@ -30,7 +51,7 @@ shared_examples_for 'user with update stranger comment rights' do response.should redirect_to([@project, @issue]) end - it 'should update issue title' do + it 'should update comment body' do put :update, {:id => @comment.id}.merge(@update_params) @comment.reload.body.should == 'updated' end @@ -42,7 +63,7 @@ shared_examples_for 'user without update stranger comment rights' do response.should redirect_to(forbidden_path) end - it 'should not update issue title' do + it 'should not update comment body' do put :update, {:id => @comment.id}.merge(@update_params) @comment.reload.body.should_not == 'updated' end @@ -71,26 +92,12 @@ end #end describe Projects::CommentsController do - before(:each) do - stub_symlink_methods - - @project = FactoryGirl.create(:project) - @issue = FactoryGirl.create(:issue, :project_id => @project.id, :user => FactoryGirl.create(:user)) - @comment = FactoryGirl.create(:comment, :commentable => @issue, :project_id => @project.id) - - @create_params = {:comment => {:body => 'I am a comment!'}, :owner_name => @project.owner.uname, :project_name => @project.name, :issue_id => @issue.serial_id} - @update_params = {:comment => {:body => 'updated'}, :owner_name => @project.owner.uname, :project_name => @project.name, :issue_id => @issue.serial_id} - - any_instance_of(Project, :versions => ['v1.0', 'v2.0']) - - @user = FactoryGirl.create(:user) - set_session_for(@user) - @own_comment = FactoryGirl.create(:comment, :commentable => @issue, :user => @user, :project_id => @project.id) - end + include_context "comments controller" context 'for project admin user' do before(:each) do @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') + set_params end it_should_behave_like 'user with create comment rights' @@ -101,10 +108,11 @@ describe Projects::CommentsController do context 'for project owner user' do before(:each) do - @project.update_attribute(:owner, @user) - @project.relations.destroy_all - @project.relations.create :actor_id => @project.owner.id, :actor_type => @project.owner.class.to_s, :role => 'admin' - @create_params[:owner_name] = @user.uname; @update_params[:owner_name] = @user.uname + @project.owner = @user; @project.save!; @project.reload; @project.owner.reload + # @project.relations.destroy_all + # @project.relations.create! :actor_id => @project.owner_id, :actor_type => @project.owner_type, :role => 'admin' + # @create_params[:owner_name] = @user.uname; @update_params[:owner_name] = @user.uname + set_params end it_should_behave_like 'user with create comment rights' @@ -116,6 +124,7 @@ describe Projects::CommentsController do context 'for project reader user' do before(:each) do @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader') + set_params end it_should_behave_like 'user with create comment rights' @@ -127,6 +136,7 @@ describe Projects::CommentsController do context 'for project writer user' do before(:each) do @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'writer') + set_params end it_should_behave_like 'user with create comment rights' diff --git a/spec/controllers/projects/issues_controller_spec.rb b/spec/controllers/projects/issues_controller_spec.rb index 49a6e9b07..2aa8b8bf4 100644 --- a/spec/controllers/projects/issues_controller_spec.rb +++ b/spec/controllers/projects/issues_controller_spec.rb @@ -1,6 +1,40 @@ # -*- encoding : utf-8 -*- require 'spec_helper' +shared_context "issues controller" do + before(:each) do + stub_symlink_methods + + @project = FactoryGirl.create(:project) + @issue_user = FactoryGirl.create(:user) + + any_instance_of(Project, :versions => ['v1.0', 'v2.0']) + + @issue = FactoryGirl.create(:issue, :project_id => @project.id, :assignee_id => @issue_user.id) + + @project_with_turned_off_issues = FactoryGirl.create(:project, :has_issues => false) + @turned_of_issue = FactoryGirl.create(:issue, :project_id => @project_with_turned_off_issues.id, :assignee_id => @issue_user.id) + end + + def set_params + @create_params = { + :owner_name => @project.owner.uname, :project_name => @project.name, + :issue => { + :title => "issue1", + :body => "issue body" + }, + :assignee_id => @issue_user.id, + :assignee_uname => @issue_user.uname + } + @update_params = { + :owner_name => @project.owner.uname, :project_name => @project.name, + :issue => { + :title => "issue2" + } + } + end +end + shared_examples_for 'issue user with project reader rights' do it 'should be able to perform index action' do get :index, :owner_name => @project.owner.uname, :project_name => @project.name @@ -13,7 +47,7 @@ shared_examples_for 'issue user with project reader rights' do end it 'should be able to perform index action on hidden project' do - @project.update_attribute :visibility, 'hidden' + @project.update_attributes :visibility => 'hidden' get :index, :owner_name => @project.owner.uname, :project_name => @project.name response.should render_template(:index) end @@ -78,39 +112,13 @@ shared_examples_for 'project with issues turned off' do end describe Projects::IssuesController do - before(:each) do - stub_symlink_methods - - @project = FactoryGirl.create(:project) - @issue_user = FactoryGirl.create(:user) - - any_instance_of(Project, :versions => ['v1.0', 'v2.0']) - - @issue = FactoryGirl.create(:issue, :project_id => @project.id, :assignee_id => @issue_user.id) - @create_params = { - :owner_name => @project.owner.uname, :project_name => @project.name, - :issue => { - :title => "issue1", - :body => "issue body" - }, - :assignee_id => @issue_user.id, - :assignee_uname => @issue_user.uname - } - @update_params = { - :owner_name => @project.owner.uname, :project_name => @project.name, - :issue => { - :title => "issue2" - } - } - - @project_with_turned_off_issues = FactoryGirl.create(:project, :has_issues => false) - @turned_of_issue = FactoryGirl.create(:issue, :project_id => @project_with_turned_off_issues.id, :assignee_id => @issue_user.id) - end + include_context "issues controller" context 'for global admin user' do before(:each) do @admin = FactoryGirl.create(:admin) set_session_for(@admin) + set_params end it_should_behave_like 'user without issue destroy rights' @@ -121,6 +129,7 @@ describe Projects::IssuesController do @user = FactoryGirl.create(:user) set_session_for(@user) @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') + set_params end it_should_behave_like 'issue user with project reader rights' @@ -134,8 +143,9 @@ describe Projects::IssuesController do before(:each) do @user = FactoryGirl.create(:user) set_session_for(@user) - @project.update_attribute(:owner, @user); @create_params[:owner_name] = @user.uname; @update_params[:owner_name] = @user.uname + @project.owner = @user; @project.save!; @project.reload @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') + set_params end it_should_behave_like 'issue user with project reader rights' @@ -150,6 +160,7 @@ describe Projects::IssuesController do @user = FactoryGirl.create(:user) set_session_for(@user) @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader') + set_params end it_should_behave_like 'issue user with project reader rights' @@ -172,6 +183,7 @@ describe Projects::IssuesController do @user = FactoryGirl.create(:user) set_session_for(@user) @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'writer') + set_params end it_should_behave_like 'issue user with project reader rights' @@ -184,6 +196,7 @@ describe Projects::IssuesController do context 'for issue assign user' do before(:each) do set_session_for(@issue_user) + set_params end it_should_behave_like 'user without issue update rights' @@ -192,6 +205,8 @@ describe Projects::IssuesController do end context 'for guest' do + before {set_params} + if APP_CONFIG['anonymous_access'] # it_should_behave_like 'issue user with project reader rights' it 'should be able to perform index action' do @@ -205,7 +220,7 @@ describe Projects::IssuesController do end it 'should not be able to perform index action on hidden project' do - @project.update_attribute :visibility, 'hidden' + @project.update_attributes :visibility => 'hidden' get :index, :owner_name => @project.owner.uname, :project_name => @project.name response.should redirect_to(forbidden_path) end @@ -221,7 +236,7 @@ describe Projects::IssuesController do end it 'should not be able to perform index action on hidden project' do - @project.update_attribute :visibility, 'hidden' + @project.update_attributes :visibility => 'hidden' get :index, :owner_name => @project.owner.uname, :project_name => @project.name response.should redirect_to(new_user_session_path) end diff --git a/spec/controllers/projects/projects_controller_spec.rb b/spec/controllers/projects/projects_controller_spec.rb index a94cced96..097299d40 100644 --- a/spec/controllers/projects/projects_controller_spec.rb +++ b/spec/controllers/projects/projects_controller_spec.rb @@ -47,7 +47,7 @@ describe Projects::ProjectsController do before(:each) do @user = FactoryGirl.create(:user) set_session_for(@user) - @project.update_attribute(:owner, @user) + @project.owner = @user; @project.save!; @project.reload @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') end @@ -132,7 +132,7 @@ describe Projects::ProjectsController do end it 'should not be able to fork hidden project' do - @project.update_attribute(:visibility, 'hidden') + @project.update_attributes(:visibility => 'hidden') post :fork, :owner_name => @project.owner.uname, :project_name => @project.name response.should redirect_to(forbidden_path) end @@ -150,7 +150,7 @@ describe Projects::ProjectsController do context 'owner of the project' do before(:each) do - @project.update_attribute :owner, @group + @project.owner = @group; @project.save!; @project.reload @project.relations.create :actor_id => @project.owner.id, :actor_type => @project.owner.class.to_s, :role => 'admin' end diff --git a/spec/factories/build_lists.rb b/spec/factories/build_lists.rb index 0271f50ea..5f2b0d574 100644 --- a/spec/factories/build_lists.rb +++ b/spec/factories/build_lists.rb @@ -6,6 +6,7 @@ FactoryGirl.define do association :save_to_platform, :factory => :platform_with_repos association :arch build_for_platform {|bl| bl.save_to_platform} + save_to_repository {|bl| bl.save_to_platform.repositories.first} project_version "1.0" build_requires true update_type 'security' diff --git a/spec/factories/product_build_lists.rb b/spec/factories/product_build_lists.rb index ef7642340..9e99cbcc1 100644 --- a/spec/factories/product_build_lists.rb +++ b/spec/factories/product_build_lists.rb @@ -2,5 +2,6 @@ FactoryGirl.define do factory :product_build_list do association :product, :factory => :product + status 0 # BUILD_COMPLETED end end diff --git a/spec/models/cancan_spec.rb b/spec/models/cancan_spec.rb index 467b1e275..2f4fd57f8 100644 --- a/spec/models/cancan_spec.rb +++ b/spec/models/cancan_spec.rb @@ -123,7 +123,7 @@ describe CanCan do context "private users relations" do before(:each) do @private_user = FactoryGirl.create(:private_user) - @private_user.platform.update_attribute(:owner, @user) + @private_user.platform.owner = @user; @private_user.platform.save end [:read, :create].each do |action| @@ -207,7 +207,7 @@ describe CanCan do context 'with owner rights' do before(:each) do - @project.update_attribute(:owner, @user) + @project.owner = @user; @project.save @project.relations.create!(:actor_id => @user.id, :actor_type => 'User', :role => 'admin') @issue.project.reload end @@ -241,7 +241,7 @@ describe CanCan do context 'with owner rights' do before(:each) do - @platform.update_attribute(:owner, @user) + @platform.owner = @user; @platform.save end [:read, :update, :destroy].each do |action| @@ -269,7 +269,7 @@ describe CanCan do context 'with owner rights' do before(:each) do - @repository.platform.update_attribute(:owner, @user) + @repository.platform.owner = @user; @repository.platform.save end [:read, :create, :update, :destroy, :add_project, :remove_project, :change_visibility, :settings].each do |action| diff --git a/spec/models/comment_for_commit_spec.rb b/spec/models/comment_for_commit_spec.rb index 6e51eb1fa..2e5ca00a0 100644 --- a/spec/models/comment_for_commit_spec.rb +++ b/spec/models/comment_for_commit_spec.rb @@ -91,7 +91,7 @@ describe Comment do context 'for disabled notify setting new_comment_commit_repo_owner' do it 'should not send an e-mail' do - @user.notifier.update_attribute :new_comment_commit_repo_owner, false + @user.notifier.update_column :new_comment_commit_repo_owner, false comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 1 end @@ -99,7 +99,7 @@ describe Comment do context 'for disabled notify setting new_comment_commit_owner' do it 'should send an e-mail' do - @user.notifier.update_attribute :new_comment_commit_owner, false + @user.notifier.update_column :new_comment_commit_owner, false comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 1 ActionMailer::Base.deliveries.last.to.include?(@user.email).should == true @@ -108,7 +108,7 @@ describe Comment do context 'for disabled notify setting new_comment_commit_commentor' do it 'should send an e-mail' do - @user.notifier.update_attribute :new_comment_commit_commentor, false + @user.notifier.update_column :new_comment_commit_commentor, false comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 1 ActionMailer::Base.deliveries.last.to.include?