Merge branch 'develop' into feature/realtime.video
This commit is contained in:
commit
1ee33b843f
16 changed files with 255 additions and 233 deletions
1
Gemfile
1
Gemfile
|
@ -7,7 +7,6 @@ gem 'devise'
|
||||||
gem 'redis'
|
gem 'redis'
|
||||||
gem 'pg'
|
gem 'pg'
|
||||||
gem 'pundit'
|
gem 'pundit'
|
||||||
gem 'cancan'
|
|
||||||
gem 'pundit_extra'
|
gem 'pundit_extra'
|
||||||
gem 'formula'
|
gem 'formula'
|
||||||
gem 'formtastic'
|
gem 'formtastic'
|
||||||
|
|
|
@ -57,7 +57,6 @@ GEM
|
||||||
debug_inspector (>= 0.0.1)
|
debug_inspector (>= 0.0.1)
|
||||||
builder (3.2.2)
|
builder (3.2.2)
|
||||||
byebug (8.2.2)
|
byebug (8.2.2)
|
||||||
cancan (1.6.10)
|
|
||||||
cancancan (1.10.1)
|
cancancan (1.10.1)
|
||||||
climate_control (0.0.3)
|
climate_control (0.0.3)
|
||||||
activesupport (>= 3.0)
|
activesupport (>= 3.0)
|
||||||
|
@ -265,7 +264,6 @@ DEPENDENCIES
|
||||||
best_in_place
|
best_in_place
|
||||||
better_errors
|
better_errors
|
||||||
binding_of_caller
|
binding_of_caller
|
||||||
cancan
|
|
||||||
coffee-rails
|
coffee-rails
|
||||||
delayed_job (~> 4.0.2)
|
delayed_job (~> 4.0.2)
|
||||||
delayed_job_active_record (~> 4.0.1)
|
delayed_job_active_record (~> 4.0.1)
|
||||||
|
@ -301,6 +299,3 @@ DEPENDENCIES
|
||||||
tunemygc
|
tunemygc
|
||||||
uglifier
|
uglifier
|
||||||
uservoice-ruby
|
uservoice-ruby
|
||||||
|
|
||||||
BUNDLED WITH
|
|
||||||
1.11.2
|
|
||||||
|
|
|
@ -108,7 +108,7 @@ Metamaps.JIT = {
|
||||||
_.each(results[1], function (synapse) {
|
_.each(results[1], function (synapse) {
|
||||||
mapping = synapse.getMapping();
|
mapping = synapse.getMapping();
|
||||||
Metamaps.Synapses.remove(synapse);
|
Metamaps.Synapses.remove(synapse);
|
||||||
Metamaps.Mappings.remove(mapping);
|
if (Metamaps.Mappings) Metamaps.Mappings.remove(mapping);
|
||||||
});
|
});
|
||||||
|
|
||||||
if (self.vizData.length == 0) {
|
if (self.vizData.length == 0) {
|
||||||
|
|
|
@ -4364,11 +4364,11 @@ Metamaps.Topic = {
|
||||||
nodeOnViz.setPos(new $jit.Complex(mapping.get('xloc'), mapping.get('yloc')), "end");
|
nodeOnViz.setPos(new $jit.Complex(mapping.get('xloc'), mapping.get('yloc')), "end");
|
||||||
}
|
}
|
||||||
if (Metamaps.Create.newTopic.addSynapse && permitCreateSynapseAfter) {
|
if (Metamaps.Create.newTopic.addSynapse && permitCreateSynapseAfter) {
|
||||||
Metamaps.Create.newSynapse.topic1id = tempNode.getData('topic').id;
|
Metamaps.Create.newSynapse.topic1id = Metamaps.tempNode.getData('topic').id;
|
||||||
|
|
||||||
// position the form
|
// position the form
|
||||||
midpoint.x = tempNode.pos.getc().x + (nodeOnViz.pos.getc().x - tempNode.pos.getc().x) / 2;
|
midpoint.x = Metamaps.tempNode.pos.getc().x + (nodeOnViz.pos.getc().x - Metamaps.tempNode.pos.getc().x) / 2;
|
||||||
midpoint.y = tempNode.pos.getc().y + (nodeOnViz.pos.getc().y - tempNode.pos.getc().y) / 2;
|
midpoint.y = Metamaps.tempNode.pos.getc().y + (nodeOnViz.pos.getc().y - Metamaps.tempNode.pos.getc().y) / 2;
|
||||||
pixelPos = Metamaps.Util.coordsToPixels(midpoint);
|
pixelPos = Metamaps.Util.coordsToPixels(midpoint);
|
||||||
$('#new_synapse').css('left', pixelPos.x + "px");
|
$('#new_synapse').css('left', pixelPos.x + "px");
|
||||||
$('#new_synapse').css('top', pixelPos.y + "px");
|
$('#new_synapse').css('top', pixelPos.y + "px");
|
||||||
|
@ -4378,9 +4378,9 @@ Metamaps.Topic = {
|
||||||
modes: ["node-property:dim"],
|
modes: ["node-property:dim"],
|
||||||
duration: 500,
|
duration: 500,
|
||||||
onComplete: function () {
|
onComplete: function () {
|
||||||
tempNode = null;
|
Metamaps.tempNode = null;
|
||||||
tempNode2 = null;
|
Metamaps.tempNode2 = null;
