diff --git a/app/controllers/apps_controller.rb b/app/controllers/apps_controller.rb index 8c9d0ce..acf21bb 100644 --- a/app/controllers/apps_controller.rb +++ b/app/controllers/apps_controller.rb @@ -1,5 +1,7 @@ class AppsController < ApplicationController + before_filter :require_admin!, :except => [:index, :show] + def index @apps = App.all end diff --git a/app/views/apps/index.html.haml b/app/views/apps/index.html.haml index a7bd93d..3916553 100644 --- a/app/views/apps/index.html.haml +++ b/app/views/apps/index.html.haml @@ -1,6 +1,6 @@ - content_for :title, 'Apps' - content_for :action_bar do - %span= link_to('Add a New App', new_app_path, :class => 'add') + %span= link_to('Add a New App', new_app_path, :class => 'add') if current_user.admin? %table.apps %thead diff --git a/app/views/apps/show.html.haml b/app/views/apps/show.html.haml index 2d85641..c7cbe13 100644 --- a/app/views/apps/show.html.haml +++ b/app/views/apps/show.html.haml @@ -5,9 +5,10 @@ %strong API Key: = @app.api_key - content_for :action_bar do - = link_to 'edit', edit_app_path(@app) - | - = link_to 'destroy', app_path(@app), :method => :delete, :confirm => 'Seriously?' + - if current_user.admin? + = link_to 'edit', edit_app_path(@app) + | + = link_to 'destroy', app_path(@app), :method => :delete, :confirm => 'Seriously?' - if @app.errs.none? %h3 Setup your app diff --git a/spec/controllers/apps_controller_spec.rb b/spec/controllers/apps_controller_spec.rb index f681293..855a6fd 100644 --- a/spec/controllers/apps_controller_spec.rb +++ b/spec/controllers/apps_controller_spec.rb @@ -1,15 +1,13 @@ require 'spec_helper' -describe AppsController do +describe AppsController, :focused => true do it_requires_authentication - - before do - sign_in Factory(:user) - end + it_requires_admin_privileges :for => {:new => :get, :edit => :get, :create => :post, :update => :put, :destroy => :delete} describe "GET /apps" do it 'finds all apps' do + sign_in Factory(:user) 3.times { Factory(:app) } apps = App.all get :index @@ -19,115 +17,122 @@ describe AppsController do describe "GET /apps/:id" do it 'finds the app' do + sign_in Factory(:user) app = Factory(:app) get :show, :id => app.id assigns(:app).should == app end end - describe "GET /apps/new" do - it 'instantiates a new app with a prebuilt watcher' do - get :new - assigns(:app).should be_a(App) - assigns(:app).should be_new_record - assigns(:app).watchers.should_not be_empty + context 'logged in as an admin' do + before do + sign_in Factory(:admin) end - end - describe "GET /apps/:id/edit" do - it 'finds the correct app' do - app = Factory(:app) - get :edit, :id => app.id - assigns(:app).should == app + describe "GET /apps/new" do + it 'instantiates a new app with a prebuilt watcher' do + get :new + assigns(:app).should be_a(App) + assigns(:app).should be_new_record + assigns(:app).watchers.should_not be_empty + end end - end - describe "POST /apps" do - before do - @app = Factory(:app) - App.stub(:new).and_return(@app) + describe "GET /apps/:id/edit" do + it 'finds the correct app' do + app = Factory(:app) + get :edit, :id => app.id + assigns(:app).should == app + end end - - context "when the create is successful" do + + describe "POST /apps" do before do - @app.should_receive(:save).and_return(true) + @app = Factory(:app) + App.stub(:new).and_return(@app) end + + context "when the create is successful" do + before do + @app.should_receive(:save).and_return(true) + end - it "should redirect to the app page" do - post :create, :app => {} - response.should redirect_to(app_path(@app)) - end + it "should redirect to the app page" do + post :create, :app => {} + response.should redirect_to(app_path(@app)) + end - it "should display a message" do - post :create, :app => {} - request.flash[:success].should match(/success/) + it "should display a message" do + post :create, :app => {} + request.flash[:success].should