Commit 232389f4e8ebaffd125985ce63439cea407e85d5
1 parent
b2a5344a
Exists in
master
and in
4 other branches
Clean up request specs
Showing
6 changed files
with
191 additions
and
150 deletions
Show diff stats
spec/requests/admin/security_spec.rb
| @@ -2,20 +2,26 @@ require 'spec_helper' | @@ -2,20 +2,26 @@ require 'spec_helper' | ||
| 2 | 2 | ||
| 3 | describe "Admin::Projects" do | 3 | describe "Admin::Projects" do |
| 4 | describe "GET /admin/projects" do | 4 | describe "GET /admin/projects" do |
| 5 | - it { admin_projects_path.should be_allowed_for :admin } | ||
| 6 | - it { admin_projects_path.should be_denied_for :user } | ||
| 7 | - it { admin_projects_path.should be_denied_for :visitor } | 5 | + subject { admin_projects_path } |
| 6 | + | ||
| 7 | + it { should be_allowed_for :admin } | ||
| 8 | + it { should be_denied_for :user } | ||
| 9 | + it { should be_denied_for :visitor } | ||
| 8 | end | 10 | end |
| 9 | 11 | ||
| 10 | describe "GET /admin/users" do | 12 | describe "GET /admin/users" do |
| 11 | - it { admin_users_path.should be_allowed_for :admin } | ||
| 12 | - it { admin_users_path.should be_denied_for :user } | ||
| 13 | - it { admin_users_path.should be_denied_for :visitor } | 13 | + subject { admin_users_path } |
| 14 | + | ||
| 15 | + it { should be_allowed_for :admin } | ||
| 16 | + it { should be_denied_for :user } | ||
| 17 | + it { should be_denied_for :visitor } | ||
| 14 | end | 18 | end |
| 15 | 19 | ||
| 16 | describe "GET /admin/hooks" do | 20 | describe "GET /admin/hooks" do |
| 17 | - it { admin_hooks_path.should be_allowed_for :admin } | ||
| 18 | - it { admin_hooks_path.should be_denied_for :user } | ||
| 19 | - it { admin_hooks_path.should be_denied_for :visitor } | 21 | + subject { admin_hooks_path } |
| 22 | + | ||
| 23 | + it { should be_allowed_for :admin } | ||
| 24 | + it { should be_denied_for :user } | ||
| 25 | + it { should be_denied_for :visitor } | ||
| 20 | end | 26 | end |
| 21 | end | 27 | end |
spec/requests/api/issues_spec.rb
| @@ -10,13 +10,13 @@ describe Gitlab::API do | @@ -10,13 +10,13 @@ describe Gitlab::API do | ||
| 10 | 10 | ||
| 11 | describe "GET /issues" do | 11 | describe "GET /issues" do |
| 12 | it "should return authentication error" do | 12 | it "should return authentication error" do |
| 13 | - get "#{api_prefix}/issues" | 13 | + get api("/issues") |
| 14 | response.status.should == 401 | 14 | response.status.should == 401 |
| 15 | end | 15 | end |
| 16 | 16 | ||
| 17 | describe "authenticated GET /issues" do | 17 | describe "authenticated GET /issues" do |
| 18 | it "should return an array of issues" do | 18 | it "should return an array of issues" do |
| 19 | - get "#{api_prefix}/issues?private_token=#{user.private_token}" | 19 | + get api("/issues", user) |
| 20 | response.status.should == 200 | 20 | response.status.should == 200 |
| 21 | json_response.should be_an Array | 21 | json_response.should be_an Array |
| 22 | json_response.first['title'].should == issue.title | 22 | json_response.first['title'].should == issue.title |
| @@ -26,7 +26,7 @@ describe Gitlab::API do | @@ -26,7 +26,7 @@ describe Gitlab::API do | ||
| 26 | 26 | ||
| 27 | describe "GET /projects/:id/issues" do | 27 | describe "GET /projects/:id/issues" do |
| 28 | it "should return project issues" do | 28 | it "should return project issues" do |
| 29 | - get "#{api_prefix}/projects/#{project.code}/issues?private_token=#{user.private_token}" | 29 | + get api("/projects/#{project.code}/issues", user) |
| 30 | response.status.should == 200 | 30 | response.status.should == 200 |
| 31 | json_response.should be_an Array | 31 | json_response.should be_an Array |
| 32 | json_response.first['title'].should == issue.title | 32 | json_response.first['title'].should == issue.title |
| @@ -35,7 +35,7 @@ describe Gitlab::API do | @@ -35,7 +35,7 @@ describe Gitlab::API do | ||
| 35 | 35 | ||
| 36 | describe "GET /projects/:id/issues/:issue_id" do | 36 | describe "GET /projects/:id/issues/:issue_id" do |
| 37 | it "should return a project issue by id" do | 37 | it "should return a project issue by id" do |
| 38 | - get "#{api_prefix}/projects/#{project.code}/issues/#{issue.id}?private_token=#{user.private_token}" | 38 | + get api("/projects/#{project.code}/issues/#{issue.id}", user) |
| 39 | response.status.should == 200 | 39 | response.status.should == 200 |
| 40 | json_response['title'].should == issue.title | 40 | json_response['title'].should == issue.title |
| 41 | end | 41 | end |
| @@ -43,7 +43,7 @@ describe Gitlab::API do | @@ -43,7 +43,7 @@ describe Gitlab::API do | ||
| 43 | 43 | ||
| 44 | describe "POST /projects/:id/issues" do | 44 | describe "POST /projects/:id/issues" do |
| 45 | it "should create a new project issue" do | 45 | it "should create a new project issue" do |
