Commit f84f8d0bce83901b02a6930b7f312bbe3dd0c538
Committed by
Rafael Manzo
Rafael Manzo
1 parent
e5c7fb3b
Exists in
colab
and in
4 other branches
Reading edit
missing updates Signed-of By: Rafael Reggiani Manzo <rr.manzo@gmail.com>
Showing
10 changed files
with
159 additions
and
23 deletions
Show diff stats
app/controllers/concerns/ownership_authentication.rb
| @@ -13,20 +13,24 @@ module OwnershipAuthentication | @@ -13,20 +13,24 @@ module OwnershipAuthentication | ||
| 13 | check_reading_group_ownership(params[:id]) | 13 | check_reading_group_ownership(params[:id]) |
| 14 | end | 14 | end |
| 15 | 15 | ||
| 16 | + def reading_owner? | ||
| 17 | + check_reading_group_ownership(params[:reading_group_id]) | ||
| 18 | + end | ||
| 19 | + | ||
| 16 | def check_project_ownership(id) | 20 | def check_project_ownership(id) |
| 17 | if current_user.project_ownerships.find_by_project_id(id).nil? | 21 | if current_user.project_ownerships.find_by_project_id(id).nil? |
| 18 | respond_to do |format| | 22 | respond_to do |format| |
| 19 | format.html { redirect_to projects_url, notice: "You're not allowed to do this operation" } | 23 | format.html { redirect_to projects_url, notice: "You're not allowed to do this operation" } |
| 20 | - format.json { head :no_content } | 24 | + format.json { head :no_content } |
| 21 | end | 25 | end |
| 22 | end | 26 | end |
| 23 | end | 27 | end |
| 24 | - | 28 | + |
| 25 | def check_reading_group_ownership(id) | 29 | def check_reading_group_ownership(id) |
| 26 | if current_user.reading_group_ownerships.find_by_reading_group_id(id).nil? | 30 | if current_user.reading_group_ownerships.find_by_reading_group_id(id).nil? |
| 27 | respond_to do |format| | 31 | respond_to do |format| |
| 28 | - format.html { redirect_to reading_group_url, notice: "You're not allowed to do this operation" } | ||
| 29 | - format.json { head :no_content } | 32 | + format.html { redirect_to reading_group_url(id), notice: "You're not allowed to do this operation" } |
| 33 | + format.json { head :no_content } | ||
| 30 | end | 34 | end |
| 31 | end | 35 | end |
| 32 | end | 36 | end |
app/controllers/readings_controller.rb
| @@ -2,7 +2,8 @@ include OwnershipAuthentication | @@ -2,7 +2,8 @@ include OwnershipAuthentication | ||
| 2 | 2 | ||
| 3 | class ReadingsController < ApplicationController | 3 | class ReadingsController < ApplicationController |
| 4 | before_action :authenticate_user!, except: [:show, :index] | 4 | before_action :authenticate_user!, except: [:show, :index] |
| 5 | - # before_action :reading_group_owner?, except: [:show] | 5 | + before_action :set_reading, only: [:show, :edit, :update, :destroy] |
| 6 | + before_action :reading_owner?, except: [:show] | ||
| 6 | 7 | ||
| 7 | def new | 8 | def new |
| 8 | @reading_group_id = params[:reading_group_id] | 9 | @reading_group_id = params[:reading_group_id] |
| @@ -17,6 +18,11 @@ class ReadingsController < ApplicationController | @@ -17,6 +18,11 @@ class ReadingsController < ApplicationController | ||
| 17 | end | 18 | end |
| 18 | end | 19 | end |
| 19 | 20 | ||
| 21 | + # GET /readings/1/edit | ||
| 22 | + def edit | ||
| 23 | + @reading_group_id = params[:reading_group_id] | ||
| 24 | + end | ||
| 25 | + | ||
| 20 | private | 26 | private |
| 21 | 27 | ||
| 22 | # Never trust parameters from the scary internet, only allow the white list through. | 28 | # Never trust parameters from the scary internet, only allow the white list through. |
| @@ -41,4 +47,7 @@ class ReadingsController < ApplicationController | @@ -41,4 +47,7 @@ class ReadingsController < ApplicationController | ||
| 41 | end | 47 | end |
| 42 | end | 48 | end |
| 43 | 49 | ||
| 50 | + def set_reading | ||
