Software
/
rosa-build
mirror of https://github.com/OpenMandrivaSoftware/rosa-build.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'master' into 698-rest-api-for-advisories

This commit is contained in:
Vokhmin Alexey V 2012-10-18 18:59:00 +04:00
parent f3eff0da92 81fcb62a06
commit d5ad5b1a95
27 changed files with 423 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Gemfile
View File

@ -44,7 +44,7 @@ gem 'trinidad', '~> 1.0.2', :platforms => :jruby
gem 'newrelic_rpm', '~> 3.4.1', :platforms => [:mri, :rbx]
gem 'whenever', '~> 0.7.3', :require => false
gem 'jbuilder', '~> 0.4.0'
gem 'jbuilder', '~> 0.8.2'
gem 'rails3-jquery-autocomplete', '~> 1.0.7'
gem 'will_paginate', '~> 3.0.3'
gem 'meta-tags', '~> 1.2.5', :require => 'meta_tags'

5
Gemfile.lock
View File

@ -145,9 +145,8 @@ GEM
hike (1.2.1)
hirb (0.7.0)
i18n (0.6.0)
jbuilder (0.4.3)
jbuilder (0.8.2)
activesupport (>= 3.0.0)
blankslate (>= 2.1.2.4)
journey (1.0.4)
jquery-rails (2.0.2)
railties (>= 3.2.0, < 5.0)
@ -381,7 +380,7 @@ DEPENDENCIES
haml-rails (~> 0.3.4)
highline (~> 1.6.11)
hirb
jbuilder (~> 0.4.0)
jbuilder (~> 0.8.2)
jquery-rails (~> 2.0.2)
mailcatcher
meta-tags (~> 1.2.5)

11
app/controllers/api/v1/base_controller.rb
View File

@ -25,6 +25,17 @@ class Api::V1::BaseController < ApplicationController
end
end
def update_member_in_subject(subject, relation = :relations)
role = params[:role]
class_name = subject.class.name.downcase
if member.present? && role.present? && subject.respond_to?(:owner) && subject.owner != member &&
subject.send(relation).by_actor(member).update_all(:role => role)
render_json_response subject, "Role for #{member.class.name.downcase} '#{member.id} has been updated in #{class_name} successfully"
else
render_validation_error subject, "Role for member has not been updated in #{class_name}"
end
end
def add_member_to_subject(subject, role = 'admin')
class_name = subject.class.name.downcase
if member.present? && subject.add_member(member, role)

10
app/controllers/api/v1/groups_controller.rb
View File

@ -43,14 +43,8 @@ class Api::V1::GroupsController < Api::V1::BaseController
end
def update_member
member_id, role = params[:member_id], params[:role]
if member_id.present? && role.present? && @group.owner_id != member_id.to_i &&
@group.actors.where(:actor_id => member_id, :actor_type => 'User').
update_all(:role => role)
render_json_response @group, "Role for user #{member_id} has been updated in group successfully"
else
render_validation_error @group, 'Role for user has not been updated in group'
end
params[:type] = 'User'
update_member_in_subject @group, :actors
end
end

56
app/controllers/api/v1/projects_controller.rb
View File

@ -1,10 +1,15 @@
# -*- encoding : utf-8 -*-
class Api::V1::ProjectsController < Api::V1::BaseController
before_filter :authenticate_user!
skip_before_filter :authenticate_user!, :only => [:get_id, :show, :refs] if APP_CONFIG['anonymous_access']
load_and_authorize_resource
load_and_authorize_resource :project
def index
@projects = Project.accessible_by(current_ability, :membered).
paginate(paginate_params)
end
def get_id
if @project = Project.find_by_owner_and_name(params[:owner], params[:name])
@ -20,4 +25,51 @@ class Api::V1::ProjectsController < Api::V1::BaseController
def refs_list
end
def update
update_subject @project
end
def destroy
destroy_subject @project
end
def create
p_params = params[:project] || {}
owner_type = p_params[:owner_type]
if owner_type.present? && %w(User Group).include?(owner_type)
@project.owner = owner_type.constantize.
where(:id => p_params[:owner_id]).first
else
@project.owner = nil
end
authorize! :update, @project.owner if @project.owner != current_user
create_subject @project
end
def members
@members = @project.collaborators.order('uname').paginate(paginate_params)
end
def add_member
add_member_to_subject @project, params[:role]
end
def remove_member
remove_member_from_subject @project
end
def update_member
update_member_in_subject @project
end
def fork
owner = (Group.find params[:group_id] if params[:group].present?) || current_user
authorize! :update, owner if owner.class == Group
if forked = @project.fork(owner) and forked.valid?
render_json_response forked, 'Project has been forked successfully'
else
render_validation_error forked, 'Project has not been forked'
end
end
end