|
||||||
tempInit = false;
|
Metamaps.tempInit = false;
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -24,9 +24,10 @@ class TopicsController < ApplicationController
|
||||||
|
|
||||||
respond_to do |format|
|
respond_to do |format|
|
||||||
format.html {
|
format.html {
|
||||||
@alltopics = ([@topic] + policy_scope(Topic.relatives(@topic.id)))
|
@alltopics = [@topic].concat(policy_scope(Topic.relatives1(@topic.id)).to_a).concat(policy_scope(Topic.relatives2(@topic.id)).to_a)
|
||||||
@allsynapses = policy_scope(Synapse.for_topic(@topic.id))
|
@allsynapses = policy_scope(Synapse.for_topic(@topic.id)).to_a
|
||||||
|
puts @alltopics.length
|
||||||
|
puts @allsynapses.length
|
||||||
@allcreators = @alltopics.map(&:user).uniq
|
@allcreators = @alltopics.map(&:user).uniq
|
||||||
@allcreators += @allsynapses.map(&:user).uniq
|
@allcreators += @allsynapses.map(&:user).uniq
|
||||||
|
|
||||||
|
@ -41,8 +42,8 @@ class TopicsController < ApplicationController
|
||||||
@topic = Topic.find(params[:id])
|
@topic = Topic.find(params[:id])
|
||||||
authorize @topic
|
authorize @topic
|
||||||
|
|
||||||
@alltopics = [@topic] + policy_scope(@topic.relatives)
|
@alltopics = [@topic].concat(policy_scope(Topic.relatives1(@topic.id)).to_a).concat(policy_scope(Topic.relatives2(@topic.id)).to_a)
|
||||||
@allsynapses = policy_scope(@topic.synapses)
|
@allsynapses = policy_scope(Synapse.for_topic(@topic.id))
|
||||||
|
|
||||||
@allcreators = @alltopics.map(&:user).uniq
|
@allcreators = @alltopics.map(&:user).uniq
|
||||||
@allcreators += @allsynapses.map(&:user).uniq
|
@allcreators += @allsynapses.map(&:user).uniq
|
||||||
|
@ -65,8 +66,8 @@ class TopicsController < ApplicationController
|
||||||
|
|
||||||
topicsAlreadyHas = params[:network] ? params[:network].split(',').map(&:to_i) : []
|
topicsAlreadyHas = params[:network] ? params[:network].split(',').map(&:to_i) : []
|
||||||
|
|
||||||
@alltopics = policy_scope(@topic.relatives).to_a.uniq
|
@alltopics = policy_scope(Topic.relatives1(@topic.id)).to_a.concat(policy_scope(Topic.relatives2(@topic.id)).to_a).uniq
|
||||||
@alltopics.delete_if! do |topic|
|
@alltopics.delete_if do |topic|
|
||||||
topicsAlreadyHas.index(topic.id) != nil
|
topicsAlreadyHas.index(topic.id) != nil
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -87,14 +88,15 @@ class TopicsController < ApplicationController
|
||||||
|
|
||||||
topicsAlreadyHas = params[:network] ? params[:network].split(',').map(&:to_i) : []
|
topicsAlreadyHas = params[:network] ? params[:network].split(',').map(&:to_i) : []
|
||||||
|
|
||||||
alltopics = policy_scope(@topic.relatives).to_a.uniq.delete_if do |topic|
|
alltopics = policy_scope(Topic.relatives1(@topic.id)).to_a.concat(policy_scope(Topic.relatives2(@topic.id)).to_a).uniq
|
||||||
|
alltopics.delete_if do |topic|
|
||||||
topicsAlreadyHas.index(topic.id.to_s) != nil
|
topicsAlreadyHas.index(topic.id.to_s) != nil
|
||||||
end
|
end
|
||||||
|
|
||||||
#find synapses between topics in alltopics array
|
#find synapses between topics in alltopics array
|
||||||
allsynapses = policy_scope(@topic.synapses)
|
allsynapses = policy_scope(Synapse.for_topic(@topic.id)).to_a
|
||||||
synapse_ids = (allsynapses.map(&:topic1_id) + allsynapses.map(&:topic2_id)).uniq
|
synapse_ids = (allsynapses.map(&:node1_id) + allsynapses.map(&:node2_id)).uniq
|
||||||
allsynapses.delete_if! do |synapse|
|
allsynapses.delete_if do |synapse|
|
||||||
synapse_ids.index(synapse.id) != nil
|
synapse_ids.index(synapse.id) != nil
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -5,8 +5,8 @@ class Topic < ActiveRecord::Base
|
||||||