| 51 | + @reading = Reading.find(params[:id].to_i) | ||
| 52 | + end | ||
| 44 | end | 53 | end |
| @@ -0,0 +1,8 @@ | @@ -0,0 +1,8 @@ | ||
| 1 | +<div class="page-header"> | ||
| 2 | + <h1>Editing Reading</h1> | ||
| 3 | +</div> | ||
| 4 | + | ||
| 5 | +<%= form_for(@reading, :url => reading_group_reading_update_url(@reading_group_id, @reading.id), method: :put) do |f| %> | ||
| 6 | + <%= render partial: 'form', locals: {f: f} %> | ||
| 7 | + <%= link_to 'Back', reading_group_path(@reading_group_id), class: 'btn btn-default' %> | ||
| 8 | +<% end %> |
app/views/repositories/edit.html.erb
| 1 | <div class="page-header"> | 1 | <div class="page-header"> |
| 2 | - <h1>Editing repository</h1> | 2 | + <h1>Editing Repository</h1> |
| 3 | </div> | 3 | </div> |
| 4 | 4 | ||
| 5 | <%= form_for(@repository, :url => project_repository_update_url(@project_id, @repository.id), method: :put) do |f| %> | 5 | <%= form_for(@repository, :url => project_repository_update_url(@project_id, @repository.id), method: :put) do |f| %> |
| 6 | - <%= render partial: 'form', locals: {f: f} %> | 6 | + <%= render partial: 'form', locals: {f: f} %> |
| 7 | <%= link_to 'Back', project_path(@project_id), class: 'btn btn-default' %> | 7 | <%= link_to 'Back', project_path(@project_id), class: 'btn btn-default' %> |
| 8 | <% end %> | 8 | <% end %> |
| 9 | - |
config/routes.rb
| @@ -13,7 +13,8 @@ Mezuro::Application.routes.draw do | @@ -13,7 +13,8 @@ Mezuro::Application.routes.draw do | ||
| 13 | end | 13 | end |
| 14 | 14 | ||
| 15 | resources :reading_groups do | 15 | resources :reading_groups do |
| 16 | - resources :readings, except: [:index, :show] | 16 | + resources :readings, except: [:index, :show, :update] |
| 17 | + put '/readings/:id' => 'readings#update', as: :reading_update | ||
| 17 | end | 18 | end |
| 18 | 19 | ||
| 19 | #resources :modules | 20 | #resources :modules |
| @@ -0,0 +1,47 @@ | @@ -0,0 +1,47 @@ | ||
| 1 | +Feature: Reading Edit | ||
| 2 | + In Order to be able to update my readings info | ||
| 3 | + As a regular user | ||
| 4 | + I should be able to edit my readings | ||
| 5 | + | ||
| 6 | +@kalibro_restart @wip | ||
| 7 | + Scenario: editing a reading successfully | ||
| 8 | + Given I am a regular user | ||
| 9 | + And I am signed in | ||
| 10 | + And I own a sample reading group | ||
| 11 | + And I have a sample reading within the sample reading group | ||
| 12 | + And I am at the Edit Reading page | ||
| 13 | + Then the field "Label" should be filled with "Good" | ||
| 14 | + And the field "Grade" should be filled with "10.5" | ||
| 15 | + And the field "Color" should be filled with "33dd33" | ||
| 16 | + When I fill the Label field with "Bad" | ||
| 17 | + And I press the Save button | ||
| 18 | + Then I should see "Bad" | ||
| 19 | + And I should see "10.5" | ||
| 20 | + And I should see "33dd33" | ||
| 21 | + | ||
| 22 | + @kalibro_restart @wip | ||
| 23 | + Scenario: editing a reading with blank fields | ||
| 24 | + Given I am a regular user | ||
| 25 | + And I am signed in | ||
| 26 | + And I own a sample project | ||
| 27 | + And I have a sample configuration with native metrics | ||
| 28 | + And I have a sample repository within the sample project named "QtCalculator" | ||
| 29 | + And I am at repository edit page | ||
| 30 | + When I fill the Name field with " " | ||
| 31 | + And I fill the Address field with " " | ||
| 32 | + And I press the Save button | ||
| 33 | + Then I should see "Name can't be blank" | ||
| 34 | + And I should see "Address can't be blank" | ||
| 35 | + | ||
| 36 | + @kalibro_restart @wip | ||
| 37 | + Scenario: editing a reading with already taken name | ||
| 38 | + Given I am a regular user | ||
| 39 | + And I am signed in | ||
