make controller permissions guarding specs consistent [#2 state:resol…

…ved]

spec/controllers/admin/comments_controller_spec.rb

@@ -7,6 +7,7 @@
     scenario :blog_with_published_article, :blog_comments
     set_resource_paths :comment, '/admin/sites/1/'
     @controller.stub! :require_authentication
+    @controller.stub!(:has_permission?).and_return true
   end
 
   it "should be an Admin::BaseController" do
@@ -29,13 +30,15 @@
     act! { request_to :get, @collection_path }    
     it_assigns :comments
     it_renders_template :index
+    it_guards_permissions :show, :comment
   end
 
   # describe "GET to :show" do
   #   act! { request_to :get, @member_path }    
   #   it_assigns :comment
   #   it_renders_template :show
-  #   
+  #   it_guards_permissions :show, :comment
+  #
   #   it "fetches a comment from site.comments" do
   #     @site.comments.should_receive(:find).and_return @comment
   #     act!
@@ -46,7 +49,8 @@
   #   act! { request_to :get, @new_member_path }    
   #   it_assigns :comment
   #   it_renders_template :new
-  #   
+  #   it_guards_permissions :create, :comment
+  #
   #   it "instantiates a new comment from site.comments" do
   #     @site.comments.should_receive(:build).and_return @comment
   #     act!
@@ -56,7 +60,8 @@
   # describe "POST to :create" do
   #   act! { request_to :post, @collection_path }    
   #   it_assigns :comment
-  #   
+  #   it_guards_permissions :create, :comment
+  #
   #   it "instantiates a new comment from site.comments" do
   #     @site.comments.should_receive(:build).and_return @comment
   #     act!
@@ -78,6 +83,7 @@
     act! { request_to :get, @edit_member_path }    
     it_assigns :comment
     it_renders_template :edit
+    it_guards_permissions :update, :comment
 
     it "fetches a comment from site.comments" do
       @site.comments.should_receive(:find).and_return @comment
@@ -87,7 +93,8 @@
 
   describe "PUT to :update" do
     act! { request_to :put, @member_path, :return_to => '/redirect/here' }    
-    it_assigns :comment    
+    it_assigns :comment
+    it_guards_permissions :update, :comment
 
     it "fetches a comment from site.comments" do
       @site.comments.should_receive(:find).and_return @comment
@@ -114,6 +121,7 @@
   describe "DELETE to :destroy" do
     act! { request_to :delete, @member_path, :return_to => '/redirect/here' }    
     it_assigns :comment
+    it_guards_permissions :destroy, :comment
 
     it "fetches a comment from site.comments" do
       @site.comments.should_receive(:find).and_return @comment

spec/controllers/admin/plugins_controller_spec.rb

@@ -31,14 +31,14 @@
 
   describe "GET to :index" do
     act! { request_to :get, @collection_path }    
-    # it_guards_permissions :show, :plugin
+    it_guards_permissions :show, :plugin
     it_assigns :plugins
     it_renders_template :index
   end
 
   describe "GET to :show" do
     act! { request_to :get, @member_path }    
-    # it_guards_permissions :show, :plugin
+    it_guards_permissions :show, :plugin
     it_assigns :plugin
     it_renders_template :show
   end
@@ -48,6 +48,7 @@
     it_assigns :plugin    
     it_redirects_to { @member_path }
     it_assigns_flash_cookie :notice => :not_nil
+    it_guards_permissions :update, :plugin
 
     it "updates the plugin's config options" do
       @plugin.should_receive(:options=).with 'name' => 'value'
@@ -65,6 +66,7 @@
     it_assigns :plugin
     it_redirects_to { @member_path }
     it_assigns_flash_cookie :notice => :not_nil
+    it_guards_permissions :destroy, :plugin
 
     it "resets the plugin's config options" do
       @plugin.should_receive(:options=).with({})

spec/controllers/wiki_controller_spec.rb

@@ -66,22 +66,22 @@
   end
 
   describe "GET to #{wiki_pages_path}" do
-    act! { request_to :get, wiki_pages_path }    
-    # it_guards_permissions :show, :wikipage
+    act! { request_to :get, wiki_pages_path }
     it_assigns :wikipages
     it_renders_template :index
+    # it_guards_permissions :show, :wikipage   
   end  
 
