parent
a1e57fbb3b
commit
ab8e36d446
@ -0,0 +1,21 @@ |
||||
#-- copyright |
||||
# OpenProject is a project management system. |
||||
# |
||||
# Copyright (C) 2012-2013 the OpenProject Team |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License version 3. |
||||
# |
||||
# See doc/COPYRIGHT.rdoc for more details. |
||||
#++ |
||||
|
||||
require File.expand_path('../../spec_helper', __FILE__) |
||||
require File.expand_path('../../support/permission_specs', __FILE__) |
||||
|
||||
describe WorkPackagesController, "add_work_packages permission", :type => :controller do |
||||
include PermissionSpecs |
||||
|
||||
check_permission_required_for('work_packages#new', :add_work_packages) |
||||
check_permission_required_for('work_packages#new_type', :add_work_packages) |
||||
check_permission_required_for('work_packages#create', :add_work_packages) |
||||
end |
@ -0,0 +1,21 @@ |
||||
#-- copyright |
||||
# OpenProject is a project management system. |
||||
# |
||||
# Copyright (C) 2012-2013 the OpenProject Team |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License version 3. |
||||
# |
||||
# See doc/COPYRIGHT.rdoc for more details. |
||||
#++ |
||||
|
||||
require File.expand_path('../../spec_helper', __FILE__) |
||||
require File.expand_path('../../support/permission_specs', __FILE__) |
||||
|
||||
describe WorkPackagesController, "edit_work_packages permission", :type => :controller do |
||||
include PermissionSpecs |
||||
|
||||
check_permission_required_for('work_packages#edit', :edit_work_packages) |
||||
check_permission_required_for('work_packages#update', :edit_work_packages) |
||||
check_permission_required_for('work_packages#new_type', :edit_work_packages) |
||||
end |
@ -0,0 +1,19 @@ |
||||
#-- copyright |
||||
# OpenProject is a project management system. |
||||
# |
||||
# Copyright (C) 2012-2013 the OpenProject Team |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License version 3. |
||||
# |
||||
# See doc/COPYRIGHT.rdoc for more details. |
||||
#++ |
||||
|
||||
require File.expand_path('../../spec_helper', __FILE__) |
||||
require File.expand_path('../../support/permission_specs', __FILE__) |
||||
|
||||
describe WorkPackagesController, "view_work_packages permission", :type => :controller do |
||||
include PermissionSpecs |
||||
|
||||
check_permission_required_for('work_packages#show', :view_work_packages) |
||||
end |
@ -0,0 +1,56 @@ |
||||
#-- encoding: UTF-8 |
||||
#-- copyright |
||||
# OpenProject is a project management system. |
||||
# |
||||
# Copyright (C) 2012-2013 the OpenProject Team |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License version 3. |
||||
# |
||||
# See doc/COPYRIGHT.rdoc for more details. |
||||
#++ |
||||
|
||||
module PermissionSpecs |
||||
def self.included(base) |
||||
base.class_eval do |
||||
let(:project) { FactoryGirl.create(:project, :is_public => false) } |
||||
let(:current_user) { FactoryGirl.create(:user) } |
||||
|
||||
def become_member_with_permissions(permissions = []) |
||||
permissions = Array(permissions) |
||||
|
||||
role = FactoryGirl.create(:role, :permissions => permissions) |
||||
|
||||
member = FactoryGirl.build(:member, :user => current_user, :project => project) |
||||
member.roles = [role] |
||||
member.save! |
||||
end |
||||
|
||||
def self.check_permission_required_for(controller_action, permission) |
||||
controller_name, action_name = controller_action.split('#') |
||||
|
||||
it "should allow calling #{controller_action} when having the permission #{permission} permission" do |
||||
become_member_with_permissions(permission) |
||||
|
||||
controller.send(:authorize, controller_name, action_name).should be_true |
||||
end |
||||
|
||||
it "should prevent calling #{controller_action} when not having the permission #{permission} permission" do |
||||
become_member_with_permissions |
||||
|
||||
controller.send(:authorize, controller_name, action_name).should be_false |
||||
end |
||||
end |
||||
|
||||
before do |
||||
# As failures generate a response we need to prevent calls to nil |
||||
controller.response = ActionController::TestResponse.new |
||||
|
||||
User.stub(:current).and_return(current_user) |
||||
|
||||
controller.instance_variable_set(:@project, project) |
||||
end |
||||
end |
||||
end |
||||
end |
||||
|
Loading…
Reference in new issue