|
|
@@
-1016,34
+1016,29
class UserTest < ActiveSupport::TestCase
|
|
|
1016
|
1016
|
end
|
|
|
1017
|
1017
|
end
|
|
|
1018
|
1018
|
|
|
|
1019
|
|
context "#allowed_to?" do
|
|
|
1020
|
|
context "with a unique project" do
|
|
|
1021
|
|
should "return false if project is archived" do
|
|
|
|
1019
|
test "#allowed_to? for archived project should return false" do
|
|
|
1022
|
1020
|
project = Project.find(1)
|
|
|
1023
|
|
Project.any_instance.stubs(:status).returns(Project::STATUS_ARCHIVED)
|
|
|
1024
|
|
assert_equal false, @admin.allowed_to?(:view_issues, Project.find(1))
|
|
|
|
1021
|
project.archive
|
|
|
|
1022
|
project.reload
|
|
|
|
1023
|
assert_equal false, @admin.allowed_to?(:view_issues, project)
|
|
|
1025
|
1024
|
end
|
|
|
1026
|
1025
|
|
|
|
1027
|
|
should "return false for write action if project is closed" do
|
|
|
|
1026
|
test "#allowed_to? for closed project should return true for read actions" do
|
|
|
1028
|
1027
|
project = Project.find(1)
|
|
|
1029
|
|
Project.any_instance.stubs(:status).returns(Project::STATUS_CLOSED)
|
|
|
1030
|
|
assert_equal false, @admin.allowed_to?(:edit_project, Project.find(1))
|
|
|
|
1028
|
project.close
|
|
|
|
1029
|
project.reload
|
|
|
|
1030
|
assert_equal false, @admin.allowed_to?(:edit_project, project)
|
|
|
|
1031
|
assert_equal true, @admin.allowed_to?(:view_project, project)
|
|
|
1031
|
1032
|
end
|
|
|
1032
|
1033
|
|
|
|
1033
|
|
should "return true for read action if project is closed" do
|
|
|
1034
|
|
project = Project.find(1)
|
|
|
1035
|
|
Project.any_instance.stubs(:status).returns(Project::STATUS_CLOSED)
|
|
|
1036
|
|
assert_equal true, @admin.allowed_to?(:view_project, Project.find(1))
|
|
|
1037
|
|
end
|
|
|
1038
|
|
|
|
|
1039
|
|
should "return false if related module is disabled" do
|
|
|
|
1034
|
test "#allowed_to? for project with module disabled should return false" do
|
|
|
1040
|
1035
|
project = Project.find(1)
|
|
|
1041
|
1036
|
project.enabled_module_names = ["issue_tracking"]
|
|
|
1042
|
1037
|
assert_equal true, @admin.allowed_to?(:add_issues, project)
|
|
|
1043
|
1038
|
assert_equal false, @admin.allowed_to?(:view_wiki_pages, project)
|
|
|
1044
|
1039
|
end
|
|
|
1045
|
1040
|
|
|
|
1046
|
|
should "authorize nearly everything for admin users" do
|
|
|
|
1041
|
test "#allowed_to? for admin users should return true" do
|
|
|
1047
|
1042
|
project = Project.find(1)
|
|
|
1048
|
1043
|
assert ! @admin.member_of?(project)
|
|
|
1049
|
1044
|
%w(edit_issues delete_issues manage_news add_documents manage_wiki).each do |p|
|
|
|
@@
-1051,32
+1046,24
class UserTest < ActiveSupport::TestCase
|
|
|
1051
|
1046
|
end
|
|
|
1052
|
1047
|
end
|
|
|
1053
|
1048
|
|
|
|
1054
|
|
should "authorize normal users depending on their roles" do
|
|
|
|
1049
|
test "#allowed_to? for normal users" do
|
|
|
1055
|
1050
|
project = Project.find(1)
|
|
|
1056
|
1051
|
assert_equal true, @jsmith.allowed_to?(:delete_messages, project) #Manager
|
|
|
1057
|
1052
|
assert_equal false, @dlopper.allowed_to?(:delete_messages, project) #Developper
