RubyGems - enju_purchase_request - Versions diffs - 0.1.1 → 0.2.0.beta.2 - Mend

enju_purchase_request 0.1.1 → 0.2.0.beta.2

Files changed (84) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 2fc1305c5c75d6ff4de30d9b5cc02cabe80595d8
-  data.tar.gz: 4b02362108242aef5a2b9c89f5385a7e19a1243d
+  metadata.gz: c9dbb79d1677349e2baac147f142a61dba3aa49f
+  data.tar.gz: 2976b93d9b6e8821334b243f553dd6d80518359a
 SHA512:
-  metadata.gz: 0cc6e411c383bdf18939112eeb7826b6d1c179f62298e4f9c1e8e5a892aa80d24feb9c338b32c51a6f3343ff93ce9dc9c140dd5b6d17794e9a32e4efcd5c6e3a
-  data.tar.gz: b57ee7d68df3cc461cc02b784330f267634f592eafbb5af58b2fce548925b444a987340d40610fec1df6977bd4c64f6ae785c95315f6f0cc442a4e29cefdfd31
+  metadata.gz: b03871bcea0ed5ad39b569e4fdc764e511d55a2163ca2bc541ef5dde25facdac100a50a058ddc70bafaaacfc81293a72fd52096c009840d22ad05b30b526e513
+  data.tar.gz: f4bbfed5aa655e9175eaa42cc1b876b3807ec0e9461f62246e1515f4eac6e3463e604d3d18de35663c72fd5944f7d54f4cbd1b2b58fc163c017638b0b6d27eb1

data/README.rdoc CHANGED Viewed

@@ -1,7 +1,7 @@
 = EnjuPurchaseRequest
-{<img src="https://travis-ci.org/next-l/enju_purchase_request.svg?branch=1.1" alt="Build Status" />}[https://travis-ci.org/next-l/enju_purchase_request]
-{<img src="https://coveralls.io/repos/next-l/enju_purchase_request/badge.svg?branch=1.1&service=github" alt="Coverage Status" />}[https://coveralls.io/github/next-l/enju_purchase_request?branch=1.1]
-{<img src="https://hakiri.io/github/next-l/enju_purchase_request/1.1.svg" alt="security" />}[https://hakiri.io/github/next-l/enju_purchase_request/1.1]
+{<img src="https://travis-ci.org/next-l/enju_purchase_request.svg?branch=1.2" alt="Build Status" />}[https://travis-ci.org/next-l/enju_purchase_request]
+{<img src="https://coveralls.io/repos/next-l/enju_purchase_request/badge.svg?branch=1.2&service=github" alt="Coverage Status" />}[https://coveralls.io/github/next-l/enju_purchase_request?branch=1.2]
+{<img src="https://hakiri.io/github/next-l/enju_purchase_request/1.2.svg" alt="security" />}[https://hakiri.io/github/next-l/enju_purchase_request/1.2]
 This project rocks and uses MIT-LICENSE.

data/app/controllers/concerns/enju_purchase_request/controller.rb ADDED Viewed

@@ -0,0 +1,19 @@
+module EnjuPurchaseRequest
+  module Controller
+    private
+    def get_order_list
+      if params[:order_list_id]
+        @order_list = OrderList.find(params[:order_list_id])
+        authorize @order_list, :show?
+      end
+    end
+    def get_purchase_request
+      if params[:purchase_request_id]
+        @purchase_request = PurchaseRequest.find(params[:purchase_request_id])
+        authorize @purchase_request,  :show?
+      end
+    end
+  end
+end

data/app/controllers/order_lists_controller.rb CHANGED Viewed

@@ -1,7 +1,8 @@
 class OrderListsController < ApplicationController
-  load_and_authorize_resource
-  before_filter :prepare_options, only: [:new, :edit]
-  before_filter :get_bookstore, only: :index
+  before_action :set_order_list, only: [:show, :edit, :update, :destroy]
+  before_action :check_policy, only: [:index, :new, :create]
+  before_action :prepare_options, only: [:new, :edit]
+  before_action :get_bookstore, only: :index
   # GET /order_lists
   # GET /order_lists.json
@@ -97,6 +98,15 @@ class OrderListsController < ApplicationController
   end
   private
+  def set_order_list
+    @order_list = OrderList.find(params[:id])
+    authorize @order_list
+  end
+  def check_policy
+    authorize OrderList
+  end
   def order_list_params
     params.require(:order_list).permit(
       :user_id, :bookstore_id, :title, :note, :ordered_at, :edit_mode

