Revision acfbc458
Added by Marek Hulán about 10 years ago
| test/functional/api/v1/compute_resources_controller_test.rb | ||
|---|---|---|
|
end
|
||
|
|
||
|
test "should get index of owned" do
|
||
|
as_user(:restricted) do
|
||
|
get :index, {}
|
||
|
end
|
||
|
setup_user 'view', 'compute_resources', "id = #{compute_resources(:mycompute).id}"
|
||
|
get :index, {}
|
||
|
assert_response :success
|
||
|
assert_not_nil assigns(:compute_resources)
|
||
|
compute_resources = ActiveSupport::JSON.decode(@response.body)
|
||
|
ids = compute_resources.map { |hash| hash['compute_resource']['id'] }
|
||
|
assert !ids.include?(compute_resources(:mycompute).id)
|
||
|
assert ids.include?(compute_resources(:yourcompute).id)
|
||
|
assert_includes ids, compute_resources(:mycompute).id
|
||
|
refute_includes ids, compute_resources(:yourcompute).id
|
||
|
end
|
||
|
|
||
|
test "should allow access to a compute resource for owner" do
|
||
|
as_user(:restricted) do
|
||
|
get :show, { :id => compute_resources(:yourcompute).to_param }
|
||
|
end
|
||
|
setup_user 'view', 'compute_resources', "id = #{compute_resources(:mycompute).id}"
|
||
|
get :show, { :id => compute_resources(:mycompute).to_param }
|
||
|
assert_response :success
|
||
|
end
|
||
|
|
||
|
test "should update compute resource for owner" do
|
||
|
as_user(:restricted) do
|
||
|
put :update, { :id => compute_resources(:yourcompute).to_param, :compute_resource => { :description => "new_description" } }
|
||
|
end
|
||
|
assert_equal "new_description", ComputeResource.find_by_name('yourcompute').description
|
||
|
setup_user 'edit', 'compute_resources', "id = #{compute_resources(:mycompute).id}"
|
||
|
put :update, { :id => compute_resources(:mycompute).to_param, :compute_resource => { :description => "new_description" } }
|
||
|
assert_equal "new_description", ComputeResource.find_by_name('mycompute').description
|
||
|
assert_response :success
|
||
|
end
|
||
|
|
||
|
test "should destroy compute resource for owner" do
|
||
|
assert_difference('ComputeResource.count', -1) do
|
||
|
as_user(:restricted) do
|
||
|
delete :destroy, { :id => compute_resources(:yourcompute).id }
|
||
|
end
|
||
|
setup_user 'destroy', 'compute_resources', "id = #{compute_resources(:mycompute).id}"
|
||
|
delete :destroy, { :id => compute_resources(:mycompute).id }
|
||
|
end
|
||
|
assert_response :success
|
||
|
end
|
||
|
|
||
|
test "should not allow access to a compute resource out of users compute resources scope" do
|
||
|
as_user(:restricted) do
|
||
|
get :show, { :id => compute_resources(:one).to_param }
|
||
|
end
|
||
|
setup_user 'view', 'compute_resources', "id = #{compute_resources(:mycompute).id}"
|
||
|
get :show, { :id => compute_resources(:one).to_param }
|
||
|
assert_response :not_found
|
||
|
end
|
||
|
|
||
|
test "should not update compute resource for restricted" do
|
||
|
as_user(:restricted) do
|
||
|
put :update, { :id => compute_resources(:mycompute).to_param, :compute_resource => { :description => "new_description" } }
|
||
|
end
|
||
|
setup_user 'edit', 'compute_resources', "id = #{compute_resources(:mycompute).id}"
|
||
|
put :update, { :id => compute_resources(:yourcompute).to_param, :compute_resource => { :description => "new_description" } }
|
||
|
assert_response :not_found
|
||
|
end
|
||
|
|
||
|
test "should not destroy compute resource for restricted" do
|
||
|
as_user(:restricted) do
|
||
|
delete :destroy, { :id => compute_resources(:mycompute).id }
|
||
|
end
|
||
|
setup_user 'destroy', 'compute_resources', "id = #{compute_resources(:mycompute).id}"
|
||
|
delete :destroy, { :id => compute_resources(:yourcompute).id }
|
||
|
assert_response :not_found
|
||
|
end
|
||
|
|
||
Also available in: Unified diff
fixes #812 - new permissions model, user group role and nest support, role filters for better granularity
Contributions from: