BigW Consortium Gitlab

access_matchers_for_controller.rb 2.65 KB
Newer Older
1 2
# AccessMatchersForController
#
3
# For testing authorize_xxx in controller.
4 5 6 7
module AccessMatchersForController
  extend RSpec::Matchers::DSL
  include Warden::Test::Helpers

Shinya Maeda committed
8 9
  EXPECTED_STATUS_CODE_ALLOWED = [200, 201, 302].freeze
  EXPECTED_STATUS_CODE_DENIED = [401, 404].freeze
10 11 12 13 14 15

  def emulate_user(role, membership = nil)
    case role
    when :admin
      user = create(:admin)
      sign_in(user)
Shinya Maeda committed
16 17 18 19 20 21
    when :user
      user = create(:user)
      sign_in(user)
    when :external
      user = create(:user, external: true)
      sign_in(user)
Shinya Maeda committed
22 23 24 25 26
    when :visitor
      user = nil
    when User
      user = role
      sign_in(user)
27
    when *Gitlab::Access.sym_options_with_owner.keys # owner, master, developer, reporter, guest
28 29
      raise ArgumentError, "cannot emulate #{role} without membership parent" unless membership

30
      user = create_user_by_membership(role, membership)
31 32 33 34 35 36 37 38
      sign_in(user)
    else
      raise ArgumentError, "cannot emulate user #{role}"
    end

    user
  end

39
  def create_user_by_membership(role, membership)
Shinya Maeda committed
40 41 42 43 44 45 46 47 48
    if role == :owner && membership.owner
      user = membership.owner
    else
      user = create(:user)
      membership.public_send(:"add_#{role}", user)
    end
    user
  end

49
  def description_for(role, type, expected, result)
Shinya Maeda committed
50
    "be #{type} for #{role}. Expected: #{expected.join(',')} Got: #{result}"
51 52
  end

53 54 55 56 57 58 59 60 61 62 63 64 65 66
  def update_owner(objects, user)
    return unless objects

    objects.each do |object|
      if object.respond_to?(:owner)
        object.update_attribute(:owner, user)
      elsif object.respond_to?(:user)
        object.update_attribute(:user, user)
      else
        raise ArgumentError, "cannot own this object #{object}"
      end
    end
  end

67
  matcher :be_allowed_for do |role|
68
    match do |action|
69 70
      user = emulate_user(role, @membership)
      update_owner(@objects, user)
71
      action.call
72 73 74 75 76 77 78 79

      EXPECTED_STATUS_CODE_ALLOWED.include?(response.status)
    end

    chain :of do |membership|
      @membership = membership
    end

Shinya Maeda committed
80
    chain :own do |*objects|
81 82 83
      @objects = objects
    end

84 85 86 87 88 89
    description { description_for(role, 'allowed', EXPECTED_STATUS_CODE_ALLOWED, response.status) }
    supports_block_expectations
  end

  matcher :be_denied_for do |role|
    match do |action|
90 91
      user = emulate_user(role, @membership)
      update_owner(@objects, user)
92
      action.call
93 94 95 96 97 98 99 100

      EXPECTED_STATUS_CODE_DENIED.include?(response.status)
    end

    chain :of do |membership|
      @membership = membership
    end

Shinya Maeda committed
101 102 103 104
    chain :own do |*objects|
      @objects = objects
    end

105 106 107 108
    description { description_for(role, 'denied', EXPECTED_STATUS_CODE_DENIED, response.status) }
    supports_block_expectations
  end
end