data/app/controllers/orders_controller.rb CHANGED Viewed

@@ -1,7 +1,8 @@
 class OrdersController < ApplicationController
-  load_and_authorize_resource
-  before_filter :get_order_list
-  before_filter :get_purchase_request
+  before_action :set_order, only: [:show, :edit, :update, :destroy]
+  before_action :check_policy, only: [:index, :new, :create]
+  before_action :get_order_list
+  before_action :get_purchase_request
   # GET /orders
   # GET /orders.json
@@ -128,6 +129,15 @@ class OrdersController < ApplicationController
   end
   private
+  def set_order
+    @order = Order.find(params[:id])
+    authorize @order
+  end
+  def check_policy
+    authorize Order
+  end
   def order_params
     params.require(:order).permit(:order_list_id, :purchase_request_id)
   end

data/app/controllers/purchase_requests_controller.rb CHANGED Viewed

@@ -1,11 +1,10 @@
 class PurchaseRequestsController < ApplicationController
-  load_and_authorize_resource except: :index
-  authorize_resource only: :index
-  before_filter :get_user
-  before_filter :get_order_list
-  before_filter :store_page, only: :index
-  after_filter :solr_commit, only: [:create, :update, :destroy]
-  after_filter :convert_charset, only: :index
+  before_action :store_page, only: :index
+  before_action :set_purchase_request, only: [:show, :edit, :update, :destroy]
+  before_action :check_policy, only: [:index, :new, :create]
+  before_action :get_user
+  before_action :get_order_list
+  after_action :convert_charset, only: :index
   # GET /purchase_requests
   # GET /purchase_requests.json
@@ -23,9 +22,6 @@ class PurchaseRequestsController < ApplicationController
     user = @user
     unless current_user.has_role?('Librarian')
-      if @order_list
-        access_denied; return
-      end
       if user and user != current_user
         access_denied; return
       end
@@ -145,6 +141,15 @@ class PurchaseRequestsController < ApplicationController
   end
   private
+  def set_purchase_request
+    @purchase_request = PurchaseRequest.find(params[:id])
+    authorize @purchase_request
+  end
+  def check_policy
+    authorize PurchaseRequest
+  end
   def purchase_request_params
     params.fetch(:purchase_request, {}).permit(
       :title, :author, :publisher, :isbn, :price, :url, :note, :pub_date

data/app/models/concerns/enju_purchase_request/enju_user.rb ADDED Viewed

@@ -0,0 +1,10 @@
+module EnjuPurchaseRequest
+  module EnjuUser
+    extend ActiveSupport::Concern
+    included do
+      has_many :purchase_requests
+      has_many :order_lists
+    end
+  end
+end

data/app/models/order.rb CHANGED Viewed

@@ -26,8 +26,7 @@ end
 #  order_list_id       :integer          not null
 #  purchase_request_id :integer          not null
 #  position            :integer
-#  state               :string(255)
-#  created_at          :datetime         not null
-#  updated_at          :datetime         not null
+#  state               :string
+#  created_at          :datetime
+#  updated_at          :datetime
 #

data/app/models/order_list.rb CHANGED Viewed

@@ -61,6 +61,6 @@ end
 #  note         :text
 #  ordered_at   :datetime
 #  deleted_at   :datetime
-#  created_at   :datetime         not null
-#  updated_at   :datetime         not null
+#  created_at   :datetime
+#  updated_at   :datetime
 #

data/app/models/order_list_transition.rb CHANGED Viewed

@@ -10,10 +10,11 @@ end
 # Table name: order_list_transitions
 #
 #  id            :integer          not null, primary key
-#  to_state      :string(255)
-#  metadata      :text             default("{}")
+#  to_state      :string
+#  metadata      :text             default({})
 #  sort_key      :integer
 #  order_list_id :integer
-#  created_at    :datetime         not null
-#  updated_at    :datetime         not null
+#  created_at    :datetime
+#  updated_at    :datetime
+#  most_recent   :boolean
 #

