RubyGems - worthwhile - Versions diffs - 0.0.1.alpha → 0.0.1 - Mend

worthwhile 0.0.1.alpha → 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (316) hide show

data/spec/controllers/curation_concern/generic_works_controller_spec.rb ADDED Viewed

@@ -0,0 +1,171 @@
+require 'spec_helper'
+describe CurationConcern::GenericWorksController do
+  let(:public_work_factory_name) { :public_generic_work }
+  let(:private_work_factory_name) { :work }
+  let(:user) { FactoryGirl.create(:user) }
+  before { sign_in user }
+  describe "#show" do
+    context "my own private work" do
+      let(:a_work) { FactoryGirl.create(private_work_factory_name, user: user) }
+      it "should show me the page" do
+        get :show, id: a_work
+        expect(response).to be_success
+      end
+    end
+    context "someone elses private work" do
+      let(:a_work) { FactoryGirl.create(private_work_factory_name) }
+      it "should show 401 Unauthorized" do
+        get :show, id: a_work
+        expect(response.status).to eq 401
+        expect(response).to render_template(:unauthorized)
+      end
+    end
+    context "someone elses public work" do
+      let(:a_work) { FactoryGirl.create(public_work_factory_name) }
+      it "should show me the page" do
+        get :show, id: a_work
+        expect(response).to be_success
+      end
+    end
+    context "when I am a repository manager" do
+      before { allow_any_instance_of(User).to receive(:groups).and_return(['admin']) }
+      let(:a_work) { FactoryGirl.create(private_work_factory_name) }
+      it "someone elses private work should show me the page" do
+        get :show, id: a_work
+        expect(response).to be_success
+      end
+    end
+  end
+  describe "#new" do
+    context "my work" do
+      it "should show me the page" do
+        get :new
+        expect(response).to be_success
+      end
+    end
+  end
+  describe "#create" do
+    it "should create a work" do
+      expect {
+        post :create, accept_contributor_agreement: "accept", generic_work: { title: ["a title"] }
+      }.to change { GenericWork.count }.by(1)
+      expect(response).to redirect_to [:curation_concern, assigns[:curation_concern]]
+    end
+  end
+  describe "#edit" do
+    context "my own private work" do
+      let(:a_work) { FactoryGirl.create(private_work_factory_name, user: user) }
+      it "should show me the page" do
+        get :edit, id: a_work
+        expect(response).to be_success
+      end
+    end
+    context "someone elses private work" do
+      let(:a_work) { FactoryGirl.create(private_work_factory_name) }
+      it "should show 401 Unauthorized" do
+        get :edit, id: a_work
+        expect(response.status).to eq 401
+        expect(response).to render_template(:unauthorized)
+      end
+    end
+    context "someone elses public work" do
+      let(:a_work) { FactoryGirl.create(public_work_factory_name) }
+      it "should show me the page" do
+        get :edit, id: a_work
+        expect(response.status).to eq 401
+        expect(response).to render_template(:unauthorized)
+      end
+    end
+    context "when I am a repository manager" do
+      before { allow_any_instance_of(User).to receive(:groups).and_return(['admin']) }
+      let(:a_work) { FactoryGirl.create(private_work_factory_name) }
+      it "someone elses private work should show me the page" do
+        get :edit, id: a_work
+        expect(response).to be_success
+      end
+    end
+  end
+  describe "#update" do
+    let(:a_work) { FactoryGirl.create(private_work_factory_name, user: user) }
+    it "should update the work " do
+      patch :update, id: a_work, generic_work: {  }
+      expect(response).to redirect_to [:curation_concern, assigns[:curation_concern]]
+    end
+    describe "changing rights" do
+      it "should prompt to change the files access" do
+        allow(controller).to receive(:actor).and_return(double(update: true, visibility_changed?: true))
+        patch :update, id: a_work
+        expect(response).to redirect_to confirm_curation_concern_permission_path(controller.curation_concern)
+      end
+    end
+    describe "failure" do
+      it "renders the form" do
+        allow(controller).to receive(:actor).and_return(double(update: false, visibility_changed?: false))
+        patch :update, id: a_work
+        expect(response).to render_template('edit')
+      end
+    end
+    context "someone elses public work" do
+      let(:a_work) { FactoryGirl.create(public_work_factory_name) }
+      it "should show 401 Unauthorized" do
+        get :update, id: a_work
+        expect(response.status).to eq 401
+        expect(response).to render_template(:unauthorized)
+      end
+    end
+    context "when I am a repository manager" do
+      before { allow_any_instance_of(User).to receive(:groups).and_return(['admin']) }
+      let(:a_work) { FactoryGirl.create(private_work_factory_name) }
+      it "someone elses private work should update the work" do
+        patch :update, id: a_work, generic_work: {  }
+        expect(response).to redirect_to [:curation_concern, assigns[:curation_concern]]
+      end
+    end
+  end
+  describe "#destroy" do
+    let(:work_to_be_deleted) { FactoryGirl.create(private_work_factory_name, user: user) }
+    it "should delete the work" do
+      delete :destroy, id: work_to_be_deleted
+      expect(response).to redirect_to catalog_index_path()
+      expect { GenericWork.find(work_to_be_deleted.pid) }.to raise_error
+    end
+    context "someone elses public work" do
+      let(:work_to_be_deleted) { FactoryGirl.create(private_work_factory_name) }
+      it "should show 401 Unauthorized" do
+        delete :destroy, id: work_to_be_deleted
+        expect(response.status).to eq 401
+        expect(response).to render_template(:unauthorized)
+      end
+    end
+    context "when I am a repository manager" do
+      let(:work_to_be_deleted) { FactoryGirl.create(private_work_factory_name) }
+      before { allow_any_instance_of(User).to receive(:groups).and_return(['admin']) }
+      it "someone elses private work should delete the work" do
+        delete :destroy, id: work_to_be_deleted
+        expect { GenericWork.find(work_to_be_deleted.pid) }.to raise_error
+      end
+    end
+  end
+end

data/spec/controllers/curation_concern/linked_resources_controller_spec.rb ADDED Viewed

@@ -0,0 +1,123 @@
+require 'spec_helper'
+describe CurationConcern::LinkedResourcesController do
+  let(:user) { FactoryGirl.create(:user) }
+  let(:another_user) { FactoryGirl.create(:user) }
+  let(:visibility) { Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_PRIVATE }
+  let(:parent) {
+    FactoryGirl.create_curation_concern(:generic_work, user, {visibility: visibility})
+  }
+  let(:linked_resource) { FactoryGirl.create(:linked_resource, batch: parent, user: user) }
+  let(:you_tube_link) { 'http://www.youtube.com/watch?v=oHg5SJYRHA0' }
+  describe '#new' do
+    it 'renders a form if you can edit the parent' do
+      sign_in(user)
+      parent
+      get :new, parent_id: parent.to_param
+      expect(response).to be_successful
+      expect(response).to render_template(:new)
+    end
+    it 'redirects if you cannot edit the parent' do
+      sign_in(another_user)
+      parent
+      get :new, parent_id: parent.to_param
+      expect(response.status).to eq 401
+      expect(response).to render_template(:unauthorized)
+    end
+  end
+  describe '#create' do
+    let(:actor) { double('actor') }
+    let(:actors_action) { :create }
+    let(:success) { true }
+    let(:failure) { false }
+    it 'redirects to the parent work' do
+      sign_in(user)
+      parent
+      expect(actor).to receive(actors_action).and_return(success)
+      controller.actor = actor
+      post(:create, parent_id: parent.to_param,
+           linked_resource: { url: you_tube_link }
+           )
+      expect(response).to(
+        redirect_to(controller.polymorphic_path([:curation_concern, parent]))
+      )
+    end
+    describe 'failure' do
+      it 'renders the form' do
+        sign_in(user)
+        parent
+        expect(actor).to receive(actors_action).and_return(failure)
+        controller.actor = actor
+        post(:create, parent_id: parent.to_param,
+             linked_resource: { url: you_tube_link }
+             )
+        expect(response).to render_template('new')
+        expect(response.status).to eq 422
+      end
+    end
+  end
+    describe '#edit' do
+      it 'should be successful' do
+        linked_resource
+        sign_in user
+        get :edit, id: linked_resource.to_param
+        expect(controller.curation_concern).to be_kind_of(Worthwhile::LinkedResource)
+        expect(response).to be_successful
+      end
+    end
+    describe '#update' do
+      let(:updated_title) { Time.now.to_s }
+      let(:failing_actor) {
+        expect(actor).to receive(:update).and_return(false)
+        actor
+      }
+      let(:successful_actor) {
+        expect(actor).to receive(:update).and_return(true)
+        actor
+      }
+      let(:actor) { double('actor') }
+      it 'renders form when unsuccessful' do
+        linked_resource
+        controller.actor = failing_actor
+        sign_in(user)
+        put :update, id: linked_resource.to_param, linked_resource: {title: updated_title}
+        expect(response).to render_template('edit')
+        expect(response.status).to eq 422
+      end
+      it 'redirects to parent when successful' do
+        linked_resource
+        controller.actor = successful_actor
+        sign_in(user)
+        put :update, id: linked_resource.to_param, linked_resource: {title: updated_title}
+        expect(response.status).to eq(302)
+        expect(response).to(
+          redirect_to(
+            controller.polymorphic_path([:curation_concern, linked_resource.batch])
+          )
+        )
+      end
+  end
+  describe '#destroy' do
+    it 'should be successful if file exists' do
+      parent = linked_resource.batch
+      sign_in(user)
+      delete :destroy, id: linked_resource.to_param
+      expect(response.status).to eq(302)
+      expect(response).to redirect_to(controller.polymorphic_path([:curation_concern, parent]))
+    end
+  end
+end

