From 517886ea0b6a05f1e6a3c4babdb22a00132e9ab6 Mon Sep 17 00:00:00 2001
From: Karol <git@koehn.pro>
Date: Thu, 29 Oct 2020 18:06:14 +0100
Subject: [PATCH] fix codeharbor_export policies, add specs

---
 app/policies/exercise_policy.rb       |  6 ++-
 spec/policies/exercise_policy_spec.rb | 56 ++++++++++++++++++++++++++-
 2 files changed, 60 insertions(+), 2 deletions(-)

diff --git a/app/policies/exercise_policy.rb b/app/policies/exercise_policy.rb
index eced0408..07ee02df 100644
--- a/app/policies/exercise_policy.rb
+++ b/app/policies/exercise_policy.rb
@@ -19,10 +19,14 @@ class ExercisePolicy < AdminOrAuthorPolicy
     admin?
   end
 
-  [:clone?, :destroy?, :edit?, :update?, :export_external_check?, :export_external_confirm?].each do |action|
+  [:clone?, :destroy?, :edit?, :update?].each do |action|
     define_method(action) { admin? || teacher_in_study_group? || author? }
   end
 
+  [:export_external_check?, :export_external_confirm?].each do |action|
+    define_method(action) { (admin? || teacher_in_study_group? || author?) && @user.codeharbor_link }
+  end
+
   [:implement?, :working_times?, :intervention?, :search?, :submit?, :reload?].each do |action|
     define_method(action) { everyone }
   end
diff --git a/spec/policies/exercise_policy_spec.rb b/spec/policies/exercise_policy_spec.rb
index 999f1a1c..7f9d60a1 100644
--- a/spec/policies/exercise_policy_spec.rb
+++ b/spec/policies/exercise_policy_spec.rb
@@ -30,7 +30,7 @@ let(:exercise) { FactoryBot.build(:dummy, public: true) }
     end
   end
 
-  [:clone?, :destroy?, :edit?, :update?, :export_external_check?, :export_external_confirm?].each do |action|
+  [:clone?, :destroy?, :edit?, :update?].each do |action|
     permissions(action) do
       it 'grants access to admins' do
         expect(subject).to permit(FactoryBot.build(:admin), exercise)
@@ -48,6 +48,60 @@ let(:exercise) { FactoryBot.build(:dummy, public: true) }
     end
   end
 
+  [:export_external_check?, :export_external_confirm?].each do |action|
+    permissions(action) do
+      context 'when user is author' do
+        let(:user) { exercise.author }
+
+        it 'does not grant access' do
+          expect(subject).not_to permit(user, exercise)
+        end
+
+        context 'when user has codeharbor_link' do
+          before { user.codeharbor_link = FactoryBot.build(:codeharbor_link) }
+
+          it 'grants access' do
+            expect(subject).to permit(user, exercise)
+          end
+        end
+      end
+
+      context 'when user is admin' do
+        let(:user) { FactoryBot.build(:admin) }
+
+        it 'does not grant access' do
+          expect(subject).not_to permit(user, exercise)
+        end
+
+        context 'when user has codeharbor_link' do
+          before { user.codeharbor_link = FactoryBot.build(:codeharbor_link) }
+
+          it 'grants access' do
+            expect(subject).to permit(user, exercise)
+          end
+        end
+      end
+
+      [:external_user, :teacher].each do |factory_name|
+        context "when user is #{factory_name}" do
+          let(:user) { FactoryBot.build(factory_name) }
+
+          it 'does not grant access' do
+            expect(subject).not_to permit(user, exercise)
+          end
+
+          context 'when user has codeharbor_link' do
+            before { user.codeharbor_link = FactoryBot.build(:codeharbor_link) }
+
+            it 'does not grants access' do
+              expect(subject).not_to permit(user, exercise)
+            end
+          end
+        end
+      end
+    end
+  end
+
   [:show?].each do |action|
     permissions(action) do
       it 'not grants access to external users' do