data/app/models/purchase_request.rb CHANGED Viewed

@@ -14,7 +14,7 @@ class PurchaseRequest < ActiveRecord::Base
   after_destroy :index!
   before_save :set_date_of_publication
-  normalize_attributes :url, :pub_date
+  strip_attributes only: [:url, :pub_date]
   searchable do
     text :title, :author, :publisher, :url
@@ -74,17 +74,16 @@ end
 #  title               :text             not null
 #  author              :text
 #  publisher           :text
-#  isbn                :string(255)
+#  isbn                :string
 #  date_of_publication :datetime
 #  price               :integer
-#  url                 :string(255)
+#  url                 :string
 #  note                :text
 #  accepted_at         :datetime
 #  denied_at           :datetime
-#  created_at          :datetime         not null
-#  updated_at          :datetime         not null
+#  created_at          :datetime
+#  updated_at          :datetime
 #  deleted_at          :datetime
-#  state               :string(255)
-#  pub_date            :string(255)
+#  state               :string
+#  pub_date            :string
 #

data/app/policies/bookstore_policy.rb ADDED Viewed

@@ -0,0 +1,23 @@
+class BookstorePolicy < ApplicationPolicy
+  def index?
+    true if user.try(:has_role?, 'Librarian')
+  end
+  def show?
+    true if user.try(:has_role?, 'Librarian')
+  end
+  def create?
+    true if user.try(:has_role?, 'Administrator')
+  end
+  def update?
+    true if user.try(:has_role?, 'Administrator')
+  end
+  def destroy?
+    if user.try(:has_role?, 'Administrator')
+      true if record.items.empty? and record.order_lists.empty?
+    end
+  end
+end

data/app/policies/order_list_policy.rb ADDED Viewed

@@ -0,0 +1,21 @@
+class OrderListPolicy < ApplicationPolicy
+  def index?
+    true if user.try(:has_role?, 'Librarian')
+  end
+  def show?
+    true if user.try(:has_role?, 'Librarian')
+  end
+  def create?
+    true if user.try(:has_role?, 'Librarian')
+  end
+  def update?
+    true if user.try(:has_role?, 'Librarian')
+  end
+  def destroy?
+    true if user.try(:has_role?, 'Librarian')
+  end
+end

data/app/policies/order_policy.rb ADDED Viewed

@@ -0,0 +1,21 @@
+class OrderPolicy < ApplicationPolicy
+  def index?
+    true if user.try(:has_role?, 'Librarian')
+  end
+  def show?
+    true if user.try(:has_role?, 'Librarian')
+  end
+  def create?
+    true if user.try(:has_role?, 'Librarian')
+  end
+  def update?
+    true if user.try(:has_role?, 'Librarian')
+  end
+  def destroy?
+    true if user.try(:has_role?, 'Librarian')
+  end
+end

data/app/policies/purchase_request_policy.rb ADDED Viewed

@@ -0,0 +1,25 @@
+class PurchaseRequestPolicy < ApplicationPolicy
+  def index?
+    true if user.try(:has_role?, 'User')
+  end
+  def show?
+    if user.try(:has_role?, 'Librarian')
+      true
+    elsif user.try(:has_role?, 'User')
+      true if record.user == user
+    end
+  end
+  def create?
+    true if user.try(:has_role?, 'User')
+  end
+  def update?
+    show?
+  end
+  def destroy?
+    show?
+  end
+end

data/app/views/orders/index.html.erb CHANGED Viewed

@@ -16,9 +16,11 @@
     <td><%= link_to order.purchase_request.title, purchase_request_path(order.purchase_request) -%></td>
     <td><%= l(order.updated_at) -%></td>
     <td>
-      <%- if can? :delete, order -%>
-        <%= link_to t('page.show'), order_path(order) -%>
+      <%= link_to t('page.show'), order_path(order) -%>
+      <%- if policy(order).update? -%>
         <%= link_to t('page.edit'), edit_order_path(order) -%>
+      <%- end -%>
+      <%- if policy(order).destroy? -%>
         <%= link_to t('page.destroy'), order_path(order), data: {confirm: t('page.are_you_sure')}, method: :delete -%>
       <%- end -%>
     </td>
@@ -33,7 +35,7 @@
 <div id="submenu" class="ui-corner-all ui-widget-content">
   <ul>
-    <%- if can? :create, Order -%>
+    <%- if policy(Order).create? -%>
       <li><%= link_to t('page.new', model: t('activerecord.models.order')), new_order_path -%></li>
     <%- end -%>
   </ul>

