Software
/
rosa-build
mirror of https://github.com/OpenMandrivaSoftware/rosa-build.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

#192: updated and added new specs, updated models

This commit is contained in:
Vokhmin Alexey V 2013-07-02 22:13:00 +04:00
parent 20204b3821
commit fe635f244b
4 changed files with 26 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/controllers/api/v1/platforms_controller.rb
View File

@ -7,7 +7,7 @@ class Api::V1::PlatformsController < Api::V1::BaseController
load_and_authorize_resource :except => :allowed load_and_authorize_resource :except => :allowed
def allowed def allowed
platform_name = (params[:path] || '').match(/^\/[\w]+\//) platform_name = (params[:path] || '').match(/^\/#{Platform::NAME_PATTERN}\//)
render(:inline => 'true') && return unless platform_name render(:inline => 'true') && return unless platform_name
platform_name = platform_name[0].gsub(/\//, '') platform_name = platform_name[0].gsub(/\//, '')
@ -21,7 +21,7 @@ class Api::V1::PlatformsController < Api::V1::BaseController
render(:inline => 'false', :status => 403) && return render(:inline => 'false', :status => 403) && return
end end
render(:inline => 'true') && return if platform.tokens.where(:authentication_token => token).exists? render(:inline => 'true') && return if platform.tokens.by_active.where(:authentication_token => token).exists?
user = User.find_by_authentication_token token user = User.find_by_authentication_token token
@current_ability, @current_user = nil, user @current_ability, @current_user = nil, user

3
app/models/platform.rb
View File

@ -1,6 +1,7 @@
# -*- encoding : utf-8 -*- # -*- encoding : utf-8 -*-
class Platform < ActiveRecord::Base class Platform < ActiveRecord::Base
VISIBILITIES = %w(open hidden) VISIBILITIES = %w(open hidden)
NAME_PATTERN = /[a-zA-Z0-9_\-\.]+/
belongs_to :parent, :class_name => 'Platform', :foreign_key => 'parent_platform_id' belongs_to :parent, :class_name => 'Platform', :foreign_key => 'parent_platform_id'
belongs_to :owner, :polymorphic => true belongs_to :owner, :polymorphic => true
@ -21,7 +22,7 @@ class Platform < ActiveRecord::Base
validates :description, :presence => true validates :description, :presence => true
validates :visibility, :presence => true, :inclusion => {:in => VISIBILITIES} validates :visibility, :presence => true, :inclusion => {:in => VISIBILITIES}
validates :name, :uniqueness => {:case_sensitive => false}, :presence => true, :format => { :with => /\A[a-zA-Z0-9_\-\.]+\z/ } validates :name, :uniqueness => {:case_sensitive => false}, :presence => true, :format => { :with => /\A#{NAME_PATTERN}\z/ }
validates :distrib_type, :presence => true, :inclusion => {:in => APP_CONFIG['distr_types']} validates :distrib_type, :presence => true, :inclusion => {:in => APP_CONFIG['distr_types']}
validate lambda { validate lambda {
if released_was && !released if released_was && !released

1
app/models/token.rb
View File

@ -8,6 +8,7 @@ class Token < ActiveRecord::Base
validates :authentication_token, :presence => true, :uniqueness => {:case_sensitive => true} validates :authentication_token, :presence => true, :uniqueness => {:case_sensitive => true}
default_scope order("#{table_name}.created_at desc") default_scope order("#{table_name}.created_at desc")
scope :by_active, where(:status => 'active')
before_validation :generate_token, :on => :create before_validation :generate_token, :on => :create