(@user.email).should == true @@ -117,9 +117,9 @@ describe Comment do context 'for disabled all notify setting expect global' do it 'should not send an e-mail' do - @user.notifier.update_attribute :new_comment_commit_repo_owner, false - @user.notifier.update_attribute :new_comment_commit_owner, false - @user.notifier.update_attribute :new_comment_commit_commentor, false + @user.notifier.update_column :new_comment_commit_repo_owner, false + @user.notifier.update_column :new_comment_commit_owner, false + @user.notifier.update_column :new_comment_commit_commentor, false comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 0 end @@ -135,7 +135,7 @@ describe Comment do context 'for disabled global notify setting' do it 'should not send an e-mail' do - @user.notifier.update_attribute :can_notify, false + @user.notifier.update_column :can_notify, false comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 0 end @@ -148,7 +148,7 @@ describe Comment do @user = FactoryGirl.create(:user) @stranger = FactoryGirl.create(:user) set_comments_data_for_commit - @project.update_attribute(:owner, @user) + @project.owner = @user; @project.save ActionMailer::Base.deliveries = [] end @@ -178,7 +178,7 @@ describe Comment do context 'for disabled notify setting new_comment_commit_repo_owner' do it 'should not send an e-mail' do - @user.notifier.update_attribute :new_comment_commit_repo_owner, false + @user.notifier.update_column :new_comment_commit_repo_owner, false Comment.destroy_all comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 0 @@ -187,7 +187,7 @@ describe Comment do context 'for disabled notify setting new_comment_commit_owner' do it 'should send an e-mail' do - @user.notifier.update_attribute :new_comment_commit_owner, false + @user.notifier.update_column :new_comment_commit_owner, false comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 1 ActionMailer::Base.deliveries.last.to.include?(@user.email).should == true @@ -196,7 +196,7 @@ describe Comment do context 'for disabled notify setting new_comment_commit_commentor' do it 'should send an e-mail' do - @user.notifier.update_attribute :new_comment_commit_commentor, false + @user.notifier.update_column :new_comment_commit_commentor, false comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 1 ActionMailer::Base.deliveries.last.to.include?(@user.email).should == true @@ -205,9 +205,9 @@ describe Comment do context 'for disabled all notify setting expect global' do it 'should not send an e-mail' do - @user.notifier.update_attribute :new_comment_commit_repo_owner, false - @user.notifier.update_attribute :new_comment_commit_owner, false - @user.notifier.update_attribute :new_comment_commit_commentor, false + @user.notifier.update_column :new_comment_commit_repo_owner, false + @user.notifier.update_column :new_comment_commit_owner, false + @user.notifier.update_column :new_comment_commit_commentor, false comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 0 end @@ -223,7 +223,7 @@ describe Comment do context 'for disabled global notify setting' do it 'should not send an e-mail' do - @user.notifier.update_attribute :can_notify, false + @user.notifier.update_column :can_notify, false comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 0 end @@ -231,7 +231,7 @@ describe Comment do context 'for own commit' do it 'should send a one e-mail' do - @project.owner.update_attribute :email, 'code@tpope.net' + @project.owner.update_column :email, 'code@tpope.net' comment = create_comment(@stranger) ActionMailer::Base.deliveries.count.should == 1 ActionMailer::Base.deliveries.last.to.include?(@project.owner.email).should == true @@ -298,7 +298,7 @@ describe Comment do context 'for committer' do it 'should send an e-mail' do - @simple.update_attribute :email, 'code@tpope.net' + @simple.update_column :email, 'code@tpope.net' comment = create_comment(@user) ActionMailer::Base.deliveries.count.should == 1 ActionMailer::Base.deliveries.last.to.include?(@simple.email).should == true @@ -306,30 +306,30 @@ describe Comment do it 'should send a one e-mail when subscribed to commit' do Subscribe.subscribe_to_commit @subscribe_params.merge(:user_id => @simple.id) - @simple.update_attribute :email, 'code@tpope.net' + @simple.update_column :email, 'code@tpope.net' comment = create_comment(@user) ActionMailer::Base.deliveries.count.should == 1 ActionMailer::Base.deliveries.last.to.include?(@simple.email).should == true end it 'should not send an e-mail for own comment' do - @simple.update_attribute :email, 'code@tpope.net' + @simple.update_column :email, 'code@tpope.net' comment = create_comment(@simple) ActionMailer::Base.deliveries.count.should == 0 end it 'should not send an e-mail if global notify off' do - @project.owner.notifier.update_attribute :can_notify, false - @simple.update_attribute :email, 'code@tpope.net' - @simple.notifier.update_attribute :can_notify, false + @project.owner.notifier.update_column :can_notify, false + @simple.update_column :email, 'code@tpope.net' + @simple.notifier.update_column :can_notify, false comment = create_comment(@user) ActionMailer::Base.deliveries.count.should == 0 end it 'should not send an e-mail if notify for my commits off' do Comment.destroy_all - @simple.notifier.update_attribute :new_comment_commit_owner, false - @simple.update_attribute :email, 'code@tpope.net' + @simple.notifier.update_column :new_comment_commit_owner, false + @simple.update_column :email, 'code@tpope.net' comment = create_comment(@user) ActionMailer::Base.deliveries.count.should == 0 end diff --git a/spec/models/comment_spec.rb b/spec/models/comment_spec.rb index afc99e0bc..ef9b9d414 100644 --- a/spec/models/comment_spec.rb +++ b/spec/models/comment_spec.rb @@ -84,7 +84,7 @@ describe Comment do set_commentable_data - @project.update_attribute(:owner, @user) + @project.owner = @user; @project.save @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') end diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb index 36209c472..85aa672f5 100644 --- a/spec/models/group_spec.rb +++ b/spec/models/group_spec.rb @@ -62,7 +62,7 @@ describe Group do context 'for group owner' do before(:each) do @user = FactoryGirl.create(:user) - @group.update_attribute(:owner, @user) + @group.owner = @user; @group.save @group.actors.create(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') @ability = Ability.new(@user) end diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index 8e61b75c6..dbc1d1029 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -45,7 +45,7 @@ describe User do context 'for group project' do before(:each) do @project.relations.destroy_all - @project.update_attribute :owner, @group + @project.owner = @group; @project.save @project.relations.create :actor_id => @project.owner.id, :actor_type => @project.owner.class.to_s, :role => 'admin' end From 3e69d7d0f4ddf32ed87efd039022aac666905282 Mon Sep 17 00:00:00 2001 From: George Vinogradov Date: Sat, 1 Sep 2012 02:00:39 +0400 Subject: [PATCH 2/9] [issue #349] Guest user can show open platforms. --- .../platforms/platforms_controller.rb | 2 +- .../platforms/products_controller.rb | 3 +- .../platforms/repositories_controller.rb | 1 + app/models/ability.rb | 7 ++++ .../platforms/maintainers_controller_spec.rb | 7 +--- .../platforms/platforms_controller_spec.rb | 15 ++++++- .../platforms/products_controller_spec.rb | 42 ++++++++++++------- .../platforms/repositories_controller_spec.rb | 26 ++++++++---- .../projects/build_lists_controller_spec.rb | 2 +- spec/factories/build_lists.rb | 1 + 10 files changed, 73 insertions(+), 33 deletions(-) diff --git a/app/controllers/platforms/platforms_controller.rb b/app/controllers/platforms/platforms_controller.rb index 5a948d06e..496c2ae9d 100644 --- a/app/controllers/platforms/platforms_controller.rb +++ b/app/controllers/platforms/platforms_controller.rb @@ -2,7 +2,7 @@ class Platforms::PlatformsController < Platforms::BaseController before_filter :authenticate_user! - skip_before_filter :authenticate_user!, :only => [:advisories] if APP_CONFIG['anonymous_access'] + skip_before_filter :authenticate_user!, :only => [:advisories, :members, :show] if APP_CONFIG['anonymous_access'] load_and_authorize_resource autocomplete :user, :uname diff --git a/app/controllers/platforms/products_controller.rb b/app/controllers/platforms/products_controller.rb index 020866a1c..7d97915ba 100644 --- a/app/controllers/platforms/products_controller.rb +++ b/app/controllers/platforms/products_controller.rb @@ -1,7 +1,8 @@ # -*- encoding : utf-8 -*- class Platforms::ProductsController < Platforms::BaseController before_filter :authenticate_user! - + skip_before_filter :authenticate_user!, :only => [:index, :show] if APP_CONFIG['anonymous_access'] + load_and_authorize_resource :platform load_and_authorize_resource :product, :through => :platform diff --git a/app/controllers/platforms/repositories_controller.rb b/app/controllers/platforms/repositories_controller.rb index 7e617e7d5..3d3432e22 100644 --- a/app/controllers/platforms/repositories_controller.rb +++ b/app/controllers/platforms/repositories_controller.rb @@ -1,6 +1,7 @@ # -*- encoding : utf-8 -*- class Platforms::RepositoriesController < Platforms::BaseController before_filter :authenticate_user! + skip_before_filter :authenticate_user!, :only => [:index, :show, :projects_list] if APP_CONFIG['anonymous_access'] load_and_authorize_resource :platform load_and_authorize_resource :repository, :through => :platform, :shallow => true diff --git a/app/models/ability.rb b/app/models/ability.rb index c356badc8..341c49c48 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -26,6 +26,13 @@ class Ability if user.guest? # Guest rights # can [:new, :create], RegisterRequest + if APP_CONFIG['anonymous_access'] + can [:read, :members, :read_advisories], Platform, :visibility == 'open' + can [:read, :projects_list], Repository, :platform => {:visibility => 'open'} + can :read, Product, :platform => {:visibility => 'open'} + can :read, Project, :visibility => 'open' + #can :read, Repository, :platform => {:visibility => 'open'} + end else # Registered user rights if user.admin? can :manage, :all diff --git a/spec/controllers/platforms/maintainers_controller_spec.rb b/spec/controllers/platforms/maintainers_controller_spec.rb index d29f63247..93dca1e75 100644 --- a/spec/controllers/platforms/maintainers_controller_spec.rb +++ b/spec/controllers/platforms/maintainers_controller_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' shared_examples_for 'guest user' do - + # Only one action for now here guest_actions = [:index] @@ -36,11 +36,6 @@ describe Platforms::MaintainersController do context 'for guest' do it_should_behave_like 'guest user' - - it 'should not be able to get api' do - get :assignee, @assignee_rq - response.response_code.should == 403 - end end end diff --git a/spec/controllers/platforms/platforms_controller_spec.rb b/spec/controllers/platforms/platforms_controller_spec.rb index 027e10e51..c4a2af5fa 100644 --- a/spec/controllers/platforms/platforms_controller_spec.rb +++ b/spec/controllers/platforms/platforms_controller_spec.rb @@ -49,7 +49,6 @@ describe Platforms::PlatformsController do end context 'for guest' do - [:index, :create].each do |action| it "should not be able to perform #{ action } action" do get action @@ -57,12 +56,24 @@ describe Platforms::PlatformsController do end end - [:show, :new, :edit, :clone, :destroy].each do |action| + [:new, :edit, :clone, :destroy].each do |action| it "should not be able to perform #{ action } action" do get action, :id => @platform response.should redirect_to(new_user_session_path) end end + + if APP_CONFIG[:anonymous_access] + it "should be able to perform show action" do + get :show, :id => @platform + response.should render_template(:show) + end + else + it "should not be able to perform show action" do + get :show, :id => @platform + response.should redirect_to(new_user_session_path) + end + end end context 'for global admin' do diff --git a/spec/controllers/platforms/products_controller_spec.rb b/spec/controllers/platforms/products_controller_spec.rb index e90d48cbc..7fab208e0 100644 --- a/spec/controllers/platforms/products_controller_spec.rb +++ b/spec/controllers/platforms/products_controller_spec.rb @@ -33,7 +33,7 @@ describe Platforms::ProductsController do @update_params = {:product => {:name => 'pro2'}, :platform_id => @platform.id} end - context 'for guest' do + context 'for guest' do [:create].each do |action| it "should not be able to perform #{ action } action" do get action, :platform_id => @platform.id @@ -41,40 +41,52 @@ describe Platforms::ProductsController do end end - [:show, :new, :edit, :update, :destroy].each do |action| + [:new, :edit, :update, :destroy].each do |action| it "should not be able to perform #{ action } action" do get action, :id => @product.id, :platform_id => @platform.id response.should redirect_to(new_user_session_path) end end + + if APP_CONFIG['anonymous_access'] + it "should be able to perform show action" do + get :show, :id => @product.id, :platform_id => @platform.id + response.should render_template(:show) + end + else + it "should not be able to perform show action" do + get :show, :id => @product.id, :platform_id => @platform.id + response.should redirect_to(new_user_session_path) + end + end end context 'for global admin' do - before(:each) do - @admin = FactoryGirl.create(:admin) - set_session_for(@admin) - end + before(:each) do + @admin = FactoryGirl.create(:admin) + set_session_for(@admin) + end it_should_behave_like 'admin user' end - + context 'for admin relation user' do - before(:each) do - @user = FactoryGirl.create(:user) - set_session_for(@user) + before(:each) do + @user = FactoryGirl.create(:user) + set_session_for(@user) @platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') - end + end it_should_behave_like 'admin user' end context 'for no relation user' do - before(:each) do - @user = FactoryGirl.create(:user) - set_session_for(@user) - end + before(:each) do + @user = FactoryGirl.create(:user) + set_session_for(@user) + end it 'should not be able to create product' do lambda { post :create, @create_params }.should change{ Product.count }.by(0) diff --git a/spec/controllers/platforms/repositories_controller_spec.rb b/spec/controllers/platforms/repositories_controller_spec.rb index 82c4a5712..8c47d3e44 100644 --- a/spec/controllers/platforms/repositories_controller_spec.rb +++ b/spec/controllers/platforms/repositories_controller_spec.rb @@ -19,13 +19,13 @@ shared_examples_for 'user with change projects in repository rights' do it 'should be able to add project to repository' do get :add_project, :id => @repository.id, :platform_id => @platform.id, :project_id => @project.id response.should redirect_to(platform_repository_path(@repository.platform, @repository)) - @repository.projects.should include (@project) + @repository.projects.should include(@project) end it 'should be able to remove project from repository' do get :remove_project, :id => @repository.id, :platform_id => @platform.id, :project_id => @project.id response.should redirect_to(platform_repository_path(@repository.platform, @repository)) - @repository.projects.should_not include (@project) + @repository.projects.should_not include(@project) end end @@ -91,6 +91,18 @@ describe Platforms::RepositoriesController do response.should redirect_to(new_user_session_path) end end + + if APP_CONFIG[:anonymous_access] + it "should be able to perform show action" do + get :show, :id => @repository + response.should render_template(:show) + end + else + it "should not be able to perform show action" do + get :show, :id => @repository + response.should redirect_to(new_user_session_path) + end + end end context 'for admin' do @@ -102,7 +114,7 @@ describe Platforms::RepositoriesController do it_should_behave_like 'platform admin user' end - + context 'for platform owner user' do before(:each) do @user = FactoryGirl.create(:user) @@ -119,7 +131,7 @@ describe Platforms::RepositoriesController do @user = FactoryGirl.create(:user) set_session_for(@user) end - + it_should_behave_like 'registered user' it 'should not be able to perform new action' do @@ -132,7 +144,7 @@ describe Platforms::RepositoriesController do lambda { post :create, @create_params }.should change{ Repository.count }.by(0) response.should redirect_to(forbidden_path) end - + it 'should not be able to destroy repository in main platform' do delete :destroy, :id => @repository.id response.should redirect_to(forbidden_path) @@ -142,13 +154,13 @@ describe Platforms::RepositoriesController do it 'should not be able to add project to repository' do get :add_project, :id => @repository.id, :platform_id => @platform.id, :project_id => @project.id response.should redirect_to(forbidden_path) - @repository.projects.should_not include (@project) + @repository.projects.should_not include(@project) end it 'should not be able to remove project from repository' do get :remove_project, :id => @repository.id, :platform_id => @platform.id, :project_id => @project.id response.should redirect_to(forbidden_path) - @repository.projects.should_not include (@project) + @repository.projects.should_not include(@project) end it_should_behave_like 'not destroy personal repository' diff --git a/spec/controllers/projects/build_lists_controller_spec.rb b/spec/controllers/projects/build_lists_controller_spec.rb index b2aa0d17d..2ee3d076e 100644 --- a/spec/controllers/projects/build_lists_controller_spec.rb +++ b/spec/controllers/projects/build_lists_controller_spec.rb @@ -109,7 +109,7 @@ describe Projects::BuildListsController do set_session_for(@user) @show_params = {:owner_name => @project.owner.uname, :project_name => @project.name, :id => @build_list.id} end - + context 'for all build lists' do before(:each) do @build_list1 = FactoryGirl.create(:build_list_core) diff --git a/spec/factories/build_lists.rb b/spec/factories/build_lists.rb index 0271f50ea..5177f91a6 100644 --- a/spec/factories/build_lists.rb +++ b/spec/factories/build_lists.rb @@ -6,6 +6,7 @@ FactoryGirl.define do association :save_to_platform, :factory => :platform_with_repos association :arch build_for_platform {|bl| bl.save_to_platform} + save_to_repository {|bl| bl.save_to_platform.repositories.first } project_version "1.0" build_requires true update_type 'security' From a2d87c922891f6ece8dc5423bf9c68fe730153df Mon Sep 17 00:00:00 2001 From: Pavel Chipiga Date: Thu, 6 Sep 2012 13:31:31 +0300 Subject: [PATCH 3/9] Fix autocomplete_maintainers for local admins. Refs #620 --- app/models/ability.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/models/ability.rb b/app/models/ability.rb index c356badc8..cf98e6b26 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -55,7 +55,7 @@ class Ability can [:read, :archive], Project, :owner_type => 'Group', :owner_id => user.group_ids can([:read, :membered], Project, read_relations_for('projects')) {|project| local_reader? project} can(:write, Project) {|project| local_writer? project} # for grack - can([:update, :sections, :manage_collaborators], Project) {|project| local_admin? project} + can([:update, :sections, :manage_collaborators, :autocomplete_maintainers], Project) {|project| local_admin? project} can(:fork, Project) {|project| can? :read, project} can(:fork, Project) {|project| project.owner_type == 'Group' and can? :update, project.owner} can(:destroy, Project) {|project| owner? project} From 698e55e3e8bf86f7f727f8df8b323487266c1025 Mon Sep 17 00:00:00 2001 From: Vladimir Sharshov Date: Thu, 6 Sep 2012 14:53:03 +0400 Subject: [PATCH 4/9] [refs #263] Test refactoring --- .../projects/projects_controller.rb | 2 - app/models/mass_build.rb | 2 +- db/schema.rb | 4 +- .../groups/profile_controller_spec.rb | 3 +- .../platforms/key_pairs_controller_spec.rb | 4 +- .../platforms/mass_builds_controller_spec.rb | 4 +- .../platforms/platforms_controller_spec.rb | 5 +- .../projects/build_lists_controller_spec.rb | 2 +- .../projects/collaborators_controller_spec.rb | 39 +- .../projects/comments_controller_spec.rb | 64 ++-- .../projects/issues_controller_spec.rb | 12 +- .../projects/projects_controller_spec.rb | 348 ++++++++++-------- spec/models/cancan_spec.rb | 11 +- spec/models/comment_for_commit_spec.rb | 5 +- spec/models/group_spec.rb | 7 +- .../shared_examples/projects_controller.rb | 42 --- 16 files changed, 289 insertions(+), 265 deletions(-) delete mode 100644 spec/support/shared_examples/projects_controller.rb diff --git a/app/controllers/projects/projects_controller.rb b/app/controllers/projects/projects_controller.rb index 30b452dc4..97aed2284 100644 --- a/app/controllers/projects/projects_controller.rb +++ b/app/controllers/projects/projects_controller.rb @@ -5,9 +5,7 @@ class Projects::ProjectsController < Projects::BaseController def index @projects = Project.accessible_by(current_ability, :membered) - # @projects = @projects.search(params[:query]).search_order if params[:query].present? - #puts prepare_list(@projects).inspect respond_to do |format| format.html { @projects = @projects.recent.paginate(:page => params[:page], :per_page => 25) } format.json { @projects = prepare_list(@projects) } diff --git a/app/models/mass_build.rb b/app/models/mass_build.rb index 3fb14bb29..8383151f7 100644 --- a/app/models/mass_build.rb +++ b/app/models/mass_build.rb @@ -45,7 +45,7 @@ class MassBuild < ActiveRecord::Base end def cancel_all - self.stop_build = true; save(:validate => false) + update_column(:stop_build, true) build_lists.find_each(:batch_size => 100) do |bl| bl.cancel end diff --git a/db/schema.rb b/db/schema.rb index df055fe17..654477a26 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -169,6 +169,8 @@ ActiveRecord::Schema.define(:version => 20120730214052) do t.datetime "updated_at", :null => false end + add_index "projects", ["owner_id"], :name => "index_projects_on_name_and_owner_id_and_owner_type", :unique => true, :case_sensitive => false + create_table "groups", :force => true do |t| t.integer "owner_id" t.datetime "created_at", :null => false @@ -253,7 +255,7 @@ ActiveRecord::Schema.define(:version => 20120730214052) do t.string "owner_type" t.string "visibility", :default => "open", :null => false t.string "platform_type", :default => "main", :null => false - t.string "distrib_type" + t.string "distrib_type", :null => false end add_index "platforms", ["name"], :name => "index_platforms_on_name", :unique => true, :case_sensitive => false diff --git a/spec/controllers/groups/profile_controller_spec.rb b/spec/controllers/groups/profile_controller_spec.rb index c058ed79e..8ea65d72b 100644 --- a/spec/controllers/groups/profile_controller_spec.rb +++ b/spec/controllers/groups/profile_controller_spec.rb @@ -129,7 +129,8 @@ describe Groups::ProfileController do before(:each) do @user = FactoryGirl.create(:user) set_session_for(@user) - @group.owner = @user; @group.save + @group.owner = @user + @group.save @group.actors.create(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') end diff --git a/spec/controllers/platforms/key_pairs_controller_spec.rb b/spec/controllers/platforms/key_pairs_controller_spec.rb index b0a507477..e9b73fc97 100644 --- a/spec/controllers/platforms/key_pairs_controller_spec.rb +++ b/spec/controllers/platforms/key_pairs_controller_spec.rb @@ -126,7 +126,9 @@ describe Platforms::KeyPairsController do before(:each) do @user = FactoryGirl.create(:user) set_session_for(@user) - @platform.owner = @user; @platform.save + + @platform.owner = @user + @platform.save end it_should_behave_like 'key_pair platform owner' diff --git a/spec/controllers/platforms/mass_builds_controller_spec.rb b/spec/controllers/platforms/mass_builds_controller_spec.rb index f1dd87a9d..8c673fb99 100644 --- a/spec/controllers/platforms/mass_builds_controller_spec.rb +++ b/spec/controllers/platforms/mass_builds_controller_spec.rb @@ -133,7 +133,9 @@ describe Platforms::MassBuildsController do before(:each) do @user = FactoryGirl.create(:user) set_session_for(@user) - @platform.owner = @user; @platform.save + + @platform.owner = @user + @platform.save end it_should_behave_like 'mass_build platform owner' diff --git a/spec/controllers/platforms/platforms_controller_spec.rb b/spec/controllers/platforms/platforms_controller_spec.rb index e9732608a..72272aa71 100644 --- a/spec/controllers/platforms/platforms_controller_spec.rb +++ b/spec/controllers/platforms/platforms_controller_spec.rb @@ -104,7 +104,10 @@ describe Platforms::PlatformsController do before(:each) do @user = FactoryGirl.create(:user) set_session_for(@user) - @platform.owner = @user; @platform.save + + @platform.owner = @user + @platform.save + @platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') end diff --git a/spec/controllers/projects/build_lists_controller_spec.rb b/spec/controllers/projects/build_lists_controller_spec.rb index c8f7b0f91..79223f31d 100644 --- a/spec/controllers/projects/build_lists_controller_spec.rb +++ b/spec/controllers/projects/build_lists_controller_spec.rb @@ -326,7 +326,7 @@ describe Projects::BuildListsController do describe 'publish_build' do before { test_git_commit(build_list.project) - build_list.update_column :commit_hash, build_list.project.repo.commits('master').last.id + build_list.update_column(:commit_hash, build_list.project.repo.commits('master').last.id) build_list.update_column(:status, BuildList::BUILD_PUBLISH) build_list_package } diff --git a/spec/controllers/projects/collaborators_controller_spec.rb b/spec/controllers/projects/collaborators_controller_spec.rb index 48d32f723..eac133b35 100644 --- a/spec/controllers/projects/collaborators_controller_spec.rb +++ b/spec/controllers/projects/collaborators_controller_spec.rb @@ -6,12 +6,14 @@ shared_context "collaborators controller" do stub_symlink_methods @project = FactoryGirl.create(:project) @another_user = FactoryGirl.create(:user) + @group = FactoryGirl.create(:group) @member_user = FactoryGirl.create(:user) # Create relation with 'writer' rights @collaborator = Collaborator.create(:actor => @member_user, :project => @project, :role => 'writer') - end - def set_params + @user = FactoryGirl.create(:user) + set_session_for(@user) + @user_params = { :actor_id => @another_user.id.to_s, :actor_type => 'user', @@ -26,11 +28,7 @@ shared_context "collaborators controller" do :owner_name => @project.owner.uname, :project_name => @project.name, :format => :json } - @update_params = { - :owner_name => @project.owner.uname, :project_name => @project.name, - :collaborator => {:role => 'reader'}, - :format => :json - } + @update_params = @create_params.merge(:collaborator => {:role => 'reader'}) end end @@ -82,7 +80,9 @@ describe Projects::CollaboratorsController do include_context "collaborators controller" context 'for guest' do - before {set_params} + before(:each) do + set_session_for(User.new) + end it 'should not be able to perform index action' do get :index, :owner_name => @project.owner.uname, :project_name => @project.name response.should redirect_to(new_user_session_path) @@ -96,10 +96,8 @@ describe Projects::CollaboratorsController do context 'for global admin' do before(:each) do - @admin = FactoryGirl.create(:admin) - set_session_for(@admin) - @group = FactoryGirl.create(:group) - set_params + @user.role = "admin" + @user.save end it_should_behave_like 'project admin user' @@ -107,11 +105,7 @@ describe Projects::CollaboratorsController do context 'for admin user' do before(:each) do - @user = FactoryGirl.create(:user) - set_session_for(@user) - @group = FactoryGirl.create(:group) @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') - set_params end it_should_behave_like 'project admin user' @@ -119,13 +113,8 @@ describe Projects::CollaboratorsController do context 'for owner user' do before(:each) do - @user = FactoryGirl.create(:user) + @user = @project.owner # owner should be user set_session_for(@user) - @group = FactoryGirl.create(:group) - - @project.owner = @user; @project.save!; @project.reload - @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') - set_params end it_should_behave_like 'project admin user' @@ -133,10 +122,7 @@ describe Projects::CollaboratorsController do context 'for reader user' do before(:each) do - @user = FactoryGirl.create(:user) - set_session_for(@user) @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader') - set_params end it_should_behave_like 'user with no rights for this project' @@ -144,10 +130,7 @@ describe Projects::CollaboratorsController do context 'for writer user' do before(:each) do - @user = FactoryGirl.create(:user) - set_session_for(@user) @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'writer') - set_params end it_should_behave_like 'user with no rights for this project' diff --git a/spec/controllers/projects/comments_controller_spec.rb b/spec/controllers/projects/comments_controller_spec.rb index ead01eca2..3fb36a7cd 100644 --- a/spec/controllers/projects/comments_controller_spec.rb +++ b/spec/controllers/projects/comments_controller_spec.rb @@ -9,17 +9,16 @@ shared_context "comments controller" do @issue = FactoryGirl.create(:issue, :project_id => @project.id, :user => FactoryGirl.create(:user)) @comment = FactoryGirl.create(:comment, :commentable => @issue, :project_id => @project.id) - any_instance_of(Project, :versions => ['v1.0', 'v2.0']) - @user = FactoryGirl.create(:user) - set_session_for(@user) @own_comment = FactoryGirl.create(:comment, :commentable => @issue, :user => @user, :project_id => @project.id) + + set_session_for(@user) + + @address = {:owner_name => @project.owner.uname, :project_name => @project.name, :issue_id => @issue.serial_id} + @create_params = {:comment => {:body => 'I am a comment!'}}.merge(@address) + @update_params = {:comment => {:body => 'updated'}}.merge(@address) end - def set_params - @create_params = {:comment => {:body => 'I am a comment!'}, :owner_name => @project.owner.uname, :project_name => @project.name, :issue_id => @issue.serial_id} - @update_params = {:comment => {:body => 'updated'}, :owner_name => @project.owner.uname, :project_name => @project.name, :issue_id => @issue.serial_id} - end end shared_examples_for 'user with create comment rights' do @@ -28,7 +27,7 @@ shared_examples_for 'user with create comment rights' do response.should redirect_to(project_issue_path(@project, @issue)) end - it 'should create subscribe object into db' do + it 'should create comment in the database' do lambda{ post :create, @create_params }.should change{ Comment.count }.by(1) end end @@ -39,7 +38,7 @@ shared_examples_for 'user with update own comment rights' do response.should redirect_to([@project, @issue]) end - it 'should update subscribe body' do + it 'should update comment body' do put :update, {:id => @own_comment.id}.merge(@update_params) @own_comment.reload.body.should == 'updated' end @@ -71,33 +70,44 @@ end shared_examples_for 'user without destroy comment rights' do it 'should not be able to perform destroy action' do - delete :destroy, :id => @comment.id, :issue_id => @issue.serial_id, :owner_name => @project.owner.uname, :project_name => @project.name + delete :destroy, {:id => @comment.id}.merge(@address) response.should redirect_to(forbidden_path) end - it 'should not reduce comments count' do - lambda{ delete :destroy, :id => @comment.id, :issue_id => @issue.serial_id, :owner_name => @project.owner.uname, :project_name => @project.name }.should change{ Issue.count }.by(0) + it 'should not delete comment from database' do + lambda{ delete :destroy, {:id => @comment.id}.merge(@address)}.should change{ Issue.count }.by(0) end end -#shared_examples_for 'user with destroy rights' do -# it 'should be able to perform destroy action' do -# delete :destroy, :id => @comment.id, :issue_id => @issue.id, :owner_name => @project.owner.uname, :project_name => @project.name -# response.should redirect_to([@project, @issue]) -# end -# -# it 'should reduce comments count' do -# lambda{ delete :destroy, :id => @comment.id, :issue_id => @issue.id, :owner_name => @project.owner.uname, :project_name => @project.name }.should change{ Comment.count }.by(-1) -# end -#end +shared_examples_for 'user with destroy comment rights' do + it 'should be able to perform destroy action' do + delete :destroy, {:id => @comment.id}.merge(@address) + response.should redirect_to([@project, @issue]) + end + + it 'should delete comment from database' do + lambda{ delete :destroy, {:id => @comment.id}.merge(@address)}.should change{ Comment.count }.by(-1) + end +end describe Projects::CommentsController do include_context "comments controller" + context 'for global admin user' do + before(:each) do + @user.role = "admin" + @user.save + end + + it_should_behave_like 'user with create comment rights' + it_should_behave_like 'user with update stranger comment rights' + it_should_behave_like 'user with update own comment rights' + it_should_behave_like 'user with destroy comment rights' + end + context 'for project admin user' do before(:each) do @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') - set_params end it_should_behave_like 'user with create comment rights' @@ -108,11 +118,7 @@ describe Projects::CommentsController do context 'for project owner user' do before(:each) do - @project.owner = @user; @project.save!; @project.reload; @project.owner.reload - # @project.relations.destroy_all - # @project.relations.create! :actor_id => @project.owner_id, :actor_type => @project.owner_type, :role => 'admin' - # @create_params[:owner_name] = @user.uname; @update_params[:owner_name] = @user.uname - set_params + set_session_for(@project.owner) # owner should be user end it_should_behave_like 'user with create comment rights' @@ -124,7 +130,6 @@ describe Projects::CommentsController do context 'for project reader user' do before(:each) do @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader') - set_params end it_should_behave_like 'user with create comment rights' @@ -136,7 +141,6 @@ describe Projects::CommentsController do context 'for project writer user' do before(:each) do @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'writer') - set_params end it_should_behave_like 'user with create comment rights' diff --git a/spec/controllers/projects/issues_controller_spec.rb b/spec/controllers/projects/issues_controller_spec.rb index 2aa8b8bf4..fcf3f2762 100644 --- a/spec/controllers/projects/issues_controller_spec.rb +++ b/spec/controllers/projects/issues_controller_spec.rb @@ -8,8 +8,6 @@ shared_context "issues controller" do @project = FactoryGirl.create(:project) @issue_user = FactoryGirl.create(:user) - any_instance_of(Project, :versions => ['v1.0', 'v2.0']) - @issue = FactoryGirl.create(:issue, :project_id => @project.id, :assignee_id => @issue_user.id) @project_with_turned_off_issues = FactoryGirl.create(:project, :has_issues => false) @@ -47,7 +45,7 @@ shared_examples_for 'issue user with project reader rights' do end it 'should be able to perform index action on hidden project' do - @project.update_attributes :visibility => 'hidden' + @project.update_attributes(:visibility => 'hidden') get :index, :owner_name => @project.owner.uname, :project_name => @project.name response.should render_template(:index) end @@ -143,7 +141,9 @@ describe Projects::IssuesController do before(:each) do @user = FactoryGirl.create(:user) set_session_for(@user) - @project.owner = @user; @project.save!; @project.reload + @project.owner = @user + @project.save! + @project.reload @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') set_params end @@ -220,7 +220,7 @@ describe Projects::IssuesController do end it 'should not be able to perform index action on hidden project' do - @project.update_attributes :visibility => 'hidden' + @project.update_attributes(:visibility => 'hidden') get :index, :owner_name => @project.owner.uname, :project_name => @project.name response.should redirect_to(forbidden_path) end @@ -236,7 +236,7 @@ describe Projects::IssuesController do end it 'should not be able to perform index action on hidden project' do - @project.update_attributes :visibility => 'hidden' + @project.update_attributes(:visibility => 'hidden') get :index, :owner_name => @project.owner.uname, :project_name => @project.name response.should redirect_to(new_user_session_path) end diff --git a/spec/controllers/projects/projects_controller_spec.rb b/spec/controllers/projects/projects_controller_spec.rb index 097299d40..dc240686a 100644 --- a/spec/controllers/projects/projects_controller_spec.rb +++ b/spec/controllers/projects/projects_controller_spec.rb @@ -1,217 +1,277 @@ # -*- encoding : utf-8 -*- require 'spec_helper' +shared_examples_for 'projects user with reader rights' do + + it 'should be able to fork project' do + post :fork, :owner_name => @project.owner.uname, :project_name => @project.name + response.should redirect_to(project_path(Project.last)) + end + + it 'should be able to fork project to their group' do + group = FactoryGirl.create(:group) + group.actors.create(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') + lambda {post :fork, :owner_name => @project.owner.uname, :project_name => @project.name, + :group => group.id}.should change{ Project.count }.by(1) + end + + it 'should be able to fork project to own group' do + group = FactoryGirl.create(:group, :owner => @user) + lambda {post :fork, :owner_name => @project.owner.uname, :project_name => @project.name, + :group => group.id}.should change{ Project.count }.by(1) + end + + # it 'should be able to view project' do + # get :show, :owner_name => @project.owner.uname, :project_name => @project.name + # assigns(:project).should eq @project + # end + +end + +shared_examples_for 'projects user with project admin rights' do + it 'should be able to perform update action' do + put :update, {:owner_name => @project.owner.uname, :project_name => @project.name}.merge(@update_params) + response.should redirect_to(project_path(@project)) + end +end + +shared_examples_for 'user with destroy rights' do + it 'should be able to perform destroy action' do + delete :destroy, {:owner_name => @project.owner.uname, :project_name => @project.name} + response.should redirect_to(@project.owner) + end + + it 'should change objects count on destroy' do + lambda { delete :destroy, :owner_name => @project.owner.uname, :project_name => @project.name }.should change{ Project.count }.by(-1) + end +end + +shared_examples_for 'projects user without project admin rights' do + it 'should not be able to edit project' do + description = @project.description + put :update, :project=>{:description =>"hack"}, :owner_name => @project.owner.uname, :project_name => @project.name + @project.reload.description.should == description + response.should redirect_to(forbidden_path) + end + + it 'should not be able to edit project sections' do + has_wiki, has_issues = @project.has_wiki, @project.has_issues + post :sections, :project =>{:has_wiki => !has_wiki, :has_issues => !has_issues}, :owner_name => @project.owner.uname, :project_name => @project.name + @project.reload.has_wiki.should == has_wiki + @project.reload.has_issues.should == has_issues + response.should redirect_to(forbidden_path) + end +end + describe Projects::ProjectsController do before(:each) do stub_symlink_methods @project = FactoryGirl.create(:project) - @another_user = FactoryGirl.create(:user) + @create_params = {:project => {:name => 'pro'}} @update_params = {:project => {:description => 'pro2'}} + + @user = FactoryGirl.create(:user) + set_session_for(@user) end - context 'for guest' do - it 'should not be able to perform index action' do - get :index - response.should redirect_to(new_user_session_path) + context 'for system users' do + + context 'guest' do + + before(:each) do + set_session_for(User.new) + end + + it 'should not be able to perform index action' do + get :index + response.should redirect_to(new_user_session_path) + end + + it 'should not be able to perform update action' do + put :update, {:owner_name => @project.owner.uname, :project_name => @project.name}.merge(@update_params) + response.should redirect_to(new_user_session_path) + end end - it 'should not be able to perform update action' do - put :update, {:owner_name => @project.owner.uname, :project_name => @project.name}.merge(@update_params) - response.should redirect_to(new_user_session_path) - end - end + context 'registered user' do + + it 'should be able to perform index action' do + get :index + response.should render_template(:index) + end + + context 'create project for myself' do + + it 'should be able to perform create action' do + post :create, @create_params + response.should redirect_to(project_path( Project.last )) + end + + it 'should create project in the database' do + lambda { post :create, @create_params }.should change{ Project.count }.by(1) + end + end + + context 'create project for group' do + + it 'should not be able to create project for alien group' do + group = FactoryGirl.create(:group) + post :create, @create_params.merge({:who_owns => 'group', :owner_id => group.id}) + response.should redirect_to(forbidden_path) + end + + it 'should be able to create project for their group' do + group = FactoryGirl.create(:group) + group.actors.create(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') + lambda { post :create, @create_params.merge({:who_owns => 'group', :owner_id => group.id})}.should change{ Project.count }.by(1) + end + + it 'should be able to create project for own group' do + group = FactoryGirl.create(:group, :owner => @user) + lambda { post :create, @create_params.merge({:who_owns => 'group', :owner_id => group.id})}.should change{ Project.count }.by(1) + end + + end + + end # context 'registered user' + end # context 'for system users' + + context 'for project members' do + + context 'for global admin' do + before(:each) do + @user.role = "admin" + @user.save + set_session_for(@user) + end + + it_should_behave_like 'projects user with project admin rights' + it_should_behave_like 'projects user with reader rights' + it_should_behave_like 'user with destroy rights' - context 'for admin' do - before(:each) do - @admin = FactoryGirl.create(:admin) - set_session_for(@admin) end - it_should_behave_like 'projects user with admin rights' - it_should_behave_like 'projects user with reader rights' + context 'for owner user' do + before(:each) do + @user = @project.owner + set_session_for(@user) # owner should be user + end + + it_should_behave_like 'projects user with project admin rights' + it_should_behave_like 'projects user with reader rights' + it_should_behave_like 'user with destroy rights' + + it 'should not be able to fork own project' do + post :fork, :owner_name => @project.owner.uname, :project_name => @project.name + response.should redirect_to(@project) + end - it 'should be able to perform create action' do - post :create, @create_params - response.should redirect_to(project_path( Project.last )) end - it 'should change objects count on create' do - lambda { post :create, @create_params }.should change{ Project.count }.by(1) - end - end + context 'for reader user' do + before(:each) do + @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader') + end - context 'for owner user' do - before(:each) do - @user = FactoryGirl.create(:user) - set_session_for(@user) - @project.owner = @user; @project.save!; @project.reload - @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') + it_should_behave_like 'projects user with reader rights' + it_should_behave_like 'projects user without project admin rights' end - it_should_behave_like 'projects user with admin rights' - it_should_behave_like 'user with rights to view projects' + context 'for writer user' do + before(:each) do + @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'writer') + end + + it_should_behave_like 'projects user with reader rights' + it_should_behave_like 'projects user without project admin rights' - it 'should be able to perform destroy action' do - delete :destroy, {:owner_name => @project.owner.uname, :project_name => @project.name} - response.should redirect_to(@project.owner) end - it 'should change objects count on destroy' do - lambda { delete :destroy, :owner_name => @project.owner.uname, :project_name => @project.name }.should change{ Project.count }.by(-1) + context 'for other user' do + + it 'should not be able to fork hidden project' do + @project.update_attributes(:visibility => 'hidden') + post :fork, :owner_name => @project.owner.uname, :project_name => @project.name + response.should redirect_to(forbidden_path) + end + + it_should_behave_like 'projects user without project admin rights' + end - it 'should not be able to fork project' do - post :fork, :owner_name => @project.owner.uname, :project_name => @project.name - # @project.errors.count.should == 1 - response.should redirect_to(@project) - end - - end - - context 'for reader user' do - before(:each) do - @user = FactoryGirl.create(:user) - set_session_for(@user) - @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader') - end - - it_should_behave_like 'projects user with reader rights' - it_should_behave_like 'user without update rights' - end - - context 'for writer user' do - before(:each) do - @user = FactoryGirl.create(:user) - set_session_for(@user) - @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'writer') - end - - it_should_behave_like 'projects user with reader rights' - - it 'should not be able to create project to other group' do - group = FactoryGirl.create(:group) - post :create, @create_params.merge({:who_owns => 'group', :owner_id => group.id}) - response.should redirect_to(forbidden_path) - end - - it 'should not be able to fork project to other group' do - group = FactoryGirl.create(:group) - post :fork, :owner_name => @project.owner.uname, :project_name => @project.name, :group => group.id - response.should redirect_to(forbidden_path) - end - - it 'should be able to fork project to group' do - group = FactoryGirl.create(:group) - group.actors.create(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') - post :fork, :owner_name => @project.owner.uname, :project_name => @project.name, :group => group.id - response.should redirect_to(project_path(group.projects.first)) - end - end - - context 'search projects' do - before(:each) do - @admin = FactoryGirl.create(:admin) - @project1 = FactoryGirl.create(:project, :name => 'perl-debug') - @project2 = FactoryGirl.create(:project, :name => 'perl') - set_session_for(@admin) - end - - pending 'should return projects in right order' do - get :index, :query => 'per' - assigns(:projects).should eq([@project2, @project1]) - end - end - - context 'for other user' do - before(:each) do - @user = FactoryGirl.create(:user) - set_session_for(@user) - end - - it 'should not be able to fork hidden project' do - @project.update_attributes(:visibility => 'hidden') - post :fork, :owner_name => @project.owner.uname, :project_name => @project.name - response.should redirect_to(forbidden_path) - end - - it_should_behave_like 'user without update rights' - end + end # context 'for project members' context 'for group' do before(:each) do @group = FactoryGirl.create(:group) - @group_user = FactoryGirl.create(:user) - @project.relations.destroy_all - set_session_for(@group_user) end - context 'owner of the project' do + context 'group is owner of the project' do before(:each) do - @project.owner = @group; @project.save!; @project.reload - @project.relations.create :actor_id => @project.owner.id, :actor_type => @project.owner.class.to_s, :role => 'admin' + @project = FactoryGirl.create(:project, :owner => @group) end - context 'reader user' do + context 'group member user with reader role' do before(:each) do - @group.actors.create(:actor_id => @group_user.id, :actor_type => 'User', :role => 'reader') + @group.actors.create(:actor_id => @user.id, :actor_type => 'User', :role => 'reader') end it_should_behave_like 'projects user with reader rights' - it_should_behave_like 'user without update rights' + it_should_behave_like 'projects user without project admin rights' it 'should has reader role to group project' do - @group_user.best_role(@project).should eql('reader') # Need this? + @user.best_role(@project).should eql('reader') end context 'user should has best role' do before(:each) do - @project.relations.create :actor_id => @group_user.id, :actor_type => @group_user.class.to_s, :role => 'admin' + @project.relations.create :actor_id => @user.id, :actor_type => @user.class.to_s, :role => 'admin' end - it_should_behave_like 'projects user with admin rights' + it_should_behave_like 'projects user with project admin rights' end end - context 'admin user' do + context 'group member user with admin role' do before(:each) do - @group.actors.create(:actor_id => @group_user.id, :actor_type => 'User', :role => 'admin') + @group.actors.create(:actor_id => @user.id, :actor_type => 'User', :role => 'admin') end - it_should_behave_like 'projects user with admin rights' + it_should_behave_like 'projects user with project admin rights' it_should_behave_like 'projects user with reader rights' end end - context 'member of the project' do + context 'group is member of the project' do context 'with admin rights' do before(:each) do @project.relations.create :actor_id => @group.id, :actor_type => @group.class.to_s, :role => 'admin' end - context 'reader user' do + context 'group member user with reader role' do before(:each) do - @group.actors.create(:actor_id => @group_user.id, :actor_type => 'User', :role => 'reader') + @group.actors.create(:actor_id => @user.id, :actor_type => 'User', :role => 'reader') end it_should_behave_like 'projects user with reader rights' - it_should_behave_like 'projects user with admin rights' + it_should_behave_like 'projects user with project admin rights' context 'user should has best role' do before(:each) do - @project.relations.create :actor_id => @group_user.id, :actor_type => @group_user.class.to_s, :role => 'reader' + @project.relations.create :actor_id => @user.id, :actor_type => @user.class.to_s, :role => 'reader' end - it_should_behave_like 'projects user with admin rights' + it_should_behave_like 'projects user with project admin rights' end end - context 'admin user' do + context 'group member user with admin role' do before(:each) do - @group.actors.create(:actor_id => @group_user.id, :actor_type => 'User', :role => 'admin') + @group.actors.create(:actor_id => @user.id, :actor_type => 'User', :role => 'admin') end - it_should_behave_like 'projects user with admin rights' + it_should_behave_like 'projects user with project admin rights' it_should_behave_like 'projects user with reader rights' end end @@ -221,29 +281,29 @@ describe Projects::ProjectsController do @project.relations.create :actor_id => @group.id, :actor_type => @group.class.to_s, :role => 'reader' end - context 'reader user' do + context 'group member user with reader role' do before(:each) do - @group.actors.create(:actor_id => @group_user.id, :actor_type => 'User', :role => 'reader') + @group.actors.create(:actor_id => @user.id, :actor_type => 'User', :role => 'reader') end it_should_behave_like 'projects user with reader rights' - it_should_behave_like 'user without update rights' + it_should_behave_like 'projects user without project admin rights' context 'user should has best role' do before(:each) do - @project.relations.create :actor_id => @group_user.id, :actor_type => @group_user.class.to_s, :role => 'admin' + @project.relations.create :actor_id => @user.id, :actor_type => @user.class.to_s, :role => 'admin' end - it_should_behave_like 'projects user with admin rights' + it_should_behave_like 'projects user with project admin rights' end end - context 'admin user' do + context 'group member user with admin role' do before(:each) do - @group.actors.create(:actor_id => @group_user.id, :actor_type => 'User', :role => 'admin') + @group.actors.create(:actor_id => @user.id, :actor_type => 'User', :role => 'admin') end it_should_behave_like 'projects user with reader rights' - it_should_behave_like 'user without update rights' + it_should_behave_like 'projects user without project admin rights' end end end diff --git a/spec/models/cancan_spec.rb b/spec/models/cancan_spec.rb index 2f4fd57f8..b423b89ea 100644 --- a/spec/models/cancan_spec.rb +++ b/spec/models/cancan_spec.rb @@ -123,7 +123,9 @@ describe CanCan do context "private users relations" do before(:each) do @private_user = FactoryGirl.create(:private_user) - @private_user.platform.owner = @user; @private_user.platform.save + + @private_user.platform.owner = @user + @private_user.platform.save end [:read, :create].each do |action| @@ -207,7 +209,9 @@ describe CanCan do context 'with owner rights' do before(:each) do - @project.owner = @user; @project.save + @project.owner = @user + @project.save + @project.relations.create!