Don't show regular users all apps

Jared Pace
1 parent 56059506
Showing 2 changed files with 24 additions and 8 deletions Show diff stats
app/controllers/apps_controller.rb
spec/controllers/apps_controller_spec.rb
@@ -3,7 +3,7 @@ class AppsController &lt; ApplicationController
   before_filter :require_admin!, :except => [:index, :show]
   def index
-    @apps = App.all
+    @apps = current_user.admin? ? App.all : current_user.apps.all
   end
   def show
@@ -5,13 +5,29 @@ describe AppsController do
   it_requires_authentication
   it_requires_admin_privileges :for => {:new => :get, :edit => :get, :create => :post, :update => :put, :destroy => :delete}
-  describe "GET /apps" do
-    it 'finds all apps' do
-      sign_in Factory(:user)
-      3.times { Factory(:app) }
-      apps = App.all
-      get :index
-      assigns(:apps).should == apps
+  describe "GET /apps", :focused => true do
+    context 'when logged in as an admin' do
+      it 'finds all apps' do
+        sign_in Factory(:admin)
+        3.times { Factory(:app) }
+        apps = App.all
+        get :index
+        assigns(:apps).should == apps
+      end
+    end
+    
+    context 'when logged in as a regular user' do
+      it 'finds apps the user is watching' do
+        sign_in(user = Factory(:user))
+        unwatched_app = Factory(:app)
+        watched_app1 = Factory(:app)
+        watched_app2 = Factory(:app)
+        Factory(:watcher, :user => user, :app => watched_app1)
+        Factory(:watcher, :user => user, :app => watched_app2)
+        get :index
+        assigns(:apps).should include(watched_app1, watched_app2)
+        assigns(:apps).should_not include(unwatched_app)
+      end
     end
   end
	@@ -3,7 +3,7 @@ class AppsController < ApplicationController		@@ -3,7 +3,7 @@ class AppsController < ApplicationController
3	before_filter :require_admin!, :except => [:index, :show]	3	before_filter :require_admin!, :except => [:index, :show]
4		4
5	def index	5	def index
6	- @apps = App.all	6	+ @apps = current_user.admin? ? App.all : current_user.apps.all
7	end	7	end
8		8
9	def show	9	def show
	@@ -5,13 +5,29 @@ describe AppsController do		@@ -5,13 +5,29 @@ describe AppsController do
5	it_requires_authentication	5	it_requires_authentication
6	it_requires_admin_privileges :for => {:new => :get, :edit => :get, :create => :post, :update => :put, :destroy => :delete}	6	it_requires_admin_privileges :for => {:new => :get, :edit => :get, :create => :post, :update => :put, :destroy => :delete}
7		7
8	- describe "GET /apps" do
9	- it 'finds all apps' do
10	- sign_in Factory(:user)
11	- 3.times { Factory(:app) }
12	- apps = App.all
13	- get :index
14	- assigns(:apps).should == apps	8	+ describe "GET /apps", :focused => true do
		9	+ context 'when logged in as an admin' do
		10	+ it 'finds all apps' do
		11	+ sign_in Factory(:admin)
		12	+ 3.times { Factory(:app) }
		13	+ apps = App.all
		14	+ get :index
		15	+ assigns(:apps).should == apps
		16	+ end
		17	+ end
		18	+
		19	+ context 'when logged in as a regular user' do
		20	+ it 'finds apps the user is watching' do
		21	+ sign_in(user = Factory(:user))
		22	+ unwatched_app = Factory(:app)
		23	+ watched_app1 = Factory(:app)
		24	+ watched_app2 = Factory(:app)
		25	+ Factory(:watcher, :user => user, :app => watched_app1)
		26	+ Factory(:watcher, :user => user, :app => watched_app2)
		27	+ get :index
		28	+ assigns(:apps).should include(watched_app1, watched_app2)
		29	+ assigns(:apps).should_not include(unwatched_app)
		30	+ end
15	end	31	end
16	end	32	end
17		33