openproject-global_roles 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +15 -0
- data/CHANGELOG.md +22 -0
- data/README.md +89 -0
- data/app/assets/javascripts/global_roles/global_roles.js +91 -0
- data/app/assets/javascripts/global_roles/principal_roles.js +51 -0
- data/app/assets/stylesheets/global_roles/global_roles.css +18 -0
- data/app/controllers/principal_roles_controller.rb +139 -0
- data/app/models/global_role.rb +46 -0
- data/app/models/principal_role.rb +29 -0
- data/app/views/principal_roles/_errors.html.erb +13 -0
- data/app/views/principal_roles/_show_table_row.html.erb +28 -0
- data/app/views/principal_roles/index.html.erb +47 -0
- data/app/views/roles/_form.html.erb +52 -0
- data/app/views/roles/_global_attributes.html.erb +12 -0
- data/app/views/roles/_global_form.html.erb +12 -0
- data/app/views/roles/_member_attributes.html.erb +17 -0
- data/app/views/roles/_member_form.html.erb +39 -0
- data/app/views/roles/_permissions.html.erb +27 -0
- data/app/views/roles/edit.html.erb +20 -0
- data/app/views/roles/index.html.erb +57 -0
- data/app/views/roles/new.html.erb +18 -0
- data/app/views/shared/_global_roles_header.html.erb +16 -0
- data/app/views/users/_available_global_role.html.erb +14 -0
- data/app/views/users/_available_global_roles.html.erb +32 -0
- data/app/views/users/_global_roles.html.erb +33 -0
- data/config/locales/de.yml +11 -0
- data/config/locales/en.yml +11 -0
- data/config/routes.rb +14 -0
- data/db/migrate/001_sti_for_roles.rb +34 -0
- data/doc/COPYRIGHT.rdoc +16 -0
- data/doc/GPL.txt +674 -0
- data/lib/open_project/global_roles.rb +16 -0
- data/lib/open_project/global_roles/engine.rb +89 -0
- data/lib/open_project/global_roles/patches.rb +13 -0
- data/lib/open_project/global_roles/patches/access_control_patch.rb +41 -0
- data/lib/open_project/global_roles/patches/permission_patch.rb +49 -0
- data/lib/open_project/global_roles/patches/principal_patch.rb +24 -0
- data/lib/open_project/global_roles/patches/role_patch.rb +47 -0
- data/lib/open_project/global_roles/patches/roles_controller_patch.rb +62 -0
- data/lib/open_project/global_roles/patches/roles_helper_patch.rb +27 -0
- data/lib/open_project/global_roles/patches/user_patch.rb +24 -0
- data/lib/open_project/global_roles/patches/users_controller_patch.rb +34 -0
- data/lib/open_project/global_roles/patches/users_helper_patch.rb +39 -0
- data/lib/open_project/global_roles/principal_allowance_evaluator/global.rb +24 -0
