2025-05-05 09:29:55 +02:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
2019-05-29 10:14:40 +02:00
|
|
|
#-- copyright
|
2020-01-15 11:31:26 +01:00
|
|
|
# OpenProject is an open source project management software.
|
2024-07-30 13:42:36 +02:00
|
|
|
# Copyright (C) the OpenProject GmbH
|
2019-05-29 10:14:40 +02:00
|
|
|
#
|
|
|
|
|
# This program is free software; you can redistribute it and/or
|
|
|
|
|
# modify it under the terms of the GNU General Public License version 3.
|
|
|
|
|
#
|
|
|
|
|
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
|
2021-01-13 17:47:45 +01:00
|
|
|
# Copyright (C) 2006-2013 Jean-Philippe Lang
|
2019-05-29 10:14:40 +02:00
|
|
|
# Copyright (C) 2010-2013 the ChiliProject Team
|
|
|
|
|
#
|
|
|
|
|
# This program is free software; you can redistribute it and/or
|
|
|
|
|
# modify it under the terms of the GNU General Public License
|
|
|
|
|
# as published by the Free Software Foundation; either version 2
|
|
|
|
|
# of the License, or (at your option) any later version.
|
|
|
|
|
#
|
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
|
#
|
|
|
|
|
# You should have received a copy of the GNU General Public License
|
|
|
|
|
# along with this program; if not, write to the Free Software
|
|
|
|
|
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
|
|
|
#
|
2021-09-02 21:49:06 +02:00
|
|
|
# See COPYRIGHT and LICENSE files for more details.
|
2019-05-29 10:14:40 +02:00
|
|
|
#++
|
|
|
|
|
|
|
|
|
|
require "spec_helper"
|
|
|
|
|
|
2023-05-31 12:15:15 +02:00
|
|
|
RSpec.describe RolesController do
|
2019-05-29 10:14:40 +02:00
|
|
|
let(:user) do
|
2022-01-24 19:22:35 +01:00
|
|
|
build_stubbed(:admin)
|
2019-05-29 10:14:40 +02:00
|
|
|
end
|
|
|
|
|
let(:params) do
|
|
|
|
|
{
|
|
|
|
|
role: {
|
|
|
|
|
name: "A role name",
|
2022-06-16 18:53:03 +02:00
|
|
|
permissions: ["add_work_packages", "edit_work_packages", "log_own_time", ""],
|
2019-05-29 10:14:40 +02:00
|
|
|
assignable: "0"
|
|
|
|
|
},
|
|
|
|
|
copy_workflow_from: "5"
|
|
|
|
|
}
|
|
|
|
|
end
|
|
|
|
|
|
2022-09-28 21:46:39 +02:00
|
|
|
current_user { user }
|
2019-05-29 10:14:40 +02:00
|
|
|
|
|
|
|
|
describe "#create" do
|
|
|
|
|
let(:new_role) { double("role double") }
|
2022-06-14 14:41:07 +02:00
|
|
|
let(:service_call) { ServiceResult.success(result: new_role) }
|
2019-05-29 10:14:40 +02:00
|
|
|
let(:create_params) do
|
|
|
|
|
cp = ActionController::Parameters.new(params[:role])
|
|
|
|
|
.merge(global_role: nil, copy_workflow_from: "5")
|
|
|
|
|
cp.permit!
|
|
|
|
|
|
|
|
|
|
cp
|
|
|
|
|
end
|
|
|
|
|
let(:create_service) do
|
|
|
|
|
service_double = double("create service")
|
|
|
|
|
|
|
|
|
|
expect(Roles::CreateService)
|
|
|
|
|
.to receive(:new)
|
|
|
|
|
.with(user:)
|
|
|
|
|
.and_return(service_double)
|
|
|
|
|
|
|
|
|
|
expect(service_double)
|
|
|
|
|
.to receive(:call)
|
|
|
|
|
.with(create_params)
|
|
|
|
|
.and_return(service_call)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
create_service
|
|
|
|
|
|
|
|
|
|
post :create, params:
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context "success" do
|
|
|
|
|
context "for a member role" do
|
|
|
|
|
it "redirects to roles#index" do
|
|
|
|
|
expect(response)
|
|
|
|
|
.to redirect_to(roles_path)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it "has a flash message" do
|
|
|
|
|
expect(flash[:notice])
|
|
|
|
|
.to eql I18n.t(:notice_successful_create)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context "for a global role" do
|
|
|
|
|
let(:params) do
|
|
|
|
|
{
|
|
|
|
|
role: {
|
|
|
|
|
name: "A role name",
|
|
|
|
|
permissions: ["add_work_packages", "edit_work_packages", "log_time", ""],
|
|
|
|
|
assignable: "0"
|
|
|
|
|
},
|
|
|
|
|
global_role: "1",
|
|
|
|
|
copy_workflow_from: "5"
|
|
|
|
|
}
|
|
|
|
|
end
|
|
|
|
|
let(:create_params) do
|
|
|
|
|
cp = ActionController::Parameters.new(params[:role])
|
|
|
|
|
.merge(global_role: "1", copy_workflow_from: "5")
|
|
|
|
|
cp.permit!