data/spec/controllers/curation_concern/permissions_controller_spec.rb ADDED Viewed

@@ -0,0 +1,29 @@
+require 'spec_helper'
+describe CurationConcern::PermissionsController do
+  let(:user) { FactoryGirl.create(:user) }
+  before { sign_in user }
+  describe "#confirm" do
+    let(:generic_work) { FactoryGirl.create(:generic_work, user: user) }
+    it "should draw the page" do
+      get :confirm, id: generic_work
+      expect(response).to be_success
+    end
+  end
+  describe "#copy" do
+    let(:generic_work) { FactoryGirl.create(:generic_work, user: user) }
+    it "should add a worker to the queue" do
+      worker = double
+      VisibilityCopyWorker.should_receive(:new).with(generic_work.pid).and_return(worker)
+      Sufia.queue.should_receive(:push).with(worker)
+      post :copy, id: generic_work
+      expect(response).to redirect_to controller.polymorphic_path([:curation_concern, generic_work])
+      expect(flash[:notice]).to eq 'Updating file permissions. This may take a few minutes. You may want to refresh your browser or return to this record later to see the updated file permissions.'
+    end
+  end
+end

data/spec/controllers/downloads_controller_spec.rb ADDED Viewed

@@ -0,0 +1,53 @@
+require 'spec_helper'
+describe DownloadsController do
+  describe '#show' do
+    let(:user) { FactoryGirl.create(:user) }
+    let(:another_user) { FactoryGirl.create(:user) }
+    let(:image_file) { File.open(Rails.root.join('../fixtures/files/image.png')) }
+    let(:generic_file) {
+      FactoryGirl.create(:file_with_work, user: user, content: worthwhile_fixture_file_upload('files/image.png', 'image/png', false))
+    }
+    it "raise not_found if the object does not exist" do
+      get :show, id: '8675309'
+      expect(response).to be_not_found
+    end
+    context "when user doesn't have access" do
+      before do
+        generic_file
+        sign_in another_user
+      end
+      it "redirects to root" do
+        get :show, id: generic_file.to_param
+        expect(response).to redirect_to root_path
+        expect(flash["alert"]).to eq "You are not authorized to access this page."
+      end
+    end
+    context "when user isn't logged in" do
+      before { generic_file }
+      it "redirects to sign in" do
+        get :show, id: generic_file.to_param
+        expect(response).to redirect_to new_user_session_path
+        expect(flash["alert"]).to eq "You are not authorized to access this page."
+      end
+    end
+    it 'sends the file if the user has access' do
+      generic_file
+      sign_in user
+      get :show, id: generic_file.to_param
+      response.body.should == generic_file.content.content
+    end
+    it 'sends requested datastream content' do
+      generic_file.datastreams['thumbnail'].content = image_file
+      generic_file.save!
+      sign_in user
+      get :show, id: generic_file.to_param, datastream_id: 'thumbnail'
+      response.body.should == generic_file.thumbnail.content
+    end
+  end
+end