data/app/views/purchase_requests/_index.html.erb CHANGED Viewed

@@ -34,10 +34,10 @@
       </td>
       <td><%= purchase_request.price -%></td>
       <td>
-        <%- if can? :update, purchase_request %>
+        <%- if policy(purchase_request).update? %>
           <%= link_to t('page.edit'), edit_purchase_request_path(purchase_request) -%>
-        <%- end -%>
-        <%- if can? :delete, purchase_request %>
+        <% end %>
+        <%- if policy(purchase_request).destroy? %>
           <%= link_to t('page.destroy'), purchase_request, data: {confirm: t('page.are_you_sure')}, method: :delete -%>
         <%- end -%>
       </td>
@@ -69,14 +69,14 @@
   </ul>
 <p>
   <%- if @user -%>
-    <%= link_to (image_tag 'icons/feed.png', size: '16x16', alt: t('page.feed'), class: 'icon'), purchase_requests_path(user_id: @user.username, format: :rss, locale: @locale.to_s) -%>
+    <%= link_to image_tag('icons/feed.png', size: '16x16', class: 'enju_icon', alt: t('page.feed')), purchase_requests_path(user_id: @user.username, format: :rss, locale: @locale.to_s) -%>
     (<%= link_to 'RSS', purchase_requests_path(user_id: @user.username, format: :rss, locale: @locale.to_s) -%>)
-    <%= link_to (image_tag 'icons/page_white_excel.png', size: '16x16', alt: 'TSV', class: 'icon'), purchase_requests_path(user_id: @user.username, format: :txt) -%>
+    <%= link_to image_tag('icons/page_white_excel.png', size: '16x16', class: 'enju_icon', alt: 'TSV'), purchase_requests_path(user_id: @user.username, format: :txt) -%>
     (<%= link_to 'TSV', purchase_requests_path(user_id: @user.username, format: :txt) -%>)
   <%- else -%>
-    <%= link_to (image_tag 'icons/feed.png', size: '16x16', alt: t('page.feed'), class: 'icon'), purchase_requests_path(format: :rss, locale: @locale.to_s) -%>
+    <%= link_to image_tag('icons/feed.png', size: '16x16', class: 'enju_icon', alt: t('page.feed')), purchase_requests_path(format: :rss, locale: @locale.to_s) -%>
     (<%= link_to 'RSS', purchase_requests_path(format: :rss, locale: @locale.to_s) -%>)
-    <%= link_to (image_tag 'icons/page_white_excel.png', size: '16x16', alt: 'TSV', class: 'icon'), purchase_requests_path(format: :txt) -%>
+    <%= link_to image_tag('icons/page_white_excel.png', size: '16x16', class: 'enju_icon', alt: 'TSV'), purchase_requests_path(format: :txt) -%>
     (<%= link_to 'TSV', purchase_requests_path(format: :txt) -%>)
   <%- end -%>
 </p>

data/app/views/purchase_requests/_index_order_list.html.erb CHANGED Viewed

@@ -39,8 +39,10 @@
       </td>
       <td><%= purchase_request.price -%></td>
       <td>
-        <%= link_to t('page.edit'), edit_purchase_request_path(purchase_request) -%>
-        <%- if can? :delete, purchase_request -%>
+        <%- if policy(purchase_request).update? -%>
+          <%= link_to t('page.edit'), edit_purchase_request_path(purchase_request) -%>
+        <% end %>
+        <%- if policy(purchase_request).destroy? -%>
           <%- if params[:mode] == "add" -%>
             <%= link_to t('page.add'), new_purchase_request_path(order_list_id: @order_list, purchase_request_id: purchase_request.id, mode: 'add') -%>
           <%- else -%>
@@ -67,9 +69,9 @@
   </ul>
   <% if @order_list.ordered? %>
     <p>
-      <%= link_to (image_tag 'icons/feed.png', size: '16x16', alt: t('page.feed'), class: 'icon'), purchase_requests_path(order_list_id: @order_list.id, format: :rss) -%>
+      <%= link_to image_tag('icons/feed.png', size: '16x16', class: 'enju_icon', alt: t('page.feed')), purchase_requests_path(order_list_id: @order_list.id, format: :rss) -%>
       (<%= link_to 'RSS', purchase_requests_path(order_list_id: @order_list.id, format: :rss) -%>)
-      <%= link_to (image_tag 'icons/page_white_excel.png', size: '16x16', alt: 'TSV', class: 'icon'), purchase_requests_path(order_list_id: @order_list.id, format: :txt) -%>
+      <%= link_to image_tag('icons/page_white_excel.png', size: '16x16', class: 'enju_icon', alt: 'TSV'), purchase_requests_path(order_list_id: @order_list.id, format: :txt) -%>
       (<%= link_to 'TSV', purchase_requests_path(order_list_id: @order_list.id, format: :txt) -%>)
     </p>
   <% end %>

