From 1fd4ea4da71b15ed4be928708bd715645a21e813 Mon Sep 17 00:00:00 2001
From: Vokhmin Alexey V <avokhmin@gmail.com>
Date: Mon, 1 Apr 2013 14:52:12 +0400
Subject: [PATCH 1/3] #55: added anonymous access for mass_builds page

---
 .../platforms/mass_builds_controller.rb       |  3 +--
 app/models/ability.rb                         |  3 ++-
 app/views/platforms/base/_sidebar.html.haml   |  2 +-
 .../platforms/mass_builds/_form.html.haml     | 17 +++++++++++++++++
 .../platforms/mass_builds/index.html.haml     | 19 +------------------
 5 files changed, 22 insertions(+), 22 deletions(-)
 create mode 100644 app/views/platforms/mass_builds/_form.html.haml

diff --git a/app/controllers/platforms/mass_builds_controller.rb b/app/controllers/platforms/mass_builds_controller.rb
index ff90c71b2..956862630 100644
--- a/app/controllers/platforms/mass_builds_controller.rb
+++ b/app/controllers/platforms/mass_builds_controller.rb
@@ -1,6 +1,7 @@
 #class MassBuildsController < ApplicationController
 class Platforms::MassBuildsController < Platforms::BaseController
   before_filter :authenticate_user!
+  skip_before_filter :authenticate_user!, :only => [:index, :get_list] if APP_CONFIG['anonymous_access']
 
   load_and_authorize_resource :platform
   load_and_authorize_resource
@@ -37,8 +38,6 @@ class Platforms::MassBuildsController < Platforms::BaseController
   end
 
   def index
-    authorize! :local_admin_manage, @platform
-
     @mass_builds = MassBuild.by_platform(@platform).order('created_at DESC').paginate(:page => params[:page], :per_page => 20)
     @auto_publish_selected = true
   end
diff --git a/app/models/ability.rb b/app/models/ability.rb
index 6404797d2..749023f2c 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -26,6 +26,7 @@ class Ability
     # Platforms block
     can [:show, :members, :advisories], Platform, :visibility => 'open'
     can :platforms_for_build, Platform, :visibility => 'open', :platform_type => 'main'
+    can(:get_list, MassBuild) {|mass_build| mass_build.platform.main? && can?(:show, mass_build.platform) }
     can [:read, :projects_list, :projects], Repository, :platform => {:visibility => 'open'}
     can :read, Product, :platform => {:visibility => 'open'}
 
@@ -98,7 +99,7 @@ class Ability
         can([:update, :destroy], Platform) {|platform| owner?(platform) }
         can([:local_admin_manage, :members, :add_member, :remove_member, :remove_members] , Platform) {|platform| owner?(platform) || local_admin?(platform) }
 
-        can([:get_list, :create, :publish], MassBuild) {|mass_build| (owner?(mass_build.platform) || local_admin?(mass_build.platform)) && mass_build.platform.main?}
+        can([:create, :publish], MassBuild) {|mass_build| (owner?(mass_build.platform) || local_admin?(mass_build.platform)) && mass_build.platform.main?}
         can(:cancel, MassBuild) {|mass_build| (owner?(mass_build.platform) || local_admin?(mass_build.platform)) && !mass_build.stop_build && mass_build.platform.main?}
 