| 46 | - post "#{api_prefix}/projects/#{project.code}/issues?private_token=#{user.private_token}", | 46 | + post api("/projects/#{project.code}/issues", user), |
| 47 | title: 'new issue', labels: 'label, label2' | 47 | title: 'new issue', labels: 'label, label2' |
| 48 | response.status.should == 201 | 48 | response.status.should == 201 |
| 49 | json_response['title'].should == 'new issue' | 49 | json_response['title'].should == 'new issue' |
| @@ -54,7 +54,7 @@ describe Gitlab::API do | @@ -54,7 +54,7 @@ describe Gitlab::API do | ||
| 54 | 54 | ||
| 55 | describe "PUT /projects/:id/issues/:issue_id" do | 55 | describe "PUT /projects/:id/issues/:issue_id" do |
| 56 | it "should update a project issue" do | 56 | it "should update a project issue" do |
| 57 | - put "#{api_prefix}/projects/#{project.code}/issues/#{issue.id}?private_token=#{user.private_token}", | 57 | + put api("/projects/#{project.code}/issues/#{issue.id}", user), |
| 58 | title: 'updated title', labels: 'label2', closed: 1 | 58 | title: 'updated title', labels: 'label2', closed: 1 |
| 59 | response.status.should == 200 | 59 | response.status.should == 200 |
| 60 | json_response['title'].should == 'updated title' | 60 | json_response['title'].should == 'updated title' |
| @@ -66,7 +66,7 @@ describe Gitlab::API do | @@ -66,7 +66,7 @@ describe Gitlab::API do | ||
| 66 | describe "DELETE /projects/:id/issues/:issue_id" do | 66 | describe "DELETE /projects/:id/issues/:issue_id" do |
| 67 | it "should delete a project issue" do | 67 | it "should delete a project issue" do |
| 68 | expect { | 68 | expect { |
| 69 | - delete "#{api_prefix}/projects/#{project.code}/issues/#{issue.id}?private_token=#{user.private_token}" | 69 | + delete api("/projects/#{project.code}/issues/#{issue.id}", user) |
| 70 | }.to change { Issue.count }.by(-1) | 70 | }.to change { Issue.count }.by(-1) |
| 71 | end | 71 | end |
| 72 | end | 72 | end |
spec/requests/api/projects_spec.rb
| @@ -10,13 +10,13 @@ describe Gitlab::API do | @@ -10,13 +10,13 @@ describe Gitlab::API do | ||
| 10 | 10 | ||
| 11 | describe "GET /projects" do | 11 | describe "GET /projects" do |
| 12 | it "should return authentication error" do | 12 | it "should return authentication error" do |
| 13 | - get "#{api_prefix}/projects" | 13 | + get api("/projects") |
| 14 | response.status.should == 401 | 14 | response.status.should == 401 |
| 15 | end | 15 | end |
| 16 | 16 | ||
| 17 | describe "authenticated GET /projects" do | 17 | describe "authenticated GET /projects" do |
| 18 | it "should return an array of projects" do | 18 | it "should return an array of projects" do |
| 19 | - get "#{api_prefix}/projects?private_token=#{user.private_token}" | 19 | + get api("/projects", user) |
| 20 | response.status.should == 200 | 20 | response.status.should == 200 |
| 21 | json_response.should be_an Array | 21 | json_response.should be_an Array |
| 22 | json_response.first['name'].should == project.name | 22 | json_response.first['name'].should == project.name |
| @@ -27,20 +27,20 @@ describe Gitlab::API do | @@ -27,20 +27,20 @@ describe Gitlab::API do | ||
| 27 | 27 | ||
| 28 | describe "GET /projects/:id" do | 28 | describe "GET /projects/:id" do |
| 29 | it "should return a project by id" do | 29 | it "should return a project by id" do |
| 30 | - get "#{api_prefix}/projects/#{project.id}?private_token=#{user.private_token}" | 30 | + get api("/projects/#{project.id}", user) |
| 31 | response.status.should == 200 | 31 | response.status.should == 200 |
| 32 | json_response['name'].should == project.name | 32 | json_response['name'].should == project.name |
| 33 | json_response['owner']['email'].should == user.email | 33 | json_response['owner']['email'].should == user.email |
| 34 | end | 34 | end |
| 35 | 35 | ||
| 36 | it "should return a project by code name" do | 36 | it "should return a project by code name" do |
| 37 | - get "#{api_prefix}/projects/#{project.code}?private_token=#{user.private_token}" | 37 | + get api("/projects/#{project.code}", user) |
| 38 | response.status.should == 200 | 38 | response.status.should == 200 |
| 39 | json_response['name'].should == project.name | 39 | json_response['name'].should == project.name |
| 40 | end | 40 | end |
| 41 | 41 | ||
| 42 | it "should return a 404 error if not found" do | 42 | it "should return a 404 error if not found" do |
| 43 | - get "#{api_prefix}/projects/42?private_token=#{user.private_token}" | 43 | + get api("/projects/42", user) |
| 44 | response.status.should == 404 | 44 | response.status.should == 404 |
| 45 | json_response['message'].should == '404 Not found' | 45 | json_response['message'].should == '404 Not found' |
| 46 | end | 46 | end |
| @@ -48,7 +48,7 @@ describe Gitlab::API do | @@ -48,7 +48,7 @@ describe Gitlab::API do | ||
| 48 | 48 | ||