data/app/views/purchase_requests/show.html.erb CHANGED Viewed

@@ -81,7 +81,7 @@
 <div id="submenu" class="ui-corner-all ui-widget-content">
   <ul>
-    <% if can? :update, Order %>
+    <% if policy(Order).create? %>
       <%- if @purchase_request.order_list -%>
         <li><%= link_to t('purchase_request.remove_from_order_list'), order_path(@purchase_request.order, order_list_id: @purchase_request.order_list.id), method: :delete, data: {confirm: t('page.are_you_sure')} -%></li>
       <%- else -%>

data/db/migrate/20160703190738_add_most_recent_to_order_list_transitions.rb ADDED Viewed

@@ -0,0 +1,9 @@
+class AddMostRecentToOrderListTransitions < ActiveRecord::Migration
+  def up
+    add_column :order_list_transitions, :most_recent, :boolean, null: true
+  end
+  def down
+    remove_column :order_list_transitions, :most_recent
+  end
+end

data/lib/enju_purchase_request/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module EnjuPurchaseRequest
-  VERSION = "0.1.1"
+  VERSION = "0.2.0.beta.2"
 end

data/lib/enju_purchase_request.rb CHANGED Viewed

@@ -1,30 +1,5 @@
 require "enju_purchase_request/engine"
 require "enju_purchase_request/bookmark_url"
-require "enju_purchase_request/user"
 module EnjuPurchaseRequest
-  def self.included(base)
-    base.extend(ClassMethods)
-  end
-  module ClassMethods
-    def enju_purchase_request
-      include EnjuPurchaseRequest::InstanceMethods
-    end
-  end
-  module InstanceMethods
-    private
-    def get_order_list
-      @order_list = OrderList.find(params[:order_list_id]) if params[:order_list_id]
-    end
-    def get_purchase_request
-      @purchase_request = PurchaseRequest.find(params[:purchase_request_id]) if params[:purchase_request_id]
-    end
-  end
 end
-ActionController::Base.send(:include, EnjuPurchaseRequest)
-ActiveRecord::Base.send :include, EnjuPurchaseRequest::PurchaseRequestUser

data/lib/tasks/enju_purchase_request_tasks.rake CHANGED Viewed

@@ -2,3 +2,11 @@
 # task :enju_purchase_request do
 #   # Task goes here
 # end
+namespace :enju_purchase_request do
+  desc "upgrade enju_purchase_request"
+  task :upgrade => :environment do
+    Rake::Task['statesman:backfill_most_recent'].invoke('OrderList')
+    puts 'enju_purchase_request: The upgrade completed successfully.'
+  end
+end