|
|
|
1058
|
1053
|
end
|
|
|
1059
|
|
end
|
|
|
1060
|
1054
|
|
|
|
1061
|
|
context "with multiple projects" do
|
|
|
1062
|
|
should "return false if array is empty" do
|
|
|
|
1055
|
test "#allowed_to? with empty array should return false" do
|
|
|
1063
|
1056
|
assert_equal false, @admin.allowed_to?(:view_project, [])
|
|
|
1064
|
1057
|
end
|
|
|
1065
|
1058
|
|
|
|
1066
|
|
should "return true only if user has permission on all these projects" do
|
|
|
|
1059
|
test "#allowed_to? with multiple projects" do
|
|
|
1067
|
1060
|
assert_equal true, @admin.allowed_to?(:view_project, Project.all.to_a)
|
|
|
1068
|
1061
|
assert_equal false, @dlopper.allowed_to?(:view_project, Project.all.to_a) #cannot see Project(2)
|
|
|
1069
|
1062
|
assert_equal true, @jsmith.allowed_to?(:edit_issues, @jsmith.projects.to_a) #Manager or Developer everywhere
|
|
|
1070
|
1063
|
assert_equal false, @jsmith.allowed_to?(:delete_issue_watchers, @jsmith.projects.to_a) #Dev cannot delete_issue_watchers
|
|
|
1071
|
1064
|
end
|
|
|
1072
|
1065
|
|
|
|
1073
|
|
should "behave correctly with arrays of 1 project" do
|
|
|
1074
|
|
assert_equal false, User.anonymous.allowed_to?(:delete_issues, [Project.first])
|
|
|
1075
|
|
end
|
|
|
1076
|
|
end
|
|
|
1077
|
|
|
|
|
1078
|
|
context "with options[:global]" do
|
|
|
1079
|
|
should "authorize if user has at least one role that has this permission" do
|
|
|
|
1066
|
test "#allowed_to? with with options[:global] should return true if user has one role with the permission" do
|
|
|
1080
|
1067
|
@dlopper2 = User.find(5) #only Developper on a project, not Manager anywhere
|
|
|
1081
|
1068
|
@anonymous = User.find(6)
|
|
|
1082
|
1069
|
assert_equal true, @jsmith.allowed_to?(:delete_issue_watchers, nil, :global => true)
|
|
|
@@
-1085,12
+1072,9
class UserTest < ActiveSupport::TestCase
|
|
|
1085
|
1072
|
assert_equal false, @anonymous.allowed_to?(:add_issues, nil, :global => true)
|
|
|
1086
|
1073
|
assert_equal true, @anonymous.allowed_to?(:view_issues, nil, :global => true)
|
|
|
1087
|
1074
|
end
|
|
|
1088
|
|
end
|
|
|
1089
|
|
end
|
|
|
1090
|
1075
|
|
|
|
1091
|
1076
|
# this is just a proxy method, the test only calls it to ensure it doesn't break trivially
|
|
|
1092
|
|
context "#allowed_to_globally?" do
|
|
|
1093
|
|
should "proxy to #allowed_to? and reflect global permissions" do
|
|
|
|
1077
|
test "#allowed_to_globally?" do
|
|
|
1094
|
1078
|
@dlopper2 = User.find(5) #only Developper on a project, not Manager anywhere
|
|
|
1095
|
1079
|
@anonymous = User.find(6)
|
|
|
1096
|
1080
|
assert_equal true, @jsmith.allowed_to_globally?(:delete_issue_watchers)
|
|
|
@@
-1099,7
+1083,6
class UserTest < ActiveSupport::TestCase
|
|
|
1099
|
1083
|
assert_equal false, @anonymous.allowed_to_globally?(:add_issues)
|
|
|
1100
|
1084
|
assert_equal true, @anonymous.allowed_to_globally?(:view_issues)
|
|
|
1101
|
1085
|
end
|
|
|
1102
|
|
end
|
|
|
1103
|
1086
|
|
|
|
1104
|
1087
|
context "User#notify_about?" do
|
|
|
1105
|
1088
|
context "Issues" do
|
