Merge pull request #71 from af83/4446-spec-features-api-keys

4446 spec features api keys

9 files changed, 152 insertions, 18 deletions

diff --git a/spec/features/api_keys/delete_api_key_feature_spec.rb b/spec/features/api_keys/delete_api_key_feature_spec.rb
new file mode 100644
index 000000000..b58e819a6
--- /dev/null
+++ b/spec/features/api_keys/delete_api_key_feature_spec.rb
@@ -0,0 +1,34 @@
+RSpec.describe 'New API Key', type: :feature do
+  login_user
+
+  describe "api_keys#destroy" do
+
+    let!( :api_key ){ create :api_key, name: SecureRandom.uuid, organisation: @user.organisation }
+
+    let( :edit_label ){ "#{api_key.name} : #{api_key.token}" }
+    let( :destroy_label ){ "Supprimer" }
+
+    xit 'complete workflow' do
+      # /workbenches
+      visit workbenches_path 
+      # the api_key is visible
+      click_link edit_label
+
+      # brings us to correct page
+      expect(page.current_path).to eq(edit_api_key_path(api_key))
+      expect(page).to have_content("Supprimer")
+      # click_link(destroy_label)
+
+      # # check impact on DB
+      # expect(Api::V1::ApiKey.where(id: api_key.id)).to be_empty
+
+      # # check redirect and changed display
+      # expect(page.current_path).to eq(workbenches_path)
+      # # deleted api_key's not shown anymore
+      # expect( page ).not_to have_content(edit_label)
+    end
+
+  end
+
+end
+  
diff --git a/spec/features/api_keys/edit_api_key_feature_spec.rb b/spec/features/api_keys/edit_api_key_feature_spec.rb
new file mode 100644
index 000000000..411c11aaf
--- /dev/null
+++ b/spec/features/api_keys/edit_api_key_feature_spec.rb
@@ -0,0 +1,39 @@
+RSpec.describe 'New API Key', type: :feature do
+  login_user
+
+  describe "api_keys#edit" do
+
+    let!( :api_key ){ create :api_key, name: SecureRandom.uuid, organisation: @user.organisation }
+
+    let( :edit_label ){ "#{api_key.name} : #{api_key.token}" }
+    let( :name_label ){ "Nom" }
+    let( :validate_label ){ "Valider" }
+
+    let( :unique_name ){ SecureRandom.uuid }
+
+    it 'complete workflow' do
+      # /workbenches
+      visit workbenches_path 
+      # api_key's new name does not exist yet
+      expect( page ).not_to have_content(unique_name)
+      # the api_key is visible
+      click_link edit_label
+
+      # brings us to correct page
+      expect(page.current_path).to eq(edit_api_key_path(api_key))
+      fill_in(name_label, with: unique_name)
+      click_button(validate_label)
+
+      # check impact on DB
+      expect(api_key.reload.name).to eq(unique_name)
+
+      # check redirect and changed display
+      expect(page.current_path).to eq(workbenches_path)
+      # changed api_key's name exists now
+      expect( page ).to have_content(unique_name)
+    end
+
+  end
+
+end
+  
diff --git a/spec/features/api_keys/new_api_key_feature_spec.rb b/spec/features/api_keys/new_api_key_feature_spec.rb
new file mode 100644
index 000000000..eba873691
--- /dev/null
+++ b/spec/features/api_keys/new_api_key_feature_spec.rb
@@ -0,0 +1,38 @@
+RSpec.describe 'New API Key', type: :feature do
+  login_user
+
+  describe "api_keys#create" do
+
+    let( :create_label ){ "Créer une clé d'API" }
+    let( :name_label ){ "Nom" }
+    let( :validate_label ){ "Valider" }
+
+    let( :unique_name ){ SecureRandom.uuid }
+    let( :last_api_key ){ Api::V1::ApiKey.last }
+
+
+    it 'complete workflow' do
+      # /workbenches
+      visit workbenches_path 
+      expect(page).to have_link(create_label, href: new_api_key_path)
+      # to be created api_key does not exist yet
+      expect( page ).not_to have_content(unique_name)
+
+      # /api_keys/new
+      click_link create_label 
+      fill_in(name_label, with: unique_name) 
+      click_button validate_label
+
+      # check impact on DB
+      expect(last_api_key.name).to eq(unique_name)
+
+      # check redirect and changed display
+      expect(page.current_path).to eq(workbenches_path)
+      # to be created api_key exists now
+      expect( page ).to have_content(unique_name)
+    end
+
+  end
+
+end
+  
diff --git a/spec/features/line_footnotes_permissions_spec.rb b/spec/features/line_footnotes_permissions_spec.rb
index 4de2a6137..62adbfcd5 100644
--- a/spec/features/line_footnotes_permissions_spec.rb
+++ b/spec/features/line_footnotes_permissions_spec.rb
@@ -1,5 +1,3 @@
-# -*- coding: utf-8 -*-
-
 describe 'Line Footnotes', type: :feature do
   login_user
 