match(/success/) + end end - end - context "when the create is unsuccessful" do - it "should render the new page" do - @app.should_receive(:save).and_return(false) - post :create, :app => {} - response.should render_template(:new) + context "when the create is unsuccessful" do + it "should render the new page" do + @app.should_receive(:save).and_return(false) + post :create, :app => {} + response.should render_template(:new) + end end end - end - describe "PUT /apps/:id" do - before do - @app = Factory(:app) - App.stub(:find).with(@app.id).and_return(@app) - end - - context "when the update is successful" do + describe "PUT /apps/:id" do before do - @app.should_receive(:update_attributes).and_return(true) + @app = Factory(:app) + App.stub(:find).with(@app.id).and_return(@app) end + + context "when the update is successful" do + before do + @app.should_receive(:update_attributes).and_return(true) + end - it "should redirect to the app page" do - put :update, :id => @app.id, :app => {} - response.should redirect_to(app_path(@app)) - end + it "should redirect to the app page" do + put :update, :id => @app.id, :app => {} + response.should redirect_to(app_path(@app)) + end - it "should display a message" do - put :update, :id => @app.id, :app => {} - request.flash[:success].should match(/success/) + it "should display a message" do + put :update, :id => @app.id, :app => {} + request.flash[:success].should match(/success/) + end end - end - context "when the update is unsuccessful" do - it "should render the edit page" do - @app.should_receive(:update_attributes).and_return(false) - put :update, :id => @app.id, :app => {} - response.should render_template(:edit) + context "when the update is unsuccessful" do + it "should render the edit page" do + @app.should_receive(:update_attributes).and_return(false) + put :update, :id => @app.id, :app => {} + response.should render_template(:edit) + end end end - end - describe "DELETE /apps/:id" do - before do - @app = Factory(:app) - App.stub(:find).with(@app.id).and_return(@app) - end + describe "DELETE /apps/:id" do + before do + @app = Factory(:app) + App.stub(:find).with(@app.id).and_return(@app) + end - it "should find the app" do - delete :destroy, :id => @app.id - assigns(:app).should == @app - end + it "should find the app" do + delete :destroy, :id => @app.id + assigns(:app).should == @app + end - it "should destroy the app" do - @app.should_receive(:destroy) - delete :destroy, :id => @app.id - end + it "should destroy the app" do + @app.should_receive(:destroy) + delete :destroy, :id => @app.id + end - it "should display a message" do - delete :destroy, :id => @app.id - request.flash[:success].should match(/success/) - end + it "should display a message" do + delete :destroy, :id => @app.id + request.flash[:success].should match(/success/) + end - it "should redirect to the apps page" do - delete :destroy, :id => @app.id - response.should redirect_to(apps_path) + it "should redirect to the apps page" do + delete :destroy, :id => @app.id + response.should redirect_to(apps_path) + end end end diff --git a/spec/controllers/users_controller_spec.rb b/spec/controllers/users_controller_spec.rb index 23d17ec..405f322 100644 --- a/spec/controllers/users_controller_spec.rb +++ b/spec/controllers/users_controller_spec.rb @@ -3,7 +3,7 @@ require 'spec_helper' describe UsersController do it_requires_authentication - it_requires_admin + it_requires_admin_privileges context 'Signed in as an admin' do before do diff --git a/spec/support/macros.rb b/spec/support/macros.rb index fe15d40..6287752 100644 --- a/spec/support/macros.rb +++ b/spec/support/macros.rb @@ -27,7 +27,7 @@ def it_requires_authentication(options = {}) end end -def it_requires_admin(options = {}) +def it_requires_admin_privileges(options = {}) default_options = { :for => { :index => :get, -- libgit2 0.21.2