lino.jorzick/greenlight
1
0
Fork 0
forked from External/greenlight
Code Issues Pull Requests Projects Releases Wiki Activity
greenlight/spec/controllers/admins_controller_spec.rb
Ahmad Farhat 51824ad84b
Merge v2.6-alpha (#1672) 
* GRN2-xx: Switch the relation between users and roles to make queries cleaner and faster (#1299)

* First steps

* Fixes in account creation flow

* Fixed most testcases

* more test fixes

* Fixed more test cases

* Passing tests and rubocop

* Added rake task to remove rooms

* Adding translation (#1510)

* Update _account.html.erb

* Update en.yml

* Fix "for" attribute for label elements (#1488)

Co-authored-by: Ahmad Farhat <ahmad.af.farhat@gmail.com>

* Fix some issues reported by LGTM (#1478)

* Declare local JavaScript variables (reported by LGTM)

Signed-off-by: Stefan Weil <sw@weilnetz.de>

* Remove unused local JavaScript variable (reported by LGTM)

Signed-off-by: Stefan Weil <sw@weilnetz.de>

* Puma Worker Configuration (#1332)

We noticed that the current default settings perform very poorly under
load. We managed to literally take down Greenlight during a larger event
when people where accessing the landing page for rooms and when doing
some tests, I was more or less able to DoS Greenlight on my own.

This patch adds a default worker configuration which significantly
improves the situation. The small, 4 core machine I was testing on could
handle about thrice the amount of requests.

While the new default configuration should be reasonably well suited for
most deployments, this patch further allows users to easily configure
the worker pool on their own in the environment file.

* Made name and email readonly for no greenlight accounts (#1534)

* Fixed hardcoded string (#1532)

* fixed spelling error that was bugging me :) - sep a rat e (#1535)

Co-authored-by: Dave Lane <dave@oerfoundation.org>

* Improve Server Rooms View (#1524)

* Order rooms by status

* Cleaned up order function

* Now displays Started/Created/Ended

* Added participant count to rooms list

* Fix rake task user:create so that users can be created when terms are present (#1565)

* Changed user create task to always accept terms

* clean up

* More secure room ID (#1451)

* Legal and privpolicy link (#1421)

* add customizable Links to Imprint and Privacy Policy

* fix copy&paste error in spec

* replace "imprint" with "legal" since that is the correct term

* remove german translation of new strings, transifex will take care of them later

* GRN2-295:Refactored update profile and update password (#1591)

* Refactored update profile and update password

* Relowered rubocop settings

* Fixed email sending when not supposed to (#1592)

* Design changes for small screens  (#1580)

* now rap for pagination

* Update _subtitle.html.erb

* Update _rooms.html.erb

* Update _recordings.html.erb

* Update _rooms.html.erb

* Update _users.html.erb

* Update cant_create_rooms.html.erb

* Update room.js

* Update edit.html.erb

* Update new.html.erb

* Update cant_create_rooms.html.erb

* Update _sessions.html.erb

* Update _account.html.erb

* Make Greenlight work with Ruby 2.7 (#1560)

Greenlight's failure to start up with Ruby 2.7 seems to be caused by [an
issue in bootsnap](https://github.com/Shopify/bootsnap/issues/258).
Updating that library makes Greenlight work again.

However, there are still a lot of deprecation warnings. But that's
something to deal with separately.

This fixes #1558

* use email input for sign in (#1199)

* use email input for sign in

* use email input for registration

* use email input for invitation

* use email input for account settings

Co-authored-by: Ahmad Farhat <ahmad.af.farhat@gmail.com>

* Fix Gemfile (#1593)

* Fixed invalid token for password reset (#1632)

* HELP_URL env variable now works as expected (#1636)

* #1372 Fix for long Text in Table + Remove invalid HTML Tag (#1403)

