#1: update specs for Platform controller

This commit is contained in:
Vokhmin Alexey V 2013-03-06 16:17:42 +04:00
parent 0021232ee3
commit a3796a019f
3 changed files with 329 additions and 127 deletions

View File

@ -132,12 +132,12 @@ Rosa::Application.routes.draw do
resources :platforms do resources :platforms do
resources :private_users, :except => [:show, :destroy, :update] resources :private_users, :except => [:show, :destroy, :update]
member do member do
post :clear put :clear
get :clone get :clone
get :members get :members
post :remove_members # fixme: change post to delete post :remove_members # fixme: change post to delete
delete :remove_member delete :remove_member
post :add_member put :add_member
post :make_clone post :make_clone
get :advisories get :advisories
end end

View File

@ -188,7 +188,12 @@ shared_examples_for 'api platform user without reader rights for hidden platform
@platform.update_column(:visibility, 'hidden') @platform.update_column(:visibility, 'hidden')
end end
it_should_behave_like 'api platform user without show rights' [:show, :members].each do |action|
it "should not be able to perform #{ action } action" do
get action, :id => @platform.id, :format => :json
response.body.should == {"message" => "Access violation to this page!"}.to_json
end
end
end end
shared_examples_for "api platform user with show rights" do shared_examples_for "api platform user with show rights" do
@ -203,15 +208,6 @@ shared_examples_for "api platform user with show rights" do
end end
end end
shared_examples_for "api platform user without show rights" do
[:show, :members].each do |action|
it "should not be able to perform #{ action } action" do
get action, :id => @platform.id, :format => :json
response.body.should == {"message" => "Access violation to this page!"}.to_json
end
end
end
describe Api::V1::PlatformsController do describe Api::V1::PlatformsController do
let(:clone_or_create_params) { {:id => @platform.id, :platform => {:description => 'new description', :name => 'new_name', :owner_id => @user.id, :distrib_type => APP_CONFIG['distr_types'].first}} } let(:clone_or_create_params) { {:id => @platform.id, :platform => {:description => 'new description', :name => 'new_name', :owner_id => @user.id, :distrib_type => APP_CONFIG['distr_types'].first}} }
before do before do
@ -296,8 +292,6 @@ describe Api::V1::PlatformsController do
http_login(@user) http_login(@user)
@platform.add_member(@user) @platform.add_member(@user)
@personal_platform.add_member(@user) @personal_platform.add_member(@user)
# @platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader')
# @personal_platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader')
end end
context 'perform index action with type param' do context 'perform index action with type param' do

