raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-01-24 20:36:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
93de2e4b024dced264f77ec559e7d46494defe0a
openfoodnetwork/spec/controllers/api/order_cycles_controller_spec.rb
Rob Harrington 3b7700131c Specify controller specs as such
2016-01-15 09:07:47 +11:00

216 lines
7.1 KiB
Ruby
Raw Blame History

require 'spec_helper'
require 'spree/api/testing_support/helpers'
module Api
describe OrderCyclesController, :type => :controller do
include Spree::Api::TestingSupport::Helpers
include AuthenticationWorkflow
render_views
describe "managed" do
let!(:oc1) { FactoryGirl.create(:simple_order_cycle) }
let!(:oc2) { FactoryGirl.create(:simple_order_cycle) }
let(:coordinator) { oc1.coordinator }
let(:attributes) { [:id, :name, :suppliers, :distributors] }
before do
stub_authentication!
Spree.user_class.stub :find_by_spree_api_key => current_api_user
end
context "as a normal user" do
sign_in_as_user!
it "should deny me access to managed order cycles" do
spree_get :managed, { :format => :json }
assert_unauthorized!
end
end
context "as an enterprise user" do
sign_in_as_enterprise_user! [:coordinator]
it "retrieves a list of variants with appropriate attributes" do
get :managed, { :format => :json }
keys = json_response.first.keys.map{ |key| key.to_sym }
attributes.all?{ |attr| keys.include? attr }.should == true
end
end
context "as an administrator" do
sign_in_as_admin!
it "retrieves a list of variants with appropriate attributes" do
get :managed, { :format => :json }
keys = json_response.first.keys.map{ |key| key.to_sym }
attributes.all?{ |attr| keys.include? attr }.should == true
end
end
end
describe "accessible" do
context "without :as parameter" do
let(:oc_supplier) { create(:supplier_enterprise) }
let(:oc_distributor) { create(:distributor_enterprise) }
let(:other_supplier) { create(:supplier_enterprise) }
let(:oc_supplier_user) do
user = create(:user)
user.spree_roles = []
user.enterprise_roles.create(enterprise: oc_supplier)
user.save!
user
end
let(:oc_distributor_user) do
user = create(:user)
user.spree_roles = []
user.enterprise_roles.create(enterprise: oc_distributor)
user.save!
user
end
let(:other_supplier_user) do
user = create(:user)
user.spree_roles = []
user.enterprise_roles.create(enterprise: other_supplier)
user.save!
user
end
let!(:order_cycle) { create(:simple_order_cycle, suppliers: [oc_supplier], distributors: [oc_distributor]) }
context "as the user of a supplier to an order cycle" do
before :each do
stub_authentication!
Spree.user_class.stub :find_by_spree_api_key => oc_supplier_user
spree_get :accessible, { :template => 'bulk_index', :format => :json }
end
it "gives me access" do
json_response.length.should == 1
json_response[0]['id'].should == order_cycle.id
end
end
context "as the user of some other supplier" do
before :each do
stub_authentication!
Spree.user_class.stub :find_by_spree_api_key => other_supplier_user
spree_get :accessible, { :template => 'bulk_index', :format => :json }
end
it "does not give me access" do
json_response.length.should == 0
end
end
context "as the user of a hub for the order cycle" do
before :each do
stub_authentication!
Spree.user_class.stub :find_by_spree_api_key => oc_distributor_user
spree_get :accessible, { :template => 'bulk_index', :format => :json }
end
it "gives me access" do
json_response.length.should == 1
json_response[0]['id'].should == order_cycle.id
end
end
end
context "when the :as parameter is set to 'distributor'" do
let(:user) { create_enterprise_user }
let(:distributor) { create(:distributor_enterprise) }
let(:producer) { create(:supplier_enterprise) }
let(:coordinator) { create(:distributor_enterprise) }
let!(:oc) { create(:simple_order_cycle, coordinator: coordinator, distributors: [distributor], suppliers: [producer]) }
let(:params) { { format: :json, as: 'distributor' } }
before do
stub_authentication!
Spree.user_class.stub :find_by_spree_api_key => user
end
context "as the manager of a supplier in an order cycle" do
before do
user.enterprise_roles.create(enterprise: producer)
spree_get :accessible, params
end
it "does not return the order cycle" do
expect(assigns(:order_cycles)).to_not include oc
end
end
context "as the manager of a distributor in an order cycle" do
before do
user.enterprise_roles.create(enterprise: distributor)
spree_get :accessible, params
end
it "returns the order cycle" do
expect(assigns(:order_cycles)).to include oc
end
end
context "as the manager of the coordinator of an order cycle" do
before do
user.enterprise_roles.create(enterprise: coordinator)
spree_get :accessible, params
end
it "returns the order cycle" do
expect(assigns(:order_cycles)).to include oc
end
end
end
context "when the :as parameter is set to 'producer'" do
let(:user) { create_enterprise_user }
let(:distributor) { create(:distributor_enterprise) }
let(:producer) { create(:supplier_enterprise) }
let(:coordinator) { create(:distributor_enterprise) }
let!(:oc) { create(:simple_order_cycle, coordinator: coordinator, distributors: [distributor], suppliers: [producer]) }
let(:params) { { format: :json, as: 'producer' } }
before do
stub_authentication!
Spree.user_class.stub :find_by_spree_api_key => user
end
context "as the manager of a producer in an order cycle" do
before do
user.enterprise_roles.create(enterprise: producer)
spree_get :accessible, params
end
it "returns the order cycle" do
expect(assigns(:order_cycles)).to include oc
end
end
context "as the manager of a distributor in an order cycle" do
before do
user.enterprise_roles.create(enterprise: distributor)
spree_get :accessible, params
end
it "does not return the order cycle" do
expect(assigns(:order_cycles)).to_not include oc
end
end
context "as the manager of the coordinator of an order cycle" do
before do
user.enterprise_roles.create(enterprise: coordinator)
spree_get :accessible, params
end
it "returns the order cycle" do
expect(assigns(:order_cycles)).to include oc
end
end
end
end
end
end
Reference in New Issue View Git Blame Copy Permalink