Fix search bug. Write anonymous read specs for issues and search controllers. Refs #263
This commit is contained in:
parent
977ec8382c
commit
a9ecc683f2
|
@ -18,7 +18,7 @@ class Group < ActiveRecord::Base
|
||||||
|
|
||||||
scope :search_order, order("CHAR_LENGTH(uname) ASC")
|
scope :search_order, order("CHAR_LENGTH(uname) ASC")
|
||||||
scope :without, lambda {|a| where("groups.id NOT IN (?)", a)}
|
scope :without, lambda {|a| where("groups.id NOT IN (?)", a)}
|
||||||
scope :search, lambda {|q| where("uname ILIKE ?", "%#{q.strip}%")}
|
scope :search, lambda {|q| where("uname ILIKE ?", "%#{q.to_s.strip}%")}
|
||||||
scope :opened, where('1=1')
|
scope :opened, where('1=1')
|
||||||
scope :by_owner, lambda {|owner| where(:owner_id => owner.id)}
|
scope :by_owner, lambda {|owner| where(:owner_id => owner.id)}
|
||||||
scope :by_admin, lambda {|admin| joins(:objects).where(:'relations.role' => 'admin', :'relations.object_id' => admin.id, :'relations.object_type' => 'User')}
|
scope :by_admin, lambda {|admin| joins(:objects).where(:'relations.role' => 'admin', :'relations.object_id' => admin.id, :'relations.object_type' => 'User')}
|
||||||
|
|
|
@ -29,7 +29,7 @@ class Platform < ActiveRecord::Base
|
||||||
after_update :update_owner_relation
|
after_update :update_owner_relation
|
||||||
|
|
||||||
scope :search_order, order("CHAR_LENGTH(name) ASC")
|
scope :search_order, order("CHAR_LENGTH(name) ASC")
|
||||||
scope :search, lambda {|q| where("name ILIKE ?", "%#{q.strip}%")}
|
scope :search, lambda {|q| where("name ILIKE ?", "%#{q.to_s.strip}%")}
|
||||||
scope :by_visibilities, lambda {|v| where(:visibility => v)}
|
scope :by_visibilities, lambda {|v| where(:visibility => v)}
|
||||||
scope :opened, where(:visibility => 'open')
|
scope :opened, where(:visibility => 'open')
|
||||||
scope :hidden, where(:visibility => 'hidden')
|
scope :hidden, where(:visibility => 'hidden')
|
||||||
|
|
|
@ -29,7 +29,7 @@ class Project < ActiveRecord::Base
|
||||||
|
|
||||||
scope :recent, order("name ASC")
|
scope :recent, order("name ASC")
|
||||||
scope :search_order, order("CHAR_LENGTH(name) ASC")
|
scope :search_order, order("CHAR_LENGTH(name) ASC")
|
||||||
scope :search, lambda {|q| by_name("%#{q.strip}%")}
|
scope :search, lambda {|q| by_name("%#{q.to_s.strip}%")}
|
||||||
scope :by_name, lambda {|name| where('projects.name ILIKE ?', name)}
|
scope :by_name, lambda {|name| where('projects.name ILIKE ?', name)}
|
||||||
scope :by_visibilities, lambda {|v| where(:visibility => v)}
|
scope :by_visibilities, lambda {|v| where(:visibility => v)}
|
||||||
scope :opened, where(:visibility => 'open')
|
scope :opened, where(:visibility => 'open')
|
||||||
|
|
|
@ -49,7 +49,7 @@ class User < ActiveRecord::Base
|
||||||
|
|
||||||
scope :search_order, order("CHAR_LENGTH(uname) ASC")
|
scope :search_order, order("CHAR_LENGTH(uname) ASC")
|
||||||
scope :without, lambda {|a| where("users.id NOT IN (?)", a)}
|
scope :without, lambda {|a| where("users.id NOT IN (?)", a)}
|
||||||
scope :search, lambda {|q| where("uname ILIKE ?", "%#{q.strip}%")}
|
scope :search, lambda {|q| where("uname ILIKE ?", "%#{q.to_s.strip}%")}
|
||||||
scope :opened, where('1=1')
|
scope :opened, where('1=1')
|
||||||
scope :banned, where(:role => 'banned')
|
scope :banned, where(:role => 'banned')
|
||||||
scope :admin, where(:role => 'admin')
|
scope :admin, where(:role => 'admin')
