diff --git a/app/models/ability.rb b/app/models/ability.rb index dfe309f97..01cb79a4c 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -141,6 +141,7 @@ class Ability can(:read, Product, read_relations_for('products', 'platforms')) {|product| product.platform.main?} can([:create, :update, :destroy, :clone], Product) {|product| local_admin? product.platform and product.platform.main?} + can([:create, :cancel], ProductBuildList) {|pbl| can?(:write, pbl.project)} can([:create, :cancel, :update], ProductBuildList) {|pbl| can?(:update, pbl.product)} can(:destroy, ProductBuildList) {|pbl| can?(:destroy, pbl.product)} diff --git a/app/models/product_build_list.rb b/app/models/product_build_list.rb index f4a55a066..ff77f2681 100644 --- a/app/models/product_build_list.rb +++ b/app/models/product_build_list.rb @@ -80,6 +80,8 @@ class ProductBuildList < ActiveRecord::Base Time.now - LIVE_TIME, Time.now - MAX_LIVE_TIME) } + after_initialize :init_project, if: :new_record? + after_create :add_job_to_abf_worker_queue before_destroy :can_destroy? @@ -153,6 +155,10 @@ class ProductBuildList < ActiveRecord::Base protected + def init_project + self.project ||= product.try(:project) + end + def abf_worker_priority '' end diff --git a/spec/controllers/api/v1/product_build_lists_controller.rb b/spec/controllers/api/v1/product_build_lists_controller.rb index 35ee395a3..38810b276 100644 --- a/spec/controllers/api/v1/product_build_lists_controller.rb +++ b/spec/controllers/api/v1/product_build_lists_controller.rb @@ -115,6 +115,7 @@ end describe Api::V1::ProductBuildListsController do before(:each) do stub_symlink_methods + FactoryGirl.create(:arch, name: 'x86_64') @product_build_list = FactoryGirl.create(:product_build_list) @another_user = FactoryGirl.create(:user) diff --git a/spec/models/cancan_spec.rb b/spec/models/cancan_spec.rb index 867010e1f..2a8e262cf 100644 --- a/spec/models/cancan_spec.rb +++ b/spec/models/cancan_spec.rb @@ -318,5 +318,43 @@ describe CanCan do end end end # 'repository relations' + + context 'product build list relations' do + let(:product_build_list) { FactoryGirl.create(:product_build_list) } + + before { FactoryGirl.create(:arch, name: 'x86_64') } + + context 'with platform admin rights' do + before do + product_build_list.product.platform.owner = @user + product_build_list.product.platform.save + end + + [:read, :create, :update, :destroy, :log, :cancel].each do |action| + it "should be able to #{action} product build list" do + @ability.should be_able_to(action, product_build_list) + end + end + end + + context 'with project writer rights' do + before do + create_relation(product_build_list.project, @user, 'writer') + end + + [:read, :create, :log, :cancel].each do |action| + it "should be able to #{action} product build list" do + @ability.should be_able_to(action, product_build_list) + end + end + + [:update, :destroy].each do |action| + it "should not be able to #{action} product build list" do + @ability.should_not be_able_to(action, product_build_list) + end + end + end + end # 'repository relations' + end # 'Site user' end