saasy 0.0.1

data/spec/controllers/memberships_controller_spec.rb

@@ -0,0 +1,117 @@
+require 'spec_helper'
+
+describe MembershipsController, "routes" do
+  it { should route(:get, "/accounts/abc/memberships").
+                to(:action => :index, :account_id => 'abc') }
+  it { should route(:get, "/accounts/xyz/memberships/abc/edit").
+                to(:action => :edit, :account_id => 'xyz', :id => 'abc') }
+  it { should route(:put, "/accounts/xyz/memberships/abc").
+                to(:action => :update, :account_id => 'xyz', :id => 'abc') }
+  it { should route(:delete, "/accounts/xyz/memberships/abc").
+                to(:action => :destroy, :account_id => 'xyz', :id => 'abc') }
+end
+
+describe MembershipsController, "permissions", :as => :account_member do
+  let(:membership) { Factory(:membership, :account => account) }
+  it { should deny_access.
+                on(:get, :index, :account_id => account.to_param).
+                flash(/admin/) }
+  it { should deny_access.
+                on(:get, :edit, :id         => membership.to_param,
+                                :account_id => account.to_param).
+                flash(/admin/) }
+end
+
+describe MembershipsController, "index", :as => :account_admin do
+  let(:memberships) { [Factory.stub(:membership), Factory.stub(:membership)] }
+
+  before do
+    Account.stubs(:find_by_keyword! => account)
+    account.stubs(:memberships_by_name => memberships)
+    get :index, :account_id => account.to_param
+  end
+
+  it "renders the index template" do
+    should respond_with(:success)
+    should render_template(:index)
+  end
+
+  it "assigns memberships by name" do
+    account.should have_received(:memberships_by_name)
+    should assign_to(:memberships).with(memberships)
+  end
+end
+
+describe MembershipsController, "edit", :as => :account_admin do
+  let(:edited_membership) { Factory.stub(:membership, :account => account) }
+  let(:projects) { [Factory.stub(:project)] }
+
+  before do
+    Membership.stubs(:find => edited_membership)
+    account.stubs(:projects_by_name => projects)
+    get :edit, :id => edited_membership.to_param, :account_id => account.to_param
+  end
+
+  it "renders the edit template" do
+    should respond_with(:success)
+    should render_template(:edit)
+  end
+
+  it "assigns projects by name" do
+    account.should have_received(:projects_by_name)
+    should assign_to(:projects).with(projects)
+  end
+
+  it "assigns the membership being edited" do
+    Membership.should have_received(:find).with(edited_membership.to_param,
+                                                :include => :account)
+    should assign_to(:membership).with(edited_membership)
+  end
+end
+
+describe MembershipsController, "update", :as => :account_admin do
+  let(:edited_membership) { Factory.stub(:membership, :account => account) }
+  let(:attributes) { 'some attributes' }
+
+  before do
+    Membership.stubs(:find => edited_membership)
+    edited_membership.stubs(:update_attributes!)
+    put :update, :id         => edited_membership.to_param,
+                 :account_id => account.to_param,
+                 :membership => attributes
+  end
+
+  it "redirects to the account memberships index" do
+    should redirect_to(account_memberships_url(account))
+  end
+
+  it "update the membership" do
+    edited_membership.should have_received(:update_attributes!).with(attributes)
+  end
+
+  it "sets a flash message" do
+    should set_the_flash.to(/update/i)
+  end
+end
+
+describe MembershipsController, "destroy", :as => :account_admin do
+  let(:removed_membership) { Factory.stub(:membership, :account => account) }
+
+  before do
+    Membership.stubs(:find => removed_membership)
+    removed_membership.stubs(:destroy)
+    delete :destroy, :id => removed_membership.to_param, :account_id => account.to_param
+  end
+
+  it "redirects to the account memberships index" do
+    should redirect_to(account_memberships_url(account))
+  end
+
+  it "removes the membership" do
+    removed_membership.should have_received(:destroy)
+  end
+
+  it "sets a flash message" do
+    should set_the_flash.to(/remove/i)
+  end
+end