- data/lib/open_project/global_roles/version.rb +16 -0
- data/lib/openproject-global_roles.rb +12 -0
- data/spec/controllers/principal_roles_controller_spec.rb +163 -0
- data/spec/controllers/roles_controller_spec.rb +315 -0
- data/spec/controllers/users_controller_spec.rb +57 -0
- data/spec/factories/global_role_factory.rb +16 -0
- data/spec/factories/principal_role_factory.rb +17 -0
- data/spec/lib/access_control_spec.rb +56 -0
- data/spec/lib/global_roles/principal_allowance_evaluator/global_spec.rb +84 -0
- data/spec/lib/loader_spec.rb +40 -0
- data/spec/lib/permission_spec.rb +41 -0
- data/spec/models/global_role_spec.rb +175 -0
- data/spec/models/principal_role_spec.rb +48 -0
- data/spec/models/principal_spec.rb +38 -0
- data/spec/models/role_spec.rb +43 -0
- data/spec/models/user_spec.rb +20 -0
- data/spec/plugin_spec_helper.rb +152 -0
- data/spec/spec_helper.rb +15 -0
- metadata +152 -0
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
#-- copyright
|
|
2
|
+
# OpenProject is a project management system.
|
|
3
|
+
#
|
|
4
|
+
# Copyright (C) 2010-2013 the OpenProject Team
|
|
5
|
+
#
|
|
6
|
+
# This program is free software; you can redistribute it and/or
|
|
7
|
+
# modify it under the terms of the GNU General Public License version 3.
|
|
8
|
+
#
|
|
9
|
+
# See doc/COPYRIGHT.rdoc for more details.
|
|
10
|
+
#++
|
|
11
|
+
|
|
12
|
+
require File.dirname(__FILE__) + '/../spec_helper'
|
|
13
|
+
|
|
14
|
+
describe UsersController do
|
|
15
|
+
before(:each) do
|
|
16
|
+
@controller.stub!(:require_admin).and_return(true)
|
|
17
|
+
@controller.stub!(:check_if_login_required)
|
|
18
|
+
@controller.stub!(:set_localization)
|
|
19
|
+
@global_roles = [mock_model(GlobalRole), mock_model(GlobalRole)]
|
|
20
|
+
GlobalRole.stub!(:all).and_return(@global_roles)
|
|
21
|
+
user_mock = mock_model User
|
|
22
|
+
user_mock.stub!(:logged?).and_return(true)
|
|
23
|
+
User.stub!(:find).with(any_args()).and_return(user_mock)
|
|
24
|
+
|
|
25
|
+
disable_log_requesting_user
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
describe "get" do
|
|
29
|
+
before :each do
|
|
30
|
+
@params = {"id" => "1"}
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
describe :edit do
|
|
34
|
+
before :each do
|
|
35
|
+
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
describe "RESULT" do
|
|
39
|
+
before :each do
|
|
40
|
+
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
describe "html" do
|
|
44
|
+
before :each do
|
|
45
|
+
get "edit", @params
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
it { response.should be_success }
|
|
49
|
+
it { assigns(:global_roles).should eql @global_roles }
|
|
50
|
+
it { response.should render_template "users/edit"}
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
end
|
|
57
|
+
end
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
#-- copyright
|
|
2
|
+
# OpenProject is a project management system.
|
|
3
|
+
#
|
|
4
|
+
# Copyright (C) 2010-2013 the OpenProject Team
|
|
5
|
+
#
|
|
6
|
+
# This program is free software; you can redistribute it and/or
|
|
7
|
+
# modify it under the terms of the GNU General Public License version 3.
|
|
8
|
+
#
|
|
9
|
+
# See doc/COPYRIGHT.rdoc for more details.
|
|
10
|
+
#++
|
|
11
|
+
|
|
12
|
+
FactoryGirl.define do
|
|
13
|
+
factory :global_role do |gr|
|
|
14
|
+
gr.name "global_role"
