htwkmooc/codeocean
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Improve CodeOcean::FilePolicy with specs

Browse Source
This commit is contained in:
Sebastian Serth
2020-12-07 14:41:30 +01:00
parent fac29f73d4
commit f5492ca35d
3 changed files with 27 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/policies/code_ocean/file_policy.rb
View File

@ -14,7 +14,7 @@ module CodeOcean
def create?
if @record.context.is_a?(Exercise)
admin? # FIXME: || author?
admin? || author?
elsif @record.context.is_a?(Submission) and @record.context.exercise.allow_file_creation
author?
else

10
spec/controllers/code_ocean/files_controller_spec.rb
View File

@ -9,7 +9,10 @@ describe CodeOcean::FilesController do
context 'with a valid file' do
let(:perform_request) { proc { post :create, params: { code_ocean_file: FactoryBot.build(:file, context: submission).attributes, format: :json } } }
before(:each) { perform_request.call }
before(:each) do
submission.exercise.update(allow_file_creation: true)
perform_request.call
end
expect_assigns(file: CodeOcean::File)
@ -22,7 +25,10 @@ describe CodeOcean::FilesController do
end
context 'with an invalid file' do
before(:each) { post :create, params: { code_ocean_file: {context_id: submission.id, context_type: Submission}, format: :json } }
before(:each) do
submission.exercise.update(allow_file_creation: true)
post :create, params: { code_ocean_file: {context_id: submission.id, context_type: Submission}, format: :json }
end
expect_assigns(file: CodeOcean::File)
expect_json

20
spec/policies/code_ocean/file_policy_spec.rb
View File

@ -28,8 +28,24 @@ describe CodeOcean::FilePolicy do
context 'as part of a submission' do
let(:file) { submission.files.first }
it 'grants access to authors' do
expect(subject).to permit(submission.author, file)
context 'where file creation is allowed' do
before do
submission.exercise.update(allow_file_creation: true)
end
it 'grants access to authors' do
expect(subject).to permit(submission.author, file)
end
end
context 'where file creation is not allowed' do
before do
submission.exercise.update(allow_file_creation: false)
end
it 'grants access to authors' do
expect(subject).not_to permit(submission.author, file)
end
end
it 'does not grant access to all other users' do