Project

General

Profile

« Previous | Next » 

Revision acfbc458

Added by Marek Hulán about 10 years ago

fixes #812 - new permissions model, user group role and nest support, role filters for better granularity

Contributions from:

View differences:

test/functional/api/v2/hosts_controller_test.rb
end
test "should allow access to restricted user who owns the host" do
as_user :restricted do
get :show, { :id => hosts(:owned_by_restricted).to_param }
end
setup_user 'view', 'hosts', "owner_type = User and owner_id = #{users(:restricted).id}", :restricted
get :show, { :id => hosts(:owned_by_restricted).to_param }
assert_response :success
end
test "should allow to update for restricted user who owns the host" do
disable_orchestration
as_user :restricted do
put :update, { :id => hosts(:owned_by_restricted).to_param, :host => {} }
end
setup_user 'edit', 'hosts', "owner_type = User and owner_id = #{users(:restricted).id}", :restricted
put :update, { :id => hosts(:owned_by_restricted).to_param, :host => {} }
assert_response :success
end
test "should allow destroy for restricted user who owns the hosts" do
assert_difference('Host.count', -1) do
as_user :restricted do
delete :destroy, { :id => hosts(:owned_by_restricted).to_param }
end
setup_user 'destroy', 'hosts', "owner_type = User and owner_id = #{users(:restricted).id}", :restricted
delete :destroy, { :id => hosts(:owned_by_restricted).to_param }
end
assert_response :success
end
test "should allow show status for restricted user who owns the hosts" do
as_user :restricted do
get :status, { :id => hosts(:owned_by_restricted).to_param }
end
setup_user 'view', 'hosts', "owner_type = User and owner_id = #{users(:restricted).id}", :restricted
get :status, { :id => hosts(:owned_by_restricted).to_param }
assert_response :success
end
test "should not allow access to a host out of users hosts scope" do
as_user :restricted do
get :show, { :id => hosts(:one).to_param }
end
setup_user 'view', 'hosts', "owner_type = User and owner_id = #{users(:restricted).id}", :restricted
get :show, { :id => hosts(:one).to_param }
assert_response :not_found
end
test "should not list a host out of users hosts scope" do
as_user :restricted do
get :index, {}
end
setup_user 'view', 'hosts', "owner_type = User and owner_id = #{users(:restricted).id}", :restricted
get :index, {}
assert_response :success
hosts = ActiveSupport::JSON.decode(@response.body)
ids = hosts['results'].map { |hash| hash['id'] }
assert !ids.include?(hosts(:one).id)
assert ids.include?(hosts(:owned_by_restricted).id)
refute_includes ids, hosts(:one).id
assert_includes ids, hosts(:owned_by_restricted).id
end
test "should not update host out of users hosts scope" do
as_user :restricted do
put :update, { :id => hosts(:one).to_param }
end
setup_user 'edit', 'hosts', "owner_type = User and owner_id = #{users(:restricted).id}", :restricted
put :update, { :id => hosts(:one).to_param }
assert_response :not_found
end
test "should not delete hosts out of users hosts scope" do
as_user :restricted do
delete :destroy, { :id => hosts(:one).to_param }
end
setup_user 'destroy', 'hosts', "owner_type = User and owner_id = #{users(:restricted).id}", :restricted
delete :destroy, { :id => hosts(:one).to_param }
assert_response :not_found
end
test "should not show status of hosts out of users hosts scope" do
as_user :restricted do
get :status, { :id => hosts(:one).to_param }
end
setup_user 'view', 'hosts', "owner_type = User and owner_id = #{users(:restricted).id}", :restricted
get :status, { :id => hosts(:one).to_param }
assert_response :not_found
end

Also available in: Unified diff