data/spec/controllers/plans_controller_spec.rb

@@ -0,0 +1,13 @@
+require 'spec_helper'
+
+describe PlansController, "successful update", :as => :account_admin do
+  before do
+    Account.stubs(:find_by_keyword! => account)
+    account.stubs(:save_customer_and_subscription! => true)
+    put :update, :account_id => account.to_param
+  end
+
+  it "notifies observers" do
+    should notify_observers("plan_upgraded", :account => account, :request => request)
+  end
+end

data/spec/controllers/profiles_controller_spec.rb

@@ -0,0 +1,48 @@
+require 'spec_helper'
+
+describe ProfilesController, "routes" do
+  it { should route(:get, "/profile/edit").to(:action => :edit) }
+  it { should route(:put, "/profile").to(:action => :update) }
+end
+
+describe ProfilesController, "signed out" do
+  it { should deny_access.on(:get, :edit) }
+  it { should deny_access.on(:put, :update) }
+end
+
+describe ProfilesController, "edit", :as => :user do
+  before { get :edit }
+  it { should respond_with(:success) }
+  it { should assign_to(:user).with(user) }
+end
+
+describe ProfilesController, "valid update", :as => :user do
+  let(:attributes) { 'attributes' }
+
+  before do
+    user.stubs(:update_attributes => true)
+    put :update, :user => attributes
+  end
+
+  it { should set_the_flash.to(/has been updated/) }
+
+  it "redirects to the user" do
+    should redirect_to(edit_profile_url)
+  end
+
+  it "updates the user" do
+    user.should have_received(:update_attributes).with(attributes)
+  end
+end
+
+describe ProfilesController, "invalid update", :as => :user do
+  before do
+    user.stubs(:update_attributes => false)
+    get :update, :user => { :email => "" }
+  end
+
+  it { should_not set_the_flash }
+  it { should render_template(:edit) }
+  it { should assign_to(:user).with(user) }
+end
+