         can [:read, :projects_list, :projects], Repository, :platform => {:owner_type => 'User', :owner_id => user.id}
diff --git a/app/views/platforms/base/_sidebar.html.haml b/app/views/platforms/base/_sidebar.html.haml
index eda999eeb..b5a857be5 100644
--- a/app/views/platforms/base/_sidebar.html.haml
+++ b/app/views/platforms/base/_sidebar.html.haml
@@ -13,7 +13,7 @@
           - if can? :show, @platform
             %li{:class => (act == :index && contr == :maintainers) ? 'active' : nil}
               = link_to t("layout.platforms.maintainers"), platform_maintainers_path(@platform)
-          - if can? :edit, @platform
+          - if can? :show, @platform
             %li{:class => (contr == :mass_builds && [:index, :create].include?(act)) ? 'active' : ''}
               = link_to t("layout.platforms.mass_build"), platform_mass_builds_path(@platform)
           - if can? :read, @platform.products.build
diff --git a/app/views/platforms/mass_builds/_form.html.haml b/app/views/platforms/mass_builds/_form.html.haml
new file mode 100644
index 000000000..88748ed12
--- /dev/null
+++ b/app/views/platforms/mass_builds/_form.html.haml
@@ -0,0 +1,17 @@
+= form_for :build, :url => platform_mass_builds_path(@platform), :html => { :class => 'form mass_build', :method => :post } do |f|
+  %section.left
+    =render 'repos_or_list_choice'
+    %br
+    = f.submit t("layout.projects.build_button")
+  %section.right
+    %h3= t("activerecord.attributes.build_list.arch")
+    - Arch.recent.each do |arch|
+      .lefter
+        = check_box_tag "arches[]", arch.id, (params[:arches]||[]).include?(arch.id.to_s), :id => "arches_#{arch.id}"
+        = label_tag "arches_#{arch.id}", arch.name
+      .both
+    %h3= t("activerecord.attributes.build_list.preferences")
+    .both.bottom_20
+      = check_box_tag :auto_publish, true, @auto_publish_selected, :id => 'auto_publish'
+      = label_tag :auto_publish, t('activerecord.attributes.build_list.auto_publish')
+.both
\ No newline at end of file
diff --git a/app/views/platforms/mass_builds/index.html.haml b/app/views/platforms/mass_builds/index.html.haml
index a5276ea0e..d965430c2 100644
--- a/app/views/platforms/mass_builds/index.html.haml
+++ b/app/views/platforms/mass_builds/index.html.haml
@@ -1,24 +1,7 @@
 = render 'platforms/base/submenu'
 = render 'platforms/base/sidebar'
 
-= form_for :build, :url => platform_mass_builds_path(@platform), :html => { :class => 'form mass_build', :method => :post } do |f|
-  %section.left
-    =render 'repos_or_list_choice'
-    %br
-    = f.submit t("layout.projects.build_button")
-  %section.right
-    %h3= t("activerecord.attributes.build_list.arch")
-    - Arch.recent.each do |arch|
-      .lefter
-        = check_box_tag "arches[]", arch.id, (params[:arches]||[]).include?(arch.id.to_s), :id => "arches_#{arch.id}"
-        = label_tag "arches_#{arch.id}", arch.name
-      .both
-    %h3= t("activerecord.attributes.build_list.preferences")
-    .both.bottom_20
-      = check_box_tag :auto_publish, true, @auto_publish_selected, :id => 'auto_publish'
-      = label_tag :auto_publish, t('activerecord.attributes.build_list.auto_publish')
-%br
-%br
+= render 'form' if can? :edit, @platform
 
 %table.tablesorter.unbordered{:cellpadding => "0", :cellspacing => "0"}
   %thead

From 6a419f8fb90f3fdbdb17e2fc498b2bed2a842fe4 Mon Sep 17 00:00:00 2001
From: Vokhmin Alexey V <avokhmin@gmail.com>
Date: Mon, 1 Apr 2013 15:08:25 +0400
Subject: [PATCH 2/3] #55: update specs for mass_builds_controller

---
 .../platforms/mass_builds_controller_spec.rb  | 51 ++++++++++++++-----
 1 file changed, 39 insertions(+), 12 deletions(-)

diff --git a/spec/controllers/platforms/mass_builds_controller_spec.rb b/spec/controllers/platforms/mass_builds_controller_spec.rb
index b459124fd..416dd6b6c 100644
--- a/spec/controllers/platforms/mass_builds_controller_spec.rb
+++ b/spec/controllers/platforms/mass_builds_controller_spec.rb
@@ -42,6 +42,11 @@ shared_examples_for 'mass_build platform owner' do
     lambda { post :create, @create_params }.should change{ MassBuild.count }.by(1)
   end
 