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
# -*- encoding : utf-8 -*-
|
# encoding: UTF-8
|
||||||
# This file is auto-generated from the current state of the database. Instead
|
# This file is auto-generated from the current state of the database. Instead
|
||||||
# of editing this file, please use the migrations feature of Active Record to
|
# of editing this file, please use the migrations feature of Active Record to
|
||||||
# incrementally modify your database, and then regenerate this schema definition.
|
# incrementally modify your database, and then regenerate this schema definition.
|
||||||
|
@ -11,7 +11,7 @@
|
||||||
#
|
#
|
||||||
# It's strongly recommended to check this file into your version control system.
|
# It's strongly recommended to check this file into your version control system.
|
||||||
|
|
||||||
ActiveRecord::Schema.define(:version => 20120403110931) do
|
ActiveRecord::Schema.define(:version => 20120404134602) do
|
||||||
|
|
||||||
create_table "activity_feeds", :force => true do |t|
|
create_table "activity_feeds", :force => true do |t|
|
||||||
t.integer "user_id", :null => false
|
t.integer "user_id", :null => false
|
||||||
|
@ -102,7 +102,7 @@ ActiveRecord::Schema.define(:version => 20120403110931) do
|
||||||
t.string "locked_by"
|
t.string "locked_by"
|
||||||
t.datetime "created_at"
|
t.datetime "created_at"
|
||||||
t.datetime "updated_at"
|
t.datetime "updated_at"
|
||||||
t.string "queue"
|
t.string "queue", :default => "default"
|
||||||
end
|
end
|
||||||
|
|
||||||
add_index "delayed_jobs", ["priority", "run_at"], :name => "delayed_jobs_priority"
|
add_index "delayed_jobs", ["priority", "run_at"], :name => "delayed_jobs_priority"
|
||||||
|
|
|
@ -39,7 +39,7 @@ end
|
||||||
shared_examples_for 'user without issue update rights' do
|
shared_examples_for 'user without issue update rights' do
|
||||||
it 'should not be able to perform update action' do
|
it 'should not be able to perform update action' do
|
||||||
put :update, {:id => @issue.serial_id}.merge(@update_params)
|
put :update, {:id => @issue.serial_id}.merge(@update_params)
|
||||||
response.should redirect_to(forbidden_path)
|
response.should redirect_to(controller.current_user ? forbidden_path : new_user_session_path)
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'should not update issue title' do
|
it 'should not update issue title' do
|
||||||
|
@ -51,11 +51,11 @@ end
|
||||||
shared_examples_for 'user without issue destroy rights' do
|
shared_examples_for 'user without issue destroy rights' do
|
||||||
it 'should not be able to perform destroy action' do
|
it 'should not be able to perform destroy action' do
|
||||||
delete :destroy, :id => @issue.serial_id, :project_id => @project.id
|
delete :destroy, :id => @issue.serial_id, :project_id => @project.id
|
||||||
response.should redirect_to(forbidden_path)
|
response.should redirect_to(controller.current_user ? forbidden_path : new_user_session_path)
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'should not reduce issues count' do
|
it 'should not reduce issues count' do
|
||||||
lambda{ delete :destroy, :id => @issue.serial_id, :project_id => @project.id }.should change{ Issue.count }.by(0)
|
lambda{ delete :destroy, :id => @issue.serial_id, :project_id => @project.id }.should_not change{ Issue.count }
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -185,4 +185,32 @@ describe IssuesController do
|
||||||
it_should_behave_like 'user without issue destroy rights'
|
it_should_behave_like 'user without issue destroy rights'
|
||||||
it_should_behave_like 'project with issues turned off'
|
it_should_behave_like 'project with issues turned off'
|
||||||
end
|
end
|
||||||
|
|
||||||
|
context 'for guest' do
|
||||||
|
if APP_CONFIG['anonymous_access']
|
||||||
|
it_should_behave_like 'issue user with project reader rights'
|
||||||
|
else
|
||||||
|
it 'should not be able to perform index action' do
|
||||||
|
get :index, :project_id => @project.id
|
||||||
|
response.should redirect_to(new_user_session_path)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'should not be able to perform show action' do
|
||||||
|
get :show, :project_id => @project.id, :id => @issue.serial_id
|
||||||
|
response.should redirect_to(new_user_session_path)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'should not be able to perform create action' do
|
||||||
|
post :create, @create_params
|
||||||
|
response.should redirect_to(new_user_session_path)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'should not create issue object into db' do
|
||||||
|
lambda{ post :create, @create_params }.should_not change{ Issue.count }
|
||||||
|
end
|
||||||
|
|
||||||
|
it_should_behave_like 'user without issue update rights'
|
||||||
|
it_should_behave_like 'user without issue destroy rights'
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -0,0 +1,34 @@
|
||||||
|
# -*- encoding : utf-8 -*-
|
||||||
|
require 'spec_helper'
|
||||||
|
|
||||||
|
shared_examples_for 'able search' do
|
||||||
|
it 'should be able to search' do
|
||||||
|
get :index
|
||||||
|
response.should be_success
|
||||||
|
response.should render_template(:index)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
shared_examples_for 'not able search' do
|
||||||
|
it 'should not be able to search' do
|
||||||
|
get :index
|
||||||
|
response.should redirect_to(controller.current_user ? forbidden_path : new_user_session_path)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe SearchController do
|
||||||
|
before { stub_rsync_methods }
|
||||||
|
|
||||||
|
context 'as guest' do
|
||||||
|
if APP_CONFIG['anonymous_access']
|
||||||
|
it_should_behave_like 'able search'
|
||||||
|
else
|
||||||
|
it_should_behave_like 'not able search'
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'as user' do
|
||||||
|
before {set_session_for FactoryGirl.create(:user)}
|
||||||
|
|
||||||
|
it_should_behave_like 'able search'
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in New Issue