|
|
15
|
+
end
|
|
16
|
+
end
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
#-- copyright
|
|
2
|
+
# OpenProject is a project management system.
|
|
3
|
+
#
|
|
4
|
+
# Copyright (C) 2010-2013 the OpenProject Team
|
|
5
|
+
#
|
|
6
|
+
# This program is free software; you can redistribute it and/or
|
|
7
|
+
# modify it under the terms of the GNU General Public License version 3.
|
|
8
|
+
#
|
|
9
|
+
# See doc/COPYRIGHT.rdoc for more details.
|
|
10
|
+
#++
|
|
11
|
+
|
|
12
|
+
FactoryGirl.define do
|
|
13
|
+
factory :principal_role do |pr|
|
|
14
|
+
pr.association :role, :factory => :global_role
|
|
15
|
+
pr.association :principal, :factory => :user
|
|
16
|
+
end
|
|
17
|
+
end
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
#-- copyright
|
|
2
|
+
# OpenProject is a project management system.
|
|
3
|
+
#
|
|
4
|
+
# Copyright (C) 2010-2013 the OpenProject Team
|
|
5
|
+
#
|
|
6
|
+
# This program is free software; you can redistribute it and/or
|
|
7
|
+
# modify it under the terms of the GNU General Public License version 3.
|
|
8
|
+
#
|
|
9
|
+
# See doc/COPYRIGHT.rdoc for more details.
|
|
10
|
+
#++
|
|
11
|
+
|
|
12
|
+
require File.expand_path(File.dirname(__FILE__) + "/../spec_helper")
|
|
13
|
+
|
|
14
|
+
describe Redmine::AccessControl do
|
|
15
|
+
before(:each) do
|
|
16
|
+
stash_access_control_permissions
|
|
17
|
+
|
|
18
|
+
Redmine::AccessControl.map do |map|
|
|
19
|
+
map.permission :proj0, {:dont => :care}, :require => :member
|
|
20
|
+
map.permission :global0, {:dont => :care}, :global => true
|
|
21
|
+
map.permission :proj1, {:dont => :care}
|
|
22
|
+
|
|
23
|
+
map.project_module :global_module do |mod|
|
|
24
|
+
mod.permission :global1, {:dont => :care}, :global => true
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
map.project_module :project_module do |mod|
|
|
28
|
+
mod.permission :proj2, {:dont => :care}
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
map.project_module :mixed_module do |mod|
|
|
32
|
+
mod.permission :proj3, {:dont => :care}
|
|
33
|
+
mod.permission :global2, {:dont => :care}, :global => true
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
after(:each) do
|
|
39
|
+
restore_access_control_permissions
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
describe "class methods" do
|
|
43
|
+
describe :global_permissions do
|
|
44
|
+
it {Redmine::AccessControl.global_permissions.should have(3).items}
|
|
45
|
+
it {Redmine::AccessControl.global_permissions.collect(&:name).should include(:global0)}
|
|
46
|
+
it {Redmine::AccessControl.global_permissions.collect(&:name).should include(:global1)}
|
|
47
|
+
it {Redmine::AccessControl.global_permissions.collect(&:name).should include(:global2)}
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
describe :available_project_modules do
|
|
51
|
+
it {Redmine::AccessControl.available_project_modules.include?(:global_module).should be_false }
|
|
52
|
+
it {Redmine::AccessControl.available_project_modules.include?(:global_module).should be_false }
|
|
53
|
+
it {Redmine::AccessControl.available_project_modules.include?(:mixed_module).should be_true }
|
|
54
|
+
end
|
|
55
|
+
end
|
|
56
|
+
end
|
|
@@ -0,0 +1,84 @@
|
|
|
1
|
+
#-- copyright
|
|
2
|
+
# OpenProject is a project management system.
|
|
3
|
+
#
|
|
4
|
+
# Copyright (C) 2010-2013 the OpenProject Team
|
|
5
|
+
#
|
|
6
|
+
# This program is free software; you can redistribute it and/or
|
|
7
|
+
# modify it under the terms of the GNU General Public License version 3.
|
|
8
|
+
#
|
|
9
|
+
# See doc/COPYRIGHT.rdoc for more details.
|
|
10
|
+
#++
|
|
11
|
+
|
|
12
|
+
require File.dirname(__FILE__) + '/../../../spec_helper'
|
|
13
|
+
|
|
14
|
+
describe OpenProject::GlobalRoles::PrincipalAllowanceEvaluator::Global do
|
|
15
|
+
|
|
16
|
+
let(:klass) { OpenProject::GlobalRoles::PrincipalAllowanceEvaluator::Global }
|
|
17
|
+
let(:user) { FactoryGirl.build(:user) }
|
|
18
|
+
let(:filter) { klass.new user }
|
|
19
|
+
let(:member) { FactoryGirl.build(:member) }
|
|
20
|
+
let(:principal_role) { FactoryGirl.build(:principal_role,
|
|
21
|
+
:role => role) }
|
|
22
|
+
let(:principal_role2) { FactoryGirl.build(:principal_role) }
|
|
23
|
+
let(:role) { FactoryGirl.build(:global_role) }
|
|
24
|
+
let(:project) { FactoryGirl.build(:project) }
|
|
25
|
+
|
|
26
|
+
describe :granted_for_project? do
|
|
27
|
+
it { filter.granted_for_project?(member, :action, project).should be_false }
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
describe :denied_for_project? do
|
|
31
|
+
it { filter.denied_for_project?(member, :action, project).should be_false }
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
describe :granted_for_global? do
|
|
35
|
+
describe "WHEN checking a Member" do
|
|
36
|
+
it { filter.granted_for_global?(member, :action, {}).should be_false }
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
describe "WHEN checking a PrincipalRole
|
|
40
|
+
WHEN the PrincipalRole has a Role that is allowed the action" do
|
|
41
|
+
before do
|
|
42
|
+
role.permissions = [:action]
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
it { filter.granted_for_global?(principal_role, :action, {}).should be_true }
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
describe "WHEN checking a PrincipalRole
|
|
49
|
+
WHEN the PrincipalRole has a Role that is not allowed the action" do
|
|
50
|
+
it { filter.granted_for_global?(principal_role, :action, {}).should be_false }
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
describe :denied_for_global? do
|
|
55
|
+
it { filter.denied_for_global?(principal_role, :action, {}).should be_false }
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
describe :project_granting_candidates do
|
|
59
|
+
it { filter.project_granting_candidates(project).should =~ [] }
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
describe :global_granting_candidates do
|
|
63
|
+
describe "WHEN the user has a PrincipalRole assigned" do
|
|
64
|
+
before do
|
|
65
|
+
user.principal_roles = [principal_role]
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
it { filter.global_granting_candidates =~ [principal_role] }
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
describe "WHEN the user has multiple PrincipalRole assigned" do
|
|
72
|
+
before do
|
|
73
|
+
user.principal_roles = [principal_role, principal_role2]
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
it { filter.global_granting_candidates =~ [principal_role, principal_role2] }
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
describe "WHEN the user has no PrincipalRoles assigned" do
|
|
80
|
+
it { filter.global_granting_candidates =~ [] }
|
|
81
|
+
end
|
|
82
|
+
end
|
|
83
|
+
end
|
|
84
|
+
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
#-- copyright
|
|
2
|
+
# OpenProject is a project management system.
|
|
3
|
+
#
|
|
4
|
+
# Copyright (C) 2010-2013 the OpenProject Team
|
|
5
|
+
#
|
|
6
|
+
# This program is free software; you can redistribute it and/or
|
|
7
|
+
# modify it under the terms of the GNU General Public License version 3.
|
|
8
|
+
#
|
|
9
|
+
# See doc/COPYRIGHT.rdoc for more details.
|
|
10
|
+
#++
|
|
11
|
+
|
|
12
|
+
require File.dirname(__FILE__) + '/../spec_helper'
|
|
13
|
+
|
|
14
|
+
describe Redmine::DefaultData::Loader do
|
|
15
|
+
|
|
16
|
+
describe :load do
|
|
17
|
+
before :each do
|
|
18
|
+
stash_access_control_permissions
|
|
19
|
+
create_non_member_role
|
|
20
|
+
create_anonymous_role
|
|
21
|
+
Redmine::DefaultData::Loader.load
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
after(:each) do
|
|
25
|
+
restore_access_control_permissions
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
#describes only the results of load in the db
|
|
29
|
+
it {Role.find_by_name(I18n.t(:default_role_manager)).attributes["type"].should eql "Role"}
|
|
30
|
+
|
|
31
|
+
if Redmine::VERSION::MAJOR < 1
|
|
32
|
+
it {Role.find_by_name(I18n.t(:default_role_developper)).attributes["type"].should eql "Role"} #[sic]
|
|
33
|
+
else
|
|
34
|
+
it {Role.find_by_name(I18n.t(:default_role_developer)).attributes["type"].should eql "Role"} #[sic]
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
it {Role.find_by_name(I18n.t(:default_role_reporter)).attributes["type"].should eql "Role"}