4
app/models/ability.rb
View File

@ -64,7 +64,9 @@ class Ability
can [:read, :archive], Project, :owner_type => 'Group', :owner_id => user.group_ids
can([:read, :membered, :get_id], Project, read_relations_for('projects')) {|project| local_reader? project}
can(:write, Project) {|project| local_writer? project} # for grack
can([:update, :sections, :manage_collaborators, :autocomplete_maintainers], Project) {|project| local_admin? project}
can [:update, :sections, :manage_collaborators, :autocomplete_maintainers, :add_member, :remove_member, :update_member, :members], Project do |project|
local_admin? project
end
can(:fork, Project) {|project| can? :read, project}
can(:fork, Project) {|project| project.owner_type == 'Group' and can? :update, project.owner}
can(:destroy, Project) {|project| owner? project}

8
app/models/group.rb
View File

@ -40,13 +40,7 @@ class Group < Avatar
end
def add_member(member, role = 'admin')
if actors.exists?(:actor_id => member.id, :actor_type => member.class.to_s) || owner == member
true
else
rel = actors.build(:role => role)
rel.actor = member
rel.save
end
Relation.add_member(member, self, role, :actors)
end
def remove_member(member)

12
app/models/project.rb
View File

@ -89,6 +89,14 @@ class Project < ActiveRecord::Base
collaborators | groups.map(&:members).flatten
end
def add_member(member, role = 'admin')
Relation.add_member(member, self, role)
end
def remove_member(member)
Relation.remove_member(member, self)
end
def platforms
@platforms ||= repositories.map(&:platform).uniq
end
@ -191,7 +199,9 @@ class Project < ActiveRecord::Base
end
def set_maintainer
self.maintainer_id = (owner_type == 'User') ? self.owner_id : self.owner.owner_id
if maintainer_id.blank?
self.maintainer_id = (owner_type == 'User') ? self.owner_id : self.owner.owner_id
end
end
end

8
app/models/relation.rb
View File

@ -22,18 +22,18 @@ class Relation < ActiveRecord::Base
r.save
end
def self.add_member(member, target, role)
if target.relations.exists?(:actor_id => member.id, :actor_type => member.class.to_s) || target.try(:owner) == member
def self.add_member(member, target, role, relation = :relations)
if target.send(relation).exists?(:actor_id => member.id, :actor_type => member.class.to_s) || (target.respond_to?(:owner) && target.owner == member)
true
else
rel = target.relations.build(:role => role)
rel = target.send(relation).build(:role => role)
rel.actor = member
rel.save
end
end
def self.remove_member(member, target)
return false if target.try(:owner) == member
return false if target.respond_to?(:owner) && target.owner == member
Relation.by_actor(member).by_target(target).each{|r| r.destroy}
end

5
app/views/api/v1/build_lists/show.json.jbuilder
View File

@ -33,10 +33,7 @@ json.build_list do |json|
json_build_for_platform.url api_v1_platform_path(@build_list.build_for_platform, :format => :json)
end
json.owner do |json_owner|
json_owner.(@build_list.user, :id, :name)
json_owner.url url_for(@build_list.project.owner)
end
json.partial! 'api/v1/shared/owner', :owner => @build_list.project.owner
inc_repos = Repository.includes(:platform).where(:id => @build_list.include_repos)
json.include_repos inc_repos do |json_include_repos, repo|

