RubyGems - worthwhile - Versions diffs - 0.0.1.alpha → 0.0.1 - Mend

worthwhile 0.0.1.alpha → 0.0.1

Files changed (316) hide show

data/spec/controllers/curation_concern/generic_works_controller_spec.rb ADDED Viewed

@@ -0,0 +1,171 @@
+require 'spec_helper'
+describe CurationConcern::GenericWorksController do
+  let(:public_work_factory_name) { :public_generic_work }
+  let(:private_work_factory_name) { :work }
+  let(:user) { FactoryGirl.create(:user) }
+  before { sign_in user }
+  describe "#show" do
+    context "my own private work" do
+      let(:a_work) { FactoryGirl.create(private_work_factory_name, user: user) }
+      it "should show me the page" do
+        get :show, id: a_work
+        expect(response).to be_success
+      end
+    end
+    context "someone elses private work" do
+      let(:a_work) { FactoryGirl.create(private_work_factory_name) }
+      it "should show 401 Unauthorized" do
+        get :show, id: a_work
+        expect(response.status).to eq 401
+        expect(response).to render_template(:unauthorized)
+      end
+    end
+    context "someone elses public work" do
+      let(:a_work) { FactoryGirl.create(public_work_factory_name) }
+      it "should show me the page" do
+        get :show, id: a_work
+        expect(response).to be_success
+      end
+    end
+    context "when I am a repository manager" do
+      before { allow_any_instance_of(User).to receive(:groups).and_return(['admin']) }
+      let(:a_work) { FactoryGirl.create(private_work_factory_name) }
+      it "someone elses private work should show me the page" do
+        get :show, id: a_work
+        expect(response).to be_success
+      end
+    end
+  end
+  describe "#new" do
+    context "my work" do
+      it "should show me the page" do
+        get :new
+        expect(response).to be_success
+      end
+    end
+  end
+  describe "#create" do
+    it "should create a work" do
+      expect {
+        post :create, accept_contributor_agreement: "accept", generic_work: { title: ["a title"] }
+      }.to change { GenericWork.count }.by(1)
+      expect(response).to redirect_to [:curation_concern, assigns[:curation_concern]]
+    end
+  end
+  describe "#edit" do
+    context "my own private work" do
+      let(:a_work) { FactoryGirl.create(private_work_factory_name, user: user) }
+      it "should show me the page" do
+        get :edit, id: a_work
+        expect(response).to be_success
+      end
+    end
+    context "someone elses private work" do
+      let(:a_work) { FactoryGirl.create(private_work_factory_name) }
+      it "should show 401 Unauthorized" do
+        get :edit, id: a_work
+        expect(response.status).to eq 401
+        expect(response).to render_template(:unauthorized)
+      end
+    end
+    context "someone elses public work" do
+      let(:a_work) { FactoryGirl.create(public_work_factory_name) }
+      it "should show me the page" do
+        get :edit, id: a_work
+        expect(response.status).to eq 401
+        expect(response).to render_template(:unauthorized)
+      end
+    end
+    context "when I am a repository manager" do
+      before { allow_any_instance_of(User).to receive(:groups).and_return(['admin']) }
+      let(:a_work) { FactoryGirl.create(private_work_factory_name) }
+      it "someone elses private work should show me the page" do
+        get :edit, id: a_work
+        expect(response).to be_success
+      end
+    end
+  end
+  describe "#update" do
+    let(:a_work) { FactoryGirl.create(private_work_factory_name, user: user) }
+    it "should update the work " do
+      patch :update, id: a_work, generic_work: {  }
+      expect(response).to redirect_to [:curation_concern, assigns[:curation_concern]]
+    end
+    describe "changing rights" do
+      it "should prompt to change the files access" do
+        allow(controller).to receive(:actor).and_return(double(update: true, visibility_changed?: true))
+        patch :update, id: a_work
+        expect(response).to redirect_to confirm_curation_concern_permission_path(controller.curation_concern)
+      end
+    end
+    describe "failure" do
+      it "renders the form" do
+        allow(controller).to receive(:actor).and_return(double(update: false, visibility_changed?: false))
+        patch :update, id: a_work
+        expect(response).to render_template('edit')
+      end
+    end
+    context "someone elses public work" do
+      let(:a_work) { FactoryGirl.create(public_work_factory_name) }
+      it "should show 401 Unauthorized" do
+        get :update, id: a_work
+        expect(response.status).to eq 401
+        expect(response).to render_template(:unauthorized)
+      end
+    end
+    context "when I am a repository manager" do
+      before { allow_any_instance_of(User).to receive(:groups).and_return(['admin']) }
+      let(:a_work) { FactoryGirl.create(private_work_factory_name) }
+      it "someone elses private work should update the work" do
+        patch :update, id: a_work, generic_work: {  }
+        expect(response).to redirect_to [:curation_concern, assigns[:curation_concern]]
+      end
+    end
+  end
+  describe "#destroy" do
+    let(:work_to_be_deleted) { FactoryGirl.create(private_work_factory_name, user: user) }
+    it "should delete the work" do
+      delete :destroy, id: work_to_be_deleted
+      expect(response).to redirect_to catalog_index_path()
+      expect { GenericWork.find(work_to_be_deleted.pid) }.to raise_error
+    end
+    context "someone elses public work" do
+      let(:work_to_be_deleted) { FactoryGirl.create(private_work_factory_name) }
+      it "should show 401 Unauthorized" do
+        delete :destroy, id: work_to_be_deleted
+        expect(response.status).to eq 401
+        expect(response).to render_template(:unauthorized)
+      end
+    end
+    context "when I am a repository manager" do
+      let(:work_to_be_deleted) { FactoryGirl.create(private_work_factory_name) }
+      before { allow_any_instance_of(User).to receive(:groups).and_return(['admin']) }
+      it "someone elses private work should delete the work" do
+        delete :destroy, id: work_to_be_deleted
+        expect { GenericWork.find(work_to_be_deleted.pid) }.to raise_error
+      end
+    end
+  end
+end