| 49 | describe "GET /projects/:id/repository/branches" do | 49 | describe "GET /projects/:id/repository/branches" do |
| 50 | it "should return an array of project branches" do | 50 | it "should return an array of project branches" do |
| 51 | - get "#{api_prefix}/projects/#{project.code}/repository/branches?private_token=#{user.private_token}" | 51 | + get api("/projects/#{project.code}/repository/branches", user) |
| 52 | response.status.should == 200 | 52 | response.status.should == 200 |
| 53 | json_response.should be_an Array | 53 | json_response.should be_an Array |
| 54 | json_response.first['name'].should == project.repo.heads.sort_by(&:name).first.name | 54 | json_response.first['name'].should == project.repo.heads.sort_by(&:name).first.name |
| @@ -57,7 +57,7 @@ describe Gitlab::API do | @@ -57,7 +57,7 @@ describe Gitlab::API do | ||
| 57 | 57 | ||
| 58 | describe "GET /projects/:id/repository/branches/:branch" do | 58 | describe "GET /projects/:id/repository/branches/:branch" do |
| 59 | it "should return the branch information for a single branch" do | 59 | it "should return the branch information for a single branch" do |
| 60 | - get "#{api_prefix}/projects/#{project.code}/repository/branches/new_design?private_token=#{user.private_token}" | 60 | + get api("/projects/#{project.code}/repository/branches/new_design", user) |
| 61 | response.status.should == 200 | 61 | response.status.should == 200 |
| 62 | 62 | ||
| 63 | json_response['name'].should == 'new_design' | 63 | json_response['name'].should == 'new_design' |
| @@ -67,7 +67,7 @@ describe Gitlab::API do | @@ -67,7 +67,7 @@ describe Gitlab::API do | ||
| 67 | 67 | ||
| 68 | describe "GET /projects/:id/repository/tags" do | 68 | describe "GET /projects/:id/repository/tags" do |
| 69 | it "should return an array of project tags" do | 69 | it "should return an array of project tags" do |
| 70 | - get "#{api_prefix}/projects/#{project.code}/repository/tags?private_token=#{user.private_token}" | 70 | + get api("/projects/#{project.code}/repository/tags", user) |
| 71 | response.status.should == 200 | 71 | response.status.should == 200 |
| 72 | json_response.should be_an Array | 72 | json_response.should be_an Array |
| 73 | json_response.first['name'].should == project.repo.tags.sort_by(&:name).reverse.first.name | 73 | json_response.first['name'].should == project.repo.tags.sort_by(&:name).reverse.first.name |
| @@ -76,7 +76,7 @@ describe Gitlab::API do | @@ -76,7 +76,7 @@ describe Gitlab::API do | ||
| 76 | 76 | ||
| 77 | describe "GET /projects/:id/snippets/:snippet_id" do | 77 | describe "GET /projects/:id/snippets/:snippet_id" do |
| 78 | it "should return a project snippet" do | 78 | it "should return a project snippet" do |
| 79 | - get "#{api_prefix}/projects/#{project.code}/snippets/#{snippet.id}?private_token=#{user.private_token}" | 79 | + get api("/projects/#{project.code}/snippets/#{snippet.id}", user) |
| 80 | response.status.should == 200 | 80 | response.status.should == 200 |
| 81 | json_response['title'].should == snippet.title | 81 | json_response['title'].should == snippet.title |
| 82 | end | 82 | end |
| @@ -84,7 +84,7 @@ describe Gitlab::API do | @@ -84,7 +84,7 @@ describe Gitlab::API do | ||
| 84 | 84 | ||
| 85 | describe "POST /projects/:id/snippets" do | 85 | describe "POST /projects/:id/snippets" do |
| 86 | it "should create a new project snippet" do | 86 | it "should create a new project snippet" do |
| 87 | - post "#{api_prefix}/projects/#{project.code}/snippets?private_token=#{user.private_token}", | 87 | + post api("/projects/#{project.code}/snippets", user), |
| 88 | title: 'api test', file_name: 'sample.rb', code: 'test' | 88 | title: 'api test', file_name: 'sample.rb', code: 'test' |
| 89 | response.status.should == 201 | 89 | response.status.should == 201 |
| 90 | json_response['title'].should == 'api test' | 90 | json_response['title'].should == 'api test' |
| @@ -93,7 +93,7 @@ describe Gitlab::API do | @@ -93,7 +93,7 @@ describe Gitlab::API do | ||
| 93 | 93 | ||
| 94 | describe "PUT /projects/:id/snippets" do | 94 | describe "PUT /projects/:id/snippets" do |
| 95 | it "should update an existing project snippet" do | 95 | it "should update an existing project snippet" do |
| 96 | - put "#{api_prefix}/projects/#{project.code}/snippets/#{snippet.id}?private_token=#{user.private_token}", | 96 | + put api("/projects/#{project.code}/snippets/#{snippet.id}", user), |
| 97 | code: 'updated code' | 97 | code: 'updated code' |
| 98 | response.status.should == 200 | 98 | response.status.should == 200 |
| 99 | json_response['title'].should == 'example' | 99 | json_response['title'].should == 'example' |
| @@ -104,34 +104,31 @@ describe Gitlab::API do | @@ -104,34 +104,31 @@ describe Gitlab::API do | ||