| 40 | + And I own a sample project | ||
| 41 | + And I have a sample configuration with native metrics | ||
| 42 | + And I have a sample repository within the sample project named "MedSquare" | ||
| 43 | + And I have a sample repository within the sample project named "QtCalculator" | ||
| 44 | + And I am at repository edit page | ||
| 45 | + When I fill the Name field with "MedSquare" | ||
| 46 | + And I press the Save button | ||
| 47 | + Then I should see "There's already" | ||
| 0 | \ No newline at end of file | 48 | \ No newline at end of file |
features/step_definitions/reading_group_steps.rb
| 1 | require 'kalibro_gem/errors' | 1 | require 'kalibro_gem/errors' |
| 2 | 2 | ||
| 3 | +Given(/^I own a sample reading group$/) do | ||
| 4 | + @reading_group = FactoryGirl.create(:reading_group, {id: nil}) | ||
| 5 | + FactoryGirl.create(:reading_group_ownership, {user_id: @user.id, reading_group_id: @reading_group.id}) | ||
| 6 | +end | ||
| 7 | + | ||
| 3 | Given(/^I have a sample reading group$/) do | 8 | Given(/^I have a sample reading group$/) do |
| 4 | @reading_group = FactoryGirl.create(:reading_group, {id: nil}) | 9 | @reading_group = FactoryGirl.create(:reading_group, {id: nil}) |
| 5 | end | 10 | end |
| @@ -8,4 +13,3 @@ When(/^I am at the Sample Reading Group page$/) do | @@ -8,4 +13,3 @@ When(/^I am at the Sample Reading Group page$/) do | ||
| 8 | page.should have_content(@reading_group.name) | 13 | page.should have_content(@reading_group.name) |
| 9 | page.should have_content(@reading_group.description) | 14 | page.should have_content(@reading_group.description) |
| 10 | end | 15 | end |
| 11 | - |
features/step_definitions/reading_steps.rb
| @@ -6,3 +6,6 @@ Given(/^I am at the New Reading page$/) do | @@ -6,3 +6,6 @@ Given(/^I am at the New Reading page$/) do | ||
| 6 | visit new_reading_group_reading_url(@reading_group.id) | 6 | visit new_reading_group_reading_url(@reading_group.id) |
| 7 | end | 7 | end |
| 8 | 8 | ||
| 9 | +Given(/^I am at the Edit Reading page$/) do | ||
| 10 | + visit edit_reading_group_reading_url(@reading_group.id, @reading.id) | ||
| 11 | +end |
spec/controllers/readings_controller_spec.rb
| @@ -6,11 +6,26 @@ describe ReadingsController do | @@ -6,11 +6,26 @@ describe ReadingsController do | ||
| 6 | describe 'new' do | 6 | describe 'new' do |
| 7 | before :each do | 7 | before :each do |
| 8 | sign_in FactoryGirl.create(:user) | 8 | sign_in FactoryGirl.create(:user) |
| 9 | - get :new, reading_group_id: reading_group.id | ||
| 10 | end | 9 | end |
| 11 | 10 | ||
| 12 | - it { should respond_with(:success) } | ||
| 13 | - it { should render_template(:new) } | 11 | + context 'when the current user owns the reading group' do |
| 12 | + before :each do | ||
| 13 | + subject.expects(:reading_owner?).returns true | ||
| 14 | + get :new, reading_group_id: reading_group.id | ||
| 15 | + end | ||
| 16 | + | ||
| 17 | + it { should respond_with(:success) } | ||
| 18 | + it { should render_template(:new) } | ||
| 19 | + end | ||
| 20 | + | ||
| 21 | + context "when the current user doesn't owns the reading group" do | ||
| 22 | + before :each do | ||
| 23 | + get :new, reading_group_id: reading_group.id | ||
| 24 | + end | ||
| 25 | + | ||
| 26 | + it { should redirect_to(reading_group_url(reading_group.id)) } | ||
| 27 | + it { should respond_with(:redirect) } | ||
| 28 | + end | ||
| 14 | end | 29 | end |
| 15 | 30 | ||
| 16 | describe 'create' do | 31 | describe 'create' do |
| @@ -21,24 +36,70 @@ describe ReadingsController do | @@ -21,24 +36,70 @@ describe ReadingsController do | ||
| 21 | sign_in FactoryGirl.create(:user) | 36 | sign_in FactoryGirl.create(:user) |
| 22 | end | 37 | end |
| 23 | 38 | ||