6
app/views/api/v1/groups/index.json.jbuilder
View File

@ -2,11 +2,7 @@ json.groups @groups do |json, group|
json.(group, :id, :uname, :own_projects_count, :description)
json.created_at group.created_at.to_i
json.updated_at group.updated_at.to_i
json.owner do |json_owner|
json_owner.(group.owner, :id, :name)
json_owner.type 'User'
json_owner.url api_v1_user_path(group.owner_id, :format => :json)
end
json.partial! 'api/v1/shared/owner', :owner => group.owner
json.avatar_url avatar_url(group, :big)
json.url api_v1_group_path(group.id, :format => :json)
json.html_url group_path(group.uname)

6
app/views/api/v1/groups/members.json.jbuilder
View File

@ -1,9 +1,5 @@
json.group do |json|
json.(@group, :id)
json.members @members do |json_members, member|
json_members.(member, :id)
json_members.type member.class.name
json_members.url member_path(member)
end
json.partial! 'api/v1/shared/members'
end
json.url members_api_v1_group_path(@group.id, :format => :json)

6
app/views/api/v1/groups/show.json.jbuilder
View File

@ -2,11 +2,7 @@ json.group do |json|
json.(@group, :id, :uname, :own_projects_count, :description)
json.created_at @group.created_at.to_i
json.updated_at @group.updated_at.to_i
json.owner do |json_owner|
json_owner.(@group.owner, :id, :name)
json_owner.type 'User'
json_owner.url api_v1_user_path(@group.owner_id, :format => :json)
end
json.partial! 'api/v1/shared/owner', :owner => @group.owner
json.avatar_url avatar_url(@group, :big)
json.url api_v1_group_path(@group.id, :format => :json)
json.html_url group_path(@group.uname)

6
app/views/api/v1/platforms/index.json.jbuilder
View File

@ -1,10 +1,6 @@
json.platforms @platforms do |json, platform|
json.(platform, :id, :name, :platform_type, :visibility)
json.owner do |json_owner|
json_owner.(platform.owner, :id, :name)
json_owner.type platform.owner_type
json_owner.url member_path(platform.owner)
end
json.partial! 'api/v1/shared/owner', :owner => platform.owner
json.repositories platform.repositories do |json_repos, repo|
json_repos.(repo, :id, :name)
json_repos.url api_v1_repository_path(repo.id, :format => :json)

6
app/views/api/v1/platforms/members.json.jbuilder
View File

@ -1,9 +1,5 @@
json.platform do |json|
json.(@platform, :id)
json.members @members do |json_members, member|
json_members.(member, :id)
json_members.type member.class.name
json_members.url member_path(member)
end
json.partial! 'api/v1/shared/members'
end
json.url members_api_v1_platform_path(@platform.id, :format => :json)

6
app/views/api/v1/platforms/show.json.jbuilder
View File

@ -2,11 +2,7 @@ json.platform do |json|
json.(@platform, :id, :name, :description, :parent_platform_id, :released, :visibility, :platform_type, :distrib_type)
json.created_at @platform.created_at.to_i
json.updated_at @platform.updated_at.to_i
json.owner do |json_owner|
json_owner.(@platform.owner, :id, :name)
json_owner.type @platform.owner_type
json_owner.url member_path(@platform.owner)
end
json.partial! 'api/v1/shared/owner', :owner => @platform.owner
json.repositories @platform.repositories do |json_repos, repo|
json_repos.(repo, :id, :name)
json_repos.url api_v1_repository_path(repo.id, :format => :json)

6
app/views/api/v1/projects/get_id.json.jbuilder
View File

@ -1,9 +1,5 @@
json.project do |json|
json.(@project, :id, :name, :visibility)
json.owner do |json_owner|
json_owner.(@project.owner, :id, :name)
json_owner.type @project.owner_type
json_owner.url url_for(@project.owner)
end
json.partial! 'api/v1/shared/owner', :owner => @project.owner
json.url api_v1_project_path(@project, :format => :json)
end