* removed invalid HTML Tag

* removed invalid HTML Tag

* Update _public_recording_row.html.erb

* Update _recording_row.html.erb

* Update _server_recording_row.html.erb

form-inline replaced by own css

* Update _server_room_row.html.erb

* Update _public_recording_row.html.erb

* Update _recording_row.html.erb

* Update _public_recording_row.html.erb

* Update _recordings.html.erb

* Update _rooms.html.erb

* Update main.scss

fix for long text

* Update main.scss

* Update _public_recording_row.html.erb

* Added more validation on profile image (#1644)

* Users who can't create rooms but have shared rooms now have a different view (#1649)

* Revert "Puma Worker Configuration (#1332)" (#1667)

This reverts commit 78ed8d74601b613af3fd96ccf75a6bada24deddd.

* Removed html safe from all flash messages (#1668)

* Remove hardcoded guest=true if require mod approval is set (#1669)

* Change random generation for room uid (#1670)

* GRN2-290: Update gems and update to Rails 5.2.4.3 (#1671)

* Update gems and update to Rails 5.2.4.3

* remove gemfile error

Co-authored-by: MrKeksi <mrkeksi@users.noreply.github.com>
Co-authored-by: Florian Weber <fnwbr@users.noreply.github.com>
Co-authored-by: Stefan Weil <sw@weilnetz.de>
Co-authored-by: Lars Kiesow <lkiesow@uos.de>
Co-authored-by: Dave Lane <dave@lane.net.nz>
Co-authored-by: Dave Lane <dave@oerfoundation.org>
Co-authored-by: Henning <hng@users.noreply.github.com>
Co-authored-by: Marcel Waldvogel <marcel@waldvogel.family>
Co-authored-by: Christian Marg <marg@rz.tu-clausthal.de>
Co-authored-by: Klaus <klaus@jsxc.org>
2020-05-26 17:37:23 -04:00

