#1: update specs for Platform controller

2013-03-06 16:17:42 +04:00 · 2013-03-06 16:17:42 +04:00 · a3796a019f
parent 0021232ee3
commit a3796a019f
3 changed files with 329 additions and 127 deletions
--- a/config/routes.rb
+++ b/config/routes.rb
@ -132,12 +132,12 @@ Rosa::Application.routes.draw do
    resources :platforms do
      resources :private_users, :except => [:show, :destroy, :update]
      member do
-        post   :clear
+        put    :clear
        get    :clone
        get    :members
        post   :remove_members # fixme: change post to delete
        delete :remove_member
-        post   :add_member
+        put    :add_member
        post   :make_clone
        get    :advisories
      end
--- a/spec/controllers/api/v1/platforms_controller_spec.rb
+++ b/spec/controllers/api/v1/platforms_controller_spec.rb
@ -188,7 +188,12 @@ shared_examples_for 'api platform user without reader rights for hidden platform
    @platform.update_column(:visibility, 'hidden')
  end
-  it_should_behave_like 'api platform user without show rights'
+  [:show, :members].each do |action|
    it "should not be able to perform #{ action } action" do
      get action, :id => @platform.id, :format => :json
      response.body.should == {"message" => "Access violation to this page!"}.to_json
    end
  end
 end
 shared_examples_for "api platform user with show rights" do
@ -203,15 +208,6 @@ shared_examples_for "api platform user with show rights" do
  end
 end
 shared_examples_for "api platform user without show rights" do
  [:show, :members].each do |action|
    it "should not be able to perform #{ action } action" do
      get action, :id => @platform.id, :format => :json
      response.body.should == {"message" => "Access violation to this page!"}.to_json
    end
  end
 end
 describe Api::V1::PlatformsController do
  let(:clone_or_create_params) { {:id => @platform.id, :platform => {:description => 'new description', :name => 'new_name', :owner_id => @user.id, :distrib_type => APP_CONFIG['distr_types'].first}} }
  before do
@ -296,8 +292,6 @@ describe Api::V1::PlatformsController do
      http_login(@user)
      @platform.add_member(@user)
      @personal_platform.add_member(@user)
      # @platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader')
      # @personal_platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader')
    end
    context 'perform index action with type param' do
--- a/spec/controllers/platforms/platforms_controller_spec.rb
+++ b/spec/controllers/platforms/platforms_controller_spec.rb
@ -1,97 +1,286 @@
 # -*- encoding : utf-8 -*-
 require 'spec_helper'
-shared_examples_for 'platform owner' do
+shared_examples_for 'platform user with reader rights' do
  include_examples 'platform user with show rights'
-  it 'should not be able to destroy personal platform' do
+  [:members, :advisories].each do |action|
-    delete :destroy, :id => @personal_platform.id
+    it 'should be able to perform advisories action' do
-    response.should redirect_to(forbidden_path)
+      get action, :id => @platform.id
-  end
+      response.should render_template(action)
-
+      response.should be_success
-  it 'should change objects count on destroy success' do
+    end
    lambda { delete :destroy, :id => @platform.id }.should change{ Platform.count }.by(-1)
  end
  it 'should be able to perform destroy action' do
    delete :destroy, :id => @platform.id
    response.should redirect_to(platforms_path)
  end
 end
-shared_examples_for 'system registered user' do
+shared_examples_for 'platform user with owner rights' do
-  it 'should be able to perform index action' do
+
-    get :index
+  context 'platform user with update rights' do
-    response.should render_template(:index)
+    before do
      put :update, {:platform => {:description => 'new description'}, :id => @platform.id}
    end
    it 'should be able to perform update action' do
      response.should redirect_to(platform_path(@platform))
    end
    it 'ensures that platform has been updated' do
      @platform.reload
      @platform.description.should == 'new description'
    end
  end
  context 'platform user with destroy rights for main platforms only' do
    it 'should be able to perform destroy action for main platform' do
      delete :destroy, :id => @platform.id
      response.should redirect_to(platforms_path)
    end
    it 'ensures that main platform has been destroyed' do
      lambda { delete :destroy, :id => @platform.id }.should change{ Platform.count }.by(-1)
    end
    it 'should not be able to perform destroy action for personal platform' do
      delete :destroy, :id => @personal_platform.id
      response.should_not be_success
    end
