Don't show regular users links to manage apps

Jared Pace
1 parent 3977fd27
Showing 6 changed files with 95 additions and 87 deletions Show diff stats
app/controllers/apps_controller.rb
app/views/apps/index.html.haml
app/views/apps/show.html.haml
spec/controllers/apps_controller_spec.rb
spec/controllers/users_controller_spec.rb
spec/support/macros.rb
 class AppsController < ApplicationController
  
+  before_filter :require_admin!, :except => [:index, :show]
+  
   def index
     @apps = App.all
   end
 - content_for :title, 'Apps'
 - content_for :action_bar do
-  %span= link_to('Add a New App', new_app_path, :class => 'add')
+  %span= link_to('Add a New App', new_app_path, :class => 'add') if current_user.admin?
  
 %table.apps
   %thead
@@ -5,9 +5,10 @@
   %strong API Key:
   = @app.api_key
 - content_for :action_bar do
-  = link_to 'edit', edit_app_path(@app)
-  |
-  = link_to 'destroy', app_path(@app), :method => :delete, :confirm => 'Seriously?'
+  - if current_user.admin?
+    = link_to 'edit', edit_app_path(@app)
+    |
+    = link_to 'destroy', app_path(@app), :method => :delete, :confirm => 'Seriously?'
  
 - if @app.errs.none?
   %h3 Setup your app
 require 'spec_helper'
  
-describe AppsController do
+describe AppsController, :focused => true do
  
   it_requires_authentication
-  
-  before do
-    sign_in Factory(:user)
-  end
+  it_requires_admin_privileges :for => {:new => :get, :edit => :get, :create => :post, :update => :put, :destroy => :delete}
  
   describe "GET /apps" do
     it 'finds all apps' do
+      sign_in Factory(:user)
       3.times { Factory(:app) }
       apps = App.all
       get :index
@@ -19,115 +17,122 @@ describe AppsController do
  
   describe "GET /apps/:id" do
     it 'finds the app' do
+      sign_in Factory(:user)
       app = Factory(:app)
       get :show, :id => app.id
       assigns(:app).should == app
     end
   end
  
-  describe "GET /apps/new" do
-    it 'instantiates a new app with a prebuilt watcher' do
-      get :new
-      assigns(:app).should be_a(App)
-      assigns(:app).should be_new_record
-      assigns(:app).watchers.should_not be_empty
+  context 'logged in as an admin' do
+    before do
+      sign_in Factory(:admin)
     end
-  end
  
-  describe "GET /apps/:id/edit" do
-    it 'finds the correct app' do
-      app = Factory(:app)
-      get :edit, :id => app.id
-      assigns(:app).should == app
+    describe "GET /apps/new" do
+      it 'instantiates a new app with a prebuilt watcher' do
+        get :new
+        assigns(:app).should be_a(App)
+        assigns(:app).should be_new_record
+        assigns(:app).watchers.should_not be_empty
+      end
     end
-  end
  
-  describe "POST /apps" do
-    before do
-      @app = Factory(:app)
-      App.stub(:new).and_return(@app)
+    describe "GET /apps/:id/edit" do
+      it 'finds the correct app' do
+        app = Factory(:app)
+        get :edit, :id => app.id
+        assigns(:app).should == app
+      end
     end
-    
-    context "when the create is successful" do
+  
+    describe "POST /apps" do
       before do
-        @app.should_receive(:save).and_return(true)
+        @app = Factory(:app)
+        App.stub(:new).and_return(@app)
       end
+    
+      context "when the create is successful" do
+        before do
+          @app.should_receive(:save).and_return(true)
+        end
  
-      it "should redirect to the app page" do
-        post :create, :app => {}
-        response.should redirect_to(app_path(@app))
-      end
+        it "should redirect to the app page" do
+          post :create, :app => {}
+          response.should redirect_to(app_path(@app))
+        end
  
-      it "should display a message" do
-        post :create, :app => {}
-        request.flash[:success].should match(/success/)
+        it "should display a message" do
+          post :create, :app => {}
+          request.flash[:success].should match(/success/)
+        end
       end
-    end
  
