mirror of
https://github.com/scinote-eln/scinote-web.git
synced 2025-03-06 04:34:06 +08:00
Merge pull request #3552 from aignatov-bio/ai-sci-6064-add-permissions-tests-for-my-module-repositories
Add permissions tests for my_module_repositories and my_module_repository_snapshots [SCI-6064]
This commit is contained in:
Alex Kriuchykhin
GitHub
commit
c7760435bf
5 changed files with 183 additions and 3 deletions
|
|
@ -151,7 +151,7 @@ class MyModuleRepositoriesController < ApplicationController
|
|||
end
|
||||
|
||||
def check_my_module_view_permissions
|
||||
render_403 unless can_read_experiment?(@my_module.experiment)
|
||||
render_403 unless can_read_my_module?(@my_module)
|
||||
end
|
||||
|
||||
def check_repository_view_permissions
|
||||
|
|
|
|||
|
|
@ -5,7 +5,8 @@ class MyModuleRepositorySnapshotsController < ApplicationController
|
|||
before_action :load_repository, only: :create
|
||||
before_action :load_repository_snapshot, except: %i(create full_view_sidebar select)
|
||||
before_action :check_view_permissions, except: %i(create destroy select)
|
||||
before_action :check_manage_permissions, only: %i(create destroy select)
|
||||
before_action :check_manage_permissions, only: %i(destroy select)
|
||||
before_action :check_create_permissions, only: %i(create)
|
||||
|
||||
def index_dt
|
||||
@draw = params[:draw].to_i
|
||||
|
|
@ -144,7 +145,11 @@ class MyModuleRepositorySnapshotsController < ApplicationController
|
|||
end
|
||||
|
||||
def check_view_permissions
|
||||
render_403 unless can_read_experiment?(@my_module.experiment)
|
||||
render_403 unless can_read_my_module?(@my_module)
|
||||
end
|
||||
|
||||
def check_create_permissions
|
||||
render_403 unless can_create_my_module_repository_snapshots?(@my_module)
|
||||
end
|
||||
|
||||
def check_manage_permissions
|
||||
|
|
|
|||
12
spec/factories/repository_snapshots.rb
Normal file
12
spec/factories/repository_snapshots.rb
Normal file
|
|
@ -0,0 +1,12 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
FactoryBot.define do
|
||||
factory :repository_snapshot do
|
||||
name { original_repository.name }
|
||||
status { :ready }
|
||||
created_by { original_repository.created_by }
|
||||
team { original_repository.team }
|
||||
original_repository { repository }
|
||||
my_module
|
||||
end
|
||||
end
|
||||
|
|
@ -0,0 +1,78 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'rails_helper'
|
||||
|
||||
describe MyModuleRepositoriesController, type: :controller do
|
||||
include PermissionExtends
|
||||
|
||||
it_behaves_like "a controller with authentication", {
|
||||
index_dt: { my_module_id: 1, id: 1 },
|
||||
update: { my_module_id: 1, id: 1 },
|
||||
update_repository_records_modal: { my_module_id: 1, id: 1 },
|
||||
assign_repository_records_modal: { my_module_id: 1, id: 1 },
|
||||
repositories_list_html: { my_module_id: 1 },
|
||||
full_view_table: { my_module_id: 1, id: 1 },
|
||||
repositories_dropdown_list: { my_module_id: 1 },
|
||||
export_repository: { my_module_id: 1, id: 1 }
|
||||
}, []
|
||||
|
||||
login_user
|
||||
|
||||
describe 'permissions checking' do
|
||||
include_context 'reference_project_structure', {
|
||||
team_role: :normal_user
|
||||
}
|
||||
|
||||
let(:repository) { create :repository, team: team }
|
||||
let (:repository_row) { create :repository_row, repository: repository, created_by: user, last_modified_by: user }
|
||||
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :get, :index_dt do
|
||||
let(:testable) { my_module }
|
||||
let(:permissions) { [MyModulePermissions::READ] }
|
||||
let(:action_params) { { my_module_id: my_module.id, id: repository.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :put, :update do
|
||||
let(:testable) { my_module }
|
||||
let(:permissions) { [MyModulePermissions::REPOSITORY_ROWS_ASSIGN] }
|
||||
let(:action_params) { { my_module_id: my_module.id, id: repository.id, rows_to_assign: [repository_row.id] } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :get, :update_repository_records_modal do
|
||||
let(:testable) { my_module }
|
||||
let(:permissions) { [MyModulePermissions::READ] }
|
||||
let(:action_params) { { my_module_id: my_module.id, id: repository.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :get, :assign_repository_records_modal do
|
||||
let(:testable) { my_module }
|
||||
let(:permissions) { [MyModulePermissions::READ] }
|
||||
let(:action_params) { { my_module_id: my_module.id, id: repository.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :get, :repositories_list_html do
|
||||
let(:testable) { my_module }