    it 'ensures that personal platform has not been destroyed' do
      lambda { delete :destroy, :id => @personal_platform.id }.should_not change{ Platform.count }
    end
  end
 end
 shared_examples_for 'platform user without owner rights' do
  context 'platform user without update rights' do
    before do
      put :update, {:platform => {:description => 'new description'}, :id => @platform.id}
    end
    it 'should not be able to perform update action' do
      response.should_not be_success
    end
    it 'ensures that platform has not been updated' do
      @platform.reload
      @platform.description.should_not == 'new description'
    end
  end
  context 'platform user without destroy rights' do
    it 'should not be able to perform destroy action for main platform' do
      delete :destroy, :id => @platform.id
      response.should_not be_success
    end
    it 'ensures that main platform has not been destroyed' do
      lambda { delete :destroy, :id => @platform.id }.should_not change{ Platform.count }
    end
    it 'should not be able to perform destroy action for personal platform' do
      delete :destroy, :id => @personal_platform.id
      response.should_not be_success
    end
    it 'ensures that personal platform has not been destroyed' do
      lambda { delete :destroy, :id => @personal_platform.id }.should_not change{ Platform.count }
    end
  end
 end
 shared_examples_for 'platform user with member rights' do
  context 'platform user with add_member rights' do
    let(:member) { FactoryGirl.create(:user) }
    before do
      put :add_member, {:member_id => member.id, :id => @platform.id}
    end
    it 'should be able to perform add_member action' do
      response.should redirect_to(members_platform_path(@platform))
    end
    it 'ensures that new member has been added to platform' do
      @platform.members.should include(member)
    end
  end
  context 'platform user with remove_member rights' do
    let(:member) { FactoryGirl.create(:user) }
    before do
      @platform.add_member(member)
      delete :remove_member, {:member_id => member.id, :id => @platform.id}
    end
    it 'should be able to perform remove_member action' do
      response.should redirect_to(members_platform_path(@platform))
    end
    it 'ensures that member has been removed from platform' do
      @platform.members.should_not include(member)
    end
  end
  context 'platform user with remove_members rights' do
    let(:member) { FactoryGirl.create(:user) }
    before do
      @platform.add_member(member)
      post :remove_members, {:user_remove => {member.id => [1]}, :id => @platform.id}
    end
    it 'should be able to perform remove_members action' do
      response.should redirect_to(members_platform_path(@platform))
    end
    it 'ensures that member has been removed from platform' do
      @platform.members.should_not include(member)
    end
  end
 end
 shared_examples_for 'platform user without member rights' do |guest = false|
  context 'platform user without add_member rights' do
    let(:member) { FactoryGirl.create(:user) }
    before do
      put :add_member, {:member_id => member.id, :id => @platform.id}
    end
    it 'should not be able to perform add_member action' do
      response.should redirect_to(guest ? new_user_session_path : forbidden_path)
    end
    it 'ensures that new member has not been added to platform' do
      @platform.members.should_not include(member)
    end
  end
  context 'platform user without remove_member rights' do
    let(:member) { FactoryGirl.create(:user) }
    before do
      @platform.add_member(member)
      delete :remove_member, {:member_id => member.id, :id => @platform.id}
    end
    it 'should not be able to perform remove_member action' do
      response.should redirect_to(guest ? new_user_session_path : forbidden_path)
    end
    it 'ensures that member has not been removed from platform' do
      @platform.members.should include(member)
    end
  end
  context 'platform user without remove_members rights' do
    let(:member) { FactoryGirl.create(:user) }
    before do
      @platform.add_member(member)
      post :remove_members, {:user_remove => {member.id => [1]}, :id => @platform.id}
    end
    it 'should not be able to perform remove_members action' do
      response.should redirect_to(guest ? new_user_session_path : forbidden_path)
    end
    it 'ensures that member has not been removed from platform' do
      @platform.members.should include(member)
    end
  end
 end
 shared_examples_for 'platform user without global admin rights' do
  context 'should not be able to perform clear action' do
    it 'for personal platform' do
      put :clear, :id => @personal_platform.id
      response.should_not be_success
