#-- copyright # OpenProject is a project management system. # Copyright (C) 2012-2014 the OpenProject Foundation (OPF) # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License version 3. # # OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows: # Copyright (C) 2006-2013 Jean-Philippe Lang # Copyright (C) 2010-2013 the ChiliProject Team # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. # # See doc/COPYRIGHT.rdoc for more details. #++ require 'spec_helper' describe MembersController do let(:admin) {FactoryGirl.create(:admin)} let(:user) { FactoryGirl.create(:user) } let(:project) { FactoryGirl.create(:project) } let(:role) { FactoryGirl.create(:role) } let(:member) { FactoryGirl.create(:member, :project => project, :user => user, :roles => [role]) } before do allow(User).to receive(:current).and_return(admin) end describe "create" do let(:admin) { FactoryGirl.create(:admin) } let(:project_2) { FactoryGirl.create(:project) } before do allow(User).to receive(:current).and_return(admin) end it "should work for multiple users" do post :create, :project_id => project_2.identifier, :member => { :user_ids => [admin.id, user.id], :role_ids => [role.id] } expect(response.response_code).to be < 400 [admin, user].each do |u| u.reload expect(u.memberships).to have_at_least(1).item expect(u.memberships.find do |m| expect(m.roles).to include(role) end).not_to be_nil end end end describe "update" do let(:admin) { FactoryGirl.create(:admin) } let(:project_2) { FactoryGirl.create(:project) } let(:role_1) { FactoryGirl.create(:role) } let(:role_2) { FactoryGirl.create(:role) } let(:member_2) { FactoryGirl.create( :member, :project => project_2, :user => admin, :roles => [role_1]) } before do allow(User).to receive(:current).and_return(admin) end it "should, however, allow roles to be updated through mass assignment" do put 'update', :project_id => project.identifier, :id => member_2.id, :member => { :role_ids => [role_1.id, role_2.id] } expect(Member.find(member_2.id).roles).to include(role_1, role_2) expect(response.response_code).to be < 400 end end describe :autocomplete_for_member do let(:params) { ActionController::Parameters.new({ "id" => project.identifier.to_s }) } before do allow(User).to receive(:current).and_return(user) end describe "WHEN the user is authorized WHEN a project is provided" do before do role.permissions << :manage_members role.save! member end it "should be success" do post :autocomplete_for_member, params, :format => :xhr expect(response).to be_success end end describe "WHEN the user is not authorized" do it "should be forbidden" do post :autocomplete_for_member, params, :format => :xhr expect(response.response_code).to eq(403) end end end describe :create do render_views let(:user2) { FactoryGirl.create(:user) } let(:user3) { FactoryGirl.create(:user) } let(:user4) { FactoryGirl.create(:user) } let(:valid_params) { { :format => "js", :project_id => project.id, :member => {:role_ids => [role.id], :user_ids => [user2.id, user3.id, user4.id]}} } let(:invalid_params) { { :format => "js", :project_id => project.id, :member => {:role_ids => [], :user_ids => [user2.id, user3.id, user4.id]}} } context "post :create" do context "single member" do let(:action) { post :create, :project_id => project.id, :member => {:role_ids => [role.id], :user_id => user2.id} } it "should add a member" do expect{action}.to change {Member.count}.by(1) expect(response).to redirect_to(settings_project_path(project)+'/members') expect(user2).to be_member_of(project) end end context "multiple members" do let(:action) { post :create, :project_id => project.id, :member => {:role_ids => [role.id], :user_ids => [user2.id, user3.id, user4.id] } } it "should add all members" do expect{action}.to change {Member.count}.by(3) expect(response).to redirect_to(settings_project_path(project)+'/members') expect(user2).to be_member_of(project) expect(user3).to be_member_of(project) expect(user4).to be_member_of(project) end end end context "post :create in JS format" do context "with successful saves" do before do post :create, valid_params end it "should add members" do expect(user2).to be_member_of(project) expect(user3).to be_member_of(project) expect(user4).to be_member_of(project) end it "should replace the tab with RJS" do assert_select_rjs :replace_html, 'tab-content-members' end end end context "with a failed save" do it "should not replace the tab with RJS" do post :create, invalid_params assert_select '#tab-content-members', 0 end it "should show an error message" do post :create, invalid_params assert_select_rjs :insert_html, :top do assert_select '#errorExplanation' end end end end describe :destroy do let(:action) { post :destroy, :id => member.id } before do member end it "should destroy a member" do expect{action}.to change {Member.count}.by(-1) expect(response).to redirect_to(settings_project_path(project)+'/members') expect(user).to_not be_member_of(project) end end describe :update do let(:action) { post :update, :id => member.id, :member => {:role_ids => [role2.id], :user_id => user.id} } let(:role2) { FactoryGirl.create(:role) } before do member end it "should update the member" do expect{action}.to_not change {Member.count} expect(response).to redirect_to(settings_project_path(project)+'/members') end end end