   describe "GET to #{wiki_category_path}" do
-    act! { request_to :get, wiki_category_path } 
-    # it_guards_permissions :show, :wikipage   
+    act! { request_to :get, wiki_category_path }
     it_assigns :category
+    # it_guards_permissions :show, :wikipage   
   end  
 
   describe "GET to #{wiki_tag_path}" do
-    act! { request_to :get, wiki_tag_path }    
-    # it_guards_permissions :show, :wikipage   
+    act! { request_to :get, wiki_tag_path }
     it_assigns :tags
+    # it_guards_permissions :show, :wikipage   
   end  
 
   describe "GET to #{wiki_page_path}" do
@@ -114,9 +114,9 @@
     end
 
     describe "with an existing wikipage" do
-      # it_guards_permissions :show, :wikipage   
       it_assigns :wikipage
       it_renders_template :show
+      # it_guards_permissions :show, :wikipage   
     end
   end  
 
@@ -132,8 +132,8 @@
 
   describe "GET to #{wiki_page_diff_path}" do
     act! { request_to :get, wiki_page_diff_path }    
-    # it_guards_permissions :show, :wikipage   
     it_assigns :wikipage, :diff => 'the diff'
+    # it_guards_permissions :show, :wikipage   
 
     it "diffs the wikipage against the given version" do
       @wikipage.should_receive(:diff_against_version)
@@ -142,9 +142,9 @@
   end
 
   describe "GET to #{wiki_page_revision_diff_path}" do
-    act! { request_to :get, wiki_page_revision_diff_path }    
+    act! { request_to :get, wiki_page_revision_diff_path }   
+    it_assigns :wikipage, :diff => 'the diff' 
     # it_guards_permissions :show, :wikipage   
-    it_assigns :wikipage, :diff => 'the diff'
 
     it "reverts the wikipage to the given version" do
       @wikipage.should_receive(:revert_to).at_least :once
@@ -248,6 +248,7 @@
   #   describe "GET to #{path}" do
   #     act! { request_to :get, path }
   #     it_renders_template 'show', :format => :atom
+  #     it_guards_permissions :show, :wikipage
   #   end
   # end
 
@@ -256,6 +257,7 @@
       act! { request_to :get, path }
       it_renders_template 'comments/comments', :format => :atom        
       it_gets_page_cached
+      # it_guards_permissions :show, :wikipage
     end
   end
 end  

vendor/engines/adva_cms/app/controllers/admin/plugins_controller.rb

@@ -2,6 +2,8 @@ class Admin::PluginsController < Admin::BaseController
   before_filter :set_plugins, :only => :index
   before_filter :set_plugin, :only => [:show, :edit, :update, :destroy]
 
+  guards_permissions :plugin
+
   def index    
   end
 

vendor/engines/adva_comments/app/controllers/admin/comments_controller.rb

@@ -8,6 +8,7 @@ class Admin::CommentsController < Admin::BaseController
   after_filter :postback_spaminess, :only => [:update]
 
   cache_sweeper :comment_sweeper, :only => [:create, :update, :destroy]
+  guards_permissions :comment
 
   def show
     @reply = Comment.new :commentable_type => @comment.commentable_type,

vendor/engines/adva_wiki/app/controllers/wiki_controller.rb

@@ -8,11 +8,11 @@ class WikiController < BaseController
   before_filter :optimistic_lock, :only => [:update]
 
   authenticates_anonymous_user
-  guards_permissions :wikipage, :except => [:index, :show, :diff]
   acts_as_commentable
 
   caches_page_with_references :index, :show, :track => ['@wikipage', '@wikipages', '@category', {'@site' => :tag_counts, '@section' => :tag_counts}]
   cache_sweeper :wikipage_sweeper, :category_sweeper, :tag_sweeper, :only => [:create, :update, :rollback, :destroy]
+  guards_permissions :wikipage, :except => [:index, :show, :diff]
 
   helper_method :collection_title