parent
a1e57fbb3b
commit
ab8e36d446
@ -0,0 +1,21 @@ |
|||||||
|
#-- copyright |
||||||
|
# OpenProject is a project management system. |
||||||
|
# |
||||||
|
# Copyright (C) 2012-2013 the OpenProject Team |
||||||
|
# |
||||||
|
# This program is free software; you can redistribute it and/or |
||||||
|
# modify it under the terms of the GNU General Public License version 3. |
||||||
|
# |
||||||
|
# See doc/COPYRIGHT.rdoc for more details. |
||||||
|
#++ |
||||||
|
|
||||||
|
require File.expand_path('../../spec_helper', __FILE__) |
||||||
|
require File.expand_path('../../support/permission_specs', __FILE__) |
||||||
|
|
||||||
|
describe WorkPackagesController, "add_work_packages permission", :type => :controller do |
||||||
|
include PermissionSpecs |
||||||
|
|
||||||
|
check_permission_required_for('work_packages#new', :add_work_packages) |
||||||
|
check_permission_required_for('work_packages#new_type', :add_work_packages) |
||||||
|
check_permission_required_for('work_packages#create', :add_work_packages) |
||||||
|
end |
@ -0,0 +1,21 @@ |
|||||||
|
#-- copyright |
||||||
|
# OpenProject is a project management system. |
||||||
|
# |
||||||
|
# Copyright (C) 2012-2013 the OpenProject Team |
||||||
|
# |
||||||
|
# This program is free software; you can redistribute it and/or |
||||||
|
# modify it under the terms of the GNU General Public License version 3. |
||||||
|
# |
||||||
|
# See doc/COPYRIGHT.rdoc for more details. |
||||||
|
#++ |
||||||
|
|
||||||
|
require File.expand_path('../../spec_helper', __FILE__) |
||||||
|
require File.expand_path('../../support/permission_specs', __FILE__) |
||||||
|
|
||||||
|
describe WorkPackagesController, "edit_work_packages permission", :type => :controller do |
||||||
|
include PermissionSpecs |
||||||
|
|
||||||
|
check_permission_required_for('work_packages#edit', :edit_work_packages) |
||||||
|
check_permission_required_for('work_packages#update', :edit_work_packages) |
||||||
|
check_permission_required_for('work_packages#new_type', :edit_work_packages) |
||||||
|
end |
@ -0,0 +1,19 @@ |
|||||||
|
#-- copyright |
||||||
|
# OpenProject is a project management system. |
||||||
|
# |
||||||
|
# Copyright (C) 2012-2013 the OpenProject Team |
||||||
|
# |
||||||
|
# This program is free software; you can redistribute it and/or |
||||||
|
# modify it under the terms of the GNU General Public License version 3. |
||||||
|
# |
||||||
|
# See doc/COPYRIGHT.rdoc for more details. |
||||||
|
#++ |
||||||
|
|
||||||
|
require File.expand_path('../../spec_helper', __FILE__) |
||||||
|
require File.expand_path('../../support/permission_specs', __FILE__) |
||||||
|
|
||||||
|
describe WorkPackagesController, "view_work_packages permission", :type => :controller do |
||||||
|
include PermissionSpecs |
||||||
|
|
||||||
|
check_permission_required_for('work_packages#show', :view_work_packages) |
||||||
|
end |
@ -0,0 +1,56 @@ |
|||||||
|
#-- encoding: UTF-8 |
||||||
|
#-- copyright |
||||||
|
# OpenProject is a project management system. |
||||||
|
# |
||||||
|
# Copyright (C) 2012-2013 the OpenProject Team |
||||||
|
# |
||||||
|
# This program is free software; you can redistribute it and/or |
||||||
|
# modify it under the terms of the GNU General Public License version 3. |
||||||
|
# |
||||||
|
# See doc/COPYRIGHT.rdoc for more details. |
||||||
|
#++ |
||||||
|
|
||||||
|
module PermissionSpecs |
||||||
|
def self.included(base) |
||||||
|
base.class_eval do |
||||||
|
let(:project) { FactoryGirl.create(:project, :is_public => false) } |
||||||
|
let(:current_user) { FactoryGirl.create(:user) } |
||||||
|
|
||||||
|
def become_member_with_permissions(permissions = []) |
||||||
|
permissions = Array(permissions) |
||||||
|
|
||||||
|
role = FactoryGirl.create(:role, :permissions => permissions) |
||||||
|
|
||||||
|
member = FactoryGirl.build(:member, :user => current_user, :project => project) |
||||||
|
member.roles = [role] |
||||||
|
member.save! |
||||||
|
end |
||||||
|
|
||||||
|
def self.check_permission_required_for(controller_action, permission) |
||||||
|
controller_name, action_name = controller_action.split('#') |
||||||
|
|
||||||
|
it "should allow calling #{controller_action} when having the permission #{permission} permission" do |
||||||
|
become_member_with_permissions(permission) |
||||||
|
|
||||||
|
controller.send(:authorize, controller_name, action_name).should be_true |
||||||
|
end |
||||||
|
|
||||||
|
it "should prevent calling #{controller_action} when not having the permission #{permission} permission" do |
||||||
|
become_member_with_permissions |
||||||
|
|
||||||
|
controller.send(:authorize, controller_name, action_name).should be_false |
||||||
|
end |
||||||
|
end |
||||||
|
|
||||||
|
before do |
||||||
|
# As failures generate a response we need to prevent calls to nil |
||||||
|
controller.response = ActionController::TestResponse.new |
||||||
|
|
||||||
|
User.stub(:current).and_return(current_user) |
||||||
|
|
||||||
|
controller.instance_variable_set(:@project, project) |
||||||
|
end |
||||||
|
end |
||||||
|
end |
||||||
|
end |
||||||
|
|
Loading…
Reference in new issue