data/spec/controllers/order_lists_controller_spec.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-require 'spec_helper'
+require 'rails_helper'
 require 'sunspot/rails/spec_helper'
 describe OrderListsController do
@@ -35,14 +35,14 @@ describe OrderListsController do
       it "assigns empty as @order_lists" do
         get :index
-        assigns(:order_lists).should be_empty
+        assigns(:order_lists).should be_nil
       end
     end
     describe "When not logged in" do
       it "assigns empty as @order_lists" do
         get :index
-        assigns(:order_lists).should be_empty
+        assigns(:order_lists).should be_nil
       end
     end
   end
@@ -101,7 +101,8 @@ describe OrderListsController do
       it "assigns the requested order_list as @order_list" do
         get :new
-        assigns(:order_list).should_not be_valid
+        assigns(:order_list).should be_nil
+        response.should be_success
       end
     end
@@ -112,7 +113,8 @@ describe OrderListsController do
       it "assigns the requested order_list as @order_list" do
         get :new
-        assigns(:order_list).should_not be_valid
+        assigns(:order_list).should be_nil
+        response.should be_success
       end
     end
@@ -123,7 +125,7 @@ describe OrderListsController do
       it "should not assign the requested order_list as @order_list" do
         get :new
-        assigns(:order_list).should_not be_valid
+        assigns(:order_list).should be_nil
         response.should be_forbidden
       end
     end
@@ -131,7 +133,7 @@ describe OrderListsController do
     describe "When not logged in" do
       it "should not assign the requested order_list as @order_list" do
         get :new
-        assigns(:order_list).should_not be_valid
+        assigns(:order_list).should be_nil
         response.should redirect_to(new_user_session_url)
       end
     end
@@ -257,7 +259,7 @@ describe OrderListsController do
       describe "with valid params" do
         it "assigns a newly created order_list as @order_list" do
           post :create, :order_list => @attrs
-          assigns(:order_list).should be_valid
+          assigns(:order_list).should be_nil
         end
         it "should be forbidden" do
@@ -269,7 +271,7 @@ describe OrderListsController do
       describe "with invalid params" do
         it "assigns a newly created but unsaved order_list as @order_list" do
           post :create, :order_list => @invalid_attrs
-          assigns(:order_list).should_not be_valid
+          assigns(:order_list).should be_nil
         end
         it "should be forbidden" do
@@ -283,7 +285,7 @@ describe OrderListsController do
       describe "with valid params" do
         it "assigns a newly created order_list as @order_list" do
           post :create, :order_list => @attrs
-          assigns(:order_list).should be_valid
+          assigns(:order_list).should be_nil
         end
         it "should be forbidden" do
@@ -295,7 +297,7 @@ describe OrderListsController do
       describe "with invalid params" do
         it "assigns a newly created but unsaved order_list as @order_list" do
           post :create, :order_list => @invalid_attrs
-          assigns(:order_list).should_not be_valid
+          assigns(:order_list).should be_nil
         end
         it "should be forbidden" do

data/spec/controllers/orders_controller_spec.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-require 'spec_helper'
+require 'rails_helper'
 require 'sunspot/rails/spec_helper'
 describe OrdersController do
@@ -39,7 +39,7 @@ describe OrdersController do
       it "should be forbidden" do
         get :index
-        assigns(:orders).should be_empty
+        assigns(:orders).should be_nil
         response.should be_forbidden
       end
     end
@@ -47,7 +47,7 @@ describe OrdersController do
     describe "When not logged in" do
       it "assigns all orders as @orders" do
         get :index
-        assigns(:orders).should be_empty
+        assigns(:orders).should be_nil
         response.should redirect_to(new_user_session_url)
       end
     end
@@ -143,7 +143,7 @@ describe OrdersController do
       it "should not assign the requested order as @order" do
         get :new, :order_list_id => 1, :purchase_request_id => 1
-        assigns(:order).should_not be_valid
+        assigns(:order).should be_nil
         response.should be_forbidden
       end
     end
@@ -151,7 +151,7 @@ describe OrdersController do
     describe "When not logged in" do
       it "should not assign the requested order as @order" do
         get :new, :order_list_id => 1, :purchase_request_id => 1
-        assigns(:order).should_not be_valid
+        assigns(:order).should be_nil
         response.should redirect_to(new_user_session_url)
       end
     end
@@ -277,7 +277,7 @@ describe OrdersController do
       describe "with valid params" do
         it "assigns a newly created order as @order" do
           post :create, :order => @attrs
-          assigns(:order).should be_valid
+          assigns(:order).should be_nil
         end
         it "should be forbidden" do
@@ -289,7 +289,7 @@ describe OrdersController do
       describe "with invalid params" do
         it "assigns a newly created but unsaved order as @order" do
           post :create, :order => @invalid_attrs
-          assigns(:order).should_not be_valid
+          assigns(:order).should be_nil
         end
         it "should be forbidden" do
@@ -303,7 +303,7 @@ describe OrdersController do
       describe "with valid params" do
         it "assigns a newly created order as @order" do
           post :create, :order => @attrs
-          assigns(:order).should be_valid
+          assigns(:order).should be_nil
         end
         it "should be forbidden" do
@@ -315,7 +315,7 @@ describe OrdersController do
       describe "with invalid params" do
         it "assigns a newly created but unsaved order as @order" do
           post :create, :order => @invalid_attrs
-          assigns(:order).should_not be_valid
+          assigns(:order).should be_nil
         end
         it "should be forbidden" do