-    context "when the create is unsuccessful" do
-      it "should render the new page" do
-        @app.should_receive(:save).and_return(false)
-        post :create, :app => {}
-        response.should render_template(:new)
+      context "when the create is unsuccessful" do
+        it "should render the new page" do
+          @app.should_receive(:save).and_return(false)
+          post :create, :app => {}
+          response.should render_template(:new)
+        end
       end
     end
-  end
  
-  describe "PUT /apps/:id" do
-    before do
-      @app = Factory(:app)
-      App.stub(:find).with(@app.id).and_return(@app)
-    end
-    
-    context "when the update is successful" do
+    describe "PUT /apps/:id" do
       before do
-        @app.should_receive(:update_attributes).and_return(true)
+        @app = Factory(:app)
+        App.stub(:find).with(@app.id).and_return(@app)
       end
+    
+      context "when the update is successful" do
+        before do
+          @app.should_receive(:update_attributes).and_return(true)
+        end
  
-      it "should redirect to the app page" do
-        put :update, :id => @app.id, :app => {}
-        response.should redirect_to(app_path(@app))
-      end
+        it "should redirect to the app page" do
+          put :update, :id => @app.id, :app => {}
+          response.should redirect_to(app_path(@app))
+        end
  
-      it "should display a message" do
-        put :update, :id => @app.id, :app => {}
-        request.flash[:success].should match(/success/)
+        it "should display a message" do
+          put :update, :id => @app.id, :app => {}
+          request.flash[:success].should match(/success/)
+        end
       end
-    end
  
-    context "when the update is unsuccessful" do
-      it "should render the edit page" do
-        @app.should_receive(:update_attributes).and_return(false)
-        put :update, :id => @app.id, :app => {}
-        response.should render_template(:edit)
+      context "when the update is unsuccessful" do
+        it "should render the edit page" do
+          @app.should_receive(:update_attributes).and_return(false)
+          put :update, :id => @app.id, :app => {}
+          response.should render_template(:edit)
+        end
       end
     end
-  end
  
-  describe "DELETE /apps/:id" do
-    before do
-      @app = Factory(:app)
-      App.stub(:find).with(@app.id).and_return(@app)
-    end
+    describe "DELETE /apps/:id" do
+      before do
+        @app = Factory(:app)
+        App.stub(:find).with(@app.id).and_return(@app)
+      end
  
-    it "should find the app" do
-      delete :destroy, :id => @app.id
-      assigns(:app).should == @app
-    end
+      it "should find the app" do
+        delete :destroy, :id => @app.id
+        assigns(:app).should == @app
+      end
  
-    it "should destroy the app" do
-      @app.should_receive(:destroy)
-      delete :destroy, :id => @app.id
-    end
+      it "should destroy the app" do
+        @app.should_receive(:destroy)
+        delete :destroy, :id => @app.id
+      end
  
-    it "should display a message" do
-      delete :destroy, :id => @app.id
-      request.flash[:success].should match(/success/)
-    end
+      it "should display a message" do
+        delete :destroy, :id => @app.id
+        request.flash[:success].should match(/success/)
+      end
  
-    it "should redirect to the apps page" do
-      delete :destroy, :id => @app.id
-      response.should redirect_to(apps_path)
+      it "should redirect to the apps page" do
+        delete :destroy, :id => @app.id
+        response.should redirect_to(apps_path)
+      end
     end
   end
  
@@ -3,7 +3,7 @@ require &#39;spec_helper&#39;
 describe UsersController do
  
   it_requires_authentication
-  it_requires_admin
+   it_requires_admin_privileges
  
   context 'Signed in as an admin' do
     before do
@@ -27,7 +27,7 @@ def it_requires_authentication(options = {})
   end
 end
  