|
|
||||||
has_many :synapses1, :class_name => 'Synapse', :foreign_key => 'node1_id', dependent: :destroy
|
has_many :synapses1, :class_name => 'Synapse', :foreign_key => 'node1_id', dependent: :destroy
|
||||||
has_many :synapses2, :class_name => 'Synapse', :foreign_key => 'node2_id', dependent: :destroy
|
has_many :synapses2, :class_name => 'Synapse', :foreign_key => 'node2_id', dependent: :destroy
|
||||||
has_many :topics1, :through => :synapses2, :source => :topic1
|
has_many :topics1, :through => :synapses2, source: :topic1
|
||||||
has_many :topics2, :through => :synapses1, :source => :topic2
|
has_many :topics2, :through => :synapses1, source: :topic2
|
||||||
|
|
||||||
has_many :mappings, as: :mappable, dependent: :destroy
|
has_many :mappings, as: :mappable, dependent: :destroy
|
||||||
has_many :maps, :through => :mappings
|
has_many :maps, :through => :mappings
|
||||||
|
@ -41,10 +41,15 @@ class Topic < ActiveRecord::Base
|
||||||
|
|
||||||
belongs_to :metacode
|
belongs_to :metacode
|
||||||
|
|
||||||
scope :relatives, ->(topic_id = nil) {
|
scope :relatives1, ->(topic_id = nil) {
|
||||||
includes(:synapses1)
|
includes(:topics1)
|
||||||
.includes(:synapses2)
|
.where('synapses.node1_id = ?', topic_id)
|
||||||
.where('synapses.node1_id = ? OR synapses.node2_id = ?', topic_id, topic_id)
|
.references(:synapses)
|
||||||
|
}
|
||||||
|
|
||||||
|
scope :relatives2, ->(topic_id = nil) {
|
||||||
|
includes(:topics2)
|
||||||
|
.where('synapses.node2_id = ?', topic_id)
|
||||||
.references(:synapses)
|
.references(:synapses)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -83,47 +88,4 @@ class Topic < ActiveRecord::Base
|
||||||
def mk_permission
|
def mk_permission
|
||||||
Perm.short(permission)
|
Perm.short(permission)
|
||||||
end
|
end
|
||||||
|
|
||||||
# has no viewable synapses helper function
|
|
||||||
def has_viewable_synapses(current)
|
|
||||||
result = false
|
|
||||||
synapses.each do |synapse|
|
|
||||||
if synapse.authorize_to_show(current)
|
|
||||||
result = true
|
|
||||||
end
|
|
||||||
end
|
|
||||||
result
|
|
||||||
end
|
|
||||||
|
|
||||||
# TODO move to a decorator?
|
|
||||||
def synapses_csv(output_format = 'array')
|
|
||||||
output = []
|
|
||||||
synapses.each do |synapse|
|
|
||||||
if synapse.category == 'from-to'
|
|
||||||
if synapse.node1_id == id
|
|
||||||
output << synapse.node1_id.to_s + '->' + synapse.node2_id.to_s
|
|
||||||
elsif synapse.node2_id == id
|
|
||||||
output << synapse.node2_id.to_s + '<-' + synapse.node1_id.to_s
|
|
||||||
else
|
|
||||||
fail 'invalid synapse on topic in synapse_csv'
|
|
||||||
end
|
|
||||||
elsif synapse.category == 'both'
|
|
||||||
if synapse.node1_id == id
|
|
||||||
output << synapse.node1_id.to_s + '<->' + synapse.node2_id.to_s
|
|
||||||
elsif synapse.node2_id == id
|
|
||||||
output << synapse.node2_id.to_s + '<->' + synapse.node1_id.to_s
|
|
||||||
else
|
|
||||||
fail 'invalid synapse on topic in synapse_csv'
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
|
||||||
if output_format == 'array'
|
|
||||||
return output
|
|
||||||
elsif output_format == 'text'
|
|
||||||
return output.join('; ')
|
|
||||||
else
|
|
||||||
fail 'invalid argument to synapses_csv'
|
|
||||||
end
|
|
||||||
output
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -16,20 +16,28 @@ class MappingPolicy < ApplicationPolicy
|
||||||
end
|
end
|
||||||
|
|
||||||
def show?
|
def show?
|
||||||
map = Pundit.policy(user, record.map)
|
map_policy.show? && mappable_policy.show?
|
||||||
mappable = Pundit.policy(user, record.mappable)
|
|
||||||
map.show? && mappable.show?
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def create?
|
def create?
|
||||||
Pundit.policy(user, record.map).update?
|
record.map.present? && map_policy.update?
|
||||||
end
|
end
|
||||||
|
|
||||||
def update?
|
def update?
|
||||||
Pundit.policy(user, record.map).update?
|
record.mappable_type == 'Topic' && map_policy.update?
|
||||||
end
|
end
|
||||||
|
|
||||||
def destroy?
|
def destroy?
|
||||||
record.user == user || admin_override
|
map_policy.update? || admin_override
|
||||||
|
end
|
||||||
|
|
||||||
|
# Helpers
|
||||||
|
|
||||||
|
def map_policy
|
||||||
|
@map_policy ||= Pundit.policy(user, record.map)
|
||||||
|
end
|
||||||
|
|
||||||
|
def mappable_policy
|
||||||
|
@mappable_policy ||= Pundit.policy(user, record.mappable)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -89,7 +89,8 @@ RSpec.describe MapsController, type: :controller do
|
||||||
expect do
|
expect do
|
||||||
delete :destroy, { id: unowned_map.to_param, format: :json }
|
delete :destroy, { id: unowned_map.to_param, format: :json }
|
||||||
end.to change(Map, :count).by(0)
|
end.to change(Map, :count).by(0)
|
||||||
expect(response.body).to eq("unauthorized")
|
expect(response.body).to eq ''
|
||||||
|
expect(response.status).to eq 403
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'deletes owned map' do
|
it 'deletes owned map' do
|
||||||
|
@ -97,7 +98,8 @@ RSpec.describe MapsController, type: :controller do
|
||||||
expect do
|
expect do
|
||||||
delete :destroy, { id: owned_map.to_param, format: :json }
|
delete :destroy, { id: owned_map.to_param, format: :json }
|
||||||
end.to change(Map, :count).by(-1)
|
end.to change(Map, :count).by(-1)
|
||||||
expect(response.body).to eq("success")
|
expect(response.body).to eq ''
|
||||||
|
expect(response.status).to eq 204
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -92,10 +92,7 @@ RSpec.describe TopicsController, type: :controller do
|
||||||
expect do
|
expect do
|
||||||
delete :destroy, { id: owned_topic.to_param, format: :json }
|
delete :destroy, { id: owned_topic.to_param, format: :json }
|
||||||
end.to change(Topic, :count).by(-1)
|
end.to change(Topic, :count).by(-1)
|
||||||
end
|
expect(response.body).to eq ''
|
||||||
|
|
||||||
it 'return 204 NO CONTENT' do
|
|
||||||
delete :destroy, { id: topic.to_param, format: :json }
|
|
||||||
expect(response.status).to eq 204
|
expect(response.status).to eq 204
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -5,34 +5,5 @@ RSpec.describe Map, type: :model do
|
||||||
it { is_expected.to validate_presence_of :name }
|
it { is_expected.to validate_presence_of :name }
|
||||||
it { is_expected.to validate_presence_of :permission }
|
it { is_expected.to validate_presence_of :permission }
|
||||||
it { is_expected.to validate_inclusion_of(:permission).in_array Perm::ISSIONS.map(&:to_s) }
|
it { is_expected.to validate_inclusion_of(:permission).in_array Perm::ISSIONS.map(&:to_s) }
|
||||||
|
|
||||||
context 'permissions' do
|
|
||||||
let(:owner) { create :user }
|
|
||||||
let(:other_user) { create :user }
|
|
||||||
let(:map) { create :map, user: owner, permission: :commons }
|
|
||||||
let(:private_map) { create :map, user: owner, permission: :private }
|
|
||||||
let(:public_map) { create :map, user: owner, permission: :public }
|
|
||||||
|
|
||||||
it 'prevents deletion by non-owner' do
|
|
||||||
expect(map.authorize_to_delete(other_user)).to eq false
|
|
||||||
expect(map.authorize_to_delete(owner)).to eq map
|
|
||||||
end
|
|
||||||
|
|
||||||
it 'prevents visibility if private' do
|
|
||||||
expect(map.authorize_to_show(other_user)).to eq map
|
|
||||||
expect(map.authorize_to_show(owner)).to eq map
|
|
||||||
expect(private_map.authorize_to_show(owner)).to eq private_map
|
|
||||||
expect(private_map.authorize_to_show(other_user)).to eq false
|
|
||||||
end
|
|
||||||
|
|
||||||
it 'only allows editing if commons or owned' do
|
|
||||||
expect(map.authorize_to_edit(other_user)).to eq map
|
|
||||||
expect(map.authorize_to_edit(owner)).to eq map
|
|
||||||
expect(private_map.authorize_to_edit(other_user)).to eq false
|
|
||||||
expect(private_map.authorize_to_edit(owner)).to eq private_map
|
|