diff --git a/spec/features/referential_lines_spec.rb b/spec/features/referential_lines_spec.rb
index 95fc596fd..e8cc8e0e1 100644
--- a/spec/features/referential_lines_spec.rb
+++ b/spec/features/referential_lines_spec.rb
@@ -1,6 +1,3 @@
-# -*- coding: utf-8 -*-
-require 'spec_helper'
-
 describe 'ReferentialLines', type: :feature do
   login_user
   let!(:referential_metadata) { create :referential_metadata, referential: referential }
diff --git a/spec/features/referentials_spec.rb b/spec/features/referentials_spec.rb
index a38577aba..9af0ed32e 100644
--- a/spec/features/referentials_spec.rb
+++ b/spec/features/referentials_spec.rb
@@ -1,4 +1,3 @@
-# -*- coding: utf-8 -*-
 describe "Referentials", :type => :feature do
   login_user
 
diff --git a/spec/lib/stif/netex_file_spec.rb b/spec/lib/stif/netex_file_spec.rb
index d84807fe5..ef69b994c 100644
--- a/spec/lib/stif/netex_file_spec.rb
+++ b/spec/lib/stif/netex_file_spec.rb
@@ -1,5 +1,3 @@
-require "rails_helper"
-
 RSpec.describe STIF::NetexFile do
 
   let( :zip_file ){ fixtures_path 'OFFRE_TRANSDEV_2017030112251.zip' }
diff --git a/spec/lib/stif/permission_translator_spec.rb b/spec/lib/stif/permission_translator_spec.rb
index 9675382e6..652dd2de2 100644
--- a/spec/lib/stif/permission_translator_spec.rb
+++ b/spec/lib/stif/permission_translator_spec.rb
@@ -1,4 +1,3 @@
-# coding: utf-8
 RSpec.describe Stif::PermissionTranslator do
 
   context "No SSO Permissions" do
diff --git a/spec/policies/api_key_policy_spec.rb b/spec/policies/api_key_policy_spec.rb
index 5b9d59fa3..f0242978e 100644
--- a/spec/policies/api_key_policy_spec.rb
+++ b/spec/policies/api_key_policy_spec.rb
@@ -1,28 +1,60 @@
-require 'rails_helper'
-
 RSpec.describe ApiKeyPolicy do
 
-  let(:user) { User.new }
+  let( :record ){ build_stubbed :api_key }
+  before { stub_policy_scope(record) }
 
   subject { described_class }
 
-  permissions ".scope" do
-    pending "add some examples to (or delete) #{__FILE__}"
+  permissions :index? do
+    it_behaves_like 'always allowed'
   end
 
   permissions :show? do
-    pending "add some examples to (or delete) #{__FILE__}"
+    it_behaves_like 'always allowed'
   end
 
   permissions :create? do
-    pending "add some examples to (or delete) #{__FILE__}"
+    context 'permission absent → ' do
+      it "denies a user without organisation" do
+        expect_it.not_to permit(user_context, record)
+      end
+    end
+    context 'permission present → '  do
+      it 'allows a user with a different organisation' do
+        add_permissions('api_keys.create', for_user: user)
+        expect_it.to permit(user_context, record)
+      end
+    end
   end
 
   permissions :update? do
-    pending "add some examples to (or delete) #{__FILE__}"
+    context 'permission absent → ' do
+      it "denies a user with a different organisation" do
+        expect_it.not_to permit(user_context, record)
+      end
+      it 'and also a user with the same organisation' do
+        user.organisation_id = record.organisation_id
+        expect_it.not_to permit(user_context, record)
+      end
+    end
+
+    context 'permission present → '  do
+      before do
+        add_permissions('api_keys.update', for_user: user)
+      end
+
+      it 'denies a user with a different organisation' do
+        expect_it.not_to permit(user_context, record)
+      end
+
+      it 'but allows it for a user with the same organisation' do
+        user.organisation_id = record.organisation_id
+        expect_it.to permit(user_context, record)
+      end
+    end
   end
 
   permissions :destroy? do
-    pending "add some examples to (or delete) #{__FILE__}"
+    it_behaves_like 'permitted policy and same organisation', 'api_keys.destroy'
   end
 end