818 lines
29 KiB
Ruby
Raw Blame History

# frozen_string_literal: true
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
require "rails_helper"
describe AdminsController, type: :controller do
before do
allow_any_instance_of(ApplicationController).to receive(:set_user_domain).and_return("provider1")
controller.instance_variable_set(:@user_domain, "provider1")
@user = create(:user, provider: "provider1")
@admin = create(:user, provider: "provider1")
@admin.set_role :admin
end
describe "User Roles" do
before do
allow(Rails.configuration).to receive(:enable_email_verification).and_return(true)
end
context "GET #index" do
it "renders a 404 if a user tries to acccess it" do
@request.session[:user_id] = @user.id
get :index
expect(response).to render_template(:greenlight_error)
end
it "renders the admin settings if an admin tries to acccess it" do
@request.session[:user_id] = @admin.id
get :index
expect(response).to render_template(:index)
end
end
context "GET #edit_user" do
it "renders the index page" do
@request.session[:user_id] = @admin.id
get :edit_user, params: { user_uid: @user.uid }
expect(response).to render_template(:edit_user)
end
end
context "POST #ban" do
it "bans a user from the application" do
@request.session[:user_id] = @admin.id
expect(@user.has_role?(:denied)).to eq(false)
post :ban_user, params: { user_uid: @user.uid }
@user.reload
expect(@user.has_role?(:denied)).to eq(true)
expect(flash[:success]).to be_present
expect(response).to redirect_to(admins_path)
end
end
context "POST #unban" do
it "unbans the user from the application" do
@request.session[:user_id] = @admin.id
@user.set_role :denied
expect(@user.has_role?(:denied)).to eq(true)
post :unban_user, params: { user_uid: @user.uid }
@user.reload
expect(@user.has_role?(:denied)).to eq(false)
expect(flash[:success]).to be_present
expect(response).to redirect_to(admins_path)
end
end
context "POST #invite" do
before do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow_any_instance_of(ApplicationController).to receive(:allow_greenlight_accounts?).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
end
it "invites a user" do
@request.session[:user_id] = @admin.id
email = Faker::Internet.email
post :invite, params: { invite_user: { email: email } }
invite = Invitation.find_by(email: email, provider: "provider1")
expect(invite.present?).to eq(true)
expect(flash[:success]).to be_present
expect(response).to redirect_to(admins_path)
end
it "sends an invitation email" do
@request.session[:user_id] = @admin.id
email = Faker::Internet.email
params = { invite_user: { email: email } }
expect { post :invite, params: params }.to change { ActionMailer::Base.deliveries.count }.by(1)
end
it "invites multiple users" do
@request.session[:user_id] = @admin.id
email = "#{Faker::Internet.email},#{Faker::Internet.email},#{Faker::Internet.email},#{Faker::Internet.email}"
post :invite, params: { invite_user: { email: email } }
invite = Invitation.find_by(email: email.split(",")[0], provider: "provider1")
expect(invite.present?).to eq(true)
invite1 = Invitation.find_by(email: email.split(",")[1], provider: "provider1")
expect(invite1.present?).to eq(true)
invite2 = Invitation.find_by(email: email.split(",")[2], provider: "provider1")
expect(invite2.present?).to eq(true)
invite3 = Invitation.find_by(email: email.split(",")[3], provider: "provider1")
expect(invite3.present?).to eq(true)
expect(flash[:success]).to be_present
expect(response).to redirect_to(admins_path)
end
it "sends multiple invitation emails" do
@request.session[:user_id] = @admin.id
email = "#{Faker::Internet.email},#{Faker::Internet.email},#{Faker::Internet.email},#{Faker::Internet.email}"
params = { invite_user: { email: email } }
expect { post :invite, params: params }.to change { ActionMailer::Base.deliveries.count }.by(4)
end
end
context "POST #approve" do
it "approves a pending user" do
@request.session[:user_id] = @admin.id
@user.set_role :pending
post :approve, params: { user_uid: @user.uid }
@user.reload
expect(@user.has_role?(:pending)).to eq(false)
expect(flash[:success]).to be_present
expect(response).to redirect_to(admins_path)
end
it "sends the user an email telling them theyre approved" do
@request.session[:user_id] = @admin.id
@user.set_role :pending
params = { user_uid: @user.uid }
expect { post :approve, params: params }.to change { ActionMailer::Base.deliveries.count }.by(1)
end
end
context "POST #undelete" do
it "undeletes a user" do
@request.session[:user_id] = @admin.id
@user.delete
expect(User.find_by(uid: @user.uid)).to be_nil
post :undelete, params: { user_uid: @user.uid }
