From 9ba535a5e5509a93bc3c20071b61c40d252170e3 Mon Sep 17 00:00:00 2001
From: Vokhmin Alexey V <avokhmin@gmail.com>
Date: Sat, 4 Apr 2015 00:16:02 +0300
Subject: [PATCH] #465: Update specs for Platforms::ProductsController

---
 .../api/v1/product_build_lists_controller.rb  |  1 -
 .../platforms/products_controller.rb          | 14 +++++--
 app/policies/project_policy.rb                |  1 +
 .../platforms/products_controller_spec.rb     | 41 +++++++++++--------
 4 files changed, 36 insertions(+), 21 deletions(-)

diff --git a/app/controllers/api/v1/product_build_lists_controller.rb b/app/controllers/api/v1/product_build_lists_controller.rb
index 873fa9719..b360051c2 100644
--- a/app/controllers/api/v1/product_build_lists_controller.rb
+++ b/app/controllers/api/v1/product_build_lists_controller.rb
@@ -11,7 +11,6 @@ class Api::V1::ProductBuildListsController < Api::V1::BaseController
         @product.product_build_lists
       else
        PlatformPolicy::Scope.new(current_user, ProductBuildList.joins(product: :platform)).show
-      #  ProductBuildList.accessible_by current_ability, :read
       end
     @product_build_lists = @product_build_lists.joins(:product, :project, :arch)
     @product_build_lists = @product_build_lists.recent.paginate(paginate_params)
diff --git a/app/controllers/platforms/products_controller.rb b/app/controllers/platforms/products_controller.rb
index 012e3e244..a915d3a1b 100644
--- a/app/controllers/platforms/products_controller.rb
+++ b/app/controllers/platforms/products_controller.rb
@@ -4,11 +4,10 @@ class Platforms::ProductsController < Platforms::BaseController
   before_action :authenticate_user!
   skip_before_action :authenticate_user!, only: [:index, :show] if APP_CONFIG['anonymous_access']
 
-  load_and_authorize_resource :platform
-  load_and_authorize_resource :product, through: :platform, except: :autocomplete_project
+  before_action :load_product, except: [:create, :autocomplete_project]
 
   def index
-    @products = @products.paginate(page: params[:page])
+    @products = @platform.products.paginate(page: params[:page])
   end
 
   def new
@@ -20,6 +19,7 @@ class Platforms::ProductsController < Platforms::BaseController
   end
 
   def create
+    authorize @product = @platform.products.build(params[:product])
     if @product.save
       flash[:notice] = t('flash.product.saved')
       redirect_to platform_product_path(@platform, @product)
@@ -53,9 +53,17 @@ class Platforms::ProductsController < Platforms::BaseController
   end
 
   def autocomplete_project
+    authorize :project
     @items = ProjectPolicy::Scope.new(current_user, Project).membered.
       by_owner_and_name(params[:query]).limit(20)
     #items.select! {|e| e.repo.branches.count > 0}
   end
 
+  private
+
+  # Private: before_action hook which loads Product.
+  def load_product
+    authorize @product = Product.find(params[:id])
+  end
+
 end
diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb
index a6b9288f2..60e1f745d 100644
--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -3,6 +3,7 @@ class ProjectPolicy < ApplicationPolicy
   def index?
     !user.guest?
   end
+  alias_method :autocomplete_project?,      :index?
   alias_method :remove_user?,               :index?
   alias_method :preview?,                   :index?
 
diff --git a/spec/controllers/platforms/products_controller_spec.rb b/spec/controllers/platforms/products_controller_spec.rb
index 8d2183ac7..a3191e46d 100644
--- a/spec/controllers/platforms/products_controller_spec.rb
+++ b/spec/controllers/platforms/products_controller_spec.rb
@@ -3,20 +3,23 @@ require 'spec_helper'
 shared_examples_for 'admin user' do
 
   it 'should be able to create product' do
-    lambda { post :create, @create_params }.should change{ Product.count }.by(1)
-    response.should redirect_to(platform_product_path( Product.last.platform, Product.last ))
+    expect do
+      post :create, @create_params
+    end.to change(Product, :count).by(1)
+    expect(response).to redirect_to(platform_product_path( Product.last.platform, Product.last ))
   end
 
   it 'should be able to update product' do
     put :update, {id: @product.id}.merge(@update_params)
-    response.should redirect_to platform_product_path(@platform, @product)
-    @product.reload
-    @product.name.should eql('pro2')
+    expect(response).to redirect_to platform_product_path(@platform, @product)
+    expect(@product.reload.name).to eq 'pro2'
   end
 
   it 'should be able to destroy product' do
-    lambda { delete :destroy, id: @product.id, platform_id: @platform }.should change{ Product.count }.by(-1)
-    response.should redirect_to(platform_products_path(@platform))
+    expect do
+      delete :destroy, id: @product.id, platform_id: @platform
+    end.to change(Product, :count).by(-1)
+    expect(response).to redirect_to(platform_products_path(@platform))
   end
 
 end
@@ -46,29 +49,29 @@ describe Platforms::ProductsController, type: :controller do
     [:create].each do |action|
       it "should not be able to perform #{ action } action" do
         get action, platform_id: @platform.id
-        response.should redirect_to(new_user_session_path)
+        expect(response).to redirect_to(new_user_session_path)
       end
     end
 
     [:new, :edit, :update, :destroy].each do |action|
       it "should not be able to perform #{ action } action" do
         get action, id: @product.id, platform_id: @platform.id
-        response.should redirect_to(new_user_session_path)
+        expect(response).to redirect_to(new_user_session_path)
       end
     end
 
     [:show, :index].each do |action|
       it "should not be able to perform #{ action } action", anonymous_access: false do
         get action, id: @product.id, platform_id: @platform.id
-        response.should redirect_to(new_user_session_path)
+        expect(response).to redirect_to(new_user_session_path)
       end
     end
 
     [:show, :index].each do |action|
       it "should be able to perform #{ action } action", anonymous_access: true do
         get action, id: @product.id, platform_id: @platform.id
-        response.should render_template(action)
-        response.should be_success
+        expect(response).to render_template(action)
+        expect(response).to be_success
       end
     end
   end
@@ -102,18 +105,22 @@ describe Platforms::ProductsController, type: :controller do
   context 'for no relation user' do
 
     it 'should not be able to create product' do
-      lambda { post :create, @create_params }.should change{ Product.count }.by(0)
-      response.should redirect_to(forbidden_path)
+      expect do
+        post :create, @create_params
+      end.to_not change(Product, :count)
+      expect(response).to redirect_to(forbidden_path)
     end
 
     it 'should not be able to perform update action' do
       put :update, {id: @product.id}.merge(@update_params)
-      response.should redirect_to(forbidden_path)
+      expect(response).to redirect_to(forbidden_path)
     end
 
     it 'should not be able to destroy product' do
-      lambda { delete :destroy, id: @product.id, platform_id: @platform }.should change{ Product.count }.by(0)
-      response.should redirect_to(forbidden_path)
+      expect do
+        delete :destroy, id: @product.id, platform_id: @platform
+      end.to_not change(Product, :count)
+      expect(response).to redirect_to(forbidden_path)
     end
 
   end