||||||
expect(public_map.authorize_to_edit(other_user)).to eq false
|
|
||||||
expect(public_map.authorize_to_edit(owner)).to eq public_map
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -10,33 +10,4 @@ RSpec.describe Synapse, type: :model do
|
||||||
it { is_expected.to validate_inclusion_of(:permission).in_array Perm::ISSIONS.map(&:to_s) }
|
it { is_expected.to validate_inclusion_of(:permission).in_array Perm::ISSIONS.map(&:to_s) }
|
||||||
it { is_expected.to validate_inclusion_of(:category).in_array ['from-to', 'both'] }
|
it { is_expected.to validate_inclusion_of(:category).in_array ['from-to', 'both'] }
|
||||||
it { is_expected.to validate_length_of(:desc).is_at_least(0) } # TODO don't allow nil
|
it { is_expected.to validate_length_of(:desc).is_at_least(0) } # TODO don't allow nil
|
||||||
|
|
||||||
context 'permissions' do
|
|
||||||
let(:owner) { create :user }
|
|
||||||
let(:other_user) { create :user }
|
|
||||||
let(:synapse) { create :synapse, user: owner, permission: :commons }
|
|
||||||
let(:private_synapse) { create :synapse, user: owner, permission: :private }
|
|
||||||
let(:public_synapse) { create :synapse, user: owner, permission: :public }
|
|
||||||
|
|
||||||
it 'prevents deletion by non-owner' do
|
|
||||||
expect(synapse.authorize_to_delete(other_user)).to eq false
|
|
||||||
expect(synapse.authorize_to_delete(owner)).to eq synapse
|
|
||||||
end
|
|
||||||
|
|
||||||
it 'prevents visibility if private' do
|
|
||||||
expect(synapse.authorize_to_show(other_user)).to eq synapse
|
|
||||||
expect(synapse.authorize_to_show(owner)).to eq synapse
|
|
||||||
expect(private_synapse.authorize_to_show(owner)).to eq private_synapse
|
|
||||||
expect(private_synapse.authorize_to_show(other_user)).to eq false
|
|
||||||
end
|
|
||||||
|
|
||||||
it 'only allows editing if commons or owned' do
|
|
||||||
expect(synapse.authorize_to_edit(other_user)).to eq synapse
|
|
||||||
expect(synapse.authorize_to_edit(owner)).to eq synapse
|
|
||||||
expect(private_synapse.authorize_to_edit(other_user)).to eq false
|
|
||||||
expect(private_synapse.authorize_to_edit(owner)).to eq private_synapse
|
|
||||||
expect(public_synapse.authorize_to_edit(other_user)).to eq false
|
|
||||||
expect(public_synapse.authorize_to_edit(owner)).to eq public_synapse
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -7,75 +7,4 @@ RSpec.describe Topic, type: :model do
|
||||||
it { is_expected.to have_many :mappings }
|
it { is_expected.to have_many :mappings }
|
||||||
it { is_expected.to validate_presence_of :permission }
|
it { is_expected.to validate_presence_of :permission }
|
||||||
it { is_expected.to validate_inclusion_of(:permission).in_array Perm::ISSIONS.map(&:to_s) }
|
it { is_expected.to validate_inclusion_of(:permission).in_array Perm::ISSIONS.map(&:to_s) }
|
||||||
|
|
||||||
context 'has_viewable_synapses function' do
|
|
||||||
let (:user) { create(:user) }
|
|
||||||
let (:other_user) { create(:user) }
|
|
||||||
|
|
||||||
context 'topic with no synapses' do
|
|
||||||
let (:topic) { create(:topic) }
|
|
||||||
|
|
||||||
it 'returns false' do
|
|
||||||
expect(topic.has_viewable_synapses(user)).to eq false
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
context 'topic with one unpermitted synapse' do
|
|
||||||
let (:synapse) { create(:synapse, permission: :private, user: other_user) }
|
|
||||||
let (:topic) { create(:topic, synapses1: [synapse]) }
|
|
||||||
|
|
||||||
it 'returns false' do
|
|
||||||
expect(topic.has_viewable_synapses(user)).to eq false
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
context 'topic with one permitted synapse' do
|
|
||||||
let (:synapse) { create(:synapse, permission: :private, user: user) }
|
|
||||||
let(:topic) { create(:topic, synapses1: [synapse]) }
|
|
||||||
|
|
||||||
it 'returns true' do
|
|
||||||
expect(topic.has_viewable_synapses(user)).to eq true
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
context 'topic with one unpermitted, one permitted synapse' do
|
|
||||||
let (:synapse1) { create(:synapse, permission: :private, user: other_user) }
|
|
||||||
let (:synapse2) { create(:synapse, permission: :private, user: user) }
|
|
||||||