expect(User.find_by(uid: @user.uid)).to be_present
expect(flash[:success]).to be_present
expect(response).to redirect_to(admins_path)
end
it "undeletes the users rooms" do
@request.session[:user_id] = @admin.id
@user.main_room.delete
@user.delete
expect(Room.find_by(uid: @user.main_room.uid)).to be_nil
post :undelete, params: { user_uid: @user.uid }
expect(Room.find_by(uid: @user.main_room.uid)).to be_present
expect(flash[:success]).to be_present
expect(response).to redirect_to(admins_path)
end
end
context "POST #merge_user" do
it "merges the users room to the primary account and deletes the old user" do
@request.session[:user_id] = @admin.id
@user2 = create(:user)
room1 = create(:room, owner: @user2)
room2 = create(:room, owner: @user2)
room3 = @user2.main_room
post :merge_user, params: { user_uid: @user.uid, merge: @user2.uid }
room1.reload
room2.reload
room3.reload
expect(User.exists?(uid: @user2.uid)).to be false
expect(room1.name).to start_with("(Merged)")
expect(room2.name).to start_with("(Merged)")
expect(room3.name).to start_with("(Merged)")
expect(room1.owner).to eq(@user)
expect(room2.owner).to eq(@user)
expect(room3.owner).to eq(@user)
expect(flash[:success]).to be_present
expect(response).to redirect_to(admins_path)
end
it "does not merge if trying to merge the same user into themself" do
@request.session[:user_id] = @admin.id
post :merge_user, params: { user_uid: @user.uid, merge: @user.uid }
expect(flash[:alert]).to be_present
expect(response).to redirect_to(admins_path)
end
end
context "POST permissions" do
it "allows a user with the correct permission to manage users" do
Role.create_new_role("test", "greenlight").update_all_role_permissions(can_manage_users: true)
@user2 = create(:user)
@user2.set_role(:test)
# Random manage user action test
@request.session[:user_id] = @user2.id
expect(@user.has_role?(:denied)).to eq(false)
post :ban_user, params: { user_uid: @user.uid }
@user.reload
expect(@user.has_role?(:denied)).to eq(true)
expect(flash[:success]).to be_present
expect(response).to redirect_to(admins_path)
end
it "doesn't allow a user with the incorrect permission to manage users" do
Role.create_new_role("test", "greenlight").update_all_role_permissions(can_manage_users: false)
@user2 = create(:user)
@user2.set_role(:test)
# Random manage user action test
@request.session[:user_id] = @user2.id
expect(@user.has_role?(:denied)).to eq(false)
post :ban_user, params: { user_uid: @user.uid }
expect(response).to render_template "errors/greenlight_error"
end
end
end
describe "User Design" do
context "POST #branding" do
it "changes the branding image on the page" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
@request.session[:user_id] = @admin.id
fake_image_url = "example.com"
post :update_settings, params: { setting: "Branding Image", value: fake_image_url }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Branding Image")
expect(feature[:value]).to eq(fake_image_url)
expect(response).to redirect_to(admin_site_settings_path)
end
end
context "POST #legal" do
it "changes the legal link on the page" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
@request.session[:user_id] = @admin.id
fake_url = "example.com"
post :update_settings, params: { setting: "Legal URL", value: fake_url }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Legal URL")
expect(feature[:value]).to eq(fake_url)
expect(response).to redirect_to(admin_site_settings_path)
end
end
context "POST #privpolicy" do
it "changes the privacy policy on the page" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
@request.session[:user_id] = @admin.id
fake_url = "example.com"
post :update_settings, params: { setting: "Privacy Policy URL", value: fake_url }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Privacy Policy URL")
expect(feature[:value]).to eq(fake_url)
expect(response).to redirect_to(admin_site_settings_path)
end
end
context "POST #coloring" do
it "changes the primary on the page" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
@request.session[:user_id] = @admin.id
primary_color = Faker::Color.hex_color
post :coloring, params: { value: primary_color }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Primary Color")
expect(feature[:value]).to eq(primary_color)
expect(response).to redirect_to(admin_site_settings_path)
end
it "changes the primary-lighten on the page" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
@request.session[:user_id] = @admin.id
primary_color = Faker::Color.hex_color
post :update_settings, params: { setting: "Primary Color Lighten", value: primary_color }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Primary Color Lighten")
expect(feature[:value]).to eq(primary_color)
expect(response).to redirect_to(admin_site_settings_path)
end
it "changes the primary-darken on the page" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
@request.session[:user_id] = @admin.id
primary_color = Faker::Color.hex_color
post :update_settings, params: { setting: "Primary Color Darken", value: primary_color }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Primary Color Darken")
expect(feature[:value]).to eq(primary_color)
expect(response).to redirect_to(admin_site_settings_path)
end
end
end
describe "Site Settings" do
context "POST #registration_method" do
it "changes the registration method for the given context" do
allow(Rails.configuration).to receive(:enable_email_verification).and_return(true)
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
@request.session[:user_id] = @admin.id
post :registration_method, params: { value: "invite" }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Registration Method")
expect(feature[:value]).to eq(Rails.configuration.registration_methods[:invite])
expect(flash[:success]).to be_present
expect(response).to redirect_to(admin_site_settings_path)
end
it "does not allow the user to change to invite if emails are off" do
allow(Rails.configuration).to receive(:enable_email_verification).and_return(false)
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
@request.session[:user_id] = @admin.id
post :registration_method, params: { value: "invite" }
expect(flash[:alert]).to be_present
expect(response).to redirect_to(admin_site_settings_path)
end
end
context "POST #room_authentication" do
it "changes the room authentication required setting" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
@request.session[:user_id] = @admin.id
post :update_settings, params: { setting: "Room Authentication", value: "true" }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Room Authentication")
expect(feature[:value]).to eq("true")
expect(response).to redirect_to(admin_site_settings_path)
end
end
context "POST #room_limit" do
it "changes the room limit setting" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
@request.session[:user_id] = @admin.id
post :update_settings, params: { setting: "Room Limit", value: 5 }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Room Limit")
expect(feature[:value]).to eq("5")
expect(response).to redirect_to(admin_site_settings_path)
end
end
context "POST #default_recording_visibility" do
it "changes the default recording visibility setting" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
@request.session[:user_id] = @admin.id
post :update_settings, params: { setting: "Default Recording Visibility", value: "public" }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Default Recording Visibility")
expect(feature[:value]).to eq("public")
expect(response).to redirect_to(admin_site_settings_path)
end
end
context "POST #shared_access" do
it "changes the shared access setting" do
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
@request.session[:user_id] = @admin.id
post :update_settings, params: { setting: "Shared Access", value: "false" }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Shared Access")
expect(feature[:value]).to eq("false")
expect(response).to redirect_to(admin_site_settings_path)
end
end
context "POST #clear_auth" do
it "clears all users social uids if clear auth button is clicked" do
allow_any_instance_of(ApplicationController).to receive(:set_user_domain).and_return("provider1")
controller.instance_variable_set(:@user_domain, "provider1")
@request.session[:user_id] = @admin.id
@admin.set_role :super_admin
@admin.update_attribute(:provider, "greenlight")
@user2 = create(:user, provider: "provider1")
@user3 = create(:user, provider: "provider1")
@user.update_attribute(:social_uid, Faker::Internet.password)
@user2.update_attribute(:social_uid, Faker::Internet.password)
@user3.update_attribute(:social_uid, Faker::Internet.password)
expect(@user.social_uid).not_to be(nil)
expect(@user2.social_uid).not_to be(nil)
expect(@user3.social_uid).not_to be(nil)
post :clear_auth
@user.reload
@user2.reload
@user3.reload
expect(@user.social_uid).to be(nil)
expect(@user2.social_uid).to be(nil)
expect(@user3.social_uid).to be(nil)
end
end
context "POST #log_level" do
it "changes the log level" do
@request.session[:user_id] = @admin.id
@admin.set_role :super_admin
expect(Rails.logger.level).to eq(0)
post :log_level, params: { value: 2 }
expect(Rails.logger.level).to eq(2)
end
end
context "POST permissions" do
