Andreas/tracks
1
0
Fork 0
mirror of https://github.com/TracksApp/tracks.git synced 2025-09-22 05:50:47 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

update routing and test for authorized access to all tracks pages

Browse source
This commit is contained in:
Reinier Balt 2010-07-30 21:06:12 +02:00
parent 65ecb7b019
commit 29e007f9c6
7 changed files with 102 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

2
app/views/layouts/standard.html.erb
View file

@ -77,7 +77,7 @@
<li><a href="#">?</a>
<ul>
<li><%= link_to 'Integrate Tracks', integrations_path %></li>
<li><%= link_to 'REST API Docs', url_for(:controller => 'integrations', :action => 'rest_api') %></li>
<li><%= link_to 'REST API Docs', rest_api_docs_path %></li>
</ul>
</li>
<li><%= navigation_link(image_tag("system-search.png", :size => "16X16", :border => 0), {:controller => "search", :action => "index"}, :title => "Search All Items" ) %></li>

63
config/routes.rb
View file

@ -1,16 +1,8 @@
ActionController::Routing::Routes.draw do |map|
map.with_options :controller => 'login' do |login|
login.login 'login', :action => 'login'
login.login_cas 'login_cas', :action => 'login_cas'
login.formatted_login 'login.:format', :action => 'login'
login.logout 'logout', :action => 'logout'
login.formatted_logout 'logout.:format', :action => 'logout'
end
map.resources :users,
:member => {:change_password => :get, :update_password => :post,
:change_auth_type => :get, :update_auth_type => :post, :complete => :get,
:refresh_token => :post }
:member => {:change_password => :get, :update_password => :post,
:change_auth_type => :get, :update_auth_type => :post, :complete => :get,
:refresh_token => :post }
map.with_options :controller => "users" do |users|
users.signup 'signup', :action => "new"
end
@ -27,9 +19,11 @@ ActionController::Routing::Routes.draw do |map|
projects.resources :todos, :name_prefix => "project_"
end
map.resources :notes
map.resources :todos,
:member => {:toggle_check => :put, :toggle_star => :put},
:collection => {:check_deferred => :post, :filter_to_context => :post, :filter_to_project => :post}
:member => {:toggle_check => :put, :toggle_star => :put},
:collection => {:check_deferred => :post, :filter_to_context => :post, :filter_to_project => :post}
map.with_options :controller => "todos" do |todos|
todos.home '', :action => "index"
todos.tickler 'tickler', :action => "list_deferred"
@ -56,25 +50,40 @@ ActionController::Routing::Routes.draw do |map|
todos.mobile_abbrev_new 'm/new', :action => "new", :format => 'm'
end
map.root :controller => 'todos' # Make OpenID happy because it needs #root_url defined
map.resources :notes
map.feeds 'feeds.m', :controller => 'feedlist', :action => 'index', :format => 'm'
map.feeds 'feeds', :controller => 'feedlist', :action => 'index'
if Rails.env == 'test'
map.connect '/selenium_helper/login', :controller => 'selenium_helper', :action => 'login'
end
map.preferences 'preferences', :controller => 'preferences', :action => 'index'
map.integrations 'integrations', :controller => 'integrations', :action => 'index'
map.search_plugin '/integrations/search_plugin.xml', :controller => 'integrations', :action => 'search_plugin', :format => 'xml'
map.google_gadget '/integrations/google_gadget.xml', :controller => 'integrations', :action => 'google_gadget', :format => 'xml'
map.stats 'stats', :controller => 'stats', :action => 'index'
map.resources :recurring_todos,
:member => {:toggle_check => :put, :toggle_star => :put}
map.recurring_todos 'recurring_todos', :controller => 'recurring_todos', :action => 'index'
map.with_options :controller => 'login' do |login|
login.login 'login', :action => 'login'
login.login_cas 'login_cas', :action => 'login_cas'
login.formatted_login 'login.:format', :action => 'login'
login.logout 'logout', :action => 'logout'
login.formatted_logout 'logout.:format', :action => 'logout'
end
map.with_options :controller => "feedlist" do |fl|
fl.mobile_feeds 'feeds.m', :action => 'index', :format => 'm'
fl.feeds 'feeds', :action => 'index'
end
map.with_options :controller => "integrations" do |i|
i.integrations 'integrations', :action => 'index'
i.rest_api_docs 'integrations/rest_api', :action => "rest_api"
i.search_plugin 'integrations/search_plugin.xml', :controller => 'integrations', :action => 'search_plugin', :format => 'xml'
i.google_gadget 'integrations/google_gadget.xml', :controller => 'integrations', :action => 'google_gadget', :format => 'xml'
end
map.preferences 'preferences', :controller => 'preferences', :action => 'index'
map.stats 'stats', :controller => 'stats', :action => 'index'
map.search 'search', :controller => 'search', :action => 'index'
map.data 'data', :controller => 'data', :action => 'index'
if Rails.env == 'test'
map.connect '/selenium_helper/login', :controller => 'selenium_helper', :action => 'login'
end
# Install the default route as the lowest priority.
map.connect ':controller/:action/:id'

