Fix group projects fetch

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Fix group projects fetch
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Dmitriy Zaporozhets
1 parent 8f259c5e
Showing 2 changed files with 15 additions and 3 deletions Show diff stats
app/controllers/groups_controller.rb
spec/features/security/group/group_access_spec.rb
@@ -5,7 +5,7 @@ class GroupsController &lt; ApplicationController
   # Authorize
   before_filter :authorize_read_group!, except: [:new, :create]
-  before_filter :authorize_admin_group!, only: [:edit, :update, :destroy]
+  before_filter :authorize_admin_group!, only: [:edit, :update, :destroy, :projects]
   before_filter :authorize_create_group!, only: [:new, :create]
   # Load group projects
@@ -108,12 +108,12 @@ class GroupsController &lt; ApplicationController
   end
   def project_ids
-    projects.pluck(:id)
+    @projects.pluck(:id)
   end
   # Dont allow unauthorized access to group
   def authorize_read_group!
-    unless @group and (projects.present? or can?(current_user, :read_group, @group))
+    unless @group and (@projects.present? or can?(current_user, :read_group, @group))
       if current_user.nil?
         return authenticate_user!
       else
@@ -82,5 +82,17 @@ describe &quot;Group access&quot;, feature: true  do
       it { should be_denied_for :user }
       it { should be_denied_for :visitor }
     end
+
+    describe "GET /groups/:path/projects" do
+      subject { projects_group_path(group) }
+
+      it { should be_allowed_for owner }
+      it { should be_denied_for master }
+      it { should be_denied_for reporter }
+      it { should be_allowed_for :admin }
+      it { should be_denied_for guest }
+      it { should be_denied_for :user }
+      it { should be_denied_for :visitor }
+    end
   end
 end
	@@ -5,7 +5,7 @@ class GroupsController < ApplicationController		@@ -5,7 +5,7 @@ class GroupsController < ApplicationController
5		5
6	# Authorize	6	# Authorize
7	before_filter :authorize_read_group!, except: [:new, :create]	7	before_filter :authorize_read_group!, except: [:new, :create]
8	- before_filter :authorize_admin_group!, only: [:edit, :update, :destroy]	8	+ before_filter :authorize_admin_group!, only: [:edit, :update, :destroy, :projects]
9	before_filter :authorize_create_group!, only: [:new, :create]	9	before_filter :authorize_create_group!, only: [:new, :create]
10		10
11	# Load group projects	11	# Load group projects
	@@ -108,12 +108,12 @@ class GroupsController < ApplicationController		@@ -108,12 +108,12 @@ class GroupsController < ApplicationController
108	end	108	end
109		109
110	def project_ids	110	def project_ids
111	- projects.pluck(:id)	111	+ @projects.pluck(:id)
112	end	112	end
113		113
114	# Dont allow unauthorized access to group	114	# Dont allow unauthorized access to group
115	def authorize_read_group!	115	def authorize_read_group!
116	- unless @group and (projects.present? or can?(current_user, :read_group, @group))	116	+ unless @group and (@projects.present? or can?(current_user, :read_group, @group))
117	if current_user.nil?	117	if current_user.nil?
118	return authenticate_user!	118	return authenticate_user!
119	else	119	else
	@@ -82,5 +82,17 @@ describe "Group access", feature: true do		@@ -82,5 +82,17 @@ describe "Group access", feature: true do
82	it { should be_denied_for :user }	82	it { should be_denied_for :user }
83	it { should be_denied_for :visitor }	83	it { should be_denied_for :visitor }
84	end	84	end
		85	+
		86	+ describe "GET /groups/:path/projects" do
		87	+ subject { projects_group_path(group) }
		88	+
		89	+ it { should be_allowed_for owner }
		90	+ it { should be_denied_for master }
		91	+ it { should be_denied_for reporter }
		92	+ it { should be_allowed_for :admin }
		93	+ it { should be_denied_for guest }
		94	+ it { should be_denied_for :user }
		95	+ it { should be_denied_for :visitor }
		96	+ end
85	end	97	end
86	end	98	end