From 765774195bb3424b11e0732c4c83b70c876a615f Mon Sep 17 00:00:00 2001
From: Sven Fuchs <svenfuchs@artweb-design.de>
Date: Thu, 17 Jul 2008 16:40:00 +0200
Subject: [PATCH] make controller permissions guarding specs consistent [#2
 state:resolved]

---
 .../admin/comments_controller_spec.rb         | 16 ++++++++++----
 .../admin/plugins_controller_spec.rb          |  6 +++--
 ...ions_spec.rb => users_permissions_spec.rb} |  0
 spec/controllers/wiki_controller_spec.rb      | 22 ++++++++++---------
 .../controllers/admin/plugins_controller.rb   |  2 ++
 .../controllers/admin/comments_controller.rb  |  1 +
 .../app/controllers/wiki_controller.rb        |  2 +-
 7 files changed, 32 insertions(+), 17 deletions(-)
 rename spec/controllers/admin/{user_permissions_spec.rb => users_permissions_spec.rb} (100%)

diff --git a/spec/controllers/admin/comments_controller_spec.rb b/spec/controllers/admin/comments_controller_spec.rb
index cc7f79223..8c2ae93a7 100644
--- a/spec/controllers/admin/comments_controller_spec.rb
+++ b/spec/controllers/admin/comments_controller_spec.rb
@@ -7,6 +7,7 @@
     scenario :blog_with_published_article, :blog_comments
     set_resource_paths :comment, '/admin/sites/1/'
     @controller.stub! :require_authentication
+    @controller.stub!(:has_permission?).and_return true
   end
   
   it "should be an Admin::BaseController" do
@@ -29,13 +30,15 @@
     act! { request_to :get, @collection_path }    
     it_assigns :comments
     it_renders_template :index
+    it_guards_permissions :show, :comment
   end
    
   # describe "GET to :show" do
   #   act! { request_to :get, @member_path }    
   #   it_assigns :comment
   #   it_renders_template :show
-  #   
+  #   it_guards_permissions :show, :comment
+  #
   #   it "fetches a comment from site.comments" do
   #     @site.comments.should_receive(:find).and_return @comment
   #     act!
@@ -46,7 +49,8 @@
   #   act! { request_to :get, @new_member_path }    
   #   it_assigns :comment
   #   it_renders_template :new
-  #   
+  #   it_guards_permissions :create, :comment
+  #
   #   it "instantiates a new comment from site.comments" do
   #     @site.comments.should_receive(:build).and_return @comment
   #     act!
@@ -56,7 +60,8 @@
   # describe "POST to :create" do
   #   act! { request_to :post, @collection_path }    
   #   it_assigns :comment
-  #   
+  #   it_guards_permissions :create, :comment
+  #
   #   it "instantiates a new comment from site.comments" do
   #     @site.comments.should_receive(:build).and_return @comment
   #     act!
@@ -78,6 +83,7 @@
     act! { request_to :get, @edit_member_path }    
     it_assigns :comment
     it_renders_template :edit
+    it_guards_permissions :update, :comment
     
     it "fetches a comment from site.comments" do
       @site.comments.should_receive(:find).and_return @comment
@@ -87,7 +93,8 @@
   
   describe "PUT to :update" do
     act! { request_to :put, @member_path, :return_to => '/redirect/here' }    
-    it_assigns :comment    
+    it_assigns :comment
+    it_guards_permissions :update, :comment
     
     it "fetches a comment from site.comments" do
       @site.comments.should_receive(:find).and_return @comment
@@ -114,6 +121,7 @@
   describe "DELETE to :destroy" do
     act! { request_to :delete, @member_path, :return_to => '/redirect/here' }    
     it_assigns :comment
+    it_guards_permissions :destroy, :comment
     
     it "fetches a comment from site.comments" do
       @site.comments.should_receive(:find).and_return @comment
diff --git a/spec/controllers/admin/plugins_controller_spec.rb b/spec/controllers/admin/plugins_controller_spec.rb
index cfa3c6604..d7e851501 100644
--- a/spec/controllers/admin/plugins_controller_spec.rb
+++ b/spec/controllers/admin/plugins_controller_spec.rb
@@ -31,14 +31,14 @@
   
   describe "GET to :index" do
     act! { request_to :get, @collection_path }    
-    # it_guards_permissions :show, :plugin
+    it_guards_permissions :show, :plugin
     it_assigns :plugins
     it_renders_template :index
   end
   
   describe "GET to :show" do
     act! { request_to :get, @member_path }    
-    # it_guards_permissions :show, :plugin
+    it_guards_permissions :show, :plugin
     it_assigns :plugin
     it_renders_template :show
   end
@@ -48,6 +48,7 @@
     it_assigns :plugin    
     it_redirects_to { @member_path }
     it_assigns_flash_cookie :notice => :not_nil
+    it_guards_permissions :update, :plugin
     
     it "updates the plugin's config options" do
       @plugin.should_receive(:options=).with 'name' => 'value'
@@ -65,6 +66,7 @@
     it_assigns :plugin
     it_redirects_to { @member_path }
     it_assigns_flash_cookie :notice => :not_nil
+    it_guards_permissions :destroy, :plugin
     
     it "resets the plugin's config options" do
       @plugin.should_receive(:options=).with({})
diff --git a/spec/controllers/admin/user_permissions_spec.rb b/spec/controllers/admin/users_permissions_spec.rb
similarity index 100%
rename from spec/controllers/admin/user_permissions_spec.rb
rename to spec/controllers/admin/users_permissions_spec.rb
diff --git a/spec/controllers/wiki_controller_spec.rb b/spec/controllers/wiki_controller_spec.rb
index b67e30b48..55e641243 100755
--- a/spec/controllers/wiki_controller_spec.rb
+++ b/spec/controllers/wiki_controller_spec.rb
@@ -66,22 +66,22 @@
   end
   