it "allows a user with the correct permission to edit site settings" do
Role.create_new_role("test", "greenlight").update_all_role_permissions(can_edit_site_settings: true)
@user2 = create(:user)
@user2.set_role(:test)
# Random edit site settings action test
@request.session[:user_id] = @user2.id
post :update_settings, params: { setting: "Shared Access", value: "false" }
feature = Setting.find_by(provider: "provider1").features.find_by(name: "Shared Access")
expect(feature[:value]).to eq("false")
expect(response).to redirect_to(admin_site_settings_path)
end
it "doesn't allow a user with the incorrect permission to edit site settings" do
Role.create_new_role("test", "greenlight").update_all_role_permissions(can_manage_users: true)
@user2 = create(:user)
@user2.set_role(:test)
# Random edit site settings action test
@request.session[:user_id] = @user2.id
post :update_settings, params: { setting: "Shared Access", value: "false" }
expect(response).to render_template "errors/greenlight_error"
end
end
end
describe "Roles" do
context "GET #roles" do
it "should render the roles editor with the user role selected" do
@request.session[:user_id] = @admin.id
get :roles
expect(response).to render_template :roles
expect(assigns(:roles).count).to eq(2)
expect(assigns(:selected_role).name).to eq("user")
end
it "should render the roles editor with the request role selected" do
Role.create_default_roles("provider1")
new_role = Role.create(name: "test", provider: "provider1")
@request.session[:user_id] = @admin.id
get :roles, params: { selected_role: new_role.id }
expect(response).to render_template :roles
expect(assigns(:roles).count).to eq(3)
expect(assigns(:selected_role).name).to eq(new_role.name)
end
end
context "POST #new_role" do
before do
Role.create_default_roles("provider1")
end
it "should fail with duplicate role name" do
@request.session[:user_id] = @admin.id
post :new_role, params: { role: { name: "admin" } }
expect(response).to redirect_to admin_roles_path
expect(flash[:alert]).to eq(I18n.t("administrator.roles.invalid_create"))
end
it "should fail with empty role name" do
@request.session[:user_id] = @admin.id
post :new_role, params: { role: { name: " " } }
expect(response).to redirect_to admin_roles_path
expect(flash[:alert]).to eq(I18n.t("administrator.roles.invalid_create"))
end
it "should create new role and increase user role priority" do
@request.session[:user_id] = @admin.id
post :new_role, params: { role: { name: "test" } }
new_role = Role.find_by(name: "test", provider: "provider1")
user_role = Role.find_by(name: "user", provider: "provider1")
expect(new_role.priority).to eq(1)
expect(user_role.priority).to eq(2)
expect(response).to redirect_to admin_roles_path(selected_role: new_role.id)
end
end
context "PATCH #change_role_order" do
before do
Role.create_default_roles("provider1")
@user.roles.delete(Role.find_by(name: "user", provider: "greenlight"))
end
it "should fail if user attempts to change the order of the admin or user roles" do
@request.session[:user_id] = @admin.id
user_role = Role.find_by(name: "user", provider: "provider1")
admin_role = Role.find_by(name: "admin", provider: "provider1")
patch :change_role_order, params: { role: [user_role.id, admin_role.id] }
expect(flash[:alert]).to eq(I18n.t("administrator.roles.invalid_order"))
expect(response).to redirect_to admin_roles_path
end
it "should fail if a user attempts to edit a role with a higher priority than their own" do
new_role3 = Role.create_new_role("test3", "provider1")
new_role2 = Role.create_new_role("test2", "provider1")
new_role2.update_permission("can_edit_roles", "true")
@user.role = new_role2
@user.save!
@request.session[:user_id] = @user.id
patch :change_role_order, params: { role: [new_role3.id, new_role2.id] }
expect(flash[:alert]).to eq(I18n.t("administrator.roles.invalid_order"))
expect(response).to redirect_to admin_roles_path
end
it "should update the role order" do
user_role = Role.find_by(name: "user", provider: "provider1")
user_role.update_attribute(:priority, 4)
new_role1 = Role.create(name: "test1", priority: 1, provider: "provider1")
new_role2 = Role.create(name: "test2", priority: 2, provider: "provider1")
new_role3 = Role.create(name: "test3", priority: 3, provider: "provider1")
@request.session[:user_id] = @admin.id
patch :change_role_order, params: { role: [new_role3.id, new_role2.id, new_role1.id] }
new_role1.reload
new_role2.reload
new_role3.reload
user_role.reload
expect(new_role3.priority).to eq(1)
expect(new_role2.priority).to eq(2)
expect(new_role1.priority).to eq(3)
expect(user_role.priority).to eq(4)