-def it_requires_admin(options = {})
+def  it_requires_admin_privileges(options = {})
   default_options = {
     :for => {
       :index    => :get,
1	1	class AppsController < ApplicationController
2	2
	3	+ before_filter :require_admin!, :except => [:index, :show]
	4	+
3	5	def index
4	6	@apps = App.all
5	7	end
...	...
1	1	- content_for :title, 'Apps'
2	2	- content_for :action_bar do
3		- %span= link_to('Add a New App', new_app_path, :class => 'add')
	3	+ %span= link_to('Add a New App', new_app_path, :class => 'add') if current_user.admin?
4	4
5	5	%table.apps
6	6	%thead
...	...
...	...	@@ -5,9 +5,10 @@
5	5	%strong API Key:
6	6	= @app.api_key
7	7	- content_for :action_bar do
8		- = link_to 'edit', edit_app_path(@app)
9		- \|
10		- = link_to 'destroy', app_path(@app), :method => :delete, :confirm => 'Seriously?'
	8	+ - if current_user.admin?
	9	+ = link_to 'edit', edit_app_path(@app)
	10	+ \|
	11	+ = link_to 'destroy', app_path(@app), :method => :delete, :confirm => 'Seriously?'
11	12
12	13	- if @app.errs.none?
13	14	%h3 Setup your app
...	...
1	1	require 'spec_helper'
2	2
3		-describe AppsController do
	3	+describe AppsController, :focused => true do
4	4
5	5	it_requires_authentication
6		-
7		- before do
8		- sign_in Factory(:user)
9		- end
	6	+ it_requires_admin_privileges :for => {:new => :get, :edit => :get, :create => :post, :update => :put, :destroy => :delete}
10	7
11	8	describe "GET /apps" do
12	9	it 'finds all apps' do
	10	+ sign_in Factory(:user)
13	11	3.times { Factory(:app) }
14	12	apps = App.all
15	13	get :index
...	...	@@ -19,115 +17,122 @@ describe AppsController do
19	17
20	18	describe "GET /apps/:id" do
21	19	it 'finds the app' do
	20	+ sign_in Factory(:user)
22	21	app = Factory(:app)
23	22	get :show, :id => app.id
24	23	assigns(:app).should == app
25	24	end
26	25	end
27	26
28		- describe "GET /apps/new" do
29		- it 'instantiates a new app with a prebuilt watcher' do
30		- get :new
31		- assigns(:app).should be_a(App)
32		- assigns(:app).should be_new_record
33		- assigns(:app).watchers.should_not be_empty
	27	+ context 'logged in as an admin' do
	28	+ before do
	29	+ sign_in Factory(:admin)
34	30	end
35		- end
36	31
37		- describe "GET /apps/:id/edit" do
38		- it 'finds the correct app' do
39		- app = Factory(:app)
40		- get :edit, :id => app.id
41		- assigns(:app).should == app
	32	+ describe "GET /apps/new" do
	33	+ it 'instantiates a new app with a prebuilt watcher' do
	34	+ get :new
	35	+ assigns(:app).should be_a(App)
	36	+ assigns(:app).should be_new_record
	37	+ assigns(:app).watchers.should_not be_empty
	38	+ end
42	39	end
43		- end
44	40
45		- describe "POST /apps" do
46		- before do
47		- @app = Factory(:app)
48		- App.stub(:new).and_return(@app)
	41	+ describe "GET /apps/:id/edit" do
	42	+ it 'finds the correct app' do
	43	+ app = Factory(:app)
	44	+ get :edit, :id => app.id
	45	+ assigns(:app).should == app
	46	+ end
49	47	end
50		-
51		- context "when the create is successful" do
	48	+
	49	+ describe "POST /apps" do
52	50	before do
53		- @app.should_receive(:save).and_return(true)
	51	+ @app = Factory(:app)
	52	+ App.stub(:new).and_return(@app)
54	53	end
	54	+
	55	+ context "when the create is successful" do
	56	+ before do
	57	+ @app.should_receive(:save).and_return(true)
	58	+ end
55	59
56		- it "should redirect to the app page" do
57		- post :create, :app => {}
58		- response.should redirect_to(app_path(@app))
59		- end
	60	+ it "should redirect to the app page" do
	61	+ post :create, :app => {}
	62	+ response.should redirect_to(app_path(@app))
	63	+ end
60	64
61		- it "should display a message" do
62		- post :create, :app => {}
63		- request.flash[:success].should match(/success/)
	65	+ it "should display a message" do
	66	+ post :create, :app => {}
	67	+ request.flash[:success].should match(/success/)
	68	+ end
64	69	end
65		- end
66	70
67		- context "when the create is unsuccessful" do
68		- it "should render the new page" do
69		- @app.should_receive(:save).and_return(false)