   describe "GET to #{wiki_pages_path}" do
-    act! { request_to :get, wiki_pages_path }    
-    # it_guards_permissions :show, :wikipage
+    act! { request_to :get, wiki_pages_path }
     it_assigns :wikipages
     it_renders_template :index
+    # it_guards_permissions :show, :wikipage   
   end  
   
   describe "GET to #{wiki_category_path}" do
-    act! { request_to :get, wiki_category_path } 
-    # it_guards_permissions :show, :wikipage   
+    act! { request_to :get, wiki_category_path }
     it_assigns :category
+    # it_guards_permissions :show, :wikipage   
   end  
   
   describe "GET to #{wiki_tag_path}" do
-    act! { request_to :get, wiki_tag_path }    
-    # it_guards_permissions :show, :wikipage   
+    act! { request_to :get, wiki_tag_path }
     it_assigns :tags
+    # it_guards_permissions :show, :wikipage   
   end  
   
   describe "GET to #{wiki_page_path}" do
@@ -114,9 +114,9 @@
     end
     
     describe "with an existing wikipage" do
-      # it_guards_permissions :show, :wikipage   
       it_assigns :wikipage
       it_renders_template :show
+      # it_guards_permissions :show, :wikipage   
     end
   end  
 
@@ -132,8 +132,8 @@
 
   describe "GET to #{wiki_page_diff_path}" do
     act! { request_to :get, wiki_page_diff_path }    
-    # it_guards_permissions :show, :wikipage   
     it_assigns :wikipage, :diff => 'the diff'
+    # it_guards_permissions :show, :wikipage   
     
     it "diffs the wikipage against the given version" do
       @wikipage.should_receive(:diff_against_version)
@@ -142,9 +142,9 @@
   end
 
   describe "GET to #{wiki_page_revision_diff_path}" do
-    act! { request_to :get, wiki_page_revision_diff_path }    
+    act! { request_to :get, wiki_page_revision_diff_path }   
+    it_assigns :wikipage, :diff => 'the diff' 
     # it_guards_permissions :show, :wikipage   
-    it_assigns :wikipage, :diff => 'the diff'
     
     it "reverts the wikipage to the given version" do
       @wikipage.should_receive(:revert_to).at_least :once
@@ -248,6 +248,7 @@
   #   describe "GET to #{path}" do
   #     act! { request_to :get, path }
   #     it_renders_template 'show', :format => :atom
+  #     it_guards_permissions :show, :wikipage
   #   end
   # end
   
@@ -256,6 +257,7 @@
       act! { request_to :get, path }
       it_renders_template 'comments/comments', :format => :atom        
       it_gets_page_cached
+      # it_guards_permissions :show, :wikipage
     end
   end
 end  
diff --git a/vendor/engines/adva_cms/app/controllers/admin/plugins_controller.rb b/vendor/engines/adva_cms/app/controllers/admin/plugins_controller.rb
index 8ff3593c6..d6602ed57 100644
--- a/vendor/engines/adva_cms/app/controllers/admin/plugins_controller.rb
+++ b/vendor/engines/adva_cms/app/controllers/admin/plugins_controller.rb
@@ -2,6 +2,8 @@ class Admin::PluginsController < Admin::BaseController
   before_filter :set_plugins, :only => :index
   before_filter :set_plugin, :only => [:show, :edit, :update, :destroy]
   
+  guards_permissions :plugin
+  
   def index    
   end
   
diff --git a/vendor/engines/adva_comments/app/controllers/admin/comments_controller.rb b/vendor/engines/adva_comments/app/controllers/admin/comments_controller.rb
index bee4f8867..4e019cdae 100644
--- a/vendor/engines/adva_comments/app/controllers/admin/comments_controller.rb
+++ b/vendor/engines/adva_comments/app/controllers/admin/comments_controller.rb
@@ -8,6 +8,7 @@ class Admin::CommentsController < Admin::BaseController
   after_filter :postback_spaminess, :only => [:update]
   
   cache_sweeper :comment_sweeper, :only => [:create, :update, :destroy]
+  guards_permissions :comment
   
   def show
     @reply = Comment.new :commentable_type => @comment.commentable_type,
diff --git a/vendor/engines/adva_wiki/app/controllers/wiki_controller.rb b/vendor/engines/adva_wiki/app/controllers/wiki_controller.rb
index c68892586..802537694 100644
--- a/vendor/engines/adva_wiki/app/controllers/wiki_controller.rb
+++ b/vendor/engines/adva_wiki/app/controllers/wiki_controller.rb
@@ -8,11 +8,11 @@ class WikiController < BaseController
   before_filter :optimistic_lock, :only => [:update]
 
   authenticates_anonymous_user
-  guards_permissions :wikipage, :except => [:index, :show, :diff]
   acts_as_commentable
   
   caches_page_with_references :index, :show, :track => ['@wikipage', '@wikipages', '@category', {'@site' => :tag_counts, '@section' => :tag_counts}]
   cache_sweeper :wikipage_sweeper, :category_sweeper, :tag_sweeper, :only => [:create, :update, :rollback, :destroy]
+  guards_permissions :wikipage, :except => [:index, :show, :diff]
   
   helper_method :collection_title