| 104 | describe "DELETE /projects/:id/snippets/:snippet_id" do | 104 | describe "DELETE /projects/:id/snippets/:snippet_id" do |
| 105 | it "should delete existing project snippet" do | 105 | it "should delete existing project snippet" do |
| 106 | expect { | 106 | expect { |
| 107 | - delete "#{api_prefix}/projects/#{project.code}/snippets/#{snippet.id}?private_token=#{user.private_token}" | 107 | + delete api("/projects/#{project.code}/snippets/#{snippet.id}", user) |
| 108 | }.to change { Snippet.count }.by(-1) | 108 | }.to change { Snippet.count }.by(-1) |
| 109 | end | 109 | end |
| 110 | end | 110 | end |
| 111 | 111 | ||
| 112 | describe "GET /projects/:id/snippets/:snippet_id/raw" do | 112 | describe "GET /projects/:id/snippets/:snippet_id/raw" do |
| 113 | it "should get a raw project snippet" do | 113 | it "should get a raw project snippet" do |
| 114 | - get "#{api_prefix}/projects/#{project.code}/snippets/#{snippet.id}/raw?private_token=#{user.private_token}" | 114 | + get api("/projects/#{project.code}/snippets/#{snippet.id}/raw", user) |
| 115 | response.status.should == 200 | 115 | response.status.should == 200 |
| 116 | end | 116 | end |
| 117 | end | 117 | end |
| 118 | 118 | ||
| 119 | describe "GET /projects/:id/:sha/blob" do | 119 | describe "GET /projects/:id/:sha/blob" do |
| 120 | it "should get the raw file contents" do | 120 | it "should get the raw file contents" do |
| 121 | - get "#{api_prefix}/projects/#{project.code}/repository/commits/master/blob?filepath=README.md&private_token=#{user.private_token}" | ||
| 122 | - | 121 | + get api("/projects/#{project.code}/repository/commits/master/blob?filepath=README.md", user) |
| 123 | response.status.should == 200 | 122 | response.status.should == 200 |
| 124 | end | 123 | end |
| 125 | 124 | ||
| 126 | it "should return 404 for invalid branch_name" do | 125 | it "should return 404 for invalid branch_name" do |
| 127 | - get "#{api_prefix}/projects/#{project.code}/repository/commits/invalid_branch_name/blob?filepath=README.md&private_token=#{user.private_token}" | ||
| 128 | - | 126 | + get api("/projects/#{project.code}/repository/commits/invalid_branch_name/blob?filepath=README.md", user) |
| 129 | response.status.should == 404 | 127 | response.status.should == 404 |
| 130 | end | 128 | end |
| 131 | 129 | ||
| 132 | it "should return 404 for invalid file" do | 130 | it "should return 404 for invalid file" do |
| 133 | - get "#{api_prefix}/projects/#{project.code}/repository/commits/master/blob?filepath=README.invalid&private_token=#{user.private_token}" | ||
| 134 | - | 131 | + get api("/projects/#{project.code}/repository/commits/master/blob?filepath=README.invalid", user) |
| 135 | response.status.should == 404 | 132 | response.status.should == 404 |
| 136 | end | 133 | end |
| 137 | end | 134 | end |
spec/requests/api/users_spec.rb
| @@ -7,13 +7,13 @@ describe Gitlab::API do | @@ -7,13 +7,13 @@ describe Gitlab::API do | ||
| 7 | 7 | ||
| 8 | describe "GET /users" do | 8 | describe "GET /users" do |
| 9 | it "should return authentication error" do | 9 | it "should return authentication error" do |
| 10 | - get "#{api_prefix}/users" | 10 | + get api("/users") |
| 11 | response.status.should == 401 | 11 | response.status.should == 401 |
| 12 | end | 12 | end |
| 13 | 13 | ||
| 14 | describe "authenticated GET /users" do | 14 | describe "authenticated GET /users" do |
| 15 | it "should return an array of users" do | 15 | it "should return an array of users" do |
| 16 | - get "#{api_prefix}/users?private_token=#{user.private_token}" | 16 | + get api("/users", user) |
| 17 | response.status.should == 200 | 17 | response.status.should == 200 |
| 18 | json_response.should be_an Array | 18 | json_response.should be_an Array |
| 19 | json_response.first['email'].should == user.email | 19 | json_response.first['email'].should == user.email |
| @@ -23,7 +23,7 @@ describe Gitlab::API do | @@ -23,7 +23,7 @@ describe Gitlab::API do | ||
| 23 | 23 | ||
| 24 | describe "GET /users/:id" do | 24 | describe "GET /users/:id" do |
| 25 | it "should return a user by id" do | 25 | it "should return a user by id" do |
| 26 | - get "#{api_prefix}/users/#{user.id}?private_token=#{user.private_token}" | 26 | + get api("/users/#{user.id}", user) |
| 27 | response.status.should == 200 | 27 | response.status.should == 200 |
| 28 | json_response['email'].should == user.email | 28 | json_response['email'].should == user.email |
| 29 | end | 29 | end |
| @@ -31,7 +31,7 @@ describe Gitlab::API do | @@ -31,7 +31,7 @@ describe Gitlab::API do | ||
| 31 | 31 | ||
| 32 | describe "GET /user" do | 32 | describe "GET /user" do |
| 33 | it "should return current user" do | 33 | it "should return current user" do |
| 34 | - get "#{api_prefix}/user?private_token=#{user.private_token}" | 34 | + get api("/user", user) |