70		- post :create, :app => {}
71		- response.should render_template(:new)
	71	+ context "when the create is unsuccessful" do
	72	+ it "should render the new page" do
	73	+ @app.should_receive(:save).and_return(false)
	74	+ post :create, :app => {}
	75	+ response.should render_template(:new)
	76	+ end
72	77	end
73	78	end
74		- end
75	79
76		- describe "PUT /apps/:id" do
77		- before do
78		- @app = Factory(:app)
79		- App.stub(:find).with(@app.id).and_return(@app)
80		- end
81		-
82		- context "when the update is successful" do
	80	+ describe "PUT /apps/:id" do
83	81	before do
84		- @app.should_receive(:update_attributes).and_return(true)
	82	+ @app = Factory(:app)
	83	+ App.stub(:find).with(@app.id).and_return(@app)
85	84	end
	85	+
	86	+ context "when the update is successful" do
	87	+ before do
	88	+ @app.should_receive(:update_attributes).and_return(true)
	89	+ end
86	90
87		- it "should redirect to the app page" do
88		- put :update, :id => @app.id, :app => {}
89		- response.should redirect_to(app_path(@app))
90		- end
	91	+ it "should redirect to the app page" do
	92	+ put :update, :id => @app.id, :app => {}
	93	+ response.should redirect_to(app_path(@app))
	94	+ end
91	95
92		- it "should display a message" do
93		- put :update, :id => @app.id, :app => {}
94		- request.flash[:success].should match(/success/)
	96	+ it "should display a message" do
	97	+ put :update, :id => @app.id, :app => {}
	98	+ request.flash[:success].should match(/success/)
	99	+ end
95	100	end
96		- end
97	101
98		- context "when the update is unsuccessful" do
99		- it "should render the edit page" do
100		- @app.should_receive(:update_attributes).and_return(false)
101		- put :update, :id => @app.id, :app => {}
102		- response.should render_template(:edit)
	102	+ context "when the update is unsuccessful" do
	103	+ it "should render the edit page" do
	104	+ @app.should_receive(:update_attributes).and_return(false)
	105	+ put :update, :id => @app.id, :app => {}
	106	+ response.should render_template(:edit)
	107	+ end
103	108	end
104	109	end
105		- end
106	110
107		- describe "DELETE /apps/:id" do
108		- before do
109		- @app = Factory(:app)
110		- App.stub(:find).with(@app.id).and_return(@app)
111		- end
	111	+ describe "DELETE /apps/:id" do
	112	+ before do
	113	+ @app = Factory(:app)
	114	+ App.stub(:find).with(@app.id).and_return(@app)
	115	+ end
112	116
113		- it "should find the app" do
114		- delete :destroy, :id => @app.id
115		- assigns(:app).should == @app
116		- end
	117	+ it "should find the app" do
	118	+ delete :destroy, :id => @app.id
	119	+ assigns(:app).should == @app
	120	+ end
117	121
118		- it "should destroy the app" do
119		- @app.should_receive(:destroy)
120		- delete :destroy, :id => @app.id
121		- end
	122	+ it "should destroy the app" do
	123	+ @app.should_receive(:destroy)
	124	+ delete :destroy, :id => @app.id
	125	+ end
122	126
123		- it "should display a message" do
124		- delete :destroy, :id => @app.id
125		- request.flash[:success].should match(/success/)
126		- end
	127	+ it "should display a message" do
	128	+ delete :destroy, :id => @app.id
	129	+ request.flash[:success].should match(/success/)
	130	+ end
127	131
128		- it "should redirect to the apps page" do
129		- delete :destroy, :id => @app.id
130		- response.should redirect_to(apps_path)
	132	+ it "should redirect to the apps page" do
	133	+ delete :destroy, :id => @app.id
	134	+ response.should redirect_to(apps_path)
	135	+ end
131	136	end
132	137	end
133	138
...	...
...	...	@@ -3,7 +3,7 @@ require 'spec_helper'
3	3	describe UsersController do
4	4
5	5	it_requires_authentication
6		- it_requires_admin
	6	+ it_requires_admin_privileges
7	7
8	8	context 'Signed in as an admin' do
9	9	before do
...	...
...	...	@@ -27,7 +27,7 @@ def it_requires_authentication(options = {})
27	27	end
28	28	end
29	29
30		-def it_requires_admin(options = {})
	30	+def it_requires_admin_privileges(options = {})
31	31	default_options = {
32	32	:for => {
33	33	:index => :get,
...	...