31
spec/controllers/api/v1/platforms_controller_spec.rb
View File

@ -249,49 +249,60 @@ describe Api::V1::PlatformsController do
context 'perform allowed action' do context 'perform allowed action' do
it 'ensures that status 403 if no url' do it 'ensures that status 200 if platform empty' do
get :allowed get :allowed
response.status.should == 403 response.status.should == 200
end end
it 'ensures that status 403 if platform does not exist' do it 'ensures that status 403 if platform does not exist' do
get :allowed, :url => "#{APP_CONFIG['downloads_url']}/rosa-server/repository/SRPMS/base/release/repodata/" get :allowed, :path => "/rosa-server/repository/SRPMS/base/release/repodata/"
response.status.should == 403 response.status.should == 403
end end
it 'ensures that status 200 if platform open' do it 'ensures that status 200 if platform open' do
get :allowed, :url => "#{APP_CONFIG['downloads_url']}/#{@platform.name}/repository/SRPMS/base/release/repodata/" get :allowed, :path => "/#{@platform.name}/repository/SRPMS/base/release/repodata/"
response.status.should == 200 response.status.should == 200
end end
context 'for hidden platform' do context 'for hidden platform' do
let(:downloads_url) { APP_CONFIG['downloads_url'].gsub(/^http\:\/\//, '') }
before { @platform.change_visibility } before { @platform.change_visibility }
it 'ensures that status 403 if no token' do it 'ensures that status 403 if no token' do
get :allowed, :url => "#{APP_CONFIG['downloads_url']}/#{@platform.name}/repository/SRPMS/base/release/repodata/" get :allowed, :path => "/#{@platform.name}/repository/SRPMS/base/release/repodata/"
response.status.should == 403 response.status.should == 403
end end
it 'ensures that status 403 if wrong token' do it 'ensures that status 403 if wrong token' do
get :allowed, :url => "http://KuKu:@#{downloads_url}/#{@platform.name}/repository/SRPMS/base/release/repodata/" @request.env['HTTP_AUTHORIZATION'] = 'Basic ' + Base64::encode64("KuKu:password")
get :allowed, :path => "/#{@platform.name}/repository/SRPMS/base/release/repodata/"
response.status.should == 403 response.status.should == 403
end end
it 'ensures that status 200 if token correct' do it 'ensures that status 200 if token correct' do
token = FactoryGirl.create(:platform_token, :subject => @platform) token = FactoryGirl.create(:platform_token, :subject => @platform)
get :allowed, :url => "http://#{token.authentication_token}:@#{downloads_url}/#{@platform.name}/repository/SRPMS/base/release/repodata/" @request.env['HTTP_AUTHORIZATION'] = 'Basic ' + Base64::encode64(token.authentication_token + ':')
get :allowed, :path => "/#{@platform.name}/repository/SRPMS/base/release/repodata/"
response.status.should == 200 response.status.should == 200
end end
it 'ensures that status 403 if token correct but blocked' do
token = FactoryGirl.create(:platform_token, :subject => @platform)
token.block
@request.env['HTTP_AUTHORIZATION'] = 'Basic ' + Base64::encode64(token.authentication_token + ':')
get :allowed, :path => "/#{@platform.name}/repository/SRPMS/base/release/repodata/"
response.status.should == 403
end
it 'ensures that status 200 if user token correct and user has ability to read platform' do it 'ensures that status 200 if user token correct and user has ability to read platform' do
get :allowed, :url => "http://#{@platform.owner.authentication_token}:@#{downloads_url}/#{@platform.name}/repository/SRPMS/base/release/repodata/" @request.env['HTTP_AUTHORIZATION'] = 'Basic ' + Base64::encode64(@platform.owner.authentication_token + ':')
get :allowed, :path => "/#{@platform.name}/repository/SRPMS/base/release/repodata/"
response.status.should == 200 response.status.should == 200
end end
it 'ensures that status 403 if user token correct but user has no ability to read platform' do it 'ensures that status 403 if user token correct but user has no ability to read platform' do
user = FactoryGirl.create(:user) user = FactoryGirl.create(:user)
get :allowed, :url => "http://#{user.authentication_token}:@#{downloads_url}/#{@platform.name}/repository/SRPMS/base/release/repodata/" @request.env['HTTP_AUTHORIZATION'] = 'Basic ' + Base64::encode64(user.authentication_token + ':')
get :allowed, :path => "/#{@platform.name}/repository/SRPMS/base/release/repodata/"
response.status.should == 403 response.status.should == 403
end end
end end