From 4dba87a9b0eaa585c4c1158f2e364ec82b6bf4f3 Mon Sep 17 00:00:00 2001 From: Diego Araújo Date: Thu, 19 Dec 2013 13:02:00 -0200 Subject: [PATCH] Reading group ownerships. --- app/controllers/concerns/ownership_authentication.rb | 23 ++++++++++++++++++----- app/controllers/projects_controller.rb | 2 +- app/controllers/repositories_controller.rb | 2 +- app/models/reading_group_ownership.rb | 8 ++++++++ app/models/user.rb | 7 ++++++- db/migrate/20131219115819_create_reading_group_ownerships.rb | 10 ++++++++++ spec/controllers/repositories_controller_spec.rb | 12 ++++++------ spec/factories/reading_group_ownerships.rb | 8 ++++++++ spec/models/reading_group_ownership_spec.rb | 22 ++++++++++++++++++++++ spec/models/user_spec.rb | 18 +++++++++++++++++- 10 files changed, 97 insertions(+), 15 deletions(-) create mode 100644 app/models/reading_group_ownership.rb create mode 100644 db/migrate/20131219115819_create_reading_group_ownerships.rb create mode 100644 spec/factories/reading_group_ownerships.rb create mode 100644 spec/models/reading_group_ownership_spec.rb diff --git a/app/controllers/concerns/ownership_authentication.rb b/app/controllers/concerns/ownership_authentication.rb index 64460d5..a7a527e 100644 --- a/app/controllers/concerns/ownership_authentication.rb +++ b/app/controllers/concerns/ownership_authentication.rb @@ -1,15 +1,19 @@ module OwnershipAuthentication extend ActiveSupport::Concern - def check_project_ownership - check_ownership(params[:id]) + def project_owner? + check_project_ownership(params[:id]) end - def check_repository_ownership - check_ownership(params[:project_id]) + def repository_owner? + check_project_ownership(params[:project_id]) + end + + def reading_group_owner? + check_reading_group_ownership(params[:id]) end - def check_ownership(id) + def check_project_ownership(id) if current_user.project_ownerships.find_by_project_id(id).nil? respond_to do |format| format.html { redirect_to projects_url, notice: "You're not allowed to do this operation" } @@ -17,4 +21,13 @@ module OwnershipAuthentication end end end + + def check_reading_group_ownership(id) + if current_user.reading_group_ownerships.find_by_reading_group_id(id).nil? + respond_to do |format| + format.html { redirect_to reading_group_url, notice: "You're not allowed to do this operation" } + format.json { head :no_content } + end + end + end end diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index 9c366a8..71f5b20 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -3,7 +3,7 @@ include OwnershipAuthentication class ProjectsController < ApplicationController before_action :authenticate_user!, except: [:index, :show] - before_action :check_project_ownership, only: [:edit, :update, :destroy] + before_action :project_owner?, only: [:edit, :update, :destroy] # GET /projects/new def new diff --git a/app/controllers/repositories_controller.rb b/app/controllers/repositories_controller.rb index c4580c6..493d623 100644 --- a/app/controllers/repositories_controller.rb +++ b/app/controllers/repositories_controller.rb @@ -3,7 +3,7 @@ include OwnershipAuthentication class RepositoriesController < ApplicationController before_action :authenticate_user!, except: [:show, :state] before_action :set_repository, only: [:show, :edit, :update, :destroy, :state, :process_repository] - before_action :check_repository_ownership, except: [:show, :state] + before_action :repository_owner?, except: [:show, :state] # GET /projects/1/repositories/1 # GET /projects/1/repositories/1.json diff --git a/app/models/reading_group_ownership.rb b/app/models/reading_group_ownership.rb new file mode 100644 index 0000000..575f02a --- /dev/null +++ b/app/models/reading_group_ownership.rb @@ -0,0 +1,8 @@ +class ReadingGroupOwnership < ActiveRecord::Base + belongs_to :user + validates :reading_group_id, presence: true + + def reading_group + ReadingGroup.find(reading_group_id) + end +end diff --git a/app/models/user.rb b/app/models/user.rb index f217cb5..c2ce50e 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -9,10 +9,15 @@ class User < ActiveRecord::Base validates :email, uniqueness: true has_many :project_ownerships + + has_many :reading_group_ownerships # Alert: when adding new parameters to this model, they should also be added to registrations_controller def projects - #raise project_ownerships.inspect project_ownerships.map { |project_ownership| project_ownership.project } end + + def reading_groups + reading_group_ownerships.map { |reading_group_ownership| reading_group_ownership.reading_group } + end end diff --git a/db/migrate/20131219115819_create_reading_group_ownerships.rb b/db/migrate/20131219115819_create_reading_group_ownerships.rb new file mode 100644 index 0000000..2ddc95b --- /dev/null +++ b/db/migrate/20131219115819_create_reading_group_ownerships.rb @@ -0,0 +1,10 @@ +class CreateReadingGroupOwnerships < ActiveRecord::Migration + def change + create_table :reading_group_ownerships do |t| + t.integer :user_id + t.integer :reading_group_id + + t.timestamps + end + end +end diff --git a/spec/controllers/repositories_controller_spec.rb b/spec/controllers/repositories_controller_spec.rb index 378ef84..67dca05 100644 --- a/spec/controllers/repositories_controller_spec.rb +++ b/spec/controllers/repositories_controller_spec.rb @@ -11,7 +11,7 @@ describe RepositoriesController do context 'when the current user owns the project' do before :each do Repository.expects(:repository_types).returns([]) - subject.expects(:check_repository_ownership).returns true + subject.expects(:repository_owner?).returns true get :new, project_id: project.id.to_s end @@ -40,7 +40,7 @@ describe RepositoriesController do context 'when the current user owns the project' do before :each do - subject.expects(:check_repository_ownership).returns true + subject.expects(:repository_owner?).returns true end context 'with valid fields' do @@ -117,7 +117,7 @@ describe RepositoriesController do context 'when the user owns the project' do before :each do - subject.expects(:check_repository_ownership).returns true + subject.expects(:repository_owner?).returns true repository.expects(:destroy) Repository.expects(:find).at_least_once.with(repository.id).returns(repository) @@ -159,7 +159,7 @@ describe RepositoriesController do context 'when the user owns the repository' do before :each do - subject.expects(:check_repository_ownership).returns true + subject.expects(:repository_owner?).returns true Repository.expects(:find).at_least_once.with(repository.id).returns(repository) Repository.expects(:repository_types).returns(["SUBVERSION"]) get :edit, id: repository.id, project_id: project.id.to_s @@ -201,7 +201,7 @@ describe RepositoriesController do context 'when user owns the repository' do before :each do - subject.expects(:check_repository_ownership).returns true + subject.expects(:repository_owner?).returns true end context 'with valid fields' do @@ -327,7 +327,7 @@ describe RepositoriesController do let(:repository) { FactoryGirl.build(:repository) } before :each do sign_in FactoryGirl.create(:user) - subject.expects(:check_repository_ownership).returns true + subject.expects(:repository_owner?).returns true repository.expects(:process) Repository.expects(:find).at_least_once.with(repository.id).returns(repository) KalibroGem::Entities::Configuration.expects(:find).with(repository.id).returns(FactoryGirl.build(:configuration)) diff --git a/spec/factories/reading_group_ownerships.rb b/spec/factories/reading_group_ownerships.rb new file mode 100644 index 0000000..10dde0f --- /dev/null +++ b/spec/factories/reading_group_ownerships.rb @@ -0,0 +1,8 @@ +# Read about factories at https://github.com/thoughtbot/factory_girl + +FactoryGirl.define do + factory :reading_group_ownership do + user_id 1 + reading_group_id 1 + end +end diff --git a/spec/models/reading_group_ownership_spec.rb b/spec/models/reading_group_ownership_spec.rb new file mode 100644 index 0000000..5da1bd1 --- /dev/null +++ b/spec/models/reading_group_ownership_spec.rb @@ -0,0 +1,22 @@ +require 'spec_helper' + +describe ReadingGroupOwnership do + describe 'associations' do + it { should belong_to(:user) } + end + + describe 'methods' do + describe 'reading_group' do + subject {FactoryGirl.build(:reading_group_ownership)} + let(:reading_group) {FactoryGirl.build(:reading_group)} + + before :each do + ReadingGroup.expects(:find).with(subject.reading_group_id).returns(reading_group) + end + + it 'should return the reading_group' do + subject.reading_group.should eq(reading_group) + end + end + end +end diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index ac649e0..4bdae09 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -11,6 +11,7 @@ describe User do describe 'associations' do it { should have_many(:project_ownerships) } + it { should have_many(:reading_group_ownerships) } end describe 'methods' do @@ -27,6 +28,21 @@ describe User do it 'should return a list of projects owned by the user' do subject.projects.should eq([project]) end - end + end + + describe 'reading_groups' do + subject { FactoryGirl.build(:user) } + let(:reading_group) {FactoryGirl.build(:reading_group)} + let(:reading_group_ownership) {FactoryGirl.build(:reading_group_ownership)} + + before :each do + reading_group_ownership.expects(:reading_group).returns(reading_group) + subject.expects(:reading_group_ownerships).returns([reading_group_ownership]) + end + + it 'should return a list of reading groups owned by the user' do + subject.reading_groups.should eq([reading_group]) + end + end end end -- libgit2 0.21.2