| 35 | response.status.should == 200 | 35 | response.status.should == 200 |
| 36 | json_response['email'].should == user.email | 36 | json_response['email'].should == user.email |
| 37 | end | 37 | end |
spec/requests/security/profile_access_spec.rb
| @@ -11,24 +11,30 @@ describe "Users Security" do | @@ -11,24 +11,30 @@ describe "Users Security" do | ||
| 11 | end | 11 | end |
| 12 | 12 | ||
| 13 | describe "GET /keys" do | 13 | describe "GET /keys" do |
| 14 | - it { keys_path.should be_allowed_for @u1 } | ||
| 15 | - it { keys_path.should be_allowed_for :admin } | ||
| 16 | - it { keys_path.should be_allowed_for :user } | ||
| 17 | - it { keys_path.should be_denied_for :visitor } | 14 | + subject { keys_path } |
| 15 | + | ||
| 16 | + it { should be_allowed_for @u1 } | ||
| 17 | + it { should be_allowed_for :admin } | ||
| 18 | + it { should be_allowed_for :user } | ||
| 19 | + it { should be_denied_for :visitor } | ||
| 18 | end | 20 | end |
| 19 | 21 | ||
| 20 | describe "GET /profile" do | 22 | describe "GET /profile" do |
| 21 | - it { profile_path.should be_allowed_for @u1 } | ||
| 22 | - it { profile_path.should be_allowed_for :admin } | ||
| 23 | - it { profile_path.should be_allowed_for :user } | ||
| 24 | - it { profile_path.should be_denied_for :visitor } | 23 | + subject { profile_path } |
| 24 | + | ||
| 25 | + it { should be_allowed_for @u1 } | ||
| 26 | + it { should be_allowed_for :admin } | ||
| 27 | + it { should be_allowed_for :user } | ||
| 28 | + it { should be_denied_for :visitor } | ||
| 25 | end | 29 | end |
| 26 | 30 | ||
| 27 | describe "GET /profile/password" do | 31 | describe "GET /profile/password" do |
| 28 | - it { profile_password_path.should be_allowed_for @u1 } | ||
| 29 | - it { profile_password_path.should be_allowed_for :admin } | ||
| 30 | - it { profile_password_path.should be_allowed_for :user } | ||
| 31 | - it { profile_password_path.should be_denied_for :visitor } | 32 | + subject { profile_password_path } |
| 33 | + | ||
| 34 | + it { should be_allowed_for @u1 } | ||
| 35 | + it { should be_allowed_for :admin } | ||
| 36 | + it { should be_allowed_for :user } | ||
| 37 | + it { should be_denied_for :visitor } | ||
| 32 | end | 38 | end |
| 33 | end | 39 | end |
| 34 | end | 40 | end |
spec/requests/security/project_access_spec.rb
| @@ -26,64 +26,76 @@ describe "Application access" do | @@ -26,64 +26,76 @@ describe "Application access" do | ||
| 26 | end | 26 | end |
| 27 | 27 | ||
| 28 | describe "GET /project_code" do | 28 | describe "GET /project_code" do |
| 29 | - it { project_path(@project).should be_allowed_for @u1 } | ||
| 30 | - it { project_path(@project).should be_allowed_for @u3 } | ||
| 31 | - it { project_path(@project).should be_denied_for :admin } | ||
| 32 | - it { project_path(@project).should be_denied_for @u2 } | ||
| 33 | - it { project_path(@project).should be_denied_for :user } | ||
| 34 | - it { project_path(@project).should be_denied_for :visitor } | 29 | + subject { project_path(@project) } |
| 30 | + | ||
| 31 | + it { should be_allowed_for @u1 } | ||
| 32 | + it { should be_allowed_for @u3 } | ||
| 33 | + it { should be_denied_for :admin } | ||
| 34 | + it { should be_denied_for @u2 } | ||
| 35 | + it { should be_denied_for :user } | ||
| 36 | + it { should be_denied_for :visitor } | ||
| 35 | end | 37 | end |
| 36 | 38 | ||
| 37 | describe "GET /project_code/master/tree" do | 39 | describe "GET /project_code/master/tree" do |
| 38 | - it { tree_project_ref_path(@project, @project.root_ref).should be_allowed_for @u1 } | ||
| 39 | - it { tree_project_ref_path(@project, @project.root_ref).should be_allowed_for @u3 } | ||
| 40 | - it { tree_project_ref_path(@project, @project.root_ref).should be_denied_for :admin } | ||
| 41 | - it { tree_project_ref_path(@project, @project.root_ref).should be_denied_for @u2 } | ||
| 42 | - it { tree_project_ref_path(@project, @project.root_ref).should be_denied_for :user } | ||
| 43 | - it { tree_project_ref_path(@project, @project.root_ref).should be_denied_for :visitor } | 40 | + subject { tree_project_ref_path(@project, @project.root_ref) } |
| 41 | + | ||
| 42 | + it { should be_allowed_for @u1 } | ||
| 43 | + it { should be_allowed_for @u3 } | ||
| 44 | + it { should be_denied_for :admin } | ||
| 45 | + it { should be_denied_for @u2 } | ||
| 46 | + it { should be_denied_for :user } | ||
| 47 | + it { should be_denied_for :visitor } | ||
| 44 | end | 48 | end |
| 45 | 49 | ||
| 46 | describe "GET /project_code/commits" do | 50 | describe "GET /project_code/commits" do |
| 47 | - it { project_commits_path(@project).should be_allowed_for @u1 } | ||
| 48 | - it { project_commits_path(@project).should be_allowed_for @u3 } | ||
| 49 | - it { project_commits_path(@project).should be_denied_for :admin } | ||
| 50 | - it { project_commits_path(@project).should be_denied_for @u2 } | ||
| 51 | - it { project_commits_path(@project).should be_denied_for :user } | ||
| 52 | - it { project_commits_path(@project).should be_denied_for :visitor } | 51 | + subject { project_commits_path(@project) } |
| 52 | + | ||
| 53 | + it { should be_allowed_for @u1 } | ||
| 54 | + it { should be_allowed_for @u3 } | ||
| 55 | + it { should be_denied_for :admin } | ||
| 56 | + it { should be_denied_for @u2 } | ||
| 57 | + it { should be_denied_for :user } | ||
| 58 | + it { should be_denied_for :visitor } | ||
| 53 | end | 59 | end |
| 54 | 60 | ||
| 55 | describe "GET /project_code/commit" do | 61 | describe "GET /project_code/commit" do |
| 56 | - it { project_commit_path(@project, @project.commit.id).should be_allowed_for @u1 } | ||
| 57 | - it { project_commit_path(@project, @project.commit.id).should be_allowed_for @u3 } | ||
| 58 | - it { project_commit_path(@project, @project.commit.id).should be_denied_for :admin } | ||
| 59 | - it { project_commit_path(@project, @project.commit.id).should be_denied_for @u2 } | ||
| 60 | - it { project_commit_path(@project, @project.commit.id).should be_denied_for :user } | ||
| 61 | - it { project_commit_path(@project, @project.commit.id).should be_denied_for :visitor } | 62 | + subject { project_commit_path(@project, @project.commit.id) } |
| 63 | + | ||
| 64 | + it { should be_allowed_for @u1 } | ||
| 65 | + it { should be_allowed_for @u3 } | ||
| 66 | + it { should be_denied_for :admin } | ||
| 67 | + it { should be_denied_for @u2 } | ||
| 68 | + it { should be_denied_for :user } | ||
| 69 | + it { should be_denied_for :visitor } | ||
| 62 | end | 70 | end |
| 63 | 71 | ||
| 64 | describe "GET /project_code/team" do | 72 | describe "GET /project_code/team" do |
| 65 | - it { team_project_path(@project).should be_allowed_for @u1 } | ||
| 66 | - it { team_project_path(@project).should be_allowed_for @u3 } | ||
| 67 | - it { team_project_path(@project).should be_denied_for :admin } | ||
| 68 | - it { team_project_path(@project).should be_denied_for @u2 } | ||
| 69 | - it { team_project_path(@project).should be_denied_for :user } | ||
| 70 | - it { team_project_path(@project).should be_denied_for :visitor } | 73 | + subject { team_project_path(@project) } |
| 74 | + | ||
| 75 | + it { should be_allowed_for @u1 } | ||
| 76 | + it { should be_allowed_for @u3 } | ||
| 77 | + it { should be_denied_for :admin } | ||
| 78 | + it { should be_denied_for @u2 } | ||
| 79 | + it { should be_denied_for :user } | ||
| 80 | + it { should be_denied_for :visitor } | ||
| 71 | end | 81 | end |
| 72 | 82 | ||
| 73 | describe "GET /project_code/wall" do | 83 | describe "GET /project_code/wall" do |
| 74 | - it { wall_project_path(@project).should be_allowed_for @u1 } | ||
| 75 | - it { wall_project_path(@project).should be_allowed_for @u3 } | ||
| 76 | - it { wall_project_path(@project).should be_denied_for :admin } | ||
| 77 | - it { wall_project_path(@project).should be_denied_for @u2 } | ||
| 78 | - it { wall_project_path(@project).should be_denied_for :user } | ||
| 79 | - it { wall_project_path(@project).should be_denied_for :visitor } | 84 | + subject { wall_project_path(@project) } |
| 85 | + | ||
| 86 | + it { should be_allowed_for @u1 } | ||
| 87 | + it { should be_allowed_for @u3 } | ||
| 88 | + it { should be_denied_for :admin } | ||
| 89 | + it { should be_denied_for @u2 } | ||
| 90 | + it { should be_denied_for :user } | ||
| 91 | + it { should be_denied_for :visitor } | ||
| 80 | end | 92 | end |
| 81 | 93 | ||
| 82 | describe "GET /project_code/blob" do | 94 | describe "GET /project_code/blob" do |
| 83 | before do | 95 | before do |
| 84 | - @commit = @project.commit | ||
| 85 | - @path = @commit.tree.contents.select { |i| i.is_a?(Grit::Blob)}.first.name | ||
| 86 | - @blob_path = blob_project_ref_path(@project, @commit.id, path: @path) | 96 | + commit = @project.commit |
| 97 | + path = commit.tree.contents.select { |i| i.is_a?(Grit::Blob)}.first.name | ||
| 98 | + @blob_path = blob_project_ref_path(@project, commit.id, path: path) | ||
| 87 | end | 99 | end |
| 88 | 100 | ||
| 89 | it { @blob_path.should be_allowed_for @u1 } | 101 | it { @blob_path.should be_allowed_for @u1 } |
| @@ -95,93 +107,113 @@ describe "Application access" do | @@ -95,93 +107,113 @@ describe "Application access" do | ||
| 95 | end | 107 | end |
| 96 | 108 | ||
| 97 | describe "GET /project_code/edit" do | 109 | describe "GET /project_code/edit" do |
| 98 | - it { edit_project_path(@project).should be_allowed_for @u1 } | ||
| 99 | - it { edit_project_path(@project).should be_denied_for @u3 } | ||
| 100 | - it { edit_project_path(@project).should be_denied_for :admin } | ||
| 101 | - it { edit_project_path(@project).should be_denied_for @u2 } | ||
| 102 | - it { edit_project_path(@project).should be_denied_for :user } | ||