end
end
context 'POST #update_role' do
before do
Role.create_default_roles("provider1")
@user.roles.delete(Role.find_by(name: "user", provider: "greenlight"))
end
it "should fail to update a role with a lower priority than the user" do
user_role = Role.find_by(name: "user", provider: "provider1")
user_role.update_attribute(:priority, 3)
new_role1 = Role.create(name: "test1", priority: 1, provider: "provider1")
new_role2 = Role.create(name: "test2", priority: 2, provider: "provider1")
new_role2.update_permission("can_edit_roles", "true")
@user.role = new_role2
@user.save!
@request.session[:user_id] = @user.id
patch :update_role, params: { role_id: new_role1.id }
expect(flash[:alert]).to eq(I18n.t("administrator.roles.invalid_update"))
expect(response).to redirect_to admin_roles_path(selected_role: new_role1.id)
end
it "should fail to update if there is a duplicate name" do
new_role = Role.create(name: "test2", priority: 2, provider: "provider1")
new_role.update_permission("can_edit_roles", "true")
@request.session[:user_id] = @admin.id
patch :update_role, params: { role_id: new_role.id, role: { name: "admin" } }
expect(flash[:alert]).to eq(I18n.t("administrator.roles.invalid_update"))
expect(response).to redirect_to admin_roles_path(selected_role: new_role.id)
end
it "should update role permisions" do
new_role = Role.create(name: "test2", priority: 2, provider: "provider1")
new_role.update_permission("can_edit_roles", "true")
@request.session[:user_id] = @admin.id
patch :update_role, params: { role_id: new_role.id, role: { name: "test", can_edit_roles: false,
colour: "#45434", can_manage_users: true } }
new_role.reload
expect(new_role.name).to eq("test")
expect(new_role.get_permission("can_edit_roles")).to eq(false)
expect(new_role.colour).to eq("#45434")
expect(new_role.get_permission("can_manage_users")).to eq(true)
expect(new_role.get_permission("send_promoted_email")).to eq(false)
expect(response).to redirect_to admin_roles_path(selected_role: new_role.id)
end
end
context "DELETE delete_role" do
before do
Role.create_default_roles("provider1")
end
it "should fail to delete the role if it has users assigned to it" do
admin_role = Role.find_by(name: "admin", provider: "greenlight")
@request.session[:user_id] = @admin.id
delete :delete_role, params: { role_id: admin_role.id }
expect(flash[:alert]).to eq(I18n.t("administrator.roles.role_has_users", user_count: 1))
expect(response).to redirect_to admin_roles_path(selected_role: admin_role.id)
end
it "should fail to delete the role if it is a default role" do
pending_role = Role.find_by(name: "pending", provider: "provider1")
@request.session[:user_id] = @admin.id
delete :delete_role, params: { role_id: pending_role.id }
expect(response).to redirect_to admin_roles_path(selected_role: pending_role.id)
end
it "should successfully delete the role" do
new_role = Role.create(name: "test2", priority: 2, provider: "provider1")
new_role.update_permission("can_edit_roles", "true")
@request.session[:user_id] = @admin.id
delete :delete_role, params: { role_id: new_role.id }
expect(Role.where(name: "test2", provider: "provider1").count).to eq(0)
expect(response).to redirect_to admin_roles_path
end
end
context "POST permissions" do
it "allows a user with the correct permission to edit roles" do
Role.create_new_role("test", "greenlight").update_all_role_permissions(can_edit_roles: true)
@user2 = create(:user)
@user2.set_role(:test)
# Random edit roles action test
new_role = Role.create(name: "test2", priority: 2, provider: "provider1")
new_role.update_permission("can_edit_roles", "true")
@request.session[:user_id] = @user2.id
patch :update_role, params: { role_id: new_role.id, role: { name: "test3", can_edit_roles: false,
colour: "#45434", can_manage_users: true } }
new_role.reload
expect(new_role.name).to eq("test3")
expect(response).to redirect_to admin_roles_path(selected_role: new_role.id)
end
it "doesn't allow a user with the incorrect permission to edit roles" do
Role.create_new_role("test", "greenlight").update_all_role_permissions(can_manage_users: false)
@user2 = create(:user)
@user2.set_role(:test)
# Random edit roles action test
new_role = Role.create(name: "test2", priority: 2, provider: "provider1")
new_role.update_permission("can_edit_roles", "true")
@request.session[:user_id] = @user2.id
patch :update_role, params: { role_id: new_role.id, role: { name: "test3", can_edit_roles: false,
colour: "#45434", can_manage_users: true } }
expect(response).to render_template "errors/greenlight_error"
end
end
end
end
Reference in New Issue View Git Blame Copy Permalink