diff options
author | Shinya Maeda <gitlab.shinyamaeda@gmail.com> | 2017-06-05 16:19:23 +0300 |
---|---|---|
committer | Shinya Maeda <shinya@gitlab.com> | 2017-06-28 15:58:31 +0300 |
commit | 8026f47d67546d48139cb35a0dc16bbac47b1bb7 (patch) | |
tree | 0e50342b89fd783b473f54c976c67562c05f0815 /spec/support/matchers | |
parent | d67b5c099e12e3f70ae821c32e5a5cedd86ed398 (diff) |
Add changelog. Add AccessMatchersForController
Diffstat (limited to 'spec/support/matchers')
-rw-r--r-- | spec/support/matchers/access_matchers_for_controller.rb | 88 |
1 files changed, 88 insertions, 0 deletions
diff --git a/spec/support/matchers/access_matchers_for_controller.rb b/spec/support/matchers/access_matchers_for_controller.rb new file mode 100644 index 00000000000..4da10247801 --- /dev/null +++ b/spec/support/matchers/access_matchers_for_controller.rb @@ -0,0 +1,88 @@ +# AccessMatchersForController +# +# For testing authorize_xxx in controller. +module AccessMatchersForController + extend RSpec::Matchers::DSL + include Warden::Test::Helpers + + EXPECTED_STATUS_CODE_ALLOWED = [200, 302] + EXPECTED_STATUS_CODE_DENIED = [404] + + def emulate_user(role, membership = nil) + case role + when :admin + user = create(:admin) + sign_in(user) + when *Gitlab::Access.sym_options_with_owner.keys # owner, master, developer, reporter, guest + raise ArgumentError, "cannot emulate #{role} without membership parent" unless membership + + if role == :owner && membership.owner + user = membership.owner + else + user = create(:user) + membership.public_send(:"add_#{role}", user) + end + + sign_in(user) + when :user + user = create(:user) + sign_in(user) + when :external + user = create(:user, external: true) + sign_in(user) + when :visitor + # no-op + else + raise ArgumentError, "cannot emulate user #{role}" + end + + user + end + + def description_for(role, type, expected, result) + "be #{type} for #{role}." \ + " Expected: #{expected.join(',')} Result: #{result}" + end + + matcher :be_allowed_for do |role| + match do |action| + user = emulate_user(role, @membership) + begin + action.call(user) + rescue Exception => e + # Ignore internal exceptions which will be caused in the controller + # In such cases, response.status will be 200. + end + + EXPECTED_STATUS_CODE_ALLOWED.include?(response.status) + end + + chain :of do |membership| + @membership = membership + end + + description { description_for(role, 'allowed', EXPECTED_STATUS_CODE_ALLOWED, response.status) } + supports_block_expectations + end + + matcher :be_denied_for do |role| + match do |action| + user = emulate_user(role, @membership) + begin + action.call(user) + rescue Exception => e + # Ignore internal exceptions which will be caused in the controller + # In such cases, response.status will be 200. + end + + EXPECTED_STATUS_CODE_DENIED.include?(response.status) + end + + chain :of do |membership| + @membership = membership + end + + description { description_for(role, 'denied', EXPECTED_STATUS_CODE_DENIED, response.status) } + supports_block_expectations + end +end |