View File

@ -1,98 +1,287 @@
# -*- encoding : utf-8 -*- # -*- encoding : utf-8 -*-
require 'spec_helper' require 'spec_helper'
shared_examples_for 'platform owner' do shared_examples_for 'platform user with reader rights' do
include_examples 'platform user with show rights'
it 'should not be able to destroy personal platform' do [:members, :advisories].each do |action|
delete :destroy, :id => @personal_platform.id it 'should be able to perform advisories action' do
response.should redirect_to(forbidden_path) get action, :id => @platform.id
response.should render_template(action)
response.should be_success
end end
it 'should change objects count on destroy success' do
lambda { delete :destroy, :id => @platform.id }.should change{ Platform.count }.by(-1)
end
it 'should be able to perform destroy action' do
delete :destroy, :id => @platform.id
response.should redirect_to(platforms_path)
end end
end end
shared_examples_for 'system registered user' do shared_examples_for 'platform user with owner rights' do
it 'should be able to perform index action' do
get :index context 'platform user with update rights' do
response.should render_template(:index) before do
put :update, {:platform => {:description => 'new description'}, :id => @platform.id}
end end
it 'should be able to perform update action' do
response.should redirect_to(platform_path(@platform))
end
it 'ensures that platform has been updated' do
@platform.reload
@platform.description.should == 'new description'
end
end
context 'platform user with destroy rights for main platforms only' do
it 'should be able to perform destroy action for main platform' do
delete :destroy, :id => @platform.id
response.should redirect_to(platforms_path)
end
it 'ensures that main platform has been destroyed' do
lambda { delete :destroy, :id => @platform.id }.should change{ Platform.count }.by(-1)
end
it 'should not be able to perform destroy action for personal platform' do
delete :destroy, :id => @personal_platform.id
response.should_not be_success
end
it 'ensures that personal platform has not been destroyed' do
lambda { delete :destroy, :id => @personal_platform.id }.should_not change{ Platform.count }
end
end
end
shared_examples_for 'platform user without owner rights' do
context 'platform user without update rights' do
before do
put :update, {:platform => {:description => 'new description'}, :id => @platform.id}
end
it 'should not be able to perform update action' do
response.should_not be_success
end
it 'ensures that platform has not been updated' do
@platform.reload
@platform.description.should_not == 'new description'
end
end
context 'platform user without destroy rights' do
it 'should not be able to perform destroy action for main platform' do
delete :destroy, :id => @platform.id
response.should_not be_success
end
it 'ensures that main platform has not been destroyed' do
lambda { delete :destroy, :id => @platform.id }.should_not change{ Platform.count }
end
it 'should not be able to perform destroy action for personal platform' do
delete :destroy, :id => @personal_platform.id
response.should_not be_success
end
it 'ensures that personal platform has not been destroyed' do
lambda { delete :destroy, :id => @personal_platform.id }.should_not change{ Platform.count }
end
end
end
shared_examples_for 'platform user with member rights' do
context 'platform user with add_member rights' do
let(:member) { FactoryGirl.create(:user) }
before do
put :add_member, {:member_id => member.id, :id => @platform.id}
end
it 'should be able to perform add_member action' do
response.should redirect_to(members_platform_path(@platform))
end
it 'ensures that new member has been added to platform' do
@platform.members.should include(member)
end
end
context 'platform user with remove_member rights' do
let(:member) { FactoryGirl.create(:user) }
before do
@platform.add_member(member)
delete :remove_member, {:member_id => member.id, :id => @platform.id}
end
it 'should be able to perform remove_member action' do
response.should redirect_to(members_platform_path(@platform))
end
it 'ensures that member has been removed from platform' do
@platform.members.should_not include(member)
end
end
context 'platform user with remove_members rights' do
let(:member) { FactoryGirl.create(:user) }
before do
@platform.add_member(member)
post :remove_members, {:user_remove => {member.id => [1]}, :id => @platform.id}
end
it 'should be able to perform remove_members action' do
response.should redirect_to(members_platform_path(@platform))
end
it 'ensures that member has been removed from platform' do
@platform.members.should_not include(member)
end
end
end
shared_examples_for 'platform user without member rights' do |guest = false|
context 'platform user without add_member rights' do
let(:member) { FactoryGirl.create(:user) }
before do
put :add_member, {:member_id => member.id, :id => @platform.id}
end
it 'should not be able to perform add_member action' do
response.should redirect_to(guest ? new_user_session_path : forbidden_path)
end
it 'ensures that new member has not been added to platform' do
@platform.members.should_not include(member)