data/spec/controllers/projects_controller_spec.rb

@@ -0,0 +1,216 @@
+require 'spec_helper'
+
+describe ProjectsController, "routes" do
+  it { should route(:get, "/accounts/abc/projects/new").
+                to(:action => :new, :account_id => 'abc') }
+  it { should route(:post, "/accounts/abc/projects").
+                to(:action => :create, :account_id => 'abc') }
+  it { should route(:get, "/accounts/abc/projects/def/edit").
+                to(:action => :edit, :account_id => 'abc', :id => 'def') }
+  it { should route(:put, "/accounts/abc/projects/def").
+                to(:action => :update, :account_id => 'abc', :id => 'def') }
+  it { should route(:delete, "/accounts/abc/projects/def").
+                to(:action => :destroy, :account_id => 'abc', :id => 'def') }
+  it { should route(:get, "/accounts/abc/projects").
+                to(:action => :index, :account_id => 'abc') }
+end
+
+describe ProjectsController, "new", :as => :account_admin do
+  before do
+    get :new, :account_id => account.to_param
+  end
+
+  it { should respond_with(:success) }
+  it { should render_template(:new) }
+  it { should_not set_the_flash }
+  it { should assign_to( :project) }
+
+  it "has a new project that belongs to account" do
+    assigns(:project).account.should == account
+  end
+end
+
+describe ProjectsController, "#show as another user" do
+  let(:account) { Factory(:account) }
+  let(:user)    { Factory(:user) }
+  let(:project) { Factory(:project, :account => account) }
+  before do
+    sign_in_as(user)
+    get :show, :account_id => account.to_param, :id => project.to_param
+  end
+
+  it { should respond_with(:redirect) }
+  it { should set_the_flash.to(/do not have permission/) }
+end
+
+describe ProjectsController, "create", :as => :account_admin do
+  before do
+    @project_count = Project.count
+    post :create,
+         :project    => Factory.attributes_for(:project),
+         :account_id => account.to_param
+  end
+
+  it "should change Project count by 1" do
+    Project.count.should == @project_count + 1
+  end
+
+  it "should place the new project into the account" do
+    Project.last.account.should == account
+  end
+
+  it "should redirect to the edit page" do
+    should redirect_to(controller.project_url(assigns(:project)))
+  end
+end
+
+describe ProjectsController, "edit", :as => :project_admin do
+  before do
+    get :edit, :id => project.to_param, :account_id => account.to_param
+  end
+
+  it { should respond_with(:success) }
+  it { should render_template(:edit) }
+  it { should_not set_the_flash }
+  it { should assign_to(:project) }
+end
+
+describe ProjectsController, "update", :as => :project_admin do
+  before do
+    put :update, :project    => Factory.attributes_for(:project),
+                 :id         => project.to_param,
+                 :account_id => account.to_param
+  end
+
+  it "should redirect to account_projects_url" do
+    should redirect_to(account_projects_url(account))
+  end
+end
+
+describe ProjectsController, "update with account that you don't have access to", :as => :project_admin do
+  before do
+    put :update, :project    => Factory.attributes_for(:project, :account_id => Factory(:account).id),
+                 :id         => project.to_param,
+                 :account_id => account.to_param
+  end
+
+  it "should show an error" do
+    should set_the_flash.to(/permission/i)
+  end
+
+  it "should redirect to account_projects_url" do
+    should redirect_to(account_projects_url(account))
+  end
+end
+
+describe ProjectsController, "create with account that you don't have access to", :as => :account_admin do
+  before do
+    post :create,
+         :project    => Factory.attributes_for(:project, :account_id => Factory(:account).id),
+         :account_id => account.to_param
+  end
+
+  it "should show an error" do
+    should set_the_flash.to(/permission/i)
+  end
+
+  it "should redirect to account_projects_url" do
+    should redirect_to(account_projects_url(account))
+  end
+end
+
+describe ProjectsController, "edit with account that you don't have access to", :as => :project_admin do
+  before do
+    get :edit, :id => project.to_param, :account_id => account.to_param, :project => { :account_id => Factory(:account).id }
+  end
+
+  it "should show an error" do
+    should set_the_flash.to(/permission/i)
+  end
+
+  it "should redirect to account_projects_url" do
+    should redirect_to(account_projects_url(account))
+  end
+end
+
+describe ProjectsController, "edit with account that you have access to", :as => :project_admin do
+  before do
+    @other_account = Factory(:account)
+    Factory(:membership, :user => current_user, :account => @other_account, :admin => true)
+    get :edit, :id => project.to_param, :account_id => account.to_param, :project => { :account_id => @other_account.id }
+  end
+
+  it { should assign_to(:project) }
+
+  it "sets the new account on the project" do
+    assigns(:project).account.should == @other_account
+  end
+end
+
+describe ProjectsController, "destroy", :as => :project_admin do
+  before do
+    delete :destroy, :id => project.to_param, :account_id => account.to_param
+  end
+
+  it { should set_the_flash.to(/deleted/) }
+  it { should assign_to(:project) }
+
+  it "should redirect to account_projects_url" do
+    should redirect_to(account_projects_url(account))
+  end
+end
+
+describe ProjectsController, "index", :as => :account_admin do
+  let(:projects) { ['one', 'two'] }
+
+  before do
+    projects.stubs(:archived => projects, :active => projects)
+    Account.stubs(:find_by_keyword! => account)
+    account.stubs(:projects => projects)
+    get :index, :account_id => account.to_param
+  end
+
+  it "renders the index template" do
+    should respond_with(:success)
+    should render_template(:index)
+  end
+
+  it "assigns projects" do
+    account.should have_received(:projects).times(2)
+    should assign_to(:active_projects).with(projects)
+    should assign_to(:archived_projects).with(projects)
+  end
+end
+
+describe ProjectsController, "as a non-admin", :as => :project_member do
+  it { should deny_access.on(:get, :edit, :id         => project.to_param,
+                                          :account_id => account.to_param).
+                          flash(/admin/) }
+
+  it { should deny_access.on(:put, :update, :id         => project.to_param,
+                                            :account_id => account.to_param).
+                          flash(/admin/) }
+
+  it { should deny_access.on(:delete, :destroy, :id         => project.to_param,
+                                                :account_id => account.to_param).
+                          flash(/admin/) }
+
+  it { should deny_access.on(:get, :new, :account_id => account.to_param).flash(/admin/) }
+
+  it { should deny_access.on(:post, :create, :account_id => account.to_param).
+                          flash(/admin/) }
+end
+
+describe ProjectsController, "show for a duplicate project keyword", :as => :project_admin do
+  before do
+    Factory(:project, :keyword => "test")
+
+    account = Factory(:account)
+    project = Factory(:project, :account => account, :keyword => "test")
+    sign_in_as_non_admin_of_project(project)
+    get :show, :id => "test", :account_id => account.to_param
+  end
+
+  it { should respond_with(:success) }
+  it { should_not set_the_flash }
+end