data/spec/controllers/embargoes_controller_spec.rb ADDED Viewed

@@ -0,0 +1,107 @@
+require 'spec_helper'
+describe EmbargoesController do
+  let(:user) { FactoryGirl.create(:user) }
+  let(:a_work) { FactoryGirl.create(:generic_work, user: user) }
+  let(:not_my_work) { FactoryGirl.create(:generic_work) }
+  before { sign_in user }
+  describe "#index" do
+    context "when I am NOT a repository manager" do
+      it "should redirect" do
+        get :index
+        expect(response).to redirect_to root_path
+      end
+    end
+    context "when I am a repository manager" do
+      before { allow_any_instance_of(User).to receive(:groups).and_return(['admin']) }
+      it "should show me the page" do
+        get :index
+        expect(response).to be_success
+      end
+    end
+  end
+  describe "#edit" do
+    context "when I do not have edit permissions for the object" do
+      it "should redirect" do
+        get :edit, id: not_my_work
+        expect(response.status).to eq 401
+        expect(response).to render_template :unauthorized
+      end
+    end
+    context "when I have permission to edit the object" do
+      it "should show me the page" do
+        get :edit, id: a_work
+        expect(response).to be_success
+      end
+    end
+  end
+  describe "#destroy" do
+    context "when I do not have edit permissions for the object" do
+      it "should deny access" do
+        get :destroy, id: not_my_work
+        expect(response.status).to eq 401
+        expect(response).to render_template :unauthorized
+      end
+    end
+    context "when I have permission to edit the object" do
+      before do
+        expect(ActiveFedora::Base).to receive(:find).with(a_work.pid).and_return(a_work)
+        a_work.visibility = Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_AUTHENTICATED
+        a_work.visibility_during_embargo = Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_AUTHENTICATED
+        a_work.visibility_after_embargo = Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_PUBLIC
+        a_work.embargo_release_date = release_date.to_s
+        a_work.save(validate: false)
+        get :destroy, id: a_work
+      end
+      context "with an active embargo" do
+        let(:release_date) { Date.today+2 }
+        it "should deactivate embargo without updating visibility and redirect" do
+          expect(a_work.visibility).to eq Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_AUTHENTICATED
+          expect(response).to redirect_to edit_embargo_path(a_work)
+        end
+      end
+      context "with an expired embargo" do
+        let(:release_date) { Date.today-2 }
+        it "should deactivate embargo, update the visibility and redirect" do
+          expect(a_work.visibility).to eq Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_PUBLIC
+          expect(response).to redirect_to confirm_curation_concern_permission_path(a_work)
+        end
+      end
+    end
+  end
+  describe "#update" do
+    context "when I have permission to edit the object" do
+      let(:a_file) { FactoryGirl.build(:generic_file, visibility: Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_AUTHENTICATED) }
+      before do
+        a_work.generic_files << a_file
+        a_work.visibility = Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_AUTHENTICATED
+        a_work.visibility_during_embargo = Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_AUTHENTICATED
+        a_work.visibility_after_embargo = Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_PUBLIC
+        a_work.embargo_release_date = release_date.to_s
+        a_work.save(validate: false)
+      end
+      context "with an expired embargo" do
+        let(:release_date) { Date.today-2 }
+        it "should deactivate embargo, update the visibility and redirect" do
+          patch :update, batch_document_ids: [a_work.pid], embargoes: { "0" => { copy_visibility: a_work.id} }
+          expect(a_work.reload.visibility).to eq Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_PUBLIC
+          expect(a_file.reload.visibility).to eq Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_PUBLIC
+          expect(response).to redirect_to embargoes_path
+        end
+      end
+    end
+  end
+end