    end
    it 'for main platform' do
      put :clear, :id => @platform.id
      response.should_not be_success
    end
  end
  context 'should not be able to perform clone action' do
    it 'for personal platform' do
      get :clone, :id => @personal_platform.id
      response.should_not be_success
    end
    it 'for main platform' do
      get :clone, :id => @platform.id
      response.should_not be_success
    end
  end
  it 'should not be able to perform new action' do
    get :new
    response.should_not be_success
  end
  [:create, :make_clone].each do |action|
    context "platform user without #{action} rights" do
      before { any_instance_of(Platform, :create_directory => true) }
      it "should not be able to perform #{action} action" do
        post action, clone_or_create_params
        response.should_not be_success
      end
      it "ensures that platform has not been #{action}d" do
        lambda { post action, clone_or_create_params }.should_not change{ Platform.count }
      end
    end
  end
 end
 shared_examples_for 'platform user with reader rights for hidden platform' do
  before(:each) do
    @platform.update_column(:visibility, 'hidden')
  end
  it_should_behave_like 'platform user with show rights'
 end
 shared_examples_for 'platform user without reader rights for hidden platform' do
  before(:each) do
    @platform.update_column(:visibility, 'hidden')
  end
  [:show, :members].each do |action|
    it "should not be able to perform #{ action } action" do
      get action, :id => @platform.id
      response.should redirect_to(forbidden_path)
    end
  end
 end
 shared_examples_for 'platform user with show rights' do
  it 'should be able to perform show action' do
    get :show, :id => @platform.id
    response.should render_template(:show)
    assigns(:platform).should eq @platform
  end
  it 'should be able to perform members action' do
    get :members, :id => @platform.id
    response.should render_template(:members)
    response.should be_success
  end
  it 'should be able to perform advisories action' do
    get :advisories, :id => @platform.id
    response.should render_template(:advisories)
    response.should be_success
  end
 end
 shared_examples_for 'user without create rights' do
  it 'should not be able to perform new action' do
    get :new
    response.should redirect_to(forbidden_path)
  end
-  it 'should not be able to create platform' do
+
-    post :create, @create_params
+
-    response.should redirect_to(forbidden_path)
+
-  end
+
-end
+
 describe Platforms::PlatformsController do
-  before(:each) do
+  let(:clone_or_create_params) { {:id => @platform.id, :platform => {:description => 'new description', :name => 'new_name', :owner_id => @user.id, :distrib_type => APP_CONFIG['distr_types'].first}} }
  before do
    stub_symlink_methods
    @platform = FactoryGirl.create(:platform)
    @personal_platform = FactoryGirl.create(:platform, :platform_type => 'personal')
    @user = FactoryGirl.create(:user)
-    set_session_for(@user)
+    # set_session_for(@user)
-    @create_params = {:platform => {
+    # @create_params = {:platform => {
-      :name => 'pl1',
+    #   :name => 'pl1',
-      :description => 'pl1',
+    #   :description => 'pl1',
-      :platform_type => 'main',
+    #   :platform_type => 'main',
-      :distrib_type => APP_CONFIG['distr_types'].first
+    #   :distrib_type => APP_CONFIG['distr_types'].first
-    }}
+    # }}
  end
  context 'for guest' do
    before(:each) do
      set_session_for(User.new)
    end
-    [:index, :create].each do |action|
+    it "should not be able to perform index action" do
-      it "should not be able to perform #{ action } action" do
+      get :index
-        get action
+      response.should redirect_to(new_user_session_path)
        response.should redirect_to(new_user_session_path)
      end
    end
    [:new, :edit, :clone, :destroy].each do |action|
      it "should not be able to perform #{ action } action" do
        get action, :id => @platform
        response.should redirect_to(new_user_session_path)
      end
    end
    [:show, :members, :advisories].each do |action|
@ -101,75 +290,94 @@ describe Platforms::PlatformsController do
      end
    end
-    [:show, :members, :advisories].each do |action|
+    it_should_behave_like 'platform user with show rights' if APP_CONFIG['anonymous_access']
-      it "should be able to perform #{ action } action", :anonymous_access => true do
+    it_should_behave_like 'platform user without reader rights for hidden platform' if APP_CONFIG['anonymous_access']
-        get action, :id => @platform
+    it_should_behave_like 'platform user without member rights', true