14
app/views/api/v1/projects/index.json.jbuilder
View File

@ -1,11 +1,9 @@
json.projects @projects do |json, project|
json.(project, :id, :name, :visibility)
json.owner do |json_owner|
json_owner.(project.owner, :id, :name)
json_owner.type project.owner_type
json_owner.url url_for(project.owner)
end
json.url api_v1_project_path(project, :format => :json)
json.(project, :id, :name, :visibility, :description, :ancestry, :has_issues, :has_wiki, :default_branch, :is_package, :average_build_time)
json.created_at project.created_at.to_i
json.updated_at project.updated_at.to_i
json.partial! 'api/v1/shared/owner', :owner => project.owner
json.url api_v1_project_path(project.id, :format => :json)
end
json.url api_v1_projects_path(:format => :json)
json.url api_v1_projects_path(:format => :json)

5
app/views/api/v1/projects/members.json.jbuilder Normal file
View File

@ -0,0 +1,5 @@
json.project do |json|
json.(@project, :id)
json.partial! 'api/v1/shared/members'
end
json.url members_api_v1_project_path(@project.id, :format => :json)

15
app/views/api/v1/projects/show.json.jbuilder
View File

@ -1,12 +1,10 @@
json.project do |json|
json.(@project, :id, :name, :visibility, :description, :ancestry, :has_issues, :has_wiki,
:default_branch, :is_package, :average_build_time)
json.(@project, :id, :name, :visibility, :description, :ancestry, :has_issues, :has_wiki, :default_branch, :is_package, :average_build_time)
json.created_at @project.created_at.to_i
json.updated_at @project.updated_at.to_i
json.owner do |json_owner|
json_owner.(@project.owner, :id, :name)
json_owner.type @project.owner_type
json_owner.url url_for(@project.owner)
json.partial! 'api/v1/shared/owner', :owner => @project.owner
json.maintainer do |json_maintainer|
json.partial! 'api/v1/shared/member', :member => @project.maintainer, :tag => json_maintainer
end
json.repositories @project.repositories do |json_repos, repo|
json_repos.(repo, :id, :name)
@ -16,6 +14,5 @@ json.project do |json|
json_platform.url api_v1_platform_path(repo.platform, :format => :json)
end
end
end
json.url api_v1_project_path(@project, :format => :json)
json.url api_v1_project_path(@project.id, :format => :json)
end

3
app/views/api/v1/shared/_member.json.jbuilder Normal file
View File

@ -0,0 +1,3 @@
tag.(member, :id, :name)
tag.type member.class.name
tag.url member_path(member)

3
app/views/api/v1/shared/_members.json.jbuilder Normal file
View File

@ -0,0 +1,3 @@
json.members @members do |json_members, member|
json.partial! 'api/v1/shared/member', :member => member, :tag => json_members
end

3
app/views/api/v1/shared/_owner.json.jbuilder Normal file
View File

@ -0,0 +1,3 @@
json.owner do |json_owner|
json.partial! 'api/v1/shared/member', :member => owner, :tag => json_owner
end

7
config/routes.rb
View File

@ -42,10 +42,15 @@ Rosa::Application.routes.draw do
put :signatures
}
end
resources :projects, :only => [:show] do
resources :projects, :only => [:index, :show, :update, :create, :destroy] do
collection { get :get_id }
member {
post :fork
get :refs_list
get :members
put :add_member
delete :remove_member
put :update_member
}
end
resources :users, :only => [:show]

2
lib/modules/models/git.rb
View File

@ -116,7 +116,7 @@ module Modules
end
def fork_git_repo
dummy = Grit::Repo.new(path) rescue parent.repo.fork_bare(path)
dummy = Grit::Repo.new(path) rescue parent.repo.fork_bare(path, :shared => false)
write_hook
end

13
lib/tasks/git_detach_from_parent.rake Normal file
View File

@ -0,0 +1,13 @@
namespace :project do
desc 'Break the dependency of a repository cloned with --shared on its source repository'
task :git_detach_from_parent => :environment do
projects = Project.where('ancestry IS NOT NULL')
say "Total count of the forked projects is #{projects.count}"
projects.each_with_index do |project, ind|
Dir.chdir(project.path) do
say "--Start work with #{project.name_with_owner} (#{ind+1}/#{projects.count})--"
say (system('git', 'repack', '-a') ? 'Ok!' : 'Something wrong!')
end
end
end
end

289
spec/controllers/api/v1/projects_controller_spec.rb
View File

@ -36,6 +36,42 @@ shared_examples_for "api projects user without show rights" do
get :get_id, :name => @project.name, :owner => @project.owner.uname, :format => :json
response.should_not be_success
end
it "should show access violation instead of project members data" do
get :members, :id => @project.id, :format => :json
response.should_not be_success
end
end
shared_examples_for 'api projects user without fork rights' do
it 'should not be able to perform fork action' do
post :fork, :id => @project.id, :format => :json
response.should_not be_success
end
it 'ensures that project has not been forked' do
lambda { post :fork, :id => @project.id, :format => :json }.should_not change{ Project.count }
end
end
shared_examples_for 'api projects user with fork rights' do
it 'should be able to perform fork action' do
post :fork, :id => @project.id, :format => :json
response.should be_success
end
it 'ensures that project has been forked' do
lambda { post :fork, :id => @project.id, :format => :json }.should change{ Project.count }.by(1)
end
end
shared_examples_for 'api projects user with fork rights for hidden project' do
before { @project.update_column(:visibility, 'hidden') }
it_should_behave_like 'api projects user with fork rights'
end
shared_examples_for 'api projects user without fork rights for hidden project' do
before { @project.update_column(:visibility, 'hidden') }
it_should_behave_like 'api projects user without fork rights'
end
shared_examples_for "api projects user with show rights" do
@ -68,6 +104,165 @@ shared_examples_for "api projects user with show rights" do
end
end
shared_examples_for 'api projects user with admin rights' do
it "should be able to perform members action" do
get :members, :id => @project.id, :format => :json
response.should be_success
end
context 'api project user with update rights' do
before do
put :update, {:project => {:description => 'new description'}, :id => @project.id}, :format => :json
end
it 'should be able to perform update action' do
response.should be_success
end
it 'ensures that group has been updated' do
@project.reload
@project.description.should == 'new description'
end
end
context 'api project user with add_member rights' do
let(:member) { FactoryGirl.create(:user) }
before do
put :add_member, {:member_id => member.id, :type => 'User', :role => 'admin', :id => @project.id}, :format => :json
end
it 'should be able to perform add_member action' do
response.should be_success
end
it 'ensures that new member has been added to project' do
@project.members.should include(member)
end
end
context 'api project user with remove_member rights' do
let(:member) { FactoryGirl.create(:user) }
before do
@project.add_member(member)
delete :remove_member, {:member_id => member.id, :type => 'User', :id => @project.id}, :format => :json
end
it 'should be able to perform remove_member action' do
response.should be_success
end
it 'ensures that member has been removed from project' do
@project.members.should_not include(member)
end
end
context 'api group user with update_member rights' do
let(:member) { FactoryGirl.create(:user) }
before do
@project.add_member(member)
put :update_member, {:member_id => member.id, :type => 'User', :role => 'reader', :id => @project.id}, :format => :json
end
it 'should be able to perform update_member action' do
response.should be_success
end
it 'ensures that member role has been updated in project' do
@project.relations.by_actor(member).first.
role.should == 'reader'
end
end
end
shared_examples_for 'api projects user without admin rights' do
it "should not be able to perform members action" do
get :members, :id => @project.id, :format => :json
response.should_not be_success
end
context 'api project user without update_member rights' do
let(:member) { FactoryGirl.create(:user) }
before do
@project.add_member(member)
put :update_member, {:member_id => member.id, :type => 'User', :role => 'reader', :id => @project.id}, :format => :json
end
it 'should not be able to perform update_member action' do
response.should_not be_success
end
it 'ensures that member role has not been updated in project' do
@project.relations.by_actor(member).first.
role.should_not == 'reader'
end
end
context 'api project user without update rights' do
before do
put :update, {:project => {:description => 'new description'}, :id => @project.id}, :format => :json
end
it 'should not be able to perform update action' do
response.should_not be_success
end
it 'ensures that project has not been updated' do
@project.reload
@project.description.should_not == 'new description'
end
end
context 'api project user without add_member rights' do
let(:member) { FactoryGirl.create(:user) }