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
end
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
#-- copyright
|
|
2
|
+
# OpenProject is a project management system.
|
|
3
|
+
#
|
|
4
|
+
# Copyright (C) 2010-2013 the OpenProject Team
|
|
5
|
+
#
|
|
6
|
+
# This program is free software; you can redistribute it and/or
|
|
7
|
+
# modify it under the terms of the GNU General Public License version 3.
|
|
8
|
+
#
|
|
9
|
+
# See doc/COPYRIGHT.rdoc for more details.
|
|
10
|
+
#++
|
|
11
|
+
|
|
12
|
+
require File.expand_path(File.dirname(__FILE__) + "/../spec_helper")
|
|
13
|
+
|
|
14
|
+
describe Redmine::AccessControl::Permission do
|
|
15
|
+
describe "WHEN setting global permission" do
|
|
16
|
+
describe "creating with", :new do
|
|
17
|
+
before {@permission = Redmine::AccessControl::Permission.new(:perm, {:cont => [:action]}, {:global => true})}
|
|
18
|
+
describe :global? do
|
|
19
|
+
it {@permission.global?.should be_true}
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
describe "setting non_global" do
|
|
25
|
+
describe "creating with", :new do
|
|
26
|
+
before {@permission = Redmine::AccessControl::Permission.new :perm, {:cont => [:action]}, {:global => false}}
|
|
27
|
+
|
|
28
|
+
describe :global? do
|
|
29
|
+
it {@permission.global?.should be_false}
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
describe "creating with", :new do
|
|
34
|
+
before {@permission = Redmine::AccessControl::Permission.new :perm, {:cont => [:action]}, {}}
|
|
35
|
+
|
|
36
|
+
describe :global? do
|
|
37
|
+
it {@permission.global?.should be_false}
|
|
38
|
+
end
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
end
|
|
@@ -0,0 +1,175 @@
|
|
|
1
|
+
#-- copyright
|
|
2
|
+
# OpenProject is a project management system.
|
|
3
|
+
#
|
|
4
|
+
# Copyright (C) 2010-2013 the OpenProject Team
|
|
5
|
+
#
|
|
6
|
+
# This program is free software; you can redistribute it and/or
|
|
7
|
+
# modify it under the terms of the GNU General Public License version 3.
|
|
8
|
+
#
|
|
9
|
+
# See doc/COPYRIGHT.rdoc for more details.
|
|
10
|
+
#++
|
|
11
|
+
|
|
12
|
+
require File.expand_path(File.dirname(__FILE__) + "/../spec_helper")
|
|
13
|
+
|
|
14
|
+
describe GlobalRole do
|
|
15
|
+
before {GlobalRole.create :name => "globalrole", :permissions => ["permissions"]} # for validate_uniqueness_of
|
|
16
|
+
|
|
17
|
+
it {should have_many :principals}
|
|
18
|
+
it {should have_many :principal_roles}
|
|
19
|
+
it {should validate_presence_of :name}
|
|
20
|
+
it {should validate_uniqueness_of :name}
|
|
21
|
+
it {should ensure_length_of(:name).is_at_most(30)}
|
|
22
|
+
|
|
23
|
+
describe "attributes" do
|
|
24
|
+
before {@role = GlobalRole.new}
|
|
25
|
+
|
|
26
|
+
subject {@role}
|
|
27
|
+
|
|
28
|
+
it {should respond_to :name}
|
|
29
|
+
it {should respond_to :permissions}
|
|
30
|
+
it {should respond_to :position}
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
describe "class methods" do
|
|
34
|
+
describe "WITH available global permissions defined" do
|
|
35
|
+
before (:each) do
|
|
36
|
+
@permission_options = [:perm1, :perm2, :perm3]
|
|
37
|
+
Redmine::AccessControl.stub!(:global_permissions).and_return(@permission_options)
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
describe :setable_permissions do
|
|
41
|
+
it {GlobalRole.setable_permissions.should eql @permission_options}
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
describe "instance methods" do
|
|
47
|
+
before (:each) do
|
|
48
|
+
@role = GlobalRole.new
|
|
49
|
+
|
|
50
|
+
if costs_plugin_loaded?