data/spec/environment.rb

@@ -0,0 +1,95 @@
+PROJECT_ROOT = File.expand_path("../..", __FILE__)
+$LOAD_PATH << File.join(PROJECT_ROOT, "lib")
+
+require 'rails/all'
+require 'saucy'
+require 'clearance'
+require 'factory_girl'
+require 'bourne'
+
+FileUtils.rm_f(File.join(PROJECT_ROOT, 'tmp', 'test.sqlite3'))
+
+class ApplicationController < ActionController::Base
+  include Clearance::Authentication
+  include Saucy::AccountAuthorization
+end
+
+class ProjectsController < ApplicationController
+  include Saucy::ProjectsController
+end
+
+class User < ActiveRecord::Base
+  include Clearance::User
+  include Saucy::User
+end
+
+class Plan < ActiveRecord::Base
+  include Saucy::Plan
+end
+
+module Testapp
+  class Application < Rails::Application
+    config.action_mailer.default_url_options = { :host => 'localhost' }
+    config.encoding = "utf-8"
+    config.paths.config.database = "spec/scaffold/config/database.yml"
+    config.paths.app.models << "lib/generators/saucy/install/templates/models"
+    config.paths.config.routes << "spec/scaffold/config/routes.rb"
+    config.paths.app.views << "spec/scaffold/views"
+    config.paths.log = "tmp/log"
+    config.cache_classes = true
+    config.whiny_nils = true
+    config.consider_all_requests_local = true
+    config.action_controller.perform_caching = false
+    config.action_dispatch.show_exceptions = false
+    config.action_controller.allow_forgery_protection = false
+    config.action_mailer.delivery_method = :test
+    config.active_support.deprecation = :stderr
+  end
+end
+
+Testapp::Application.initialize!
+
+require "lib/generators/saucy/features/templates/factories"
+require "lib/generators/saucy/install/templates/create_saucy_tables"
+
+class ClearanceCreateUsers < ActiveRecord::Migration
+  def self.up
+    create_table(:users) do |t|
+      t.string   :email
+      t.string   :encrypted_password, :limit => 128
+      t.string   :salt,               :limit => 128
+      t.string   :confirmation_token, :limit => 128
+      t.string   :remember_token,     :limit => 128
+      t.boolean  :email_confirmed, :default => false, :null => false
+      t.timestamps
+    end
+
+    add_index :users, :email
+    add_index :users, :remember_token
+  end
+end
+
+class ClearanceMailer
+  def self.change_password(user)
+    new
+  end
+
+  def self.confirmation(user)
+    new
+  end
+
+  def self.deliver_change_password(user)
+  end
+
+  def self.deliver_confirmation(user)
+  end
+
+  def deliver
+  end
+end
+
+Clearance.configure do |config|
+end
+
+ClearanceCreateUsers.suppress_messages { ClearanceCreateUsers.migrate(:up) }
+CreateSaucyTables.suppress_messages { CreateSaucyTables.migrate(:up) }