Project

General

Profile

« Previous | Next » 

Revision acfbc458

Added by Marek Hulán about 10 years ago

fixes #812 - new permissions model, user group role and nest support, role filters for better granularity

Contributions from:

View differences:

test/functional/compute_resources_controller_test.rb
test "should not show compute resource when restricted" do
setup_user "view"
get :show, {:id => @your_compute_resource.to_param}, set_session_user
assert_response 403
assert_response 404
end
test "should show compute resource" do
......
test "should not get edit when restricted" do
setup_user "edit"
get :edit, {:id => @your_compute_resource.to_param}, set_session_user
assert_response 403
assert_response 404
end
test "should get edit" do
......
test "should not update compute resource when restricted" do
setup_user "edit"
put :update, {:id => @your_compute_resource.to_param, :compute_resource => {:name => "editing_self", :provider => "EC2"}}, set_session_user
assert_response 403
assert_response 404
end
test "should update compute resource" do
......
delete :destroy, {:id => @your_compute_resource.to_param}, set_session_user
end
assert_response 403
assert_response 404
end
test "should destroy compute resource" do
......
SETTINGS[:login] ? {:user => User.current.id, :expires_at => 5.minutes.from_now} : {}
end
def setup_user operation
@one = users(:one)
@request.session[:user] = @one.id
as_admin do
@one.roles = [Role.find_by_name('Anonymous'), Role.find_by_name('Viewer')]
role = Role.find_or_create_by_name :name => "#{operation}_compute_resources"
role.permissions = ["#{operation}_compute_resources".to_sym]
role.save!
@one.roles << [role]
@one.compute_resources = [@compute_resource]
@one.save!
end
User.current = @one
def setup_user operation, type = 'compute_resources'
super(operation, type, "id = #{@compute_resource.id}")
end
end

Also available in: Unified diff