before do
put :add_member, {:member_id => member.id, :type => 'User', :role => 'admin', :id => @project.id}, :format => :json
end
it 'should not be able to perform add_member action' do
response.should_not be_success
end
it 'ensures that new member has not been added to project' do
@project.members.should_not include(member)
end
end
context 'api project user without remove_member rights' do
let(:member) { FactoryGirl.create(:user) }
before do
@project.add_member(member)
delete :remove_member, {:member_id => member.id, :type => 'User', :id => @project.id}, :format => :json
end
it 'should be able to perform update action' do
response.should_not be_success
end
it 'ensures that member has not been removed from project' do
@project.members.should include(member)
end
end
end
shared_examples_for 'api projects user with owner rights' do
context 'api project user with destroy rights' do
it 'should be able to perform destroy action' do
delete :destroy, :id => @project.id, :format => :json
response.should be_success
end
it 'ensures that project has been destroyed' do
lambda { delete :destroy, :id => @project.id, :format => :json }.should change{ Project.count }.by(-1)
end
end
end
shared_examples_for 'api projects user without owner rights' do
context 'api project user with destroy rights' do
it 'should not be able to perform destroy action' do
delete :destroy, :id => @project.id, :format => :json
response.should_not be_success
end
it 'ensures that project has not been destroyed' do
lambda { delete :destroy, :id => @project.id, :format => :json }.should_not change{ Project.count }
end
end
end
describe Api::V1::ProjectsController do
before(:each) do
@ -79,14 +274,24 @@ describe Api::V1::ProjectsController do
end
context 'for guest' do
[:index, :members].each do |action|
it "should not be able to perform #{action} action" do
get action, :id => @project.id, :format => :json
response.should_not be_success
end
end
if APP_CONFIG['anonymous_access']
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with show rights'
it_should_behave_like 'api projects user without reader rights for hidden project'
else
it_should_behave_like 'api projects user without show rights'
end
it_should_behave_like 'api projects user without fork rights'
it_should_behave_like 'api projects user without fork rights for hidden project'
it_should_behave_like 'api projects user without admin rights'
it_should_behave_like 'api projects user without owner rights'
end
context 'for simple user' do
@ -95,8 +300,28 @@ describe Api::V1::ProjectsController do
http_login(@user)
end
it 'should be able to perform index action' do
get :index, :format => :json
response.should be_success
end
context 'api project user with create rights' do
let(:params) { {:project => {:name => 'test_name', :owner_id => @user.id, :owner_type => 'User', :visibility => 'open'}} }
it 'should be able to perform create action' do
post :create, params, :format => :json
response.should be_success
end
it 'ensures that project has been created' do
lambda { post :create, params, :format => :json }.should change{ Project.count }.by(1)
end
end
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user without reader rights for hidden project'
it_should_behave_like 'api projects user with fork rights'
it_should_behave_like 'api projects user without fork rights for hidden project'
it_should_behave_like 'api projects user without admin rights'
it_should_behave_like 'api projects user without owner rights'
end
context 'for admin' do
@ -107,18 +332,25 @@ describe Api::V1::ProjectsController do
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with reader rights for hidden project'
it_should_behave_like 'api projects user with fork rights'
it_should_behave_like 'api projects user with fork rights for hidden project'
it_should_behave_like 'api projects user with admin rights'
it_should_behave_like 'api projects user with owner rights'
end
context 'for owner user' do
before(:each) do
@user = FactoryGirl.create(:user)
http_login(@user)
@project.owner = @user; @project.save
@project.relations.create!(:actor_type => 'User', :actor_id => @user.id, :role => 'admin')
@project = FactoryGirl.create(:project, :owner => @user)
end
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with reader rights for hidden project'
it_should_behave_like 'api projects user without fork rights'
it_should_behave_like 'api projects user without fork rights for hidden project'
it_should_behave_like 'api projects user with admin rights'
it_should_behave_like 'api projects user with owner rights'
end
context 'for reader user' do
@ -130,6 +362,10 @@ describe Api::V1::ProjectsController do
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with reader rights for hidden project'
it_should_behave_like 'api projects user with fork rights'
it_should_behave_like 'api projects user with fork rights for hidden project'
it_should_behave_like 'api projects user without admin rights'
it_should_behave_like 'api projects user without owner rights'
end
context 'for writer user' do
@ -141,25 +377,32 @@ describe Api::V1::ProjectsController do
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with reader rights for hidden project'
it_should_behave_like 'api projects user with fork rights'
it_should_behave_like 'api projects user with fork rights for hidden project'
it_should_behave_like 'api projects user without admin rights'
it_should_behave_like 'api projects user without owner rights'
end
context 'for group' do
before(:each) do
@group = FactoryGirl.create(:group)
@group_user = FactoryGirl.create(:user)
@project.relations.destroy_all
# @project.relations.destroy_all
http_login(@group_user)
end
context 'with no relations to project' do
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user without reader rights for hidden project'
it_should_behave_like 'api projects user with fork rights'
it_should_behave_like 'api projects user without fork rights for hidden project'
it_should_behave_like 'api projects user without admin rights'
it_should_behave_like 'api projects user without owner rights'
end
context 'owner of the project' do
before(:each) do
@project.owner = @group; @project.save
@project.relations.create :actor_id => @project.owner.id, :actor_type => @project.owner.class.to_s, :role => 'admin'
@project = FactoryGirl.create(:project, :owner => @group)
end
context 'reader user' do
@ -169,6 +412,10 @@ describe Api::V1::ProjectsController do
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with reader rights for hidden project'
it_should_behave_like 'api projects user with fork rights'
it_should_behave_like 'api projects user with fork rights for hidden project'
it_should_behave_like 'api projects user without admin rights'
it_should_behave_like 'api projects user without owner rights'
end
context 'admin user' do
@ -178,6 +425,10 @@ describe Api::V1::ProjectsController do
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with reader rights for hidden project'
it_should_behave_like 'api projects user with fork rights'
it_should_behave_like 'api projects user with fork rights for hidden project'
it_should_behave_like 'api projects user with admin rights'
it_should_behave_like 'api projects user with owner rights'
end
end
@ -194,6 +445,10 @@ describe Api::V1::ProjectsController do
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with reader rights for hidden project'
it_should_behave_like 'api projects user with fork rights'
it_should_behave_like 'api projects user with fork rights for hidden project'
it_should_behave_like 'api projects user with admin rights'
it_should_behave_like 'api projects user without owner rights'
end
context 'admin user' do
@ -203,6 +458,10 @@ describe Api::V1::ProjectsController do
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with reader rights for hidden project'
it_should_behave_like 'api projects user with fork rights'
it_should_behave_like 'api projects user with fork rights for hidden project'
it_should_behave_like 'api projects user with admin rights'
it_should_behave_like 'api projects user without owner rights'
end
end
@ -218,12 +477,20 @@ describe Api::V1::ProjectsController do
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with reader rights for hidden project'
it_should_behave_like 'api projects user with fork rights'
it_should_behave_like 'api projects user with fork rights for hidden project'
it_should_behave_like 'api projects user without admin rights'
it_should_behave_like 'api projects user without owner rights'
context 'user should has best role' do
before(:each) do
@project.relations.create :actor_id => @group_user.id, :actor_type => @group_user.class.to_s, :role => 'admin'
end
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with fork rights'
it_should_behave_like 'api projects user with fork rights for hidden project'
it_should_behave_like 'api projects user with admin rights'
it_should_behave_like 'api projects user without owner rights'
end
end
@ -234,6 +501,10 @@ describe Api::V1::ProjectsController do
it_should_behave_like 'api projects user with reader rights'
it_should_behave_like 'api projects user with reader rights for hidden project'
it_should_behave_like 'api projects user with fork rights'
it_should_behave_like 'api projects user with fork rights for hidden project'
it_should_behave_like 'api projects user without admin rights'
it_should_behave_like 'api projects user without owner rights'
end
end
end