data/spec/controllers/curation_concern/linked_resources_controller_spec.rb ADDED Viewed

@@ -0,0 +1,123 @@
+require 'spec_helper'
+describe CurationConcern::LinkedResourcesController do
+  let(:user) { FactoryGirl.create(:user) }
+  let(:another_user) { FactoryGirl.create(:user) }
+  let(:visibility) { Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_PRIVATE }
+  let(:parent) {
+    FactoryGirl.create_curation_concern(:generic_work, user, {visibility: visibility})
+  }
+  let(:linked_resource) { FactoryGirl.create(:linked_resource, batch: parent, user: user) }
+  let(:you_tube_link) { 'http://www.youtube.com/watch?v=oHg5SJYRHA0' }
+  describe '#new' do
+    it 'renders a form if you can edit the parent' do
+      sign_in(user)
+      parent
+      get :new, parent_id: parent.to_param
+      expect(response).to be_successful
+      expect(response).to render_template(:new)
+    end
+    it 'redirects if you cannot edit the parent' do
+      sign_in(another_user)
+      parent
+      get :new, parent_id: parent.to_param
+      expect(response.status).to eq 401
+      expect(response).to render_template(:unauthorized)
+    end
+  end
+  describe '#create' do
+    let(:actor) { double('actor') }
+    let(:actors_action) { :create }
+    let(:success) { true }
+    let(:failure) { false }
+    it 'redirects to the parent work' do
+      sign_in(user)
+      parent
+      expect(actor).to receive(actors_action).and_return(success)
+      controller.actor = actor
+      post(:create, parent_id: parent.to_param,
+           linked_resource: { url: you_tube_link }
+           )
+      expect(response).to(
+        redirect_to(controller.polymorphic_path([:curation_concern, parent]))
+      )
+    end
+    describe 'failure' do
+      it 'renders the form' do
+        sign_in(user)
+        parent
+        expect(actor).to receive(actors_action).and_return(failure)
+        controller.actor = actor
+        post(:create, parent_id: parent.to_param,
+             linked_resource: { url: you_tube_link }
+             )
+        expect(response).to render_template('new')
+        expect(response.status).to eq 422
+      end
+    end
+  end
+    describe '#edit' do
+      it 'should be successful' do
+        linked_resource
+        sign_in user
+        get :edit, id: linked_resource.to_param
+        expect(controller.curation_concern).to be_kind_of(Worthwhile::LinkedResource)
+        expect(response).to be_successful
+      end
+    end
+    describe '#update' do
+      let(:updated_title) { Time.now.to_s }
+      let(:failing_actor) {
+        expect(actor).to receive(:update).and_return(false)
+        actor
+      }
+      let(:successful_actor) {
+        expect(actor).to receive(:update).and_return(true)
+        actor
+      }
+      let(:actor) { double('actor') }
+      it 'renders form when unsuccessful' do
+        linked_resource
+        controller.actor = failing_actor
+        sign_in(user)
+        put :update, id: linked_resource.to_param, linked_resource: {title: updated_title}
+        expect(response).to render_template('edit')
+        expect(response.status).to eq 422
+      end
+      it 'redirects to parent when successful' do
+        linked_resource
+        controller.actor = successful_actor
+        sign_in(user)
+        put :update, id: linked_resource.to_param, linked_resource: {title: updated_title}
+        expect(response.status).to eq(302)
+        expect(response).to(
+          redirect_to(
+            controller.polymorphic_path([:curation_concern, linked_resource.batch])
+          )
+        )
+      end
+  end
+  describe '#destroy' do
+    it 'should be successful if file exists' do
+      parent = linked_resource.batch
+      sign_in(user)
+      delete :destroy, id: linked_resource.to_param
+      expect(response.status).to eq(302)
+      expect(response).to redirect_to(controller.polymorphic_path([:curation_concern, parent]))
+    end
+  end
+end