let (:topic) { create(:topic, synapses1: [synapse1, synapse2]) }
|
|
||||||
|
|
||||||
it 'returns true' do
|
|
||||||
expect(topic.synapses.count).to eq 2
|
|
||||||
expect(topic.has_viewable_synapses(user)).to eq true
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
context 'permssions' do
|
|
||||||
let(:owner) { create :user }
|
|
||||||
let(:other_user) { create :user }
|
|
||||||
let(:topic) { create :topic, user: owner, permission: :commons }
|
|
||||||
let(:private_topic) { create :topic, user: owner, permission: :private }
|
|
||||||
let(:public_topic) { create :topic, user: owner, permission: :public }
|
|
||||||
|
|
||||||
it 'prevents deletion by non-owner' do
|
|
||||||
expect(topic.authorize_to_delete(other_user)).to eq false
|
|
||||||
expect(topic.authorize_to_delete(owner)).to eq topic
|
|
||||||
end
|
|
||||||
|
|
||||||
it 'prevents visibility if private' do
|
|
||||||
expect(topic.authorize_to_show(other_user)).to eq topic
|
|
||||||
expect(topic.authorize_to_show(owner)).to eq topic
|
|
||||||
expect(private_topic.authorize_to_show(owner)).to eq private_topic
|
|
||||||
expect(private_topic.authorize_to_show(other_user)).to eq false
|
|
||||||
end
|
|
||||||
|
|
||||||
it 'only allows editing if commons or owned' do
|
|
||||||
expect(topic.authorize_to_edit(other_user)).to eq topic
|
|
||||||
expect(topic.authorize_to_edit(owner)).to eq topic
|
|
||||||
expect(private_topic.authorize_to_edit(other_user)).to eq false
|
|
||||||
expect(private_topic.authorize_to_edit(owner)).to eq private_topic
|
|
||||||
expect(public_topic.authorize_to_edit(other_user)).to eq false
|
|
||||||
expect(public_topic.authorize_to_edit(owner)).to eq public_topic
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -7,12 +7,12 @@ RSpec.describe MapPolicy, type: :policy do
|
||||||
context 'commons' do
|
context 'commons' do
|
||||||
let(:map) { create(:map, permission: :commons) }
|
let(:map) { create(:map, permission: :commons) }
|
||||||
permissions :show? do
|
permissions :show? do
|
||||||
it 'can view' do
|
it 'permits access' do
|
||||||
expect(subject).to permit(nil, map)
|
expect(subject).to permit(nil, map)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
permissions :create?, :update?, :destroy? do
|
permissions :create?, :update?, :destroy? do
|
||||||
it 'can not modify' do
|
it 'denies access' do
|
||||||
expect(subject).to_not permit(nil, map)
|
expect(subject).to_not permit(nil, map)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -21,7 +21,7 @@ RSpec.describe MapPolicy, type: :policy do
|
||||||
context 'private' do
|
context 'private' do
|
||||||
let(:map) { create(:map, permission: :private) }
|
let(:map) { create(:map, permission: :private) }
|
||||||
permissions :show?, :create?, :update?, :destroy? do
|
permissions :show?, :create?, :update?, :destroy? do
|
||||||
it 'can not view or modify' do
|
it 'permits access' do
|
||||||
expect(subject).to_not permit(nil, map)
|
expect(subject).to_not permit(nil, map)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -39,15 +39,15 @@ RSpec.describe MapPolicy, type: :policy do
|
||||||
let(:owner) { create(:user) }
|
let(:owner) { create(:user) }
|
||||||
let(:map) { create(:map, permission: :commons, user: owner) }
|
let(:map) { create(:map, permission: :commons, user: owner) }
|
||||||
permissions :show?, :create?, :update? do
|
permissions :show?, :create?, :update? do
|
||||||
it 'can view and modify' do
|
it 'permits access' do
|
||||||
expect(subject).to permit(user, map)
|
expect(subject).to permit(user, map)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
permissions :destroy? do
|
permissions :destroy? do
|
||||||
it 'can not destroy' do
|
it 'denies access' do
|
||||||
expect(subject).to_not permit(user, map)
|
expect(subject).to_not permit(user, map)
|
||||||
end
|
end
|
||||||
it 'owner can destroy' do
|
it 'permits access to owner' do
|
||||||
expect(subject).to permit(owner, map)
|
expect(subject).to permit(owner, map)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -56,21 +56,16 @@ RSpec.describe MapPolicy, type: :policy do
|
||||||
context 'public' do
|
context 'public' do
|
||||||
let(:owner) { create(:user) }
|
let(:owner) { create(:user) }