2
features/contexts_manage.feature
View file

@ -21,7 +21,7 @@ Feature: Manage contexts
And he should see that a context named "OutAndAbout" is present
@selenium
Scenario: Delete context from context page
Scenario: Delete context from context page should update badge
Given I have a context called "@computer"
When I go to the contexts page
Then the badge should show 1

38
features/logging_in.feature
View file

@ -6,9 +6,9 @@ Feature: Existing user logging in
Background:
Given the following user records
| login | password | is_admin |
| testuser | secret | false |
| admin | secret | true |
| login | password | is_admin | first_name | last_name |
| testuser | secret | false | Test | User |
| admin | secret | true | Admin | User |
Scenario Outline: Succesfull and unsuccesfull login
When I go to the login page
@ -21,6 +21,32 @@ Feature: Existing user logging in
| admin | secret | redirected to the home page | Login successful |
| admin | wrong | on the login page | Login unsuccessful |
Scenario: Accessing a secured page when not logged in
When I go to the home page
Then I should be redirected to the login page
Scenario Outline: Unauthorized users cannot access Tracks and need to log in first
Given there exists a project called "top secret" for user "testuser"
And there exists a context called "@secret location" for user "testuser"
When I go to the <page>
Then I should be redirected to the login page
When I submit the login form as user "testuser" with password "secret"
Then I should be redirected to the <next page>
And I should see "<logout>"
Examples:
| page | next page | logout |
| home page | home page | Logout (Test User) |
| contexts page | contexts page | Logout (Test User) |
| projects page | projects page | Logout (Test User) |
| notes page | notes page | Logout (Test User) |
| repeating todos page | repeating todos page | Logout (Test User) |
| statistics page | statistics page | Logout (Test User) |
| manage users page | manage users page | 401 Unauthorized |
| integrations page | integrations page | Logout (Test User) |
| starred page | starred page | Logout (Test User) |
| tickler page | tickler page | Logout (Test User) |
| calendar page | calendar page | Logout (Test User) |
| feeds page | feeds page | Logout (Test User) |
| preference page | preference page | Logout (Test User) |
| export page | export page | Logout (Test User) |
| rest api docs page | rest api docs page | Logout (Test User) |
| search page | search page | Logout (Test User) |
| "top secret" project for user "testuser" | "top secret" project for user "testuser" | Logout (Test User) |
| context page for "@secret location" for user "testuser" | context page for "@secret location" for user "testuser" | Logout (Test User) |

8
features/step_definitions/context_steps.rb
View file

@ -3,8 +3,14 @@ Given /^I have no contexts$/ do
Context.delete_all
end
Given /^there exists a context called "([^"]*)" for user "([^"]*)"$/ do |context_name, login|
user = User.find_by_login(login)
user.should_not be_nil
@context = user.contexts.create!(:name => context_name)
end
Given /^I have a context called "([^\"]*)"$/ do |context_name|
@context = @current_user.contexts.create!(:name => context_name)
Given "there exists a context called \"#{context_name}\" for user \"#{@current_user.login}\""
end
Given /^I have the following contexts:$/ do |table|

10
features/step_definitions/project_steps.rb
View file

@ -15,6 +15,15 @@ Given /^there exists a project "([^\"]*)" for user "([^\"]*)"$/ do |project_name
user.projects.create!(:name => project_name)
end
Given /^there exists a project called "([^"]*)" for user "([^"]*)"$/ do |project_name, login|
# TODO: regexp change to integrate this with the previous since only 'called' is different
Given "there exists a project \"#{project_name}\" for user \"#{login}\""
end
Given /^I have a project called "([^"]*)"$/ do |project_name|
Given "there exists a project \"#{project_name}\" for user \"#{@current_user.login}\""
end
When /^I visit the "([^\"]*)" project$/ do |project_name|
@project = Project.find_by_name(project_name)
@project.should_not be_nil
@ -25,7 +34,6 @@ When /^I visit the project page for "([^"]*)"$/ do |project_name|
When "I visit the \"#{project_name}\" project"
end
When /^I edit the project description to "([^\"]*)"$/ do |new_description|
click_link "link_edit_project_#{@project.id}"
fill_in "project[description]", :with => new_description

16
features/support/paths.rb
View file

@ -28,6 +28,22 @@ module NavigationHelpers
integrations_path
when /the tickler page/
tickler_path
when /the export page/
data_path
when /the preference page/
preferences_path
when /the rest api docs page/
rest_api_docs_path
when /the search page/
search_path
when /the starred page/
tag_path("starred")
when /the feeds page/
feeds_path
when /the context page for "([^\"]*)" for user "([^\"]*)"/i
context_path(User.find_by_login($2).contexts.find_by_name($1))
when /the "([^\"]*)" project for user "([^\"]*)"/i
project_path(User.find_by_login($2).projects.find_by_name($1))
# Add more mappings here.
# Here is an example that pulls values out of the Regexp: