[refs #54] Add issues tests. Fix some CanCan rights. Make some fixes to logic

This commit is contained in:
konstantin.grabar 2011-12-23 14:56:46 +04:00
parent e2144e0fdb
commit 894bc0c077
7 changed files with 234 additions and 23 deletions

View File

@ -2,7 +2,7 @@ class CommentsController < ApplicationController
before_filter :authenticate_user! before_filter :authenticate_user!
before_filter :set_commentable, :only => [:index, :edit, :create] before_filter :set_commentable, :only => [:index, :edit, :create]
before_filter :find_project, :only => [:index] before_filter :find_project, :only => [:index]
before_filter :find_comment, :only => [:show, :edit, :update, :destroy] before_filter :find_comment, :only => [:edit, :update, :destroy]
authorize_resource :only => [:show, :edit, :update, :destroy] authorize_resource :only => [:show, :edit, :update, :destroy]
authorize_resource :project, :only => [:index] authorize_resource :project, :only => [:index]

View File

@ -34,8 +34,8 @@ class IssuesController < ApplicationController
end end
def update def update
@user_id = params[:user_id] @user_id = params[:user_id].blank? ? @issue.user_id : params[:user_id]
@user_uname = params[:user_uname] @user_uname = params[:user_uname].blank? ? @issue.user.uname : params[:user_uname]
if @issue.update_attributes( params[:issue].merge({:user_id => @user_id}) ) if @issue.update_attributes( params[:issue].merge({:user_id => @user_id}) )
flash[:notice] = I18n.t("flash.issue.saved") flash[:notice] = I18n.t("flash.issue.saved")

View File

@ -97,7 +97,6 @@ class Ability
end end
can [:read, :index], Issue do |issue| can [:read, :index], Issue do |issue|
puts "SHIT\n"*10
issue.status == 'open' issue.status == 'open'
end end
#can [:read], Issue, :status => 'open' #can [:read], Issue, :status => 'open'
@ -120,9 +119,7 @@ class Ability
comment.commentable.project.relations.exists?(:role => 'admin', :object_type => 'User', :object_id => user.id) comment.commentable.project.relations.exists?(:role => 'admin', :object_type => 'User', :object_id => user.id)
end end
# #
cannot [:index, :edit, :update, :create, :new, :read], Issue do |issue| cannot [:index, :edit, :update, :create, :new, :read, :show], Issue do |issue|
puts "FUCK\n"*10
puts !issue.project.has_issues
!issue.project.has_issues !issue.project.has_issues
end end
cannot [:edit, :update, :create, :new, :destroy], Comment do |comment| cannot [:edit, :update, :create, :new, :destroy], Comment do |comment|

View File

@ -243,6 +243,7 @@ ActiveRecord::Schema.define(:version => 20111219073859) do
t.string "object_type" t.string "object_type"
t.integer "target_id" t.integer "target_id"
t.string "target_type" t.string "target_type"
t.integer "role_id"
t.datetime "created_at" t.datetime "created_at"
t.datetime "updated_at" t.datetime "updated_at"
t.string "role" t.string "role"
@ -271,16 +272,16 @@ ActiveRecord::Schema.define(:version => 20111219073859) do
create_table "users", :force => true do |t| create_table "users", :force => true do |t|
t.string "name" t.string "name"
t.string "email", :default => "", :null => false t.string "email", :default => "", :null => false
t.string "encrypted_password", :limit => 128, :default => "", :null => false t.string "encrypted_password", :limit => 128, :default => "", :null => false
t.string "password_salt", :default => "", :null => false
t.string "reset_password_token" t.string "reset_password_token"
t.string "remember_token" t.datetime "reset_password_sent_at"
t.datetime "remember_created_at" t.datetime "remember_created_at"
t.datetime "created_at" t.datetime "created_at"
t.datetime "updated_at" t.datetime "updated_at"
t.text "ssh_key"
t.string "uname" t.string "uname"
t.text "ssh_key"
t.integer "role_id"
t.string "role" t.string "role"
end end

View File

@ -1,5 +1,194 @@
require 'spec_helper' require 'spec_helper'
describe IssuesController do shared_examples_for 'issue user with project reader rights' do
#it_should_behave_like 'user with rights to view issues'
it 'should be able to perform index action' do
get :index, :project_id => @project.id
response.should render_template(:index)
end
it 'should be able to perform show action' do
get :show, :project_id => @project.id, :serial_id => @issue.serial_id
response.should render_template(:show)
end
end
shared_examples_for 'issue user with project writer rights' do
it 'should be able to perform create action' do
post :create, @create_params
response.should redirect_to(project_issues_path(@project))
end
it 'should create issue object into db' do
lambda{ post :create, @create_params }.should change{ Issue.count }.by(1)
end
end
shared_examples_for 'user with issue update rights' do
it 'should be able to perform update action' do
put :update, {:id => @issue.id}.merge(@update_params)
response.should redirect_to(show_issue_path(@project, @issue.serial_id))
end
it 'should update issue title' do
put :update, {:id => @issue.id}.merge(@update_params)
@issue.reload.title.should == 'issue2'
end
end
shared_examples_for 'user without issue update rights' do
it 'should not be able to perform update action' do
put :update, {:id => @issue.id}.merge(@update_params)
response.should redirect_to(forbidden_path)
end
it 'should not update issue title' do
put :update, {:id => @issue.id}.merge(@update_params)
@issue.reload.title.should_not == 'issue2'
end
end
shared_examples_for 'user without issue destroy rights' do
it 'should not be able to perform destroy action' do
delete :destroy, :id => @issue.id, :project_id => @project.id
response.should redirect_to(forbidden_path)
end
it 'should not reduce issues count' do
lambda{ delete :destroy, :id => @issue.id, :project_id => @project.id }.should change{ Issue.count }.by(0)
end
end
shared_examples_for 'project with issues turned off' do
pending 'should not be able to perform index action' do
get :index, :project_id => @project_with_turned_off_issues.id
#response.should redirect_to(forbidden_path)
response.should render_template(:index)
end
it 'should not be able to perform show action' do
get :show, :project_id => @project_with_turned_off_issues.id, :serial_id => @turned_of_issue.serial_id
response.should redirect_to(forbidden_path)
end
end
describe IssuesController do
before(:each) do
stub_rsync_methods
@project = Factory(:project)
@issue_user = Factory(:user)
@create_params = {:project => {:name => 'pro'}}
@update_params = {:project => {:name => 'pro2'}}
any_instance_of(Project, :versions => ['v1.0', 'v2.0'])
@issue = Factory(:issue, :project_id => @project.id, :user_id => @issue_user.id)
@create_params = {
:project_id => @project.id,
:issue => {
:title => "issue1",
:body => "issue body",
:project_id => @project.id
},
:user_id => @issue_user.id,
:user_uname => @issue_user.uname
}
@update_params = {
:project_id => @project.id,
:issue => {
:title => "issue2"
}
}
@project_with_turned_off_issues = Factory(:project, :has_issues => false)
@turned_of_issue = Factory(:issue, :project_id => @project_with_turned_off_issues.id, :user_id => @issue_user.id)
end
context 'for global admin user' do
before(:each) do
@admin = Factory(:admin)
set_session_for(@admin)
end
it_should_behave_like 'user without issue destroy rights'
end
context 'for project admin user' do
before(:each) do
#@admin = Factory(:admin)
#set_session_for(@admin)
@user = Factory(:user)
set_session_for(@user)
@project.relations.create!(:object_type => 'User', :object_id => @user.id, :role => 'admin')
end
it_should_behave_like 'issue user with project reader rights'
it_should_behave_like 'issue user with project writer rights'
it_should_behave_like 'user with issue update rights'
it_should_behave_like 'user without issue destroy rights'
it_should_behave_like 'project with issues turned off'
end
context 'for project owner user' do
before(:each) do
@user = Factory(:user)
set_session_for(@user)
@project.update_attribute(:owner, @user)
@project.relations.create!(:object_type => 'User', :object_id => @user.id, :role => 'admin')
end
it_should_behave_like 'issue user with project reader rights'
it_should_behave_like 'issue user with project writer rights'
it_should_behave_like 'user with issue update rights'
it_should_behave_like 'user without issue destroy rights'
it_should_behave_like 'project with issues turned off'
end
context 'for project reader user' do
before(:each) do
@user = Factory(:user)
set_session_for(@user)
@project.relations.create!(:object_type => 'User', :object_id => @user.id, :role => 'reader')
end
it_should_behave_like 'issue user with project reader rights'
it_should_behave_like 'user without issue update rights'
it_should_behave_like 'user without issue destroy rights'
it_should_behave_like 'project with issues turned off'
it 'should not be able to perform create action' do
post :create, @create_params
response.should redirect_to(forbidden_path)
end
it 'should not create issue object into db' do
lambda{ post :create, @create_params }.should change{ Issue.count }.by(0)
end
end
context 'for project writer user' do
before(:each) do
@user = Factory(:user)
set_session_for(@user)
@project.relations.create!(:object_type => 'User', :object_id => @user.id, :role => 'writer')
end
it_should_behave_like 'issue user with project reader rights'
it_should_behave_like 'issue user with project writer rights'
it_should_behave_like 'user without issue update rights'
it_should_behave_like 'user without issue destroy rights'
it_should_behave_like 'project with issues turned off'
end
context 'for issue assign user' do
before(:each) do
set_session_for(@issue_user)
#@project.relations.create!(:object_type => 'User', :object_id => @user.id, :role => 'writer')
end
it_should_behave_like 'user with issue update rights'
it_should_behave_like 'user without issue destroy rights'
it_should_behave_like 'project with issues turned off'
end
end end

View File

@ -1,6 +1,6 @@
# Read about factories at http://github.com/thoughtbot/factory_girl Factory.define(:issue) do |p|
p.title { Factory.next(:string) }
FactoryGirl.define do p.body { Factory.next(:string) }
factory :issue do p.association :user, :factory => :user
end p.status "open"
end end

View File

@ -118,6 +118,7 @@ describe CanCan do
context 'as project collaborator' do context 'as project collaborator' do
before(:each) do before(:each) do
@project = Factory(:project) @project = Factory(:project)
@issue = Factory(:issue, :project_id => @project.id)
end end
context 'with read rights' do context 'with read rights' do
@ -128,13 +129,17 @@ describe CanCan do
it 'should be able to read project' do it 'should be able to read project' do
@ability.should be_able_to(:read, @project) @ability.should be_able_to(:read, @project)
end end
it 'should be able to read project' do it 'should be able to read open platform' do
@ability.should be_able_to(:read, open_platform) @ability.should be_able_to(:read, open_platform)
end end
it 'should be able to read issue' do
@ability.should be_able_to(:read, @issue)
end
end end
context 'with write rights' do context 'with writer rights' do
before(:each) do before(:each) do
@project.relations.create!(:object_id => @user.id, :object_type => 'User', :role => 'writer') @project.relations.create!(:object_id => @user.id, :object_type => 'User', :role => 'writer')
end end
@ -144,6 +149,12 @@ describe CanCan do
@ability.should be_able_to(action, @project) @ability.should be_able_to(action, @project)
end end
end end
[:read, :create, :new].each do |action|
it "should be able to #{ action } project" do
@ability.should be_able_to(action, @project)
end
end
end end
context 'with admin rights' do context 'with admin rights' do
@ -160,11 +171,18 @@ describe CanCan do
it "should be able to manage collaborators of project" do it "should be able to manage collaborators of project" do
@ability.should be_able_to(:manage_collaborators, @project) @ability.should be_able_to(:manage_collaborators, @project)
end end
[:read, :create, :new, :update, :edit].each do |action|
it "should be able to #{ action } issue" do
@ability.should be_able_to(action, @issue)
end
end
end end
context 'with owner rights' do context 'with owner rights' do
before(:each) do before(:each) do
@project.update_attribute(:owner, @user) @project.update_attribute(:owner, @user)
@issue.project.reload
end end
[:read, :update, :process_build, :build, :destroy].each do |action| [:read, :update, :process_build, :build, :destroy].each do |action|
@ -172,6 +190,12 @@ describe CanCan do
@ability.should be_able_to(action, @project) @ability.should be_able_to(action, @project)
end end
end end
[:read, :update, :edit].each do |action|
it "should be able to #{ action } issue" do
@ability.should be_able_to(action, @issue)
end
end
end end
end end