end
end
context 'platform user without remove_member rights' do
let(:member) { FactoryGirl.create(:user) }
before do
@platform.add_member(member)
delete :remove_member, {:member_id => member.id, :id => @platform.id}
end
it 'should not be able to perform remove_member action' do
response.should redirect_to(guest ? new_user_session_path : forbidden_path)
end
it 'ensures that member has not been removed from platform' do
@platform.members.should include(member)
end
end
context 'platform user without remove_members rights' do
let(:member) { FactoryGirl.create(:user) }
before do
@platform.add_member(member)
post :remove_members, {:user_remove => {member.id => [1]}, :id => @platform.id}
end
it 'should not be able to perform remove_members action' do
response.should redirect_to(guest ? new_user_session_path : forbidden_path)
end
it 'ensures that member has not been removed from platform' do
@platform.members.should include(member)
end
end
end
shared_examples_for 'platform user without global admin rights' do
context 'should not be able to perform clear action' do
it 'for personal platform' do
put :clear, :id => @personal_platform.id
response.should_not be_success
end
it 'for main platform' do
put :clear, :id => @platform.id
response.should_not be_success
end
end
context 'should not be able to perform clone action' do
it 'for personal platform' do
get :clone, :id => @personal_platform.id
response.should_not be_success
end
it 'for main platform' do
get :clone, :id => @platform.id
response.should_not be_success
end
end
it 'should not be able to perform new action' do
get :new
response.should_not be_success
end
[:create, :make_clone].each do |action|
context "platform user without #{action} rights" do
before { any_instance_of(Platform, :create_directory => true) }
it "should not be able to perform #{action} action" do
post action, clone_or_create_params
response.should_not be_success
end
it "ensures that platform has not been #{action}d" do
lambda { post action, clone_or_create_params }.should_not change{ Platform.count }
end
end
end
end
shared_examples_for 'platform user with reader rights for hidden platform' do
before(:each) do
@platform.update_column(:visibility, 'hidden')
end
it_should_behave_like 'platform user with show rights'
end
shared_examples_for 'platform user without reader rights for hidden platform' do
before(:each) do
@platform.update_column(:visibility, 'hidden')
end
[:show, :members].each do |action|
it "should not be able to perform #{ action } action" do
get action, :id => @platform.id
response.should redirect_to(forbidden_path)
end
end
end
shared_examples_for 'platform user with show rights' do
it 'should be able to perform show action' do it 'should be able to perform show action' do
get :show, :id => @platform.id get :show, :id => @platform.id
response.should render_template(:show) response.should render_template(:show)
assigns(:platform).should eq @platform assigns(:platform).should eq @platform
end end
it 'should be able to perform members action' do
get :members, :id => @platform.id
response.should render_template(:members)
response.should be_success
end
it 'should be able to perform advisories action' do
get :advisories, :id => @platform.id
response.should render_template(:advisories)
response.should be_success
end
end end
shared_examples_for 'user without create rights' do
it 'should not be able to perform new action' do
get :new
response.should redirect_to(forbidden_path)
end
it 'should not be able to create platform' do
post :create, @create_params
response.should redirect_to(forbidden_path)
end
end
describe Platforms::PlatformsController do describe Platforms::PlatformsController do
before(:each) do let(:clone_or_create_params) { {:id => @platform.id, :platform => {:description => 'new description', :name => 'new_name', :owner_id => @user.id, :distrib_type => APP_CONFIG['distr_types'].first}} }
before do
stub_symlink_methods stub_symlink_methods
@platform = FactoryGirl.create(:platform) @platform = FactoryGirl.create(:platform)
@personal_platform = FactoryGirl.create(:platform, :platform_type => 'personal') @personal_platform = FactoryGirl.create(:platform, :platform_type => 'personal')
@user = FactoryGirl.create(:user) @user = FactoryGirl.create(:user)
set_session_for(@user) # set_session_for(@user)
@create_params = {:platform => { # @create_params = {:platform => {
:name => 'pl1', # :name => 'pl1',
:description => 'pl1', # :description => 'pl1',
:platform_type => 'main', # :platform_type => 'main',
:distrib_type => APP_CONFIG['distr_types'].first # :distrib_type => APP_CONFIG['distr_types'].first
}} # }}
end end
context 'for guest' do context 'for guest' do
before(:each) do
set_session_for(User.new)
end
[:index, :create].each do |action| it "should not be able to perform index action" do
it "should not be able to perform #{ action } action" do get :index
get action
response.should redirect_to(new_user_session_path) response.should redirect_to(new_user_session_path)
end end
end
[:new, :edit, :clone, :destroy].each do |action|
it "should not be able to perform #{ action } action" do
