152 lines
4.5 KiB
Ruby
152 lines
4.5 KiB
Ruby
# -*- encoding : utf-8 -*-
|
|
require 'spec_helper'
|
|
|
|
shared_examples_for 'group user without update rights' do
|
|
it 'should be not able to perform update action' do
|
|
put :update, {:id => @group.id}.merge(@update_params)
|
|
response.should redirect_to(forbidden_path)
|
|
end
|
|
|
|
it 'should not be able to update group data' do
|
|
put :update, :id => @group.id, :group => {:description => 'new description'}
|
|
@group.reload.description.should_not == 'new description'
|
|
end
|
|
end
|
|
|
|
shared_examples_for 'group user without destroy rights' do
|
|
it 'should not be able to destroy group' do
|
|
delete :destroy, :id => @group.id
|
|
response.should redirect_to(forbidden_path)
|
|
end
|
|
|
|
it 'should not change groups count after destroy action' do
|
|
lambda { delete :destroy, :id => @group.id }.should change{ Group.count }.by(0)
|
|
end
|
|
end
|
|
|
|
shared_examples_for 'group admin' do
|
|
it_should_behave_like 'no group user'
|
|
|
|
it 'should be able to update group data' do
|
|
put :update, :id => @group.id, :group => {:description => 'new description'}
|
|
@group.reload.description.should == 'new description'
|
|
end
|
|
|
|
it 'should be able to perform update action' do
|
|
put :update, {:id => @group.id}.merge(@update_params)
|
|
response.should redirect_to(group_path(@group))
|
|
end
|
|
end
|
|
|
|
shared_examples_for 'no group user' do
|
|
it 'should be able to perform create action' do
|
|
post :create, @create_params
|
|
response.should redirect_to(group_path( Group.last.id ))
|
|
end
|
|
|
|
it 'should change objects count on create' do
|
|
lambda { post :create, @create_params }.should change{ Group.count }.by(1)
|
|
end
|
|
|
|
it 'should be able to perform autocomplete_group_uname action' do
|
|
get :autocomplete_group_uname
|
|
response.should be_success
|
|
end
|
|
end
|
|
|
|
shared_examples_for 'group owner' do
|
|
it_should_behave_like 'group admin'
|
|
|
|
it 'should be able to destroy group' do
|
|
delete :destroy, :id => @group.id
|
|
response.should redirect_to(groups_path)
|
|
end
|
|
|
|
it 'should change groups count after destroy action' do
|
|
lambda { delete :destroy, :id => @group.id }.should change{ Group.count }.by(-1)
|
|
end
|
|
end
|
|
|
|
describe GroupsController do
|
|
before(:each) do
|
|
stub_rsync_methods
|
|
@group = FactoryGirl.create(:group)
|
|
@another_user = FactoryGirl.create(:user)
|
|
@create_params = {:group => {:description => 'grp1', :uname => 'un_grp1'}}
|
|
@update_params = {:group => {:description => 'grp2'}}
|
|
end
|
|
|
|
context 'for guest' do
|
|
it 'should not be able to perform index action' do
|
|
get :index
|
|
response.should redirect_to(new_user_session_path)
|
|
end
|
|
|
|
it 'should not be able to perform update action' do
|
|
put :update, {:id => @group.id}.merge(@update_params)
|
|
response.should redirect_to(new_user_session_path)
|
|
end
|
|
|
|
it 'should not be able to perform create action' do
|
|
post :create, @create_params
|
|
response.should redirect_to(new_user_session_path)
|
|
end
|
|
end
|
|
|
|
context 'for global admin' do
|
|
before(:each) do
|
|
@admin = FactoryGirl.create(:admin)
|
|
set_session_for(@admin)
|
|
end
|
|
|
|
it_should_behave_like 'update_member_relation'
|
|
it_should_behave_like 'group owner'
|
|
|
|
it 'should be able to perform index action' do
|
|
get :index
|
|
response.should render_template(:index)
|
|
end
|
|
|
|
it 'should be able to perform update action' do
|
|
put :update, {:id => @group.id}.merge(@update_params)
|
|
response.should redirect_to(group_path(@group))
|
|
end
|
|
end
|
|
|
|
context 'for group admin' do
|
|
before(:each) do
|
|
@user = FactoryGirl.create(:user)
|
|
set_session_for(@user)
|
|
@group.objects.create(:object_type => 'User', :object_id => @user.id, :role => 'admin')
|
|
end
|
|
|
|
it_should_behave_like 'update_member_relation'
|
|
it_should_behave_like 'group admin'
|
|
it_should_behave_like 'group user without destroy rights'
|
|
end
|
|
|
|
context 'for group owner' do
|
|
before(:each) do
|
|
@user = FactoryGirl.create(:user)
|
|
set_session_for(@user)
|
|
@group.update_attribute(:owner, @user)
|
|
@group.objects.create(:object_type => 'User', :object_id => @user.id, :role => 'admin')
|
|
end
|
|
|
|
it_should_behave_like 'update_member_relation'
|
|
it_should_behave_like 'group owner'
|
|
end
|
|
|
|
context 'for group reader and writer user' do
|
|
before(:each) do
|
|
@user = FactoryGirl.create(:user)
|
|
set_session_for(@user)
|
|
@group.objects.create(:object_type => 'User', :object_id => @user.id, :role => 'reader')
|
|
end
|
|
|
|
it_should_behave_like 'no group user'
|
|
it_should_behave_like 'group user without destroy rights'
|
|
it_should_behave_like 'group user without update rights'
|
|
end
|
|
end
|