| 24 | - context 'with valid fields' do | 39 | + context 'when the current user owns the reading group' do |
| 25 | before :each do | 40 | before :each do |
| 26 | - Reading.any_instance.expects(:save).returns(true) | 41 | + subject.expects(:reading_owner?).returns true |
| 42 | + end | ||
| 43 | + | ||
| 44 | + context 'with valid fields' do | ||
| 45 | + before :each do | ||
| 46 | + Reading.any_instance.expects(:save).returns(true) | ||
| 27 | 47 | ||
| 28 | - post :create, reading_group_id: reading_group.id, reading: reading_params | 48 | + post :create, reading_group_id: reading_group.id, reading: reading_params |
| 49 | + end | ||
| 50 | + | ||
| 51 | + it { should respond_with(:redirect) } | ||
| 29 | end | 52 | end |
| 30 | 53 | ||
| 31 | - it { should respond_with(:redirect) } | 54 | + context 'with invalid fields' do |
| 55 | + before :each do | ||
| 56 | + Reading.any_instance.expects(:save).returns(false) | ||
| 57 | + | ||
| 58 | + post :create, reading_group_id: reading_group.id, reading: reading_params | ||
| 59 | + end | ||
| 60 | + | ||
| 61 | + it { should render_template(:new) } | ||
| 62 | + end | ||
| 32 | end | 63 | end |
| 64 | + end | ||
| 33 | 65 | ||
| 34 | - context 'with invalid fields' do | ||
| 35 | - before :each do | ||
| 36 | - Reading.any_instance.expects(:save).returns(false) | 66 | + describe 'edit' do |
| 67 | + let(:reading) { FactoryGirl.build(:reading) } | ||
| 37 | 68 | ||
| 38 | - post :create, reading_group_id: reading_group.id, reading: reading_params | 69 | + context 'with an User logged in' do |
| 70 | + before do | ||
| 71 | + sign_in FactoryGirl.create(:user) | ||
| 39 | end | 72 | end |
| 40 | 73 | ||
| 41 | - it { should render_template(:new) } | 74 | + context 'when the user owns the reading' do |
| 75 | + before :each do | ||
| 76 | + subject.expects(:reading_owner?).returns true | ||
| 77 | + Reading.expects(:find).at_least_once.with(reading.id).returns(reading) | ||
| 78 | + get :edit, id: reading.id, reading_group_id: reading_group.id.to_s | ||
| 79 | + end | ||
| 80 | + | ||
| 81 | + it { should render_template(:edit) } | ||
| 82 | + end | ||
| 83 | + | ||
| 84 | + context 'when the user does not own the reading' do | ||
| 85 | + before do | ||
| 86 | + Reading.expects(:find).at_least_once.with(reading.id).returns(reading) | ||
| 87 | + | ||
| 88 | + get :edit, id: reading.id, reading_group_id: reading_group.id.to_s | ||
| 89 | + end | ||
| 90 | + | ||
| 91 | + it { should redirect_to(reading_group_url(reading_group.id)) } | ||
| 92 | + it { should respond_with(:redirect) } | ||
| 93 | + it { should set_the_flash[:notice].to("You're not allowed to do this operation") } | ||
| 94 | + end | ||
| 95 | + end | ||
| 96 | + | ||
| 97 | + context 'with no user logged in' do | ||
| 98 | + before :each do | ||
| 99 | + get :edit, id: reading.id, reading_group_id: reading_group.id.to_s | ||
| 100 | + end | ||
| 101 | + | ||
| 102 | + it { should redirect_to new_user_session_path } | ||
| 42 | end | 103 | end |
| 43 | end | 104 | end |
| 44 | end | 105 | end |
| 45 | \ No newline at end of file | 106 | \ No newline at end of file |
spec/controllers/repositories_controller_spec.rb
| @@ -5,7 +5,7 @@ describe RepositoriesController do | @@ -5,7 +5,7 @@ describe RepositoriesController do | ||
| 5 | 5 | ||
| 6 | describe 'new' do | 6 | describe 'new' do |
| 7 | before :each do | 7 | before :each do |
| 8 | - sign_in FactoryGirl.create(:user) | 8 | + sign_in FactoryGirl.create(:user) #TODO create a context when there's no user logged in |
| 9 | end | 9 | end |
| 10 | 10 | ||
| 11 | context 'when the current user owns the project' do | 11 | context 'when the current user owns the project' do |