readd experimental controllers and add authorization to them

pull/1920/head
Jens Ulferts 10 years ago
parent 2903ee1033
commit 1513a19b84
  1. 49
      app/controllers/api/experimental/groups_controller.rb
  2. 49
      app/controllers/api/experimental/roles_controller.rb
  3. 9
      config/routes.rb
  4. 2
      lib/redmine.rb
  5. 89
      spec/controllers/api/experimental/groups_controller_spec.rb
  6. 71
      spec/controllers/api/experimental/roles_controller_spec.rb

@ -0,0 +1,49 @@
#-- encoding: UTF-8
#-- copyright
# OpenProject is a project management system.
# Copyright (C) 2012-2014 the OpenProject Foundation (OPF)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
# Copyright (C) 2006-2013 Jean-Philippe Lang
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# See doc/COPYRIGHT.rdoc for more details.
#++
module Api
module Experimental
class GroupsController < ApplicationController
include ::Api::Experimental::ApiController
before_filter :authorize_global
def index
@groups = Group.all
respond_to do |format|
format.api
end
end
end
end
end

@ -0,0 +1,49 @@
#-- encoding: UTF-8
#-- copyright
# OpenProject is a project management system.
# Copyright (C) 2012-2014 the OpenProject Foundation (OPF)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
# Copyright (C) 2006-2013 Jean-Philippe Lang
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# See doc/COPYRIGHT.rdoc for more details.
#++
module Api
module Experimental
class RolesController < ApplicationController
include ::Api::Experimental::ApiController
before_filter :authorize_global
def index
@roles = Role.givable
respond_to do |format|
format.api
end
end
end
end
end

@ -129,19 +129,16 @@ OpenProject::Application.routes.draw do
namespace :experimental do
resources :work_packages, only: [:index] do
get :column_data, on: :collection
get :column_sums, on: :collection
end
resources :queries, only: [:show, :create, :update, :destroy] do
resources :queries, only: [:create, :update, :destroy] do
get :available_columns, on: :collection
get :custom_field_filters, on: :collection
get :grouped, on: :collection
end
resources :projects, only: [:show, :index] do
resources :work_packages, only: [:index] do
get :column_sums, on: :collection
end
resources :queries, only: [:show, :create, :update, :destroy] do
resources :work_packages, only: [:index]
resources :queries, only: [:create, :update, :destroy] do
get :available_columns, on: :collection
get :custom_field_filters, on: :collection
get :grouped, on: :collection

@ -109,6 +109,8 @@ Redmine::AccessControl.map do |map|
:custom_field_filters,
:grouped],
:'api/experimental/users' => [:index],
:'api/experimental/roles' => [:index],
:'api/experimental/groups' => [:index],
:'api/experimental/versions' => [:index],
:'api/experimental/projects' => [:show,
:sub_projects,

@ -0,0 +1,89 @@
#-- copyright
# OpenProject is a project management system.
# Copyright (C) 2012-2014 the OpenProject Foundation (OPF)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
# Copyright (C) 2006-2013 Jean-Philippe Lang
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# See doc/COPYRIGHT.rdoc for more details.
#++
require File.expand_path('../../../../spec_helper', __FILE__)
describe Api::Experimental::GroupsController, type: :controller do
let(:current_user) do
FactoryGirl.create(:user, member_in_project: project,
member_through_role: role)
end
let(:project) { FactoryGirl.create(:project) }
let(:role) { FactoryGirl.create(:role, permissions: [:view_work_packages]) }
before do
allow(User).to receive(:current).and_return(current_user)
end
describe '#index' do
context 'with no groups available' do
before do
get 'index', format: 'xml'
end
it 'assigns an empty groups array' do
expect(assigns(:groups)).to eq []
end
it 'renders the index template' do
expect(response).to render_template('api/experimental/groups/index', formats: ['api'])
end
it 'should respond with 200' do
expect(response.response_code).to eql(200)
end
end
context 'with groups available' do
before do
allow(Group).to receive(:all).and_return(FactoryGirl.build_list(:group, 2))
get 'index', format: 'xml'
end
it 'assigns an array with 2 groups' do
expect(assigns(:groups).size).to eq 2
end
it 'should respond with 200' do
expect(response.response_code).to eql(200)
end
end
context 'without the necessary permissions' do
let(:role) { FactoryGirl.create(:role, permissions: []) }
before do
get 'index', format: 'xml'
end
it 'should respond with 403' do
expect(response.response_code).to eql(403)
end
end
end
end

@ -0,0 +1,71 @@
#-- copyright
# OpenProject is a project management system.
# Copyright (C) 2012-2014 the OpenProject Foundation (OPF)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
# Copyright (C) 2006-2013 Jean-Philippe Lang
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# See doc/COPYRIGHT.rdoc for more details.
#++
require File.expand_path('../../../../spec_helper', __FILE__)
describe Api::Experimental::RolesController, type: :controller do
let(:current_user) do
FactoryGirl.create(:user, member_in_project: project,
member_through_role: role)
end
let(:project) { FactoryGirl.create(:project) }
let(:role) { FactoryGirl.create(:role, permissions: [:view_work_packages]) }
before do
allow(User).to receive(:current).and_return(current_user)
end
describe '#index' do
context 'with 2 roles available' do
before do
allow(Role).to receive(:givable).and_return(FactoryGirl.build_list(:role, 2))
get 'index', format: 'xml'
end
it 'assigns an array with 2 roles' do
expect(assigns(:roles).size).to eq 2
end
it 'should respond with 200' do
expect(response.response_code).to eql(200)
end
end
context 'without the necessary permissions' do
let(:role) { FactoryGirl.create(:role, permissions: []) }
before do
get 'index', format: 'xml'
end
it 'should respond with 403' do
expect(response.response_code).to eql(403)
end
end
end
end
Loading…
Cancel
Save