data/spec/controllers/curation_concern/permissions_controller_spec.rb ADDED Viewed

@@ -0,0 +1,29 @@
+require 'spec_helper'
+describe CurationConcern::PermissionsController do
+  let(:user) { FactoryGirl.create(:user) }
+  before { sign_in user }
+  describe "#confirm" do
+    let(:generic_work) { FactoryGirl.create(:generic_work, user: user) }
+    it "should draw the page" do
+      get :confirm, id: generic_work
+      expect(response).to be_success
+    end
+  end
+  describe "#copy" do
+    let(:generic_work) { FactoryGirl.create(:generic_work, user: user) }
+    it "should add a worker to the queue" do
+      worker = double
+      VisibilityCopyWorker.should_receive(:new).with(generic_work.pid).and_return(worker)
+      Sufia.queue.should_receive(:push).with(worker)
+      post :copy, id: generic_work
+      expect(response).to redirect_to controller.polymorphic_path([:curation_concern, generic_work])
+      expect(flash[:notice]).to eq 'Updating file permissions. This may take a few minutes. You may want to refresh your browser or return to this record later to see the updated file permissions.'
+    end
+  end
+end

data/spec/controllers/downloads_controller_spec.rb ADDED Viewed

@@ -0,0 +1,53 @@
+require 'spec_helper'
+describe DownloadsController do
+  describe '#show' do
+    let(:user) { FactoryGirl.create(:user) }
+    let(:another_user) { FactoryGirl.create(:user) }
+    let(:image_file) { File.open(Rails.root.join('../fixtures/files/image.png')) }
+    let(:generic_file) {
+      FactoryGirl.create(:file_with_work, user: user, content: worthwhile_fixture_file_upload('files/image.png', 'image/png', false))
+    }
+    it "raise not_found if the object does not exist" do
+      get :show, id: '8675309'
+      expect(response).to be_not_found
+    end
+    context "when user doesn't have access" do
+      before do
+        generic_file
+        sign_in another_user
+      end
+      it "redirects to root" do
+        get :show, id: generic_file.to_param
+        expect(response).to redirect_to root_path
+        expect(flash["alert"]).to eq "You are not authorized to access this page."
+      end
+    end
+    context "when user isn't logged in" do
+      before { generic_file }
+      it "redirects to sign in" do
+        get :show, id: generic_file.to_param
+        expect(response).to redirect_to new_user_session_path
+        expect(flash["alert"]).to eq "You are not authorized to access this page."
+      end
+    end
+    it 'sends the file if the user has access' do
+      generic_file
+      sign_in user
+      get :show, id: generic_file.to_param
+      response.body.should == generic_file.content.content
+    end
+    it 'sends requested datastream content' do
+      generic_file.datastreams['thumbnail'].content = image_file
+      generic_file.save!
+      sign_in user
+      get :show, id: generic_file.to_param, datastream_id: 'thumbnail'
+      response.body.should == generic_file.thumbnail.content
+    end
+  end
+end

data/spec/controllers/embargoes_controller_spec.rb ADDED Viewed

@@ -0,0 +1,107 @@
+require 'spec_helper'
+describe EmbargoesController do
+  let(:user) { FactoryGirl.create(:user) }
+  let(:a_work) { FactoryGirl.create(:generic_work, user: user) }
+  let(:not_my_work) { FactoryGirl.create(:generic_work) }
+  before { sign_in user }
+  describe "#index" do
+    context "when I am NOT a repository manager" do
+      it "should redirect" do
+        get :index
+        expect(response).to redirect_to root_path
+      end
+    end
+    context "when I am a repository manager" do
+      before { allow_any_instance_of(User).to receive(:groups).and_return(['admin']) }
+      it "should show me the page" do
+        get :index
+        expect(response).to be_success
+      end
+    end
+  end
+  describe "#edit" do
+    context "when I do not have edit permissions for the object" do
+      it "should redirect" do
+        get :edit, id: not_my_work
+        expect(response.status).to eq 401
+        expect(response).to render_template :unauthorized
+      end
+    end
+    context "when I have permission to edit the object" do
+      it "should show me the page" do
+        get :edit, id: a_work
+        expect(response).to be_success
+      end
+    end
+  end
+  describe "#destroy" do
+    context "when I do not have edit permissions for the object" do
+      it "should deny access" do
+        get :destroy, id: not_my_work
+        expect(response.status).to eq 401
+        expect(response).to render_template :unauthorized
+      end
+    end
+    context "when I have permission to edit the object" do
+      before do
+        expect(ActiveFedora::Base).to receive(:find).with(a_work.pid).and_return(a_work)
+        a_work.visibility = Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_AUTHENTICATED
+        a_work.visibility_during_embargo = Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_AUTHENTICATED
+        a_work.visibility_after_embargo = Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_PUBLIC
+        a_work.embargo_release_date = release_date.to_s
+        a_work.save(validate: false)
+        get :destroy, id: a_work
+      end
+      context "with an active embargo" do
+        let(:release_date) { Date.today+2 }
+        it "should deactivate embargo without updating visibility and redirect" do
+          expect(a_work.visibility).to eq Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_AUTHENTICATED
+          expect(response).to redirect_to edit_embargo_path(a_work)
+        end
+      end
+      context "with an expired embargo" do
+        let(:release_date) { Date.today-2 }
+        it "should deactivate embargo, update the visibility and redirect" do
+          expect(a_work.visibility).to eq Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_PUBLIC
+          expect(response).to redirect_to confirm_curation_concern_permission_path(a_work)
+        end
+      end
+    end
+  end
+  describe "#update" do
+    context "when I have permission to edit the object" do
+      let(:a_file) { FactoryGirl.build(:generic_file, visibility: Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_AUTHENTICATED) }
+      before do
+        a_work.generic_files << a_file
+        a_work.visibility = Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_AUTHENTICATED
+        a_work.visibility_during_embargo = Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_AUTHENTICATED
+        a_work.visibility_after_embargo = Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_PUBLIC
+        a_work.embargo_release_date = release_date.to_s
+        a_work.save(validate: false)
+      end
+      context "with an expired embargo" do
+        let(:release_date) { Date.today-2 }
+        it "should deactivate embargo, update the visibility and redirect" do
+          patch :update, batch_document_ids: [a_work.pid], embargoes: { "0" => { copy_visibility: a_work.id} }
+          expect(a_work.reload.visibility).to eq Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_PUBLIC
+          expect(a_file.reload.visibility).to eq Hydra::AccessControls::AccessRight::VISIBILITY_TEXT_VALUE_PUBLIC
+          expect(response).to redirect_to embargoes_path
+        end
+      end
+    end
+  end
+end