|
|
51
|
+
@perm = Object.new
|
|
52
|
+
Redmine::AccessControl.stub!(:permission).and_return @perm
|
|
53
|
+
@perm.stub!(:inherited_by).and_return([])
|
|
54
|
+
@perm.stub!(:name).and_return(:perm)
|
|
55
|
+
@perm.stub!(:inherits).and_return([])
|
|
56
|
+
end
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
describe "WITH no attributes set" do
|
|
60
|
+
before (:each) do
|
|
61
|
+
@role = GlobalRole.new
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
describe :permissions do
|
|
65
|
+
subject {@role.permissions}
|
|
66
|
+
|
|
67
|
+
it {should be_an_instance_of(Array)}
|
|
68
|
+
it {should have(0).items}
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
describe :permissions= do
|
|
72
|
+
describe "WITH parameter" do
|
|
73
|
+
before {@role.should_receive(:write_attribute).with(:permissions, [:perm1, :perm2])}
|
|
74
|
+
|
|
75
|
+
it "should write permissions" do
|
|
76
|
+
@role.permissions = [:perm1, :perm2]
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
it "should write permissions only once" do
|
|
80
|
+
@role.permissions = [:perm1, :perm2, :perm2]
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
it "should write permissions as symbols" do
|
|
84
|
+
@role.permissions = ["perm1", "perm2"]
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
it "should remove empty perms" do
|
|
88
|
+
@role.permissions = [:perm1, :perm2, "", nil]
|
|
89
|
+
end
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
describe "WITHOUT parameter" do
|
|
93
|
+
before {@role.should_receive(:write_attribute).with(:permissions, nil)}
|
|
94
|
+
|
|
95
|
+
it "should write permissions" do
|
|
96
|
+
@role.permissions = nil
|
|
97
|
+
end
|
|
98
|
+
end
|
|
99
|
+
end
|
|
100
|
+
|
|
101
|
+
describe :has_permission? do
|
|
102
|
+
it {@role.has_permission?(:perm).should be_false}
|
|
103
|
+
end
|
|
104
|
+
|
|
105
|
+
describe :allowed_to? do
|
|
106
|
+
describe "WITH requested permission" do
|
|
107
|
+
it {@role.allowed_to?(:perm1).should be_false}
|
|
108
|
+
end
|
|
109
|
+
end
|
|
110
|
+
end
|
|
111
|
+
|
|
112
|
+
describe "WITH set permissions" do
|
|
113
|
+
before{ @role = GlobalRole.new :permissions => [:perm1, :perm2, :perm3]}
|
|
114
|
+
|
|
115
|
+
describe :has_permission? do
|
|
116
|
+
it {@role.has_permission?(:perm1).should be_true}
|
|
117
|
+
it {@role.has_permission?("perm1").should be_true}
|
|
118
|
+
it {@role.has_permission?(:perm5).should be_false}
|
|
119
|
+
end
|
|
120
|
+
|
|
121
|
+
describe :allowed_to? do
|
|
122
|
+
describe "WITH requested permission" do
|
|
123
|
+
it {@role.allowed_to?(:perm1).should be_true}
|
|
124
|
+
it {@role.allowed_to?(:perm5).should be_false}
|
|
125
|
+
end
|
|
126
|
+
end
|
|
127
|
+
end
|
|
128
|
+
|
|
129
|
+
describe "WITH available global permissions defined" do
|
|
130
|
+
before (:each) do
|
|
131
|
+
@role = GlobalRole.new
|
|
132
|
+
@permission_options = [:perm1, :perm2, :perm3]
|
|
133
|
+
Redmine::AccessControl.stub!(:global_permissions).and_return(@permission_options)
|
|
134
|
+
end
|
|
135
|
+
|
|
136
|
+
describe :setable_permissions do
|
|
137
|
+
it {@role.setable_permissions.should eql @permission_options}
|
|
138
|
+
end
|
|
139
|
+
end
|
|
140
|
+
|
|
141
|
+
describe "WITH set name" do
|
|
142
|
+
before{ @role = GlobalRole.new :name => "name"}
|
|
143
|
+
|
|
144
|
+
describe :to_s do
|
|
145
|
+
it {@role.to_s.should eql("name")}
|
|
146
|
+
end
|
|
147
|
+
end
|
|
148
|
+
|
|
149
|
+
describe :destroy do
|
|
150
|
+
before {@role = GlobalRole.create :name => "global"}
|
|
151
|
+
|
|
152
|
+
it {@role.destroy}
|
|
153
|
+
end
|
|
154
|
+
|
|
155
|
+
describe :assignable do
|
|
156
|
+
it {@role.assignable.should be_false}
|
|
157
|
+
end
|
|
158
|
+
|
|
159
|
+
describe :assignable= do
|
|
160
|
+
it {lambda {@role.assignable = true}.should raise_error ArgumentError}
|
|
161
|
+
it {lambda {@role.assignable = false}.should_not raise_error ArgumentError}
|
|
162
|
+
end
|
|
163
|
+
|
|
164
|
+
describe :assignable_to? do
|
|
165
|
+
before(:each) do
|
|
166
|
+
@role = FactoryGirl.build(:global_role)
|
|
167
|
+
@user = FactoryGirl.build(:user)
|
|
168
|
+
end
|
|
169
|
+
it "always true global roles for now" do
|
|
170
|
+
@role.assignable_to?(@user).should be_true
|
|
171
|
+
end
|
|
172
|
+
end
|
|
173
|
+
end
|
|
174
|
+
|
|
175
|
+
end
|