|
||||||
let(:map) { create(:map, permission: :public, user: owner) }
|
let(:map) { create(:map, permission: :public, user: owner) }
|
||||||
permissions :show? do
|
permissions :show?, :create? do
|
||||||
it 'can view' do
|
it 'permits access' do
|
||||||
expect(subject).to permit(user, map)
|
|
||||||
end
|
|
||||||
end
|
|
||||||
permissions :create? do
|
|
||||||
it 'can create' do
|
|
||||||
expect(subject).to permit(user, map)
|
expect(subject).to permit(user, map)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
permissions :update?, :destroy? do
|
permissions :update?, :destroy? do
|
||||||
it 'can not update/destroy' do
|
it 'denies access' do
|
||||||
expect(subject).to_not permit(user, map)
|
expect(subject).to_not permit(user, map)
|
||||||
end
|
end
|
||||||
it 'owner can update/destroy' do
|
it 'permits access to owner' do
|
||||||
expect(subject).to permit(owner, map)
|
expect(subject).to permit(owner, map)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -80,15 +75,15 @@ RSpec.describe MapPolicy, type: :policy do
|
||||||
let(:owner) { create(:user) }
|
let(:owner) { create(:user) }
|
||||||
let(:map) { create(:map, permission: :private, user: owner) }
|
let(:map) { create(:map, permission: :private, user: owner) }
|
||||||
permissions :create? do
|
permissions :create? do
|
||||||
it 'can create' do
|
it 'permits access' do
|
||||||
expect(subject).to permit(user, map)
|
expect(subject).to permit(user, map)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
permissions :show?, :update?, :destroy? do
|
permissions :show?, :update?, :destroy? do
|
||||||
it 'can not view or modify' do
|
it 'denies access' do
|
||||||
expect(subject).to_not permit(user, map)
|
expect(subject).to_not permit(user, map)
|
||||||
end
|
end
|
||||||
it 'owner can view and modify' do
|
it 'permits access to owner' do
|
||||||
expect(subject).to permit(owner, map)
|
expect(subject).to permit(owner, map)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
7
spec/policies/mapping_policy_spec.rb
Normal file
7
spec/policies/mapping_policy_spec.rb
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
require 'rails_helper'
|
||||||
|
|
||||||
|
RSpec.describe MappingPolicy, type: :policy do
|
||||||
|
subject { described_class }
|
||||||
|
|
||||||
|
pending 'Implement some mapping tests!'
|
||||||
|
end
|
92
spec/policies/synapse_policy.rb
Normal file
92
spec/policies/synapse_policy.rb
Normal file
|
@ -0,0 +1,92 @@
|
||||||
|
require 'rails_helper'
|
||||||
|
|
||||||
|
RSpec.describe SynapsePolicy, type: :policy do
|
||||||
|
subject { described_class }
|
||||||
|
|
||||||
|
context 'unauthenticated' do
|
||||||
|
context 'commons' do
|
||||||
|
let(:synapse) { create(:synapse, permission: :commons) }
|
||||||
|
permissions :show? do
|
||||||
|
it 'permits access' do
|
||||||
|
expect(subject).to permit(nil, synapse)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
permissions :create?, :update?, :destroy? do
|
||||||
|
it 'denies access' do
|
||||||
|
expect(subject).to_not permit(nil, synapse)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'private' do
|
||||||
|
let(:synapse) { create(:synapse, permission: :private) }
|
||||||
|
permissions :show?, :create?, :update?, :destroy? do
|
||||||
|
it 'denies access' do
|
||||||
|
expect(subject).to_not permit(nil, synapse)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
#
|
||||||
|
# Now begin the logged-in tests
|
||||||
|
#
|
||||||
|
|
||||||
|
context 'logged in' do
|
||||||
|
let(:user) { create(:user) }
|
||||||
|
|
||||||
|
context 'commons' do
|
||||||
|
let(:owner) { create(:user) }
|
||||||
|
let(:synapse) { create(:synapse, permission: :commons, user: owner) }
|
||||||
|
permissions :show?, :create?, :update? do
|
||||||
|
it 'permits access' do
|
||||||
|
expect(subject).to permit(user, synapse)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
permissions :destroy? do
|
||||||
|
it 'denies access' do
|
||||||
|
expect(subject).to_not permit(user, synapse)
|
||||||
|
end
|
||||||
|
it 'permits access to owner' do
|
||||||
|
expect(subject).to permit(owner, synapse)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'public' do
|
