1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
|
# encoding: utf-8
#--
# Copyright (C) 2012 Gitorious AS
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#++
require File.dirname(__FILE__) + "/../test_helper"
class RepositoryMembershipsControllerTest < ActionController::TestCase
should_render_in_site_specific_context :only => [:index]
should_enforce_ssl_for(:delete, :destroy)
should_enforce_ssl_for(:get, :index)
should_enforce_ssl_for(:post, :create)
should_enforce_ssl_for(:put, :update)
def setup
setup_ssl_from_config
@repository = repositories(:johans)
@user = users(:johan)
end
context "With private repos" do
setup do
enable_private_repositories
GitoriousConfig["use_ssl"] = false
end
context "index" do
should "reject unauthorized user from listing memberships" do
login_as :mike
get :index, params
assert_response 403
end
should "allow owner to manage access" do
login_as :johan
get :index, params
assert_response 200
end
should "state that repository is public" do
login_as :moe
@repository = repositories(:moes)
get :index, params
assert_response 200
assert_match /Repository is open/, @response.body
assert_match /Make private/, @response.body
end
end
context "create" do
should "reject anonymous user" do
login = @user.login
post :create, params(:user => { :login => login })
assert_response 302
end
should "explicitly add owner as collaborator" do
login = @user.login
login_as :johan
assert_difference("@repository.reload.content_memberships.count") do
post :create, params(:user => { :login => login })
end
end
should "default to adding owner if no parameters" do
login_as :johan
assert_difference("@repository.reload.content_memberships.count") do
post :create, params
end
assert_equal @user, @repository.content_memberships.first.member
end
should "add group as collaborator" do
team = groups(:a_team)
login_as :johan
assert_difference("@repository.reload.content_memberships.count") do
post :create, params(:group => { :name => team.name }, :user => { :login => "" })
end
assert can_read?(team, @repository)
end
should "redirect back to index" do
login = @user.login
login_as :johan
post :create, params(:user => { :login => login }, :group => { :name => "" })
assert_response :redirect
assert_redirected_to :action => "index"
end
should "render index if user can not be found" do
login_as :johan
post :create, params(:user => { :login => "login" })
assert_response 200
assert_template "index"
assert_match /No such user 'login'/, flash[:error]
end
should "render index if group can not be found" do
login_as :johan
post :create, params(:group => { :name => "login" })
assert_response 200
assert_template "index"
assert_match /No such group 'login'/, flash[:error]
end
end
context "destroy" do
setup do
@membership = @repository.content_memberships.first
end
should "reject unauthorized user" do
login_as :moe
delete :destroy, params(:id => @membership.id)
assert_response 403
end
should "remove member" do
login_as :johan
assert_difference("@repository.reload.content_memberships.count", -1) do
delete :destroy, params(:id => @membership.id)
end
end
should "redirect back to repository" do
login_as :johan
delete :destroy, params(:id => @membership.id)
assert_response :redirect
assert_redirected_to :action => "index"
end
should "remove all members to make repository public" do
login_as :johan
delete :destroy, params(:id => "all")
assert_equal 0, @repository.content_memberships.count
end
end
end
context "With private repos disabled" do
setup do
GitoriousConfig["enable_private_repositories"] = false
end
should "redirect to repository index" do
login_as :moe
@repository = repositories(:moes)
get :index, params
assert_redirected_to :controller => "repositories", :action => "show", :id => @repository.to_param
end
end
protected
def params(data = {})
{ :project_id => @repository.project.to_param,
:repository_id => @repository.to_param }.merge(data)
end
end
|