|
|
|
|
|
|
|
|
|
|
cp
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it "redirects to roles#index" do
|
|
|
|
|
expect(response)
|
|
|
|
|
.to redirect_to(roles_path)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it "has a flash message" do
|
|
|
|
|
expect(flash[:notice])
|
|
|
|
|
.to eql I18n.t(:notice_successful_create)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context "failure" do
|
2022-06-14 14:41:07 +02:00
|
|
|
let(:service_call) { ServiceResult.failure(result: new_role) }
|
2019-05-29 10:14:40 +02:00
|
|
|
|
2024-08-28 12:43:09 +02:00
|
|
|
it "renders the new form again", :aggregate_failures do
|
|
|
|
|
expect(response).to have_http_status(:unprocessable_entity)
|
|
|
|
|
expect(response).to render_template("roles/new")
|
|
|
|
|
expect(assigns[:call]).to eql service_call
|
|
|
|
|
expect(assigns[:role]).to eql new_role
|
2019-05-29 10:14:40 +02:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
describe "#update" do
|
|
|
|
|
let(:params) do
|
|
|
|
|
{
|
|
|
|
|
id: role.id,
|
|
|
|
|
role: {
|
|
|
|
|
name: "A role name",
|
|
|
|
|
permissions: ["add_work_packages", "edit_work_packages", "log_time", ""],
|
|
|
|
|
assignable: "0"
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
end
|
|
|
|
|
let(:role) do
|
|
|
|
|
double("role double", id: 6).tap do |d|
|
|
|
|
|
allow(Role)
|
|
|
|
|
.to receive(:find)
|
|
|
|
|
.with(d.id.to_s)
|
|
|
|
|
.and_return(d)
|
|
|
|
|
end
|
|
|
|
|
end
|
2022-06-14 14:41:07 +02:00
|
|
|
let(:service_call) { ServiceResult.success(result: role) }
|
2019-05-29 10:14:40 +02:00
|
|
|
let(:update_params) do
|
|
|
|
|
cp = ActionController::Parameters.new(params[:role])
|
|
|
|
|
cp.permit!
|
|
|
|
|
|
|
|
|
|
cp
|
|
|
|
|
end
|
|
|
|
|
let(:update_service) do
|
|
|
|
|
service_double = double("update service")
|
|
|
|
|
|
|
|
|
|
expect(Roles::UpdateService)
|
|
|
|
|
.to receive(:new)
|
|
|
|
|
.with(user:, model: role)
|
|
|
|
|
.and_return(service_double)
|
|
|
|
|
|
|
|
|
|
expect(service_double)
|
|
|
|
|
.to receive(:call)
|
|
|
|
|
.with(update_params)
|
|
|
|
|
.and_return(service_call)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
update_service
|
|
|
|
|
|
|
|
|
|
put :update, params:
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context "success" do
|
|
|
|
|
it "redirects to roles#index" do
|
|
|
|
|
expect(response)
|
|
|
|
|
.to redirect_to(roles_path)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it "has a flash message" do
|
|
|
|
|
expect(flash[:notice])
|
|
|
|
|
.to eql I18n.t(:notice_successful_update)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context "failure" do
|
2022-06-14 14:41:07 +02:00
|
|
|
let(:service_call) { ServiceResult.failure(result: role) }
|
2019-05-29 10:14:40 +02:00
|
|
|
|
2024-08-28 12:43:09 +02:00
|
|
|
it "renders edit again", :aggregate_failures do
|
|
|
|
|
expect(response).to have_http_status(:unprocessable_entity)
|
|
|
|
|
expect(response).to render_template("roles/edit")
|
|
|
|
|
expect(assigns[:call]).to eql service_call
|
|
|
|
|
expect(assigns[:role]).to eql role
|
2019-05-29 10:14:40 +02:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
describe "#bulk_update" do
|
|
|
|
|
let(:params) do
|
|
|
|
|
{
|
|
|
|
|
permissions: { "0" => "", "1" => ["edit_work_packages"], "3" => %w(add_work_packages delete_work_packages) }
|
|
|
|
|
}
|
|
|
|
|
end
|
|
|
|
|
let(:role0) do
|
|
|
|
|
double("role double", id: 0)
|
|
|
|
|
end
|
|
|
|
|
let(:role1) do
|
|
|
|
|
double("role double", id: 1)
|
|
|
|
|
end
|
|
|
|
|
let(:role2) do
|
|
|
|
|
double("role double", id: 2)
|
|
|
|
|
end
|
|
|
|
|
let(:role3) do
|
|
|
|
|
double("role double", id: 3)
|
|
|
|
|
end
|
|
|
|
|
let(:roles) do
|
|
|
|
|
[role0, role1, role2, role3]
|
|
|
|
|
end
|
|
|
|
|
|
2023-08-31 10:51:02 -05:00
|
|
|
let!(:stub_roles_scope) do
|
|
|
|
|
allow(controller)
|
|
|
|
|
.to receive(:roles_scope)
|
2019-05-29 10:14:40 +02:00
|
|
|
.and_return(roles)
|
|
|
|
|
end
|
|
|
|
|
|
2022-06-14 14:41:07 +02:00
|
|
|
let(:service_call0) { ServiceResult.success(result: role0) }
|
|
|
|
|
let(:service_call1) { ServiceResult.success(result: role1) }
|
|
|
|
|
let(:service_call2) { ServiceResult.success(result: role2) }
|
|
|
|
|
let(:service_call3) { ServiceResult.success(result: role3) }
|
2019-05-29 10:14:40 +02:00
|
|
|
let(:update_params0) do
|
|
|
|
|
{ permissions: [] }
|
|
|
|
|
end
|
|
|
|
|
let(:update_service0) do
|
|
|
|
|
service_double = double("update service")
|
|
|
|
|
|
|
|
|
|
expect(Roles::UpdateService)
|
|
|
|
|
.to receive(:new)
|
|
|
|
|
.with(user:, model: role0)
|
|
|
|
|
.and_return(service_double)
|
|
|
|
|
|
|
|
|
|
expect(service_double)
|
|
|
|
|
.to receive(:call)
|
|
|
|
|
.with(update_params0)
|
|
|
|
|
.and_return(service_call0)
|
|
|
|
|
end
|
|
|
|
|
let(:update_params1) do
|
|
|
|
|
{ permissions: params[:permissions]["1"] }
|
|
|
|
|
end
|
|
|
|
|
let(:update_service1) do
|
|
|
|
|
service_double = double("update service")
|
|
|
|
|
|
|
|
|
|
expect(Roles::UpdateService)
|
|
|
|
|
.to receive(:new)
|
|
|
|
|
.with(user:, model: role1)
|
|
|
|
|
.and_return(service_double)
|
|
|
|
|
|
|
|
|
|
expect(service_double)
|
|
|
|
|
.to receive(:call)
|
|
|
|
|
.with(update_params1)
|
|
|
|
|
.and_return(service_call1)
|
|
|
|
|
end
|
|
|
|
|
let(:update_params2) do
|
|
|
|
|
{ permissions: [] }
|
|
|
|
|
end
|
|
|
|
|
let(:update_service2) do
|
|
|
|
|
service_double = double("update service")
|
|
|
|
|
|
|
|
|
|
expect(Roles::UpdateService)
|
|
|
|
|
.to receive(:new)
|
|
|
|
|
.with(user:, model: role2)
|
|
|
|
|
.and_return(service_double)
|
|
|
|
|
|
|
|
|
|
expect(service_double)
|
|
|
|
|
.to receive(:call)
|
|
|
|
|
.with(update_params2)
|
|
|
|
|
.and_return(service_call2)
|
|
|
|
|
end
|
|
|
|
|
let(:update_params3) do
|
|
|
|
|
{ permissions: params[:permissions]["3"] }
|
|
|
|
|
end
|
|
|
|
|
let(:update_service3) do
|
|
|
|
|
service_double = double("update service")
|
|
|
|
|
|
|
|
|
|
expect(Roles::UpdateService)
|
|
|
|
|
.to receive(:new)
|
|
|
|
|
.with(user:, model: role3)
|
|
|
|
|
.and_return(service_double)
|
|
|
|
|
|
|
|
|
|
expect(service_double)
|
|
|
|
|
.to receive(:call)
|
|
|
|
|
.with(update_params3)
|
|
|
|
|
.and_return(service_call3)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
update_service0
|
|
|
|
|
update_service1
|
|
|
|
|
update_service2
|
|
|
|
|
update_service3
|
|
|
|
|
|
|
|
|
|
put :bulk_update, params:
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context "success" do
|
|
|
|
|
it "redirects to roles#index" do
|
|
|
|
|
expect(response)
|
|
|
|
|
.to redirect_to(roles_path)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it "has a flash message" do
|
|
|
|
|
expect(flash[:notice])
|
|
|
|
|
.to eql I18n.t(:notice_successful_update)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context "failure" do
|
2022-06-14 14:41:07 +02:00
|
|
|
let(:service_call2) { ServiceResult.failure(result: role2) }
|
2019-05-29 10:14:40 +02:00
|
|
|
|
2024-08-28 12:43:09 +02:00
|
|
|
it "renders the report again" do
|
|
|
|
|