(:actor_id => @user.id, :actor_type => 'User', :role => 'admin') @issue.project.reload end @@ -241,7 +245,8 @@ describe CanCan do context 'with owner rights' do before(:each) do - @platform.owner = @user; @platform.save + @platform.owner = @user + @platform.save end [:read, :update, :destroy].each do |action| diff --git a/spec/models/comment_for_commit_spec.rb b/spec/models/comment_for_commit_spec.rb index 2e5ca00a0..4b6ce9875 100644 --- a/spec/models/comment_for_commit_spec.rb +++ b/spec/models/comment_for_commit_spec.rb @@ -148,7 +148,10 @@ describe Comment do @user = FactoryGirl.create(:user) @stranger = FactoryGirl.create(:user) set_comments_data_for_commit - @project.owner = @user; @project.save + + @project.owner = @user + @project.save + ActionMailer::Base.deliveries = [] end diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb index 85aa672f5..e1bede7bf 100644 --- a/spec/models/group_spec.rb +++ b/spec/models/group_spec.rb @@ -61,8 +61,11 @@ describe Group do context 'for group owner' do before(:each) do - @user = FactoryGirl.create(:user) - @group.owner = @user; @group.save + @user = FactoryGirl.create(:user) + + @group.owner = @user + @group.save + @group.actors.create(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') @ability = Ability.new(@user) end diff --git a/spec/support/shared_examples/projects_controller.rb b/spec/support/shared_examples/projects_controller.rb deleted file mode 100644 index 0e4b4aff2..000000000 --- a/spec/support/shared_examples/projects_controller.rb +++ /dev/null @@ -1,42 +0,0 @@ -# -*- encoding : utf-8 -*- -shared_examples_for 'projects user with reader rights' do - include_examples 'user with rights to view projects' # nested shared_examples_for dont work - - it 'should be able to fork project' do - post :fork, :owner_name => @project.owner.uname, :project_name => @project.name - response.should redirect_to(project_path(Project.last)) - end - -end - -shared_examples_for 'projects user with admin rights' do - it 'should be able to perform update action' do - put :update, {:owner_name => @project.owner.uname, :project_name => @project.name}.merge(@update_params) - response.should redirect_to(project_path(@project)) - end -end - -shared_examples_for 'user with rights to view projects' do - it 'should be able to perform index action' do - get :index - response.should render_template(:index) - end -end - -shared_examples_for 'user without update rights' do - it 'should not be able to edit project' do - description = @project.description - put :update, :project=>{:description =>"hack"}, :owner_name => @project.owner.uname, :project_name => @project.name - Project.find(@project.id).description.should == description - response.should redirect_to(forbidden_path) - end - - it 'should not be able to edit project sections' do - has_wiki, has_issues = @project.has_wiki, @project.has_issues - post :sections, :project =>{:has_wiki => !has_wiki, :has_issues => !has_issues}, :owner_name => @project.owner.uname, :project_name => @project.name - project = Project.find(@project.id) - project.has_wiki.should == has_wiki - project.has_issues.should == has_issues - response.should redirect_to(forbidden_path) - end -end From 54c6ba55be5cb622b1f64251ae3d6a2d9477d9bc Mon Sep 17 00:00:00 2001 From: Vladimir Sharshov Date: Thu, 6 Sep 2012 21:09:10 +0400 Subject: [PATCH 5/9] [refs #349] Disable global menu Projects and Platforms; Allowed full search; Protect user and maintainer emails; Refactoring right rules --- app/controllers/search_controller.rb | 1 - app/models/ability.rb | 24 +++++++------------ app/presenters/maintainer_presenter.rb | 2 +- app/views/platforms/base/_sidebar.html.haml | 4 ++-- .../platforms/maintainers/_list.html.haml | 2 +- app/views/users/profile/show.html.haml | 2 +- lib/plugins/rosa_presenter/base.rb | 1 + 7 files changed, 14 insertions(+), 22 deletions(-) diff --git a/app/controllers/search_controller.rb b/app/controllers/search_controller.rb index bea77c80a..f4bf67e81 100644 --- a/app/controllers/search_controller.rb +++ b/app/controllers/search_controller.rb @@ -5,7 +5,6 @@ class SearchController < ApplicationController def index params[:type] ||= 'all' - params[:type] = 'projects' unless current_user case params[:type] when 'all' find_collection('projects') diff --git a/app/models/ability.rb b/app/models/ability.rb index 341c49c48..4d78e558a 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -13,26 +13,23 @@ class Ability @user = user # Shared rights between guests and registered users - can :show, Project, :visibility => 'open' - can :archive, Project, :visibility => 'open' + can [:show, :archive], Project, :visibility => 'open' can :read, Issue, :project => {:visibility => 'open'} can :search, BuildList can [:read, :log, :everything], BuildList, :project => {:visibility => 'open'} can :read, ProductBuildList#, :product => {:platform => {:visibility => 'open'}} # double nested hash don't work can :read, Advisory - can(:advisories, Platform) {APP_CONFIG['anonymous_access']} + # Core callbacks can [:publish_build, :status_build, :pre_build, :post_build, :circle_build, :new_bbdt], BuildList + # Platforms block + can [:show, :members, :advisories], Platform, :visibility == 'open' + can [:read, :projects_list], Repository, :platform => {:visibility => 'open'} + can :read, Product, :platform => {:visibility => 'open'} + if user.guest? # Guest rights # can [:new, :create], RegisterRequest - if APP_CONFIG['anonymous_access'] - can [:read, :members, :read_advisories], Platform, :visibility == 'open' - can [:read, :projects_list], Repository, :platform => {:visibility => 'open'} - can :read, Product, :platform => {:visibility => 'open'} - can :read, Project, :visibility => 'open' - #can :read, Repository, :platform => {:visibility => 'open'} - end else # Registered user rights if user.admin? can :manage, :all @@ -83,20 +80,16 @@ class Ability end can(:cancel, BuildList) {|build_list| build_list.can_cancel? && can?(:write, build_list.project)} - can [:read], Advisory - - can [:read, :members], Platform, :visibility => 'open' can [:read, :owned, :related, :members], Platform, :owner_type => 'User', :owner_id => user.id can [:read, :related, :members], Platform, :owner_type => 'Group', :owner_id => user.group_ids can([:read, :related, :members], Platform, read_relations_for('platforms')) {|platform| local_reader? platform} can([:update, :members], Platform) {|platform| local_admin? platform} can([:destroy, :members, :add_member, :remove_member, :remove_members] , Platform) {|platform| owner?(platform) || local_admin?(platform) } - can [:autocomplete_user_uname, :read_advisories, :advisories], Platform + can [:autocomplete_user_uname], Platform can([:failed_builds_list, :create], MassBuild) {|mass_build| (owner?(mass_build.platform) || local_admin?(mass_build.platform)) && mass_build.platform.main? } can(:cancel, MassBuild) {|mass_build| (owner?(mass_build.platform) || local_admin?(mass_build.platform)) && !mass_build.stop_build && mass_build.platform.main?} - can [:read, :projects_list], Repository, :platform => {:visibility => 'open'} can [:read, :projects_list], Repository, :platform => {:owner_type => 'User', :owner_id => user.id} can [:read, :projects_list], Repository, :platform => {:owner_type => 'Group', :owner_id => user.group_ids} can([:read, :projects_list], Repository, read_relations_for('repositories', 'platforms')) {|repository| local_reader? repository.platform} @@ -106,7 +99,6 @@ class Ability can([:create, :destroy], KeyPair) {|key_pair| owner?(key_pair.repository.platform) || local_admin?(key_pair.repository.platform)} - can :read, Product, :platform => {:visibility => 'open'} can :read, Product, :platform => {:owner_type => 'User', :owner_id => user.id, :platform_type => 'main'} can :read, Product, :platform => {:owner_type => 'Group', :owner_id => user.group_ids, :platform_type => 'main'} can(:read, Product, read_relations_for('products', 'platforms')) {|product| product.platform.main?} diff --git a/app/presenters/maintainer_presenter.rb b/app/presenters/maintainer_presenter.rb index 19a55ab2d..186266061 100644 --- a/app/presenters/maintainer_presenter.rb +++ b/app/presenters/maintainer_presenter.rb @@ -37,7 +37,7 @@ class MaintainerPresenter < ApplicationPresenter end def maintainer_email_link - mail_to @maintainer.email, @maintainer.email + mail_to @maintainer.email, @maintainer.email, :encode => "javascript" end end diff --git a/app/views/platforms/base/_sidebar.html.haml b/app/views/platforms/base/_sidebar.html.haml index 742f45ba1..eda999eeb 100644 --- a/app/views/platforms/base/_sidebar.html.haml +++ b/app/views/platforms/base/_sidebar.html.haml @@ -10,7 +10,7 @@ = link_to t("layout.platforms.about"), platform_path(@platform) %li{:class => (contr == :repositories) ? 'active' : ''} = link_to t("layout.repositories.list_header"), platform_repositories_path(@platform) - - if can? :read, @platform + - if can? :show, @platform %li{:class => (act == :index && contr == :maintainers) ? 'active' : nil} = link_to t("layout.platforms.maintainers"), platform_maintainers_path(@platform) - if can? :edit, @platform @@ -19,7 +19,7 @@ - if can? :read, @platform.products.build %li{:class => (contr == :products) ? 'active' : ''} = link_to t("layout.products.list_header"), platform_products_path(@platform) - - if can? :read_advisories, @platform + - if can? :advisories, @platform %li{:class => (contr == :platforms and act == :advisories) ? 'active' : ''} = link_to t("layout.advisories.list_header"), advisories_platform_path(@platform) - if can? :update, @platform diff --git a/app/views/platforms/maintainers/_list.html.haml b/app/views/platforms/maintainers/_list.html.haml index bbda436b6..6effeb766 100644 --- a/app/views/platforms/maintainers/_list.html.haml +++ b/app/views/platforms/maintainers/_list.html.haml @@ -21,5 +21,5 @@ %td= pr.package_type %td= pr.package_version_release %td= pr.maintainer_link - %td= pr.maintainer_email_link + %td= pr.maintainer_email_link.html_safe %td= pr.package_updated_at diff --git a/app/views/users/profile/show.html.haml b/app/views/users/profile/show.html.haml index bc6167a0c..ace969117 100644 --- a/app/views/users/profile/show.html.haml +++ b/app/views/users/profile/show.html.haml @@ -6,7 +6,7 @@ %h3= title @user.uname = @user.name %br - = link_to @user.email, "mailto:#{@user.email}" + = mail_to @user.email, @user.email, :encode => "javascript" %br %h4= t("activerecord.attributes.user.professional_experience") + ":" %p= @user.professional_experience diff --git a/lib/plugins/rosa_presenter/base.rb b/lib/plugins/rosa_presenter/base.rb index eff0f3387..531c74205 100644 --- a/lib/plugins/rosa_presenter/base.rb +++ b/lib/plugins/rosa_presenter/base.rb @@ -6,6 +6,7 @@ module RosaPresenter include ActionDispatch::Routing::UrlFor include ActionView::Helpers::UrlHelper include ActionView::Helpers::TextHelper + include ActionView::Helpers::JavaScriptHelper include Rails.application.routes.url_helpers def initialize(item, opts) From 78d4d637621fdc9bf7c3506e7998593064717fd0 Mon Sep 17 00:00:00 2001 From: Vladimir Sharshov Date: Thu, 6 Sep 2012 21:45:13 +0400 Subject: [PATCH 6/9] [refs #263] Refactoring issue controller spec --- .../projects/issues_controller_spec.rb | 93 +++++++++---------- 1 file changed, 45 insertions(+), 48 deletions(-) diff --git a/spec/controllers/projects/issues_controller_spec.rb b/spec/controllers/projects/issues_controller_spec.rb index fcf3f2762..65873a0a3 100644 --- a/spec/controllers/projects/issues_controller_spec.rb +++ b/spec/controllers/projects/issues_controller_spec.rb @@ -12,9 +12,10 @@ shared_context "issues controller" do @project_with_turned_off_issues = FactoryGirl.create(:project, :has_issues => false) @turned_of_issue = FactoryGirl.create(:issue, :project_id => @project_with_turned_off_issues.id, :assignee_id => @issue_user.id) - end + + @user = FactoryGirl.create(:user) + set_session_for(@user) - def set_params @create_params = { :owner_name => @project.owner.uname, :project_name => @project.name, :issue => { @@ -24,16 +25,19 @@ shared_context "issues controller" do :assignee_id => @issue_user.id, :assignee_uname => @issue_user.uname } + @update_params = { :owner_name => @project.owner.uname, :project_name => @project.name, :issue => { :title => "issue2" } } + end + end -shared_examples_for 'issue user with project reader rights' do +shared_examples_for 'issue user with project guest rights' do it 'should be able to perform index action' do get :index, :owner_name => @project.owner.uname, :project_name => @project.name response.should render_template(:index) @@ -43,6 +47,9 @@ shared_examples_for 'issue user with project reader rights' do get :show, :owner_name => @project.owner.uname, :project_name => @project.name, :id => @issue.serial_id response.should render_template(:show) end +end + +shared_examples_for 'issue user with project reader rights' do it 'should be able to perform index action on hidden project' do @project.update_attributes(:visibility => 'hidden') @@ -98,9 +105,9 @@ shared_examples_for 'user without issue destroy rights' do end shared_examples_for 'project with issues turned off' do - pending 'should not be able to perform index action' do + it 'should not be able to perform index action' do get :index, :project_id => @project_with_turned_off_issues.id - response.should render_template(:index) + response.should redirect_to(forbidden_path) end it 'should not be able to perform show action' do @@ -114,116 +121,106 @@ describe Projects::IssuesController do context 'for global admin user' do before(:each) do - @admin = FactoryGirl.create(:admin) - set_session_for(@admin) - set_params + @user.role = "admin" + @user.save end + it_should_behave_like 'issue user with project guest rights' + it_should_behave_like 'issue user with project reader rights' + it_should_behave_like 'issue user with project writer rights' + it_should_behave_like 'user with issue update rights' + it_should_behave_like 'project with issues turned off' it_should_behave_like 'user without issue destroy rights' end context 'for project admin user' do before(:each) do - @user = FactoryGirl.create(:user) - set_session_for(@user) @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') - set_params end + it_should_behave_like 