+  it 'should be able to perform get_list action' do
+    get :get_list, :platform_id => @platform, :id => @mass_build, :kind => 'failed_builds_list'
+    response.should be_success
+  end
+
   context 'for personal platform' do
     before(:each) do
       Platform.update_all(:platform_type => 'personal')
@@ -57,14 +62,22 @@ shared_examples_for 'mass_build platform owner' do
 end
 
 shared_examples_for 'mass_build platform reader' do
-  [:index, :create].each do |action|
-    it "should not be able to perform #{ action } action" do
-      get action, :platform_id => @platform
-      response.should redirect_to(forbidden_path)
-    end
+  it 'should be able to perform index action' do
+    get :index, :platform_id => @platform
+    response.should render_template(:index)
   end
 
-  [:cancel, :get_list, :publish].each do |action|
+  it 'should be able to perform get_list action' do
+    get :get_list, :platform_id => @platform, :id => @mass_build, :kind => 'failed_builds_list'
+    response.should be_success
+  end
+
+  it "should not be able to perform create action" do
+    get :create, :platform_id => @platform
+    response.should redirect_to(forbidden_path)
+  end
+
+  [:cancel, :publish].each do |action|
     it "should not be able to perform #{ action } action" do
       get action, :platform_id => @platform, :id => @mass_build.id
       response.should redirect_to(forbidden_path)
@@ -111,15 +124,29 @@ describe Platforms::MassBuildsController do
   end
 
   context 'for guest' do
-    [:index, :create].each do |action|
-      it "should not be able to perform #{ action } action" do
-        get action, :platform_id => @platform
-        response.should redirect_to(new_user_session_path)
-      end
+
+    it 'should be able to perform index action', :anonymous_access => true do
+      get :index, :platform_id => @platform
+      response.should render_template(:index)
     end
 
-    it "should not be able to get failed builds list" do
+    it 'should be able to perform index action', :anonymous_access => false do
+      get :index, :platform_id => @platform
+      response.should redirect_to(new_user_session_path)
+    end
+
+    it 'should be able to perform get_list action', :anonymous_access => true do
       get :get_list, :platform_id => @platform, :id => @mass_build, :kind => 'failed_builds_list'
+      response.should be_success
+    end
+
+    it "should not be able to get failed builds list", :anonymous_access => false do
+      get :get_list, :platform_id => @platform, :id => @mass_build, :kind => 'failed_builds_list'
+      response.should redirect_to(new_user_session_path)
+    end
+
+    it "should not be able to perform create action" do
+      get :create, :platform_id => @platform
       response.should redirect_to(new_user_session_path)
     end
 

From 67ddfdc3186b9cac785e9462322de2b073c1d6bf Mon Sep 17 00:00:00 2001
From: Vokhmin Alexey V <avokhmin@gmail.com>
Date: Mon, 1 Apr 2013 15:15:46 +0400
Subject: [PATCH 3/3] #55: update messages of specs

---
 spec/controllers/platforms/mass_builds_controller_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/controllers/platforms/mass_builds_controller_spec.rb b/spec/controllers/platforms/mass_builds_controller_spec.rb
index 416dd6b6c..e27d5b650 100644
--- a/spec/controllers/platforms/mass_builds_controller_spec.rb
+++ b/spec/controllers/platforms/mass_builds_controller_spec.rb
@@ -130,7 +130,7 @@ describe Platforms::MassBuildsController do
       response.should render_template(:index)
     end
 
-    it 'should be able to perform index action', :anonymous_access => false do
+    it 'should not be able to perform index action', :anonymous_access => false do
       get :index, :platform_id => @platform
       response.should redirect_to(new_user_session_path)
     end