||||||
|
let(:owner) { create(:user) }
|
||||||
|
let(:synapse) { create(:synapse, permission: :public, user: owner) }
|
||||||
|
permissions :show?, :create? do
|
||||||
|
it 'permits access' do
|
||||||
|
expect(subject).to permit(user, synapse)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
permissions :update?, :destroy? do
|
||||||
|
it 'denies access' do
|
||||||
|
expect(subject).to_not permit(user, synapse)
|
||||||
|
end
|
||||||
|
it 'permits access to owner' do
|
||||||
|
expect(subject).to permit(owner, synapse)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'private' do
|
||||||
|
let(:owner) { create(:user) }
|
||||||
|
let(:synapse) { create(:synapse, permission: :private, user: owner) }
|
||||||
|
permissions :create? do
|
||||||
|
it 'permits access' do
|
||||||
|
expect(subject).to permit(user, synapse)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
permissions :show?, :update?, :destroy? do
|
||||||
|
it 'denies access' do
|
||||||
|
expect(subject).to_not permit(user, synapse)
|
||||||
|
end
|
||||||
|
it 'permits access to owner' do
|
||||||
|
expect(subject).to permit(owner, synapse)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
92
spec/policies/topic_policy_spec.rb
Normal file
92
spec/policies/topic_policy_spec.rb
Normal file
|
@ -0,0 +1,92 @@
|
||||||
|
require 'rails_helper'
|
||||||
|
|
||||||
|
RSpec.describe TopicPolicy, type: :policy do
|
||||||
|
subject { described_class }
|
||||||
|
|
||||||
|
context 'unauthenticated' do
|
||||||
|
context 'commons' do
|
||||||
|
let(:topic) { create(:topic, permission: :commons) }
|
||||||
|
permissions :show? do
|
||||||
|
it 'permits access' do
|
||||||
|
expect(subject).to permit(nil, topic)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
permissions :create?, :update?, :destroy? do
|
||||||
|
it 'denies access' do
|
||||||
|
expect(subject).to_not permit(nil, topic)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'private' do
|
||||||
|
let(:topic) { create(:topic, permission: :private) }
|
||||||
|
permissions :show?, :create?, :update?, :destroy? do
|
||||||
|
it 'denies access' do
|
||||||
|
expect(subject).to_not permit(nil, topic)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
#
|
||||||
|
# Now begin the logged-in tests
|
||||||
|
#
|
||||||
|
|
||||||
|
context 'logged in' do
|
||||||
|
let(:user) { create(:user) }
|
||||||
|
|
||||||
|
context 'commons' do
|
||||||
|
let(:owner) { create(:user) }
|
||||||
|
let(:topic) { create(:topic, permission: :commons, user: owner) }
|
||||||
|
permissions :show?, :create?, :update? do
|
||||||
|
it 'permits access' do
|
||||||
|
expect(subject).to permit(user, topic)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
permissions :destroy? do
|
||||||
|
it 'denies access' do
|
||||||
|
expect(subject).to_not permit(user, topic)
|
||||||
|
end
|
||||||
|
it 'permits access to owner' do
|
||||||
|
expect(subject).to permit(owner, topic)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'public' do
|
||||||
|
let(:owner) { create(:user) }
|
||||||
|
let(:topic) { create(:topic, permission: :public, user: owner) }
|
||||||
|
permissions :show?, :create? do
|
||||||
|
it 'permits access' do
|
||||||
|
expect(subject).to permit(user, topic)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
permissions :update?, :destroy? do
|
||||||
|
it 'denies access' do
|
||||||
|
expect(subject).to_not permit(user, topic)
|
||||||
|
end
|
||||||
|
it 'permits access to owner' do
|
||||||
|
expect(subject).to permit(owner, topic)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'private' do
|
||||||
|
let(:owner) { create(:user) }
|
||||||
|
let(:topic) { create(:topic, permission: :private, user: owner) }
|
||||||
|
permissions :create? do
|
||||||
|
it 'permits access' do
|
||||||
|
expect(subject).to permit(user, topic)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
permissions :show?, :update?, :destroy? do
|
||||||
|
it 'denies access' do
|
||||||
|
expect(subject).to_not permit(user, topic)
|
||||||
|
end
|
||||||
|
it 'permits access to owner' do
|
||||||
|
expect(subject).to permit(owner, topic)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in a new issue