'issue user with project guest rights' it_should_behave_like 'issue user with project reader rights' it_should_behave_like 'issue user with project writer rights' it_should_behave_like 'user with issue update rights' - it_should_behave_like 'user without issue destroy rights' it_should_behave_like 'project with issues turned off' + it_should_behave_like 'user without issue destroy rights' end context 'for project owner user' do before(:each) do - @user = FactoryGirl.create(:user) + @user = @project.owner set_session_for(@user) - @project.owner = @user - @project.save! - @project.reload - @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') - set_params end + it_should_behave_like 'issue user with project guest rights' it_should_behave_like 'issue user with project reader rights' it_should_behave_like 'issue user with project writer rights' it_should_behave_like 'user with issue update rights' - it_should_behave_like 'user without issue destroy rights' it_should_behave_like 'project with issues turned off' + it_should_behave_like 'user without issue destroy rights' end context 'for project reader user' do before(:each) do - @user = FactoryGirl.create(:user) - set_session_for(@user) @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader') - set_params end + it_should_behave_like 'issue user with project guest rights' it_should_behave_like 'issue user with project reader rights' + it_should_behave_like 'issue user with project writer rights' it_should_behave_like 'user without issue update rights' - it_should_behave_like 'user without issue destroy rights' it_should_behave_like 'project with issues turned off' + it_should_behave_like 'user without issue destroy rights' - it 'should not be able to perform create action' do - post :create, @create_params - response.should redirect_to(forbidden_path) - end + # it 'should not be able to perform create action on project' do + # post :create, @create_params + # response.should redirect_to(forbidden_path) + # end - it 'should not create issue object into db' do - lambda{ post :create, @create_params }.should change{ Issue.count }.by(0) - end + # it 'should not create issue object into db' do + # lambda{ post :create, @create_params }.should change{ Issue.count }.by(0) + # end end context 'for project writer user' do before(:each) do - @user = FactoryGirl.create(:user) - set_session_for(@user) @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'writer') - set_params end + it_should_behave_like 'issue user with project guest rights' it_should_behave_like 'issue user with project reader rights' it_should_behave_like 'issue user with project writer rights' it_should_behave_like 'user without issue update rights' - it_should_behave_like 'user without issue destroy rights' it_should_behave_like 'project with issues turned off' + it_should_behave_like 'user without issue destroy rights' end context 'for issue assign user' do before(:each) do set_session_for(@issue_user) - set_params end it_should_behave_like 'user without issue update rights' - it_should_behave_like 'user without issue destroy rights' it_should_behave_like 'project with issues turned off' + it_should_behave_like 'user without issue destroy rights' end context 'for guest' do - before {set_params} + + before(:each) do + set_session_for(User.new) + end if APP_CONFIG['anonymous_access'] - # it_should_behave_like 'issue user with project reader rights' - it 'should be able to perform index action' do - get :index, :owner_name => @project.owner.uname, :project_name => @project.name - response.should render_template(:index) - end - - it 'should be able to perform show action' do - get :show, :owner_name => @project.owner.uname, :project_name => @project.name, :id => @issue.serial_id - response.should render_template(:show) - end - + + it_should_behave_like 'issue user with project guest rights' + it 'should not be able to perform index action on hidden project' do @project.update_attributes(:visibility => 'hidden') get :index, :owner_name => @project.owner.uname, :project_name => @project.name response.should redirect_to(forbidden_path) end + else it 'should not be able to perform index action' do get :index, :owner_name => @project.owner.uname, :project_name => @project.name From 5a2827c43379ae6cce2bad99da29c8acf1e87e42 Mon Sep 17 00:00:00 2001 From: Vladimir Sharshov Date: Thu, 6 Sep 2012 22:48:36 +0400 Subject: [PATCH 7/9] [refs #263] Refactoring maintainers controller spec --- .../platforms/maintainers_controller_spec.rb | 74 ++++++++++++------- .../platforms/repositories_controller_spec.rb | 3 +- spec/models/cancan_spec.rb | 3 +- spec/models/comment_spec.rb | 3 +- spec/models/user_spec.rb | 4 +- 5 files changed, 57 insertions(+), 30 deletions(-) diff --git a/spec/controllers/platforms/maintainers_controller_spec.rb b/spec/controllers/platforms/maintainers_controller_spec.rb index d29f63247..3764e4ab2 100644 --- a/spec/controllers/platforms/maintainers_controller_spec.rb +++ b/spec/controllers/platforms/maintainers_controller_spec.rb @@ -2,24 +2,9 @@ require 'spec_helper' shared_examples_for 'guest user' do - - # Only one action for now here - guest_actions = [:index] - - if APP_CONFIG['anonymous_access'] - guest_actions.each do |action| - it "should be able to perform #{ action } action" do - get action, :platform_id => @platform.id - response.should be_success - end - end - else # non-anonymous access - guest_actions.each do |action| - it "should not be able to perform #{ action } action" do - get action, :platform_id => @platform.id - response.should redirect_to(new_user_session_path) - end - end + it "should be able to view maintainers list(index)" do + get :index, :platform_id => @platform.id + response.should be_success end end @@ -28,20 +13,57 @@ describe Platforms::MaintainersController do stub_symlink_methods @platform = FactoryGirl.create(:platform) - @platform.visibility = 'open' - - # JS format is the primary target for this callback - @assignee_rq = { :platform_id => @platform.id, :package => 'test', :format => 'js' } + @user = FactoryGirl.create(:user) + set_session_for(@user) end context 'for guest' do - it_should_behave_like 'guest user' + before {set_session_for(User.new)} - it 'should not be able to get api' do - get :assignee, @assignee_rq - response.response_code.should == 403 + # it_should_behave_like 'guest user' + # it "should be able to view maintainers list(index)", :anonymous_access => true do + # get :index, :platform_id => @platform.id + # response.should be_success + # end + + it "should not be able to view maintainers list(index)" do + get :index, :platform_id => @platform.id + response.should redirect_to(forbidden_path) end end + + context 'for global admin' do + before(:each) do + @user.role = "admin" + @user.save + end + + it_should_behave_like 'guest user' + end + + context 'for registrated user' do + + it_should_behave_like 'guest user' + end + + + context 'for platform owner' do + before(:each) do + @user = @platform.owner + set_session_for(@user) + end + + it_should_behave_like 'guest user' + end + + context 'for platform member' do + before(:each) do + @platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') + end + + it_should_behave_like 'guest user' + end + end diff --git a/spec/controllers/platforms/repositories_controller_spec.rb b/spec/controllers/platforms/repositories_controller_spec.rb index 06c75fd85..d27bd172c 100644 --- a/spec/controllers/platforms/repositories_controller_spec.rb +++ b/spec/controllers/platforms/repositories_controller_spec.rb @@ -107,7 +107,8 @@ describe Platforms::RepositoriesController do before(:each) do @user = FactoryGirl.create(:user) set_session_for(@user) - @repository.platform.owner = @user; @repository.platform.save + @repository.platform.owner = @user + @repository.platform.save @repository.platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') end diff --git a/spec/models/cancan_spec.rb b/spec/models/cancan_spec.rb index b423b89ea..e0a1dec94 100644 --- a/spec/models/cancan_spec.rb +++ b/spec/models/cancan_spec.rb @@ -274,7 +274,8 @@ describe CanCan do context 'with owner rights' do before(:each) do - @repository.platform.owner = @user; @repository.platform.save + @repository.platform.owner = @user + @repository.platform.save end [:read, :create, :update, :destroy, :add_project, :remove_project, :change_visibility, :settings].each do |action| diff --git a/spec/models/comment_spec.rb b/spec/models/comment_spec.rb index ef9b9d414..6afc22242 100644 --- a/spec/models/comment_spec.rb +++ b/spec/models/comment_spec.rb @@ -84,7 +84,8 @@ describe Comment do set_commentable_data - @project.owner = @user; @project.save + @project.owner = @user + @project.save @project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') end diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index dbc1d1029..75e39175d 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -45,7 +45,9 @@ describe User do context 'for group project' do before(:each) do @project.relations.destroy_all - @project.owner = @group; @project.save + + @project.owner = @group + @project.save @project.relations.create :actor_id => @project.owner.id, :actor_type => @project.owner.class.to_s, :role => 'admin' end From 29f5ef5f2e6fd0bc1a18782832c2d36b40a834d6 Mon Sep 17 00:00:00 2001 From: Vladimir Sharshov Date: Fri, 7 Sep 2012 13:41:49 +0400 Subject: [PATCH 8/9] Refactoring tests --- app/models/ability.rb | 2 +- .../platforms/maintainers_controller_spec.rb | 15 ++- .../platforms/platforms_controller_spec.rb | 96 +++++++++++-------- .../platforms/products_controller_spec.rb | 43 +++++---- .../platforms/repositories_controller_spec.rb | 71 +++++++++----- .../projects/git/git_trees_controller_spec.rb | 22 ++--- spec/models/cancan_spec.rb | 12 +-- spec/spec_helper.rb | 3 + 8 files changed, 155 insertions(+), 109 deletions(-) diff --git a/app/models/ability.rb b/app/models/ability.rb index d340284ca..17dd93ae1 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -93,7 +93,7 @@ class Ability can [:read, :projects_list], Repository, :platform => {:owner_type => 'User', :owner_id => user.id} can [:read, :projects_list], Repository, :platform => {:owner_type => 'Group', :owner_id => user.group_ids} can([:read, :projects_list], Repository, read_relations_for('repositories', 'platforms')) {|repository| local_reader? repository.platform} - can([:create, :update, :projects_list, :add_project, :remove_project], Repository) {|repository| local_admin? repository.platform} + can([:create, :update, :destroy, :projects_list, :add_project, :remove_project], Repository) {|repository| local_admin? repository.platform} can(:clear, Platform) {|platform| local_admin?(platform) && platform.personal?} can([:change_visibility, :settings, :destroy], Repository) {|repository| owner? repository.platform} diff --git a/spec/controllers/platforms/maintainers_controller_spec.rb b/spec/controllers/platforms/maintainers_controller_spec.rb index 42a9602a4..d4c03b245 100644 --- a/spec/controllers/platforms/maintainers_controller_spec.rb +++ b/spec/controllers/platforms/maintainers_controller_spec.rb @@ -21,15 +21,14 @@ describe Platforms::MaintainersController do context 'for guest' do before {set_session_for(User.new)} - # it_should_behave_like 'guest user' - # it "should be able to view maintainers list(index)", :anonymous_access => true do - # get :index, :platform_id => @platform.id - # response.should be_success - # end - - it "should not be able to view maintainers list(index)" do + it "should be able to view maintainers list(index)", :anonymous_access => true do get :index, :platform_id => @platform.id - response.should redirect_to(forbidden_path) + response.should be_success + end + + it "should not be able to view maintainers list(index)", :anonymous_access => false do + get :index, :platform_id => @platform.id + response.should redirect_to(new_user_session_path) end end diff --git a/spec/controllers/platforms/platforms_controller_spec.rb b/spec/controllers/platforms/platforms_controller_spec.rb index 87247e8da..6ec4157b4 100644 --- a/spec/controllers/platforms/platforms_controller_spec.rb +++ b/spec/controllers/platforms/platforms_controller_spec.rb @@ -2,7 +2,6 @@ require 'spec_helper' shared_examples_for 'platform owner' do - it_should_behave_like 'platform index viewer' it 'should not be able to destroy personal platform' do delete :destroy, :id => @personal_platform.id @@ -19,14 +18,39 @@ shared_examples_for 'platform owner' do end end -shared_examples_for 'platform index viewer' do +shared_examples_for 'system registered user' do it 'should be able to perform index action' do get :index response.should render_template(:index) end -end + it 'should be able to perform show action' do + get :show, :id => @platform.id + response.should render_template(:show) + assigns(:platform).should eq @platform + end + + it 'should be able to perform members action' do + get :members, :id => @platform.id + response.should render_template(:members) + response.should be_success + end + + it 'should be able to perform advisories action' do + get :advisories, :id => @platform.id + response.should render_template(:advisories) + response.should be_success + end + +end + shared_examples_for 'user without create rights' do + + it 'should not be able to perform new action' do + get :new + response.should redirect_to(forbidden_path) + end + it 'should not be able to