parent
909635fc15
commit
b34310ee48
@ -0,0 +1,68 @@ |
||||
#-- copyright |
||||
# OpenProject is an open source project management software. |
||||
# Copyright (C) 2012-2021 the OpenProject GmbH |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License version 3. |
||||
# |
||||
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows: |
||||
# Copyright (C) 2006-2013 Jean-Philippe Lang |
||||
# Copyright (C) 2010-2013 the ChiliProject Team |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License |
||||
# as published by the Free Software Foundation; either version 2 |
||||
# of the License, or (at your option) any later version. |
||||
# |
||||
# This program is distributed in the hope that it will be useful, |
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
# GNU General Public License for more details. |
||||
# |
||||
# You should have received a copy of the GNU General Public License |
||||
# along with this program; if not, write to the Free Software |
||||
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
||||
# |
||||
# See COPYRIGHT and LICENSE files for more details. |
||||
#++ |
||||
|
||||
module Constants |
||||
module Views |
||||
class << self |
||||
def add(type, |
||||
contract_strategy: nil) |
||||
@registered ||= {} |
||||
|
||||
@registered[canonical_type(type)] = { contract_strategy: contract_strategy } |
||||
end |
||||
|
||||
def registered_types |
||||
registered.keys |
||||
end |
||||
|
||||
def registered?(type) |
||||
type && registered_types.include?(canonical_type(type)) |
||||
end |
||||
|
||||
def type(type) |
||||
searched_type = canonical_type(type) |
||||
|
||||
registered_types.find { |type| type == searched_type } |
||||
end |
||||
|
||||
def contract_strategy(type) |
||||
if registered?(type) |
||||
registered[canonical_type(type)][:contract_strategy]&.constantize |
||||
end |
||||
end |
||||
|
||||
attr_reader :registered |
||||
|
||||
private |
||||
|
||||
def canonical_type(type) |
||||
type.to_s.camelize.to_sym |
||||
end |
||||
end |
||||
end |
||||
end |
@ -0,0 +1,31 @@ |
||||
#-- copyright |
||||
# OpenProject is an open source project management software. |
||||
# Copyright (C) 2012-2021 the OpenProject GmbH |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License version 3. |
||||
# |
||||
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows: |
||||
# Copyright (C) 2006-2013 Jean-Philippe Lang |
||||
# Copyright (C) 2010-2013 the ChiliProject Team |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License |
||||
# as published by the Free Software Foundation; either version 2 |
||||
# of the License, or (at your option) any later version. |
||||
# |
||||
# This program is distributed in the hope that it will be useful, |
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
# GNU General Public License for more details. |
||||
# |
||||
# You should have received a copy of the GNU General Public License |
||||
# along with this program; if not, write to the Free Software |
||||
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
||||
# |
||||
# See COPYRIGHT and LICENSE files for more details. |
||||
#++ |
||||
|
||||
require Rails.root.join('config/constants/views') |
||||
|
||||
Constants::Views.add :WorkPackagesTable |
@ -0,0 +1,24 @@ |
||||
module ::TeamPlanner |
||||
module Views |
||||
class ContractStrategy < ::BaseContract |
||||
validate :manageable |
||||
|
||||
private |
||||
|
||||
def manageable |
||||
return if model.query.blank? |
||||
|
||||
errors.add(:base, :error_unauthorized) unless query_permissions? |
||||
end |
||||
|
||||
def query_permissions? |
||||
# TODO: This currently does not differentiate between public and private queries since it isn't specified yet. |
||||
user_allowed_on_query?(:manage_team_planner) |
||||
end |
||||
|
||||
def user_allowed_on_query?(permission) |
||||
user.allowed_to?(permission, model.query.project, global: model.query.project.nil?) |
||||
end |
||||
end |
||||
end |
||||
end |
@ -0,0 +1,68 @@ |
||||
#-- copyright |
||||
# OpenProject is an open source project management software. |
||||
# Copyright (C) 2012-2021 the OpenProject GmbH |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License version 3. |
||||
# |
||||
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows: |
||||
# Copyright (C) 2006-2013 Jean-Philippe Lang |
||||
# Copyright (C) 2010-2013 the ChiliProject Team |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License |
||||
# as published by the Free Software Foundation; either version 2 |
||||
# of the License, or (at your option) any later version. |
||||
# |
||||
# This program is distributed in the hope that it will be useful, |
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
# GNU General Public License for more details. |
||||
