Don't show regular users all apps

Jared Pace
1 parent 56059506
Showing 2 changed files with 24 additions and 8 deletions Show diff stats
app/controllers/apps_controller.rb
spec/controllers/apps_controller_spec.rb
@@ -3,7 +3,7 @@ class AppsController &lt; ApplicationController
   before_filter :require_admin!, :except => [:index, :show]
  
   def index
-    @apps = App.all
+    @apps = current_user.admin? ? App.all : current_user.apps.all
   end
  
   def show
@@ -5,13 +5,29 @@ describe AppsController do
   it_requires_authentication
   it_requires_admin_privileges :for => {:new => :get, :edit => :get, :create => :post, :update => :put, :destroy => :delete}
  
-  describe "GET /apps" do
-    it 'finds all apps' do
-      sign_in Factory(:user)
-      3.times { Factory(:app) }
-      apps = App.all
-      get :index
-      assigns(:apps).should == apps
+  describe "GET /apps", :focused => true do
+    context 'when logged in as an admin' do
+      it 'finds all apps' do
+        sign_in Factory(:admin)
+        3.times { Factory(:app) }
+        apps = App.all
+        get :index
+        assigns(:apps).should == apps
+      end
+    end
+    
+    context 'when logged in as a regular user' do
+      it 'finds apps the user is watching' do
+        sign_in(user = Factory(:user))
+        unwatched_app = Factory(:app)
+        watched_app1 = Factory(:app)
+        watched_app2 = Factory(:app)
+        Factory(:watcher, :user => user, :app => watched_app1)
+        Factory(:watcher, :user => user, :app => watched_app2)
+        get :index
+        assigns(:apps).should include(watched_app1, watched_app2)
+        assigns(:apps).should_not include(unwatched_app)
+      end
     end
   end
...	...	@@ -3,7 +3,7 @@ class AppsController < ApplicationController
3	3	before_filter :require_admin!, :except => [:index, :show]
4	4
5	5	def index
6		- @apps = App.all
	6	+ @apps = current_user.admin? ? App.all : current_user.apps.all
7	7	end
8	8
9	9	def show
...	...
...	...	@@ -5,13 +5,29 @@ describe AppsController do
5	5	it_requires_authentication
6	6	it_requires_admin_privileges :for => {:new => :get, :edit => :get, :create => :post, :update => :put, :destroy => :delete}
7	7
8		- describe "GET /apps" do
9		- it 'finds all apps' do
10		- sign_in Factory(:user)
11		- 3.times { Factory(:app) }
12		- apps = App.all
13		- get :index
14		- assigns(:apps).should == apps
	8	+ describe "GET /apps", :focused => true do
	9	+ context 'when logged in as an admin' do
	10	+ it 'finds all apps' do
	11	+ sign_in Factory(:admin)
	12	+ 3.times { Factory(:app) }
	13	+ apps = App.all
	14	+ get :index
	15	+ assigns(:apps).should == apps
	16	+ end
	17	+ end
	18	+
	19	+ context 'when logged in as a regular user' do
	20	+ it 'finds apps the user is watching' do
	21	+ sign_in(user = Factory(:user))
	22	+ unwatched_app = Factory(:app)
	23	+ watched_app1 = Factory(:app)
	24	+ watched_app2 = Factory(:app)
	25	+ Factory(:watcher, :user => user, :app => watched_app1)
	26	+ Factory(:watcher, :user => user, :app => watched_app2)
	27	+ get :index
	28	+ assigns(:apps).should include(watched_app1, watched_app2)
	29	+ assigns(:apps).should_not include(unwatched_app)
	30	+ end
15	31	end
16	32	end
17	33
...	...