create platform' do post :create, @create_params response.should redirect_to(forbidden_path) @@ -39,7 +63,10 @@ describe Platforms::PlatformsController do @platform = FactoryGirl.create(:platform) @personal_platform = FactoryGirl.create(:platform, :platform_type => 'personal') + @user = FactoryGirl.create(:user) + set_session_for(@user) + @create_params = {:platform => { :name => 'pl1', :description => 'pl1', @@ -49,6 +76,10 @@ describe Platforms::PlatformsController do end context 'for guest' do + before(:each) do + set_session_for(User.new) + end + [:index, :create].each do |action| it "should not be able to perform #{ action } action" do get action @@ -63,26 +94,32 @@ describe Platforms::PlatformsController do end end - if APP_CONFIG[:anonymous_access] - it "should be able to perform show action" do - get :show, :id => @platform - response.should render_template(:show) - end - else - it "should not be able to perform show action" do - get :show, :id => @platform + [:show, :members, :advisories].each do |action| + it "should not be able to perform #{ action } action", :anonymous_access => false do + get action, :id => @platform response.should redirect_to(new_user_session_path) end end + + [:show, :members, :advisories].each do |action| + it "should be able to perform #{ action } action", :anonymous_access => true do + get action, :id => @platform + response.should render_template(action) + response.should be_success + end + end + end context 'for global admin' do before(:each) do - @admin = FactoryGirl.create(:admin) - @user = FactoryGirl.create(:user) - set_session_for(@admin) + @user.role = "admin" + @user.save end + it_should_behave_like 'system registered user' + it_should_behave_like 'platform owner' + it 'should be able to perform new action' do get :new response.should render_template(:new) @@ -97,54 +134,37 @@ describe Platforms::PlatformsController do lambda { post :create, @create_params }.should change{ Platform.count }.by(1) end - it_should_behave_like 'platform owner' - it 'should create platform with mentioned owner if owner id present' do - post :create, @create_params.merge({:admin_id => @user.id, :admin_uname => @user.uname}) - Platform.last.owner.id.should eql(@user.id) + owner = FactoryGirl.create(:user) + post :create, @create_params.merge({:admin_id => owner.id, :admin_uname => owner.uname}) + Platform.last.owner.id.should eql(owner.id) end it 'should create platform with current user as owner if owner id not present' do post :create, @create_params - Platform.last.owner.id.should eql(@admin.id) + Platform.last.owner.id.should eql(@user.id) end end context 'for owner user' do before(:each) do - @user = FactoryGirl.create(:user) + @user = @platform.owner set_session_for(@user) - - @platform.owner = @user - @platform.save - - @platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') end + it_should_behave_like 'system registered user' it_should_behave_like 'user without create rights' it_should_behave_like 'platform owner' - it 'should be able to perform new action' do - get :new - response.should redirect_to(forbidden_path) - end - - it 'should be able to perform create action' do - post :create, @create_params - response.should redirect_to(forbidden_path) - end - end context 'for reader user' do before(:each) do - @user = FactoryGirl.create(:user) - set_session_for(@user) @platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader') end - it_should_behave_like 'platform index viewer' + it_should_behave_like 'system registered user' it_should_behave_like 'user without create rights' it 'should not be able to perform destroy action' do diff --git a/spec/controllers/platforms/products_controller_spec.rb b/spec/controllers/platforms/products_controller_spec.rb index 7fab208e0..4c500eb48 100644 --- a/spec/controllers/platforms/products_controller_spec.rb +++ b/spec/controllers/platforms/products_controller_spec.rb @@ -31,9 +31,16 @@ describe Platforms::ProductsController do @product = FactoryGirl.create(:product, :platform => @platform) @create_params = {:product => {:name => 'pro'}, :platform_id => @platform.id} @update_params = {:product => {:name => 'pro2'}, :platform_id => @platform.id} + + @user = FactoryGirl.create(:user) + set_session_for(@user) end context 'for guest' do + before(:each) do + set_session_for(User.new) + end + [:create].each do |action| it "should not be able to perform #{ action } action" do get action, :platform_id => @platform.id @@ -48,34 +55,42 @@ describe Platforms::ProductsController do end end - if APP_CONFIG['anonymous_access'] - it "should be able to perform show action" do - get :show, :id => @product.id, :platform_id => @platform.id - response.should render_template(:show) - end - else - it "should not be able to perform show action" do - get :show, :id => @product.id, :platform_id => @platform.id + [:show, :index].each do |action| + it "should not be able to perform #{ action } action", :anonymous_access => false do + get action, :id => @product.id, :platform_id => @platform.id response.should redirect_to(new_user_session_path) end end + + [:show, :index].each do |action| + it "should be able to perform #{ action } action", :anonymous_access => true do + get action, :id => @product.id, :platform_id => @platform.id + response.should render_template(action) + response.should be_success + end + end end context 'for global admin' do before(:each) do - @admin = FactoryGirl.create(:admin) - set_session_for(@admin) + @user.role = "admin" + @user.save end it_should_behave_like 'admin user' end + context 'for platform owner' do + before(:each) do + @user = @platform.owner + set_session_for(@user) + end + it_should_behave_like 'admin user' + end context 'for admin relation user' do before(:each) do - @user = FactoryGirl.create(:user) - set_session_for(@user) @platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') end @@ -83,10 +98,6 @@ describe Platforms::ProductsController do end context 'for no relation user' do - before(:each) do - @user = FactoryGirl.create(:user) - set_session_for(@user) - end it 'should not be able to create product' do lambda { post :create, @create_params }.should change{ Product.count }.by(0) diff --git a/spec/controllers/platforms/repositories_controller_spec.rb b/spec/controllers/platforms/repositories_controller_spec.rb index 6b5f0bb0c..6a6a9933e 100644 --- a/spec/controllers/platforms/repositories_controller_spec.rb +++ b/spec/controllers/platforms/repositories_controller_spec.rb @@ -40,6 +40,12 @@ shared_examples_for 'registered user' do get :show, :id => @repository.id response.should render_template(:show) end + + it 'should be able to perform projects_list action' do + get :projects_list, :id => @repository.id, :platform_id => @platform.id, :format => :json + response.should be_success + end + end shared_examples_for 'platform admin user' do @@ -75,40 +81,52 @@ describe Platforms::RepositoriesController do @project = FactoryGirl.create(:project) @another_user = FactoryGirl.create(:user) @create_params = {:repository => {:name => 'pro', :description => 'pro2'}, :platform_id => @platform.id} + + @user = FactoryGirl.create(:user) + set_session_for(@user) end context 'for guest' do - [:index, :create].each do |action| - it "should not be able to perform #{ action } action" do - get action, :platform_id => @platform - response.should redirect_to(new_user_session_path) - end + + before(:each) do + set_session_for(User.new) end - [:show, :new, :add_project, :remove_project, :destroy].each do |action| + it "should not be able to perform create action" do + get :create, :platform_id => @platform + response.should redirect_to(new_user_session_path) + end + + [:new, :add_project, :remove_project, :destroy].each do |action| it "should not be able to perform #{ action } action" do get action, :id => @repository.id response.should redirect_to(new_user_session_path) end end - if APP_CONFIG[:anonymous_access] - it "should be able to perform show action" do - get :show, :id => @repository - response.should render_template(:show) - end - else - it "should not be able to perform show action" do - get :show, :id => @repository - response.should redirect_to(new_user_session_path) - end + it_should_behave_like 'registered user' if APP_CONFIG['anonymous_access'] + + it "should not be able to perform show action", :anonymous_access => false do + get :show, :id => @repository + response.should redirect_to(new_user_session_path) end + + it "should not be able to perform index action", :anonymous_access => false do + get :index, :platform_id => @platform + response.should redirect_to(new_user_session_path) + end + + it 'should not be able to perform projects_list action', :anonymous_access => false do + get :projects_list, :id => @repository.id, :platform_id => @platform.id, :format => :json + response.response_code.should == 401 + end + end context 'for admin' do before(:each) do - @admin = FactoryGirl.create(:admin) - set_session_for(@admin) + @user.role = "admin" + @user.save end it_should_behave_like 'platform admin user' @@ -117,21 +135,22 @@ describe Platforms::RepositoriesController do context 'for platform owner user' do before(:each) do - @user = FactoryGirl.create(:user) + @user = @repository.platform.owner set_session_for(@user) - @repository.platform.owner = @user - @repository.platform.save - @repository.platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') + end + + it_should_behave_like 'platform admin user' + end + + context 'for platform member user' do + before(:each) do + @platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin') end it_should_behave_like 'platform admin user' end context 'for user' do - before(:each) do - @user = FactoryGirl.create(:user) - set_session_for(@user) - end it_should_behave_like 'registered user' diff --git a/spec/controllers/projects/git/git_trees_controller_spec.rb b/spec/controllers/projects/git/git_trees_controller_spec.rb index f2baf5020..61c4d68af 100644 --- a/spec/controllers/projects/git/git_trees_controller_spec.rb +++ b/spec/controllers/projects/git/git_trees_controller_spec.rb @@ -16,18 +16,16 @@ describe Projects::Git::TreesController do end context 'for guest' do - if APP_CONFIG['anonymous_access'] - it 'should be able to perform archive action with anonymous acccess' do - fill_project - get :archive, @params.merge(:format => 'tar') - response.should be_success - end - else - it 'should not be able to perform archive action without anonymous acccess' do - fill_project - get :archive, @params.merge(:format => 'tar') - response.code.should == '401' - end + it 'should be able to perform archive action with anonymous acccess', :anonymous_access => true do + fill_project + get :archive, @params.merge(:format => 'tar') + response.should be_success + end + + it 'should not be able to perform archive action without anonymous acccess', :anonymous_access => false do + fill_project + get :archive, @params.merge(:format => 'tar') + response.code.should == '401' end end diff --git a/spec/models/cancan_spec.rb b/spec/models/cancan_spec.rb index e0a1dec94..5f0ba821a 100644 --- a/spec/models/cancan_spec.rb +++ b/spec/models/cancan_spec.rb @@ -103,15 +103,15 @@ describe CanCan do @ability.should be_able_to(:read, @admin) end - pending "shoud be able to read index AutoBuildList" do - @ability.should be_able_to(:index, AutoBuildList) - end - it "shoud be able to read open projects" do @project = FactoryGirl.create(:project, :visibility => 'open') @ability.should be_able_to(:read, @project) end + it 'should be able to see open platform' do + @ability.should be_able_to(:show, open_platform) + end + it "shoud be able to create project" do @ability.should be_able_to(:create, Project) end @@ -150,10 +150,6 @@ describe CanCan do @ability.should be_able_to(:read, @project) end - it 'should be able to read open platform' do - @ability.should be_able_to(:read, open_platform) - end - it 'should be able to read issue' do @ability.should be_able_to(:read, @issue) end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index a29d72fa6..e7ce00299 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -25,6 +25,9 @@ RSpec.configure do |config| # examples within a transaction, remove the following line or assign false # instead of true. config.use_transactional_fixtures = true + + config.filter_run_excluding :anonymous_access => !(APP_CONFIG['anonymous_access']) + end def set_session_for(user=nil) From 3247db53c64a62c22bb1f67e33a6784181898099 Mon Sep 17 00:00:00 2001 From: Vladimir Sharshov Date: Fri, 7 Sep 2012 14:25:04 +0400 Subject: [PATCH 9/9] [refs #635] Fixed the lack of choice owner on create a project page --- app/views/projects/projects/_form.html.haml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/views/projects/projects/_form.html.haml b/app/views/projects/projects/_form.html.haml index 2fd2a90e7..b0424975c 100644 --- a/app/views/projects/projects/_form.html.haml +++ b/app/views/projects/projects/_form.html.haml @@ -6,7 +6,7 @@ .leftlist= f.label :description, t("activerecord.attributes.project.description"), :class => :label .rightlist= f.text_area :description, :class => 'text_field', :cols => 80 .both -- if [:new, :create].include? controller.action_name +- if [:new, :create].include? act .leftlist= f.label :owner_id, t("activerecord.attributes.project.owner"), :class => :label .rightlist = label_tag t("activerecord.attributes.project.who_owns.me")