Merge branch 'regression_tests_user_permissions_in_controllers'

author: Robert 2017-07-07 16:38:59 +0200
committer: Robert 2017-07-07 16:38:59 +0200
commit: 42f5fbc1c93a79310458fc3c299192fb44556101 (patch)
tree: 7a1ec2c3fa3390e775168cc2e31ca3f3ef9094ff
parent: c427e5f8b87e715335c91a47f5fd9e0e09234048 (diff)
parent: faa9bce7ab2c4f8c2d09200387f70c2ed1d2322a (diff)
download: chouette-core-42f5fbc1c93a79310458fc3c299192fb44556101.tar.bz2
6 files changed, 65 insertions, 9 deletions
diff --git a/spec/controllers/journey_patterns_collections_controller_spec.rb b/spec/controllers/journey_patterns_collections_controller_spec.rb
index 442d73fb7..7015bfe98 100644
--- a/spec/controllers/journey_patterns_collections_controller_spec.rb
+++ b/spec/controllers/journey_patterns_collections_controller_spec.rb
@@ -1,3 +1,27 @@
 RSpec.describe JourneyPatternsCollectionsController, :type => :controller do
 
+  before do
+    @user = build_stubbed(:allmighty_user)
+  end
+
+  describe 'user_permissions' do
+    let( :referential ){ build_stubbed(:referential) }
+    let( :user_context ){ UserContext.new(@user, referential: referential) }
+
+    before do
+      allow(controller).to receive(:pundit_user).and_return(user_context)
+    end
+
+    it 'computes them correctly if not authorized' do
+      expect( controller.user_permissions ).to eq({'journey_patterns.create'  => false,
+                                                   'journey_patterns.destroy' => false,
+                                                   'journey_patterns.update'  => false }.to_json)
+    end
+    it 'computes them correctly if authorized' do
+      @user.organisation_id = referential.organisation_id
+      expect( controller.user_permissions ).to eq({'journey_patterns.create'  => true,
+                                                   'journey_patterns.destroy' => true,
+                                                   'journey_patterns.update'  => true }.to_json)
+    end
+  end
 end
diff --git a/spec/controllers/line_referentials_controller_spec.rb b/spec/controllers/line_referentials_controller_spec.rb
index 6f8356507..aee24b0fa 100644
--- a/spec/controllers/line_referentials_controller_spec.rb
+++ b/spec/controllers/line_referentials_controller_spec.rb
@@ -1,5 +1,3 @@
-require 'spec_helper'
-
 RSpec.describe LineReferentialsController, :type => :controller do
 
 end
diff --git a/spec/controllers/referentials_controller_spec.rb b/spec/controllers/referentials_controller_spec.rb
index 1b4533fca..500c6d2d6 100644
--- a/spec/controllers/referentials_controller_spec.rb
+++ b/spec/controllers/referentials_controller_spec.rb
@@ -1,5 +1,3 @@
-require 'spec_helper'
-
 describe ReferentialsController, :type => :controller do
 
   login_user
diff --git a/spec/controllers/vehicle_journeys_collections_controller_spec.rb b/spec/controllers/vehicle_journeys_collections_controller_spec.rb
deleted file mode 100644
index 39ea55761..000000000
--- a/spec/controllers/vehicle_journeys_collections_controller_spec.rb
+++ /dev/null
@@ -1,5 +0,0 @@
-require 'rails_helper'
-
-RSpec.describe VehicleJourneysCollectionsController, :type => :controller do
-
-end
diff --git a/spec/controllers/vehicle_journeys_controller_spec.rb b/spec/controllers/vehicle_journeys_controller_spec.rb
new file mode 100644
index 000000000..c9356fffa
--- /dev/null
+++ b/spec/controllers/vehicle_journeys_controller_spec.rb
@@ -0,0 +1,28 @@
+RSpec.describe VehicleJourneysController, :type => :controller do
+
+  before do
+    @user = build_stubbed(:allmighty_user)
+  end
+
+  describe 'user_permissions' do
+    let( :referential ){ build_stubbed(:referential) }
+    let( :user_context ){ UserContext.new(@user, referential: referential) }
+
+    before do
+      allow(controller).to receive(:pundit_user).and_return(user_context)
+    end
+
+    it 'computes them correctly if not authorized' do
+      expect( controller.send(:user_permissions) ).to eq({'vehicle_journeys.create'  => false,
+                                                   'vehicle_journeys.destroy' => false,
+                                                   'vehicle_journeys.update'  => false }.to_json)
+    end
+    it 'computes them correctly if authorized' do
+      @user.organisation_id = referential.organisation_id
+      expect( controller.send(:user_permissions) ).to eq({'vehicle_journeys.create'  => true,
+                                                   'vehicle_journeys.destroy' => true,
+                                                   'vehicle_journeys.update'  => true }.to_json)
+    end
+  end
+
+end
diff --git a/spec/factories/users.rb b/spec/factories/users.rb
index 8f0ec38c0..d532cbafc 100644
--- a/spec/factories/users.rb
+++ b/spec/factories/users.rb
@@ -1,3 +1,13 @@
+all_permissions = %w[
+      footnotes
+      journey_patterns
+      referentials
+      routes
+      routing_constraint_zones
+      time_tables
+      vehicle_journeys
+    ].product( %w{create destroy update} ).map{ |model_action| model_action.join('.') }
+
 FactoryGirl.define do
   factory :user do
     association :organisation
@@ -6,5 +16,8 @@ FactoryGirl.define do
     sequence(:email) { |n| "chouette#{n}@dryade.priv" }
     password "secret"
     password_confirmation "secret"
+    factory :allmighty_user do
+      permissions all_permissions
+    end
   end
 end
author	Robert	2017-07-07 16:38:59 +0200
committer	Robert	2017-07-07 16:38:59 +0200
commit	42f5fbc1c93a79310458fc3c299192fb44556101 (patch)
tree	7a1ec2c3fa3390e775168cc2e31ca3f3ef9094ff
parent	c427e5f8b87e715335c91a47f5fd9e0e09234048 (diff)
parent	faa9bce7ab2c4f8c2d09200387f70c2ed1d2322a (diff)
download	chouette-core-42f5fbc1c93a79310458fc3c299192fb44556101.tar.bz2