get action, :id => @platform
response.should redirect_to(new_user_session_path)
end
end
[:show, :members, :advisories].each do |action| [:show, :members, :advisories].each do |action|
it "should not be able to perform #{ action } action", :anonymous_access => false do it "should not be able to perform #{ action } action", :anonymous_access => false do
@ -101,75 +290,94 @@ describe Platforms::PlatformsController do
end end
end end
[:show, :members, :advisories].each do |action| it_should_behave_like 'platform user with show rights' if APP_CONFIG['anonymous_access']
it "should be able to perform #{ action } action", :anonymous_access => true do it_should_behave_like 'platform user without reader rights for hidden platform' if APP_CONFIG['anonymous_access']
get action, :id => @platform it_should_behave_like 'platform user without member rights', true
response.should render_template(action) it_should_behave_like 'platform user without owner rights'
response.should be_success it_should_behave_like 'platform user without global admin rights'
end
end
end end
context 'for global admin' do context 'for global admin' do
before(:each) do before do
@user.role = "admin" @admin = FactoryGirl.create(:admin)
@user.save http_login(@admin)
end end
it_should_behave_like 'system registered user' it_should_behave_like 'platform user with reader rights'
it_should_behave_like 'platform owner' it_should_behave_like 'platform user with reader rights for hidden platform'
it_should_behave_like 'platform user with member rights'
it_should_behave_like 'platform user with owner rights'
it 'should be able to perform new action' do it "should be able to perform new action" do
get :new get :new, :id => @platform
response.should render_template(:new) response.should render_template(:new)
end end
it 'should be able to perform create action' do it "should be able to perform clone action" do
post :create, @create_params get :clone, :id => @platform
response.should render_template(:clone)
end
[:make_clone, :create].each do |action|
context "with #{action} rights" do
before do
any_instance_of(Platform, :create_directory => true)
clone_or_create_params[:platform][:owner_id] = @admin.id
end
it "should be able to perform #{action} action" do
post action, clone_or_create_params
response.should redirect_to(platform_path(Platform.last)) response.should redirect_to(platform_path(Platform.last))
end end
it "ensures that platform has been #{action}d" do
it 'should change objects count on create success' do lambda { post action, clone_or_create_params }.should change{ Platform.count }.by(1)
lambda { post :create, @create_params }.should change{ Platform.count }.by(1)
end end
it 'should create platform with mentioned owner if owner id present' do
owner = FactoryGirl.create(:user)
post :create, @create_params.merge({:admin_id => owner.id, :admin_uname => owner.uname})
Platform.last.owner.id.should eql(owner.id)
end end
it 'should create platform with current user as owner if owner id not present' do
post :create, @create_params
Platform.last.owner.id.should eql(@user.id)
end end
end end
context 'for owner user' do context 'for owner user' do
before(:each) do before do
@user = @platform.owner http_login(@user)
set_session_for(@user) @platform.owner = @user; @platform.save
@platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin')
end end
it_should_behave_like 'system registered user' it_should_behave_like 'platform user with reader rights'
it_should_behave_like 'user without create rights' it_should_behave_like 'platform user with reader rights for hidden platform'
it_should_behave_like 'platform owner' it_should_behave_like 'platform user with member rights'
it_should_behave_like 'platform user with owner rights'
it_should_behave_like 'platform user without global admin rights'
end end
context 'for reader user' do context 'for member of platform' do
before(:each) do before do
@platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader') http_login(@user)
@platform.add_member(@user)
@personal_platform.add_member(@user)
end end
it_should_behave_like 'system registered user' it_should_behave_like 'platform user with reader rights'
it_should_behave_like 'user without create rights' it_should_behave_like 'platform user with reader rights for hidden platform'
it_should_behave_like 'platform user with member rights'
it_should_behave_like 'platform user without owner rights'
it_should_behave_like 'platform user without global admin rights'
end
it 'should not be able to perform destroy action' do context 'for simple user' do
delete :destroy, :id => @platform.id before do
response.should redirect_to(forbidden_path) http_login(@user)
end end
it "should be able to perform index action" do
get :index
response.should render_template(:index)
end end
it_should_behave_like 'platform user with reader rights'
it_should_behave_like 'platform user without reader rights for hidden platform'
it_should_behave_like 'platform user without member rights'
it_should_behave_like 'platform user without owner rights'
it_should_behave_like 'platform user without global admin rights'
end
end end