| 103 | - it { edit_project_path(@project).should be_denied_for :visitor } | 110 | + subject { edit_project_path(@project) } |
| 111 | + | ||
| 112 | + it { should be_allowed_for @u1 } | ||
| 113 | + it { should be_denied_for @u3 } | ||
| 114 | + it { should be_denied_for :admin } | ||
| 115 | + it { should be_denied_for @u2 } | ||
| 116 | + it { should be_denied_for :user } | ||
| 117 | + it { should be_denied_for :visitor } | ||
| 104 | end | 118 | end |
| 105 | 119 | ||
| 106 | describe "GET /project_code/deploy_keys" do | 120 | describe "GET /project_code/deploy_keys" do |
| 107 | - it { project_deploy_keys_path(@project).should be_allowed_for @u1 } | ||
| 108 | - it { project_deploy_keys_path(@project).should be_denied_for @u3 } | ||
| 109 | - it { project_deploy_keys_path(@project).should be_denied_for :admin } | ||
| 110 | - it { project_deploy_keys_path(@project).should be_denied_for @u2 } | ||
| 111 | - it { project_deploy_keys_path(@project).should be_denied_for :user } | ||
| 112 | - it { project_deploy_keys_path(@project).should be_denied_for :visitor } | 121 | + subject { project_deploy_keys_path(@project) } |
| 122 | + | ||
| 123 | + it { should be_allowed_for @u1 } | ||
| 124 | + it { should be_denied_for @u3 } | ||
| 125 | + it { should be_denied_for :admin } | ||
| 126 | + it { should be_denied_for @u2 } | ||
| 127 | + it { should be_denied_for :user } | ||
| 128 | + it { should be_denied_for :visitor } | ||
| 113 | end | 129 | end |
| 114 | 130 | ||
| 115 | describe "GET /project_code/issues" do | 131 | describe "GET /project_code/issues" do |
| 116 | - it { project_issues_path(@project).should be_allowed_for @u1 } | ||
| 117 | - it { project_issues_path(@project).should be_allowed_for @u3 } | ||
| 118 | - it { project_issues_path(@project).should be_denied_for :admin } | ||
| 119 | - it { project_issues_path(@project).should be_denied_for @u2 } | ||
| 120 | - it { project_issues_path(@project).should be_denied_for :user } | ||
| 121 | - it { project_issues_path(@project).should be_denied_for :visitor } | 132 | + subject { project_issues_path(@project) } |
| 133 | + | ||
| 134 | + it { should be_allowed_for @u1 } | ||
| 135 | + it { should be_allowed_for @u3 } | ||
| 136 | + it { should be_denied_for :admin } | ||
| 137 | + it { should be_denied_for @u2 } | ||
| 138 | + it { should be_denied_for :user } | ||
| 139 | + it { should be_denied_for :visitor } | ||
| 122 | end | 140 | end |
| 123 | 141 | ||
| 124 | describe "GET /project_code/snippets" do | 142 | describe "GET /project_code/snippets" do |
| 125 | - it { project_snippets_path(@project).should be_allowed_for @u1 } | ||
| 126 | - it { project_snippets_path(@project).should be_allowed_for @u3 } | ||
| 127 | - it { project_snippets_path(@project).should be_denied_for :admin } | ||
| 128 | - it { project_snippets_path(@project).should be_denied_for @u2 } | ||
| 129 | - it { project_snippets_path(@project).should be_denied_for :user } | ||
| 130 | - it { project_snippets_path(@project).should be_denied_for :visitor } | 143 | + subject { project_snippets_path(@project) } |
| 144 | + | ||
| 145 | + it { should be_allowed_for @u1 } | ||
| 146 | + it { should be_allowed_for @u3 } | ||
| 147 | + it { should be_denied_for :admin } | ||
| 148 | + it { should be_denied_for @u2 } | ||
| 149 | + it { should be_denied_for :user } | ||
| 150 | + it { should be_denied_for :visitor } | ||
| 131 | end | 151 | end |
| 132 | 152 | ||
| 133 | describe "GET /project_code/merge_requests" do | 153 | describe "GET /project_code/merge_requests" do |
| 134 | - it { project_merge_requests_path(@project).should be_allowed_for @u1 } | ||
| 135 | - it { project_merge_requests_path(@project).should be_allowed_for @u3 } | ||
| 136 | - it { project_merge_requests_path(@project).should be_denied_for :admin } | ||
| 137 | - it { project_merge_requests_path(@project).should be_denied_for @u2 } | ||
| 138 | - it { project_merge_requests_path(@project).should be_denied_for :user } | ||
| 139 | - it { project_merge_requests_path(@project).should be_denied_for :visitor } | 154 | + subject { project_merge_requests_path(@project) } |
| 155 | + | ||
| 156 | + it { should be_allowed_for @u1 } | ||
| 157 | + it { should be_allowed_for @u3 } | ||
| 158 | + it { should be_denied_for :admin } | ||
| 159 | + it { should be_denied_for @u2 } | ||
| 160 | + it { should be_denied_for :user } | ||
| 161 | + it { should be_denied_for :visitor } | ||
| 140 | end | 162 | end |
| 141 | 163 | ||
| 142 | describe "GET /project_code/repository" do | 164 | describe "GET /project_code/repository" do |
| 143 | - it { project_repository_path(@project).should be_allowed_for @u1 } | ||
| 144 | - it { project_repository_path(@project).should be_allowed_for @u3 } | ||
