Add further specification for watchable#possible_watcher_users

Failing spec: Anonymous users are returned for public projects (see bug #416)
pull/530/head
Till Breuer 11 years ago
parent 0dcfcf7c2b
commit 5d285bcec4
  1. 37
      spec/models/work_package/work_package_acts_as_watchable_spec.rb

@ -32,40 +32,60 @@ describe WorkPackage do
let(:project) { FactoryGirl.create(:project) } let(:project) { FactoryGirl.create(:project) }
let(:work_package) { FactoryGirl.create(:work_package, let(:work_package) { FactoryGirl.create(:work_package,
project: project) } project: project) }
let(:role) { FactoryGirl.create(:role, let(:role) { FactoryGirl.create(:role, permissions: [:view_work_packages]) }
permissions: [:view_work_packages]) }
let(:user) { FactoryGirl.create(:user) } let(:non_member_user) { FactoryGirl.create(:user) }
let(:project_member) { FactoryGirl.create(:user, member_in_project: project, member_through_role: role) } let(:project_member) { FactoryGirl.create(:user, member_in_project: project, member_through_role: role) }
let!(:watching_user) do let!(:watching_user) do
FactoryGirl.create(:user, member_in_project: project, member_through_role: role).tap {|user| Watcher.create(watchable: work_package, user: user)} FactoryGirl.create(:user, member_in_project: project, member_through_role: role).tap {|user| Watcher.create(watchable: work_package, user: user)}
end end
describe '#possible_watcher_users' do describe '#possible_watcher_users' do
subject { work_package.possible_watcher_users }
let!(:admin){ FactoryGirl.create(:admin) } let!(:admin){ FactoryGirl.create(:admin) }
let!(:anonymous_user){ FactoryGirl.create(:anonymous) } let!(:anonymous_user){ FactoryGirl.create(:anonymous) }
shared_examples 'it provides possible watchers' do
it 'contains exactly those users who are allowed to view work packages' do it 'contains exactly those users who are allowed to view work packages' do
users_allowed_to_view_work_packages = User.all.select{ |u| u.allowed_to?(:view_work_packages, project) } users_allowed_to_view_work_packages = User.all.select{ |u| u.allowed_to?(:view_work_packages, project) }
work_package.possible_watcher_users.sort.should == Array.wrap(users_allowed_to_view_work_packages).sort work_package.possible_watcher_users.sort.should == Array.wrap(users_allowed_to_view_work_packages).sort
end end
end
subject { work_package.possible_watcher_users } context 'when it is a public project' do
it_behaves_like 'it provides possible watchers'
it { should_not include(anonymous_user) }
it { should include(admin) } it { should include(admin) }
it { should include(project_member) }
context 'and the non member role has the permission to view work packages' do
let(:non_member_role) { Role.find_by_name('Non member') }
before do
non_member_role.add_permission! :view_work_packages
end
it { should include(non_member_user) }
end
context 'and the anonymous role has the permission to view work packages' do
let!(:anonymous_role) { FactoryGirl.create :anonymous_role, permissions: [:view_work_packages] } # 'project granting candidate' for anonymous user
it { should_not include(anonymous_user) }
end
end
context 'when it is a private project' do context 'when it is a private project' do
before do before do
project.update_attributes is_public: false project.update_attributes is_public: false
end end
it { should_not include(user) } it_behaves_like 'it provides possible watchers'
it { should include(project_member) } it { should include(project_member) }
it { should_not include(non_member_user) }
it { should_not include(anonymous_user) }
end end
end end
@ -79,6 +99,7 @@ describe WorkPackage do
role.remove_permission! :view_work_packages role.remove_permission! :view_work_packages
work_package.reload work_package.reload
end end
it { should_not include(watching_user.mail) } it { should_not include(watching_user.mail) }
end end
end end

Loading…
Cancel
Save