# |
||||
# You should have received a copy of the GNU General Public License |
||||
# along with this program; if not, write to the Free Software |
||||
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
||||
# |
||||
# See COPYRIGHT and LICENSE files for more details. |
||||
#++ |
||||
|
||||
require 'spec_helper' |
||||
require 'contracts/shared/model_contract_shared_context' |
||||
require 'contracts/views/shared_contract_examples' |
||||
|
||||
describe Views::CreateContract do |
||||
it_behaves_like 'view contract', true do |
||||
let(:view) do |
||||
View.new(query: view_query, |
||||
type: view_type) |
||||
end |
||||
let(:view_type) do |
||||
'team_planner' |
||||
end |
||||
let(:permissions) { %i[view_work_packages save_queries manage_team_planner] } |
||||
|
||||
subject(:contract) do |
||||
described_class.new(view, current_user) |
||||
end |
||||
|
||||
describe 'validation' do |
||||
context 'with the type being nil' do |
||||
let(:view_type) { nil } |
||||
|
||||
it_behaves_like 'contract is invalid', type: :inclusion |
||||
end |
||||
|
||||
context 'with the type not being one of the configured' do |
||||
let(:view_type) { 'blubs' } |
||||
|
||||
it_behaves_like 'contract is invalid', type: :inclusion |
||||
end |
||||
|
||||
context 'without the :manage_team_planner permission' do |
||||
let(:permissions) { %i[view_work_packages save_queries] } |
||||
|
||||
it_behaves_like 'contract is invalid', base: :error_unauthorized |
||||
end |
||||
end |
||||
end |
||||
end |
@ -0,0 +1,111 @@ |
||||
#-- copyright |
||||
# OpenProject is an open source project management software. |
||||
# Copyright (C) 2012-2020 the OpenProject GmbH |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License version 3. |
||||
# |
||||
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows: |
||||
# Copyright (C) 2006-2013 Jean-Philippe Lang |
||||
# Copyright (C) 2010-2013 the ChiliProject Team |
||||
# |
||||
# This program is free software; you can redistribute it and/or |
||||
# modify it under the terms of the GNU General Public License |
||||
# as published by the Free Software Foundation; either version 2 |
||||
# of the License, or (at your option) any later version. |
||||
# |
||||
# This program is distributed in the hope that it will be useful, |
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
# GNU General Public License for more details. |
||||
# |
||||
# You should have received a copy of the GNU General Public License |
||||
# along with this program; if not, write to the Free Software |
||||
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
||||
# |
||||
# See COPYRIGHT and LICENSE files for more details. |
||||
|
||||
require 'spec_helper' |
||||
|
||||
describe ::API::V3::Views::ViewsAPI, |
||||
'create', |
||||
content_type: :json, |
||||
type: :request do |
||||
include API::V3::Utilities::PathHelper |
||||
|
||||
shared_let(:permitted_user) { FactoryBot.create(:user) } |
||||
shared_let(:role) do |
||||
FactoryBot.create(:role, |
||||
permissions: %w[view_work_packages |
||||
save_queries |
||||
manage_public_queries |
||||
manage_team_planner]) |
||||
end |
||||
shared_let(:project) do |
||||
FactoryBot.create(:project, |
||||
members: { permitted_user => role }) |
||||
end |
||||
shared_let(:public_query) do |
||||
FactoryBot.create(:query, |
||||
project: project, |
||||
is_public: true) |
||||
end |
||||
|
||||
let(:additional_setup) do |
||||
# to be overwritten by some specs |
||||
end |
||||
|
||||
let(:body) do |
||||
{ |
||||
_links: { |
||||
query: { |
||||
href: api_v3_paths.query(public_query.id) |
||||
} |
||||
} |
||||
}.to_json |
||||
end |
||||
|
||||
let(:send_request) do |
||||
post api_v3_paths.views_type('team_planner'), body |
||||
end |
||||
|
||||
current_user { permitted_user } |
||||
|
||||
subject(:response) { last_response } |
||||
|
||||
before do |
||||
additional_setup |
||||
|
||||
send_request |
||||
end |
||||
|
||||
describe 'POST /api/v3/views/team_planner' do |
||||
context 'with a user allowed to save the query' do |
||||
it 'returns 201 CREATED' do |
||||
expect(response.status) |
||||
.to eq(201) |
||||
end |
||||
|
||||
it 'returns the view' do |
||||
expect(response.body) |
||||
.to be_json_eql('Views::TeamPlanner'.to_json) |
||||
.at_path('_type') |
||||
|
||||
expect(response.body) |
||||
.to be_json_eql(View.last.id.to_json) |
||||
.at_path('id') |
||||
end |
||||
end |
||||
|
||||
context 'with a user not allowed to manage team planners' do |
||||
let(:additional_setup) do |
||||
role.update_attribute(:permissions, |
||||
%w[view_work_packages |
||||
save_queries |
||||
manage_public_queries]) |
||||
end |
||||
|
||||
it_behaves_like 'unauthorized access' |
||||
end |
||||
end |
||||
end |
Loading…
Reference in new issue