-        response.should render_template(action)
+    it_should_behave_like 'platform user without owner rights'
-        response.should be_success
+    it_should_behave_like 'platform user without global admin rights'
      end
    end
  end
  context 'for global admin' do
-    before(:each) do
+    before do
-      @user.role = "admin"
+      @admin = FactoryGirl.create(:admin)
-      @user.save
+      http_login(@admin)
    end
-    it_should_behave_like 'system registered user'
+    it_should_behave_like 'platform user with reader rights'
-    it_should_behave_like 'platform owner'
+    it_should_behave_like 'platform user with reader rights for hidden platform'
    it_should_behave_like 'platform user with member rights'
    it_should_behave_like 'platform user with owner rights'
-    it 'should be able to perform new action' do
+    it "should be able to perform new action" do
-      get :new
+      get :new, :id => @platform
      response.should render_template(:new)
    end
-    it 'should be able to perform create action' do
+    it "should be able to perform clone action" do
-      post :create, @create_params
+      get :clone, :id => @platform
-      response.should redirect_to(platform_path(Platform.last))
+      response.should render_template(:clone)
    end
-    it 'should change objects count on create success' do
+    [:make_clone, :create].each do |action|
-      lambda { post :create, @create_params }.should change{ Platform.count }.by(1)
+      context "with #{action} rights" do
        before do
          any_instance_of(Platform, :create_directory => true)
          clone_or_create_params[:platform][:owner_id] = @admin.id
        end
        it "should be able to perform #{action} action" do
          post action, clone_or_create_params
          response.should redirect_to(platform_path(Platform.last))
        end
        it "ensures that platform has been #{action}d" do
          lambda { post action, clone_or_create_params }.should change{ Platform.count }.by(1)
        end
      end
    end
    it 'should create platform with mentioned owner if owner id present' do
      owner = FactoryGirl.create(:user)
      post :create, @create_params.merge({:admin_id => owner.id, :admin_uname => owner.uname})
      Platform.last.owner.id.should eql(owner.id)
    end
    it 'should create platform with current user as owner if owner id not present' do
      post :create, @create_params
      Platform.last.owner.id.should eql(@user.id)
    end
  end
  context 'for owner user' do
-    before(:each) do
+    before do
-      @user = @platform.owner
+      http_login(@user)
-      set_session_for(@user)
+      @platform.owner = @user; @platform.save
      @platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin')
    end
-    it_should_behave_like 'system registered user'
+    it_should_behave_like 'platform user with reader rights'
-    it_should_behave_like 'user without create rights'
+    it_should_behave_like 'platform user with reader rights for hidden platform'
-    it_should_behave_like 'platform owner'
+    it_should_behave_like 'platform user with member rights'
-
+    it_should_behave_like 'platform user with owner rights'
    it_should_behave_like 'platform user without global admin rights'
  end
-  context 'for reader user' do
+  context 'for member of platform' do
-    before(:each) do
+    before do
-      @platform.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'reader')
+      http_login(@user)
      @platform.add_member(@user)
      @personal_platform.add_member(@user)
    end
-    it_should_behave_like 'system registered user'
+    it_should_behave_like 'platform user with reader rights'
-    it_should_behave_like 'user without create rights'
+    it_should_behave_like 'platform user with reader rights for hidden platform'
-
+    it_should_behave_like 'platform user with member rights'
-    it 'should not be able to perform destroy action' do
+    it_should_behave_like 'platform user without owner rights'
-      delete :destroy, :id => @platform.id
+    it_should_behave_like 'platform user without global admin rights'
      response.should redirect_to(forbidden_path)
    end
  end
  context 'for simple user' do
    before do
      http_login(@user)
    end
    it "should be able to perform index action" do
      get :index
      response.should render_template(:index)
    end
    it_should_behave_like 'platform user with reader rights'
    it_should_behave_like 'platform user without reader rights for hidden platform'
    it_should_behave_like 'platform user without member rights'
    it_should_behave_like 'platform user without owner rights'
    it_should_behave_like 'platform user without global admin rights'
  end
 end