| 145 | - it { project_repository_path(@project).should be_denied_for :admin } | ||
| 146 | - it { project_repository_path(@project).should be_denied_for @u2 } | ||
| 147 | - it { project_repository_path(@project).should be_denied_for :user } | ||
| 148 | - it { project_repository_path(@project).should be_denied_for :visitor } | 165 | + subject { project_repository_path(@project) } |
| 166 | + | ||
| 167 | + it { should be_allowed_for @u1 } | ||
| 168 | + it { should be_allowed_for @u3 } | ||
| 169 | + it { should be_denied_for :admin } | ||
| 170 | + it { should be_denied_for @u2 } | ||
| 171 | + it { should be_denied_for :user } | ||
| 172 | + it { should be_denied_for :visitor } | ||
| 149 | end | 173 | end |
| 150 | 174 | ||
| 151 | describe "GET /project_code/repository/branches" do | 175 | describe "GET /project_code/repository/branches" do |
| 152 | - it { branches_project_repository_path(@project).should be_allowed_for @u1 } | ||
| 153 | - it { branches_project_repository_path(@project).should be_allowed_for @u3 } | ||
| 154 | - it { branches_project_repository_path(@project).should be_denied_for :admin } | ||
| 155 | - it { branches_project_repository_path(@project).should be_denied_for @u2 } | ||
| 156 | - it { branches_project_repository_path(@project).should be_denied_for :user } | ||
| 157 | - it { branches_project_repository_path(@project).should be_denied_for :visitor } | 176 | + subject { branches_project_repository_path(@project) } |
| 177 | + | ||
| 178 | + it { should be_allowed_for @u1 } | ||
| 179 | + it { should be_allowed_for @u3 } | ||
| 180 | + it { should be_denied_for :admin } | ||
| 181 | + it { should be_denied_for @u2 } | ||
| 182 | + it { should be_denied_for :user } | ||
| 183 | + it { should be_denied_for :visitor } | ||
| 158 | end | 184 | end |
| 159 | 185 | ||
| 160 | describe "GET /project_code/repository/tags" do | 186 | describe "GET /project_code/repository/tags" do |
| 161 | - it { tags_project_repository_path(@project).should be_allowed_for @u1 } | ||
| 162 | - it { tags_project_repository_path(@project).should be_allowed_for @u3 } | ||
| 163 | - it { tags_project_repository_path(@project).should be_denied_for :admin } | ||
| 164 | - it { tags_project_repository_path(@project).should be_denied_for @u2 } | ||
| 165 | - it { tags_project_repository_path(@project).should be_denied_for :user } | ||
| 166 | - it { tags_project_repository_path(@project).should be_denied_for :visitor } | 187 | + subject { tags_project_repository_path(@project) } |
| 188 | + | ||
| 189 | + it { should be_allowed_for @u1 } | ||
| 190 | + it { should be_allowed_for @u3 } | ||
| 191 | + it { should be_denied_for :admin } | ||
| 192 | + it { should be_denied_for @u2 } | ||
| 193 | + it { should be_denied_for :user } | ||
| 194 | + it { should be_denied_for :visitor } | ||
| 167 | end | 195 | end |
| 168 | 196 | ||
| 169 | describe "GET /project_code/hooks" do | 197 | describe "GET /project_code/hooks" do |
| 170 | - it { project_hooks_path(@project).should be_allowed_for @u1 } | ||
| 171 | - it { project_hooks_path(@project).should be_allowed_for @u3 } | ||
| 172 | - it { project_hooks_path(@project).should be_denied_for :admin } | ||
| 173 | - it { project_hooks_path(@project).should be_denied_for @u2 } | ||
| 174 | - it { project_hooks_path(@project).should be_denied_for :user } | ||
| 175 | - it { project_hooks_path(@project).should be_denied_for :visitor } | 198 | + subject { project_hooks_path(@project) } |
| 199 | + | ||
| 200 | + it { should be_allowed_for @u1 } | ||
| 201 | + it { should be_allowed_for @u3 } | ||
| 202 | + it { should be_denied_for :admin } | ||
| 203 | + it { should be_denied_for @u2 } | ||
| 204 | + it { should be_denied_for :user } | ||
| 205 | + it { should be_denied_for :visitor } | ||
| 176 | end | 206 | end |
| 177 | 207 | ||
| 178 | describe "GET /project_code/files" do | 208 | describe "GET /project_code/files" do |
| 179 | - it { files_project_path(@project).should be_allowed_for @u1 } | ||
| 180 | - it { files_project_path(@project).should be_allowed_for @u3 } | ||
| 181 | - it { files_project_path(@project).should be_denied_for :admin } | ||
| 182 | - it { files_project_path(@project).should be_denied_for @u2 } | ||
| 183 | - it { files_project_path(@project).should be_denied_for :user } | ||
| 184 | - it { files_project_path(@project).should be_denied_for :visitor } | 209 | + subject { files_project_path(@project) } |
| 210 | + | ||
| 211 | + it { should be_allowed_for @u1 } | ||
| 212 | + it { should be_allowed_for @u3 } | ||
| 213 | + it { should be_denied_for :admin } | ||
| 214 | + it { should be_denied_for @u2 } | ||
| 215 | + it { should be_denied_for :user } | ||
| 216 | + it { should be_denied_for :visitor } | ||
| 185 | end | 217 | end |
| 186 | end | 218 | end |
| 187 | end | 219 | end |