htwkmooc/codeocean
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
99bd46af1a5e2a8fa3386e5d8eab2f421e7da761
codeocean/spec/policies/code_ocean/file_policy_spec.rb
Sebastian Serth 99bd46af1a Align project files with CodeHarbor 
Since both projects are developed together and by the same team, we also want to have the same code structure and utility methods available in both projects. Therefore, this commit changes many files, but without a functional change.
2023-10-11 00:18:33 +02:00

141 lines
4.1 KiB
Ruby
Raw Blame History

# frozen_string_literal: true
require 'rails_helper'
RSpec.describe CodeOcean::FilePolicy do
subject(:policy) { described_class }
let(:exercise) { create(:fibonacci) }
let(:submission) { create(:submission) }
permissions :create? do
context 'when being part of an exercise' do
let(:file) { exercise.files.first }
it 'grants access to admins' do
expect(policy).to permit(build(:admin), file)
end
it 'grants access to authors' do
expect(policy).to permit(exercise.author, file)
end
it 'does not grant access to all other users' do
%i[external_user teacher].each do |factory_name|
expect(policy).not_to permit(create(factory_name), file)
end
end
end
context 'when being part of a submission' do
let(:file) { submission.files.first }
shared_context 'when file creation is allowed' do
before do
submission.exercise.update(allow_file_creation: true)
end
end
shared_context 'when file creation is not allowed' do
before do
submission.exercise.update(allow_file_creation: false)
end
end
shared_examples 'no other user allowed to access' do
it 'does not grant access to all other users' do
%i[admin external_user teacher].each do |factory_name|
expect(policy).not_to permit(create(factory_name), file)
end
end
end
context 'when a single user authored' do
context 'when file creation is allowed' do
include_context 'when file creation is allowed'
it 'grants access to authors' do
expect(policy).to permit(submission.author, file)
end
it_behaves_like 'no other user allowed to access'
end
context 'when file creation is not allowed' do
include_context 'when file creation is not allowed'
it 'does not grant access to authors' do
expect(policy).not_to permit(submission.author, file)
end
it_behaves_like 'no other user allowed to access'
end
end
context 'when a programming group authored' do
let(:group_author) { create(:external_user) }
let(:other_group_author) { create(:external_user) }
let(:programming_group) { create(:programming_group, exercise: submission.exercise, users: [group_author, other_group_author]) }
before do
submission.update(contributor: programming_group)
end
context 'when file creation is allowed' do
include_context 'when file creation is allowed'
it 'grants access to authors' do
expect(policy).to permit(group_author, file)
expect(policy).to permit(other_group_author, file)
end
it_behaves_like 'no other user allowed to access'
end
context 'when file creation is not allowed' do
include_context 'when file creation is not allowed'
it 'does not grant access to authors' do
expect(policy).not_to permit(group_author, file)
expect(policy).not_to permit(other_group_author, file)
end
it_behaves_like 'no other user allowed to access'
end
end
it_behaves_like 'no other user allowed to access'
end
end
permissions :destroy? do
context 'when being part of an exercise' do
let(:file) { exercise.files.first }
it 'grants access to admins' do
expect(policy).to permit(build(:admin), file)
end
it 'grants access to authors' do
expect(policy).to permit(exercise.author, file)
end
it 'does not grant access to all other users' do
%i[external_user teacher].each do |factory_name|
expect(policy).not_to permit(create(factory_name), file)
end
end
end
context 'when being part of a submission' do
let(:file) { submission.files.first }
it 'does not grant access to anyone' do
%i[admin external_user teacher].each do |factory_name|
expect(policy).not_to permit(create(factory_name), file)
end
end
end
end
end
Reference in New Issue View Git Blame Copy Permalink