|
||||
let(:permissions) { [MyModulePermissions::READ] }
|
||||
let(:action_params) { { my_module_id: my_module.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :get, :full_view_table do
|
||||
let(:testable) { my_module }
|
||||
let(:permissions) { [MyModulePermissions::READ] }
|
||||
let(:action_params) { { my_module_id: my_module.id, id: repository.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :get, :repositories_dropdown_list do
|
||||
let(:testable) { my_module }
|
||||
let(:permissions) { [MyModulePermissions::READ] }
|
||||
let(:action_params) { { my_module_id: my_module.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :post, :export_repository do
|
||||
let(:testable) { my_module }
|
||||
let(:permissions) { [MyModulePermissions::READ] }
|
||||
let(:action_params) { { my_module_id: my_module.id, id: repository.id } }
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
@ -0,0 +1,85 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'rails_helper'
|
||||
|
||||
describe MyModuleRepositorySnapshotsController, type: :controller do
|
||||
include PermissionExtends
|
||||
|
||||
it_behaves_like "a controller with authentication", {
|
||||
index_dt: { my_module_id: 1, id: 1 },
|
||||
create: { my_module_id: 1, repository_id: 1 },
|
||||
status: { my_module_id: 1, id: 1 },
|
||||
show: { my_module_id: 1, id: 1 },
|
||||
destroy: { my_module_id: 1, id: 1 },
|
||||
full_view_table: { my_module_id: 1, id: 1 },
|
||||
full_view_sidebar: { my_module_id: 1, repository_id: 1 },
|
||||
select: { my_module_id: 1 },
|
||||
export_repository_snapshot: { my_module_id: 1, id: 1 }
|
||||
}, []
|
||||
|
||||
login_user
|
||||
|
||||
describe 'permissions checking' do
|
||||
include_context 'reference_project_structure', {
|
||||
team_role: :normal_user
|
||||
}
|
||||
|
||||
let(:repository) { create :repository, team: team }
|
||||
let (:repository_row) { create :repository_row, repository: repository, created_by: user, last_modified_by: user }
|
||||
let (:repository_snapshot) { create :repository_snapshot, original_repository: repository, my_module: my_module }
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :get, :index_dt do
|
||||
let(:testable) { my_module }
|
||||
let(:permissions) { [MyModulePermissions::READ] }
|
||||
let(:action_params) { { my_module_id: my_module.id, id: repository_snapshot.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :post, :create do
|
||||
let(:testable) { my_module }
|
||||
let(:permissions) { [MyModulePermissions::REPOSITORY_ROWS_MANAGE] }
|
||||
let(:action_params) { { my_module_id: my_module.id, repository_id: repository.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :get, :status do
|
||||
let(:testable) { my_module }
|
||||
let(:permissions) { [MyModulePermissions::READ] }
|
||||
let(:action_params) { { my_module_id: my_module.id, id: repository_snapshot.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :get, :show do
|
||||
let(:testable) { my_module }
|
||||
let(:permissions) { [MyModulePermissions::READ] }
|
||||
let(:action_params) { { my_module_id: my_module.id, id: repository_snapshot.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :delete, :destroy do
|
||||
let(:testable) { my_module }
|
||||
let(:permissions) { [MyModulePermissions::REPOSITORY_ROWS_MANAGE] }
|
||||
let(:action_params) { { my_module_id: my_module.id, id: repository_snapshot.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :get, :full_view_table do
|
||||
let(:testable) { my_module }
|
||||
let(:permissions) { [MyModulePermissions::READ] }
|
||||
let(:action_params) { { my_module_id: my_module.id, id: repository_snapshot.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :get, :full_view_sidebar do
|
||||
let(:testable) { my_module }
|
||||
let(:permissions) { [MyModulePermissions::READ] }
|
||||
let(:action_params) { { my_module_id: my_module.id, repository_id: repository.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :post, :select do
|
||||
let(:testable) { my_module }
|
||||
let(:permissions) { [MyModulePermissions::REPOSITORY_ROWS_MANAGE] }
|
||||
let(:action_params) { { my_module_id: my_module.id, repository_snapshot_id: repository_snapshot.id } }
|
||||
end
|
||||
|
||||
it_behaves_like "a controller action with permissions checking", :post, :export_repository_snapshot do
|
||||
let(:testable) { my_module }
|
||||
let(:permissions) { [MyModulePermissions::READ] }
|
||||
let(:action_params) { { my_module_id: my_module.id, id: repository_snapshot.id } }
|
||||
end
|
||||
end
|
||||
end
|
||||
Loading…
Reference in a new issue