mirror of
https://github.com/scinote-eln/scinote-web.git
synced 2024-12-25 09:13:05 +08:00
Merge pull request #3549 from okriuchykhin/ok_SCI_6057
Update/implement permission checks in the experiments controller [SCI-6057]
This commit is contained in:
commit
56af55931c
4 changed files with 133 additions and 4 deletions
|
@ -1,6 +1,6 @@
|
|||
<% provide(:head_title, t("experiments.canvas.head_title", project: h(@project.name)).html_safe) %>
|
||||
<% provide(:sidebar_title, t("sidebar.my_modules.sidebar_title")) %>
|
||||
<% provide(:sidebar_url, experiment_sidebar_path(@experiment)) %>
|
||||
<% provide(:sidebar_url, sidebar_experiment_path(@experiment)) %>
|
||||
|
||||
<%= content_for :sidebar do %>
|
||||
<%= render partial: 'shared/sidebar/my_modules.html.erb', locals: { experiment: @experiment, my_modules: @active_modules } %>
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
<% provide(:head_title, t("experiments.module_archive.head_title", experiment: h(@experiment.name)).html_safe) %>
|
||||
<% provide(:sidebar_title, t("sidebar.my_modules.sidebar_title_archived")) %>
|
||||
<% provide(:sidebar_url, experiment_sidebar_path(@experiment)) %>
|
||||
<% provide(:sidebar_url, sidebar_experiment_path(@experiment)) %>
|
||||
|
||||
<%= content_for :sidebar do %>
|
||||
<%= render partial: 'shared/sidebar/archived_my_modules.html.erb', locals: { experiment: @experiment, my_modules: @my_modules } %>
|
||||
|
|
|
@ -347,9 +347,8 @@ Rails.application.routes.draw do
|
|||
post 'move' # move experiment
|
||||
get 'fetch_workflow_img' # Get udated workflow img
|
||||
post 'restore_my_modules', to: 'my_modules#restore_group'
|
||||
get 'sidebar'
|
||||
end
|
||||
|
||||
get 'sidebar', to: 'experiments#sidebar', as: 'sidebar'
|
||||
end
|
||||
|
||||
# Show action is a popup (JSON) for individual module in full-zoom canvas,
|
||||
|
|
130
spec/permissions/controllers/experiments_controller_spec.rb
Normal file
130
spec/permissions/controllers/experiments_controller_spec.rb
Normal file
|
@ -0,0 +1,130 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'rails_helper'
|
||||
|
||||
describe ExperimentsController, type: :controller do
|
||||
include PermissionExtends
|
||||
|
||||
it_behaves_like "a controller with authentication", {
|
||||
new: { project_id: 1 },
|
||||
create: { project_id: 1 },
|
||||
show: { id: 1 },
|
||||
canvas: { id: 1 },
|
||||
edit: { id: 1 },
|
||||
update: { id: 1 },
|
||||
archive: { id: 1 },
|
||||
archive_group: { project_id: 1 },
|
||||
restore_group: { project_id: 1 },
|
||||
clone: { id: 1 },
|
||||
move: { id: 1 },
|
||||
module_archive: { id: 1 },
|
||||
fetch_workflow_img: { id: 1 },
|
||||
sidebar: { id: 1 }
|
||||
}, []
|
||||
|
||||
login_user
|
||||
|
||||
describe 'permissions checking' do
|
||||
include_context 'reference_project_structure', {
|
||||
team_role: :normal_user
|
||||
}
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :get, :new do
|
||||
let(:testable) { project }
|
||||
let(:permissions) { [ProjectPermissions::EXPERIMENTS_CREATE] }
|
||||
let(:action_params) { { project_id: project.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :post, :create do
|
||||
let(:testable) { project }
|
||||
let(:permissions) { [ProjectPermissions::EXPERIMENTS_CREATE] }
|
||||
let(:action_params) { { project_id: project.id, experiment: { name: 'Test' } } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :get, :show do
|
||||
let(:testable) { experiment }
|
||||
let(:permissions) { [ExperimentPermissions::READ] }
|
||||
let(:action_params) { { id: experiment.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :get, :canvas do
|
||||
let(:testable) { experiment }
|
||||
let(:permissions) { [ExperimentPermissions::READ] }
|
||||
let(:action_params) { { id: experiment.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :get, :edit do
|
||||
let(:testable) { experiment }
|
||||
let(:permissions) { [ExperimentPermissions::MANAGE] }
|
||||
let(:action_params) { { id: experiment.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :put, :update do
|
||||
let(:testable) { experiment }
|
||||
let(:permissions) { [ExperimentPermissions::MANAGE, ExperimentPermissions::RESTORE] }
|
||||
let(:action_params) { { id: experiment.id, experiment: { name: 'Test1' } } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :post, :archive do
|
||||
let(:testable) { experiment }
|
||||
let(:permissions) { [ExperimentPermissions::ARCHIVE] }
|
||||
let(:action_params) { { id: experiment.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :post, :archive_group do
|
||||
let(:testable) { experiment }
|
||||
let(:permissions) { [ExperimentPermissions::ARCHIVE] }
|
||||
let(:action_params) { { project_id: project.id, experiments_ids: [experiment.id] } }
|
||||
let(:custom_response_status) { :unprocessable_entity }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :post, :restore_group do
|
||||
let(:testable) { experiment }
|
||||
let(:permissions) { [ExperimentPermissions::RESTORE] }
|
||||
let(:action_params) { { project_id: project.id, experiments_ids: [experiment.id] } }
|
||||
let(:custom_response_status) { :unprocessable_entity }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :get, :clone_modal do
|
||||
let(:testable) { experiment }
|
||||
let(:permissions) { [ExperimentPermissions::CLONE] }
|
||||
let(:action_params) { { id: experiment.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :post, :clone do
|
||||
let(:testable) { experiment }
|
||||
let(:permissions) { [ExperimentPermissions::CLONE] }
|
||||
let(:action_params) { { id: experiment.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :get, :move_modal do
|
||||
let(:testable) { experiment }
|
||||
let(:permissions) { [ExperimentPermissions::MOVE] }
|
||||
let(:action_params) { { id: experiment.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :post, :move do
|
||||
let(:testable) { experiment }
|
||||
let(:permissions) { [ExperimentPermissions::MOVE] }
|
||||
let(:action_params) { { id: experiment.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :get, :module_archive do
|
||||
let(:testable) { experiment }
|
||||
let(:permissions) { [ExperimentPermissions::READ] }
|
||||
let(:action_params) { { id: experiment.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :get, :fetch_workflow_img do
|
||||
let(:testable) { experiment }
|
||||
let(:permissions) { [ExperimentPermissions::READ] }
|
||||
let(:action_params) { { id: experiment.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :get, :sidebar do
|
||||
let(:testable) { experiment }
|
||||
let(:permissions) { [ExperimentPermissions::READ] }
|
||||
let(:action_params) { { id: experiment.id } }
|
||||
end
|
||||
end
|
||||
end
|
Loading…
Reference in a new issue