expect(response).to have_http_status(:unprocessable_entity)
|
|
|
|
|
expect(response).to render_template("roles/report")
|
|
|
|
|
expect(assigns[:calls]).to contain_exactly(service_call0, service_call1, service_call2, service_call3)
|
|
|
|
|
expect(assigns[:roles]).to match_array roles
|
2019-05-29 10:14:40 +02:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
2022-09-28 21:46:39 +02:00
|
|
|
|
2023-08-02 16:25:34 +02:00
|
|
|
describe "#destroy" do
|
2023-10-05 15:28:31 +02:00
|
|
|
let(:role) { create(:project_role) }
|
2022-09-28 21:46:39 +02:00
|
|
|
let(:params) { { id: role.id } }
|
|
|
|
|
|
2023-08-02 16:25:34 +02:00
|
|
|
subject { delete(:destroy, params:) }
|
2022-09-28 21:46:39 +02:00
|
|
|
|
|
|
|
|
context "with the role not in use" do
|
2023-08-02 16:25:34 +02:00
|
|
|
it "redirects and destroyes the role" do
|
|
|
|
|
allow_any_instance_of(Role).to receive(:permissions).and_return([:read_files])
|
|
|
|
|
role
|
|
|
|
|
expect(Role.count).to eq(1)
|
|
|
|
|
expect(enqueued_jobs.count).to eq(0)
|
2022-09-28 21:46:39 +02:00
|
|
|
|
2023-08-02 16:25:34 +02:00
|
|
|
subject
|
2022-09-28 21:46:39 +02:00
|
|
|
|
2023-08-02 16:25:34 +02:00
|
|
|
expect(enqueued_jobs.count).to eq(1)
|
2024-05-21 11:00:38 +02:00
|
|
|
expect(enqueued_jobs[0][:job]).to eq(Storages::ManageStorageIntegrationsJob)
|
2023-08-02 16:25:34 +02:00
|
|
|
expect(response).to redirect_to roles_path
|
2026-04-22 16:44:50 +02:00
|
|
|
expect(response).to have_http_status(:see_other)
|
2023-08-02 16:25:34 +02:00
|
|
|
expect(Role.count).to eq(0)
|
2022-09-28 21:46:39 +02:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
context "with the role in use" do
|
2023-08-02 16:25:34 +02:00
|
|
|
it "redirects with a flash error" do
|
|
|
|
|
allow_any_instance_of(Role).to receive(:deletable?).and_return(false)
|
|
|
|
|
role
|
|
|
|
|
expect(Role.count).to eq(1)
|
|
|
|
|
expect(enqueued_jobs.count).to eq(0)
|
2022-09-28 21:46:39 +02:00
|
|
|
|
|
|
|
|
subject
|
|
|
|
|
|
2023-08-02 16:25:34 +02:00
|
|
|
expect(enqueued_jobs.count).to eq(0)
|
|
|
|
|
expect(Role.count).to eq(1)
|
|
|
|
|
expect(response).to redirect_to roles_path
|
2026-04-22 16:44:50 +02:00
|
|
|
expect(response).to have_http_status(:see_other)
|
2023-08-02 16:25:34 +02:00
|
|
|
expect(flash[:error]).to eq I18n.t(:error_can_not_remove_role)
|
2022-09-28 21:46:39 +02:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
describe "#report" do
|
2023-08-31 10:51:02 -05:00
|
|
|
let!(:stub_roles_scope) do
|
|
|
|
|
allow(controller)
|
|
|
|
|
.to receive(:roles_scope)
|
|
|
|
|
.and_return(roles)
|
|
|
|
|
end
|
2022-09-28 21:46:39 +02:00
|
|
|
let!(:roles) do
|
2023-10-05 15:28:31 +02:00
|
|
|
build_stubbed_list(:project_role, 1)
|
2022-09-28 21:46:39 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
delete :report
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it "is successful" do
|
|
|
|
|
expect(response)
|
|
|
|
|
.to have_http_status :ok
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it "renders the template" do
|
|
|
|
|
expect(response)
|
|
|
|
|
.to render_template :report
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it "assigns permissions" do
|
|
|
|
|
expect(assigns(:permissions))
|
2024-09-02 16:19:48 +02:00
|
|
|
.to match OpenProject::AccessControl.permissions.reject(&:public?).reject(&:hidden?)
|
2022-09-28 21:46:39 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
it "assigns roles" do
|
|
|
|
|
expect(assigns(:roles))
|
|
|
|
|
.to match roles
|
|
|
|
|
end
|
|
|
|
|
end
|
2019-05-29 10:14:40 +02:00
|
|
|
end
|
