cafe-grader-web

Commit r71:62f19d94e35a public

parent | child
Description:
[web] added main_controller_spec git-svn-id: http://theory.cpe.ku.ac.th/grader/web/trunk@148 6386c4cd-e34a-4fa8-8920-d93eb39b512e
Commit status:
[Not Reviewed]
References:
default
Diff options:
Raw Diff | Patch Diff | Download Diff | Show whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r71:62f19d94e35a - - 2 files changed: 46 inserted, 4 deleted

Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -0,0 +1,42
1 +
2 + require File.dirname(__FILE__) + '/../spec_helper'
3 +
4 + describe MainController do
5 +
6 + before(:each) do
7 + @problem = mock(Problem, :name => 'test')
8 + @language = mock(Language, :name => 'cpp', :ext => 'cpp')
9 + @submission = mock(Submission,
10 + :id => 1,
11 + :user_id => 1,
12 + :problem => @problem,
13 + :language => @language,
14 + :source => 'sample source',
15 + :compiler_message => 'none')
16 + @user = mock(User, :id => 1, :login => 'john')
17 + Submission.should_receive(:find).with(@user.id.to_s).and_return(@submission)
18 + end
19 +
20 + it "should let user sees her own source" do
21 + get 'source', {:id => 1}, {:user_id => 1}
22 + response.should be_success
23 + end
24 +
25 + it "should let user sees her own compiler message" do
26 + get 'compiler_msg', {:id => 1}, {:user_id => 1}
27 + response.should be_success
28 + end
29 +
30 + it "should not let user sees other user's source" do
31 + get 'source', {:id => 1}, {:user_id => 2}
32 + flash[:notice].should =~ /[Ee]rror/
33 + response.should redirect_to(:action => 'list')
34 + end
35 +
36 + it "should not let user sees other user's compiler message" do
37 + get 'compiler_msg', {:id => 1}, {:user_id => 2}
38 + flash[:notice].should =~ /[Ee]rror/
39 + response.should redirect_to(:action => 'list')
40 + end
41 +
42 + end
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -3,32 +3,32
3
3
4 class ApplicationController < ActionController::Base
4 class ApplicationController < ActionController::Base
5 # Pick a unique cookie name to distinguish our session data from others'
5 # Pick a unique cookie name to distinguish our session data from others'
6 session :session_key => '_grader_session_id'
6 session :session_key => '_grader_session_id'
7
7
8 protected
8 protected
9 def authenticate
9 def authenticate
10 unless session[:user_id]
10 unless session[:user_id]
11 redirect_to :controller => 'main', :action => 'login'
11 redirect_to :controller => 'main', :action => 'login'
12 return false
12 return false
13 end
13 end
14
14
15 + # check if run in single user mode
16 + if defined?(SINGLE_USER_MODE) and (SINGLE_USER_MODE)
15 user = User.find(session[:user_id])
17 user = User.find(session[:user_id])
16 - # check if run in single user mode
18 + if user==nil or user.login != 'root'
17 - if (defined?(SINGLE_USER_MODE) and
18 - (SINGLE_USER_MODE) and
19 - user.login != 'root')
20 redirect_to :controller => 'main', :action => 'login'
19 redirect_to :controller => 'main', :action => 'login'
21 return false
20 return false
22 end
21 end
22 + end
23
23
24 return true
24 return true
25 end
25 end
26
26
27 def authorization
27 def authorization
28 return false unless authenticate
28 return false unless authenticate
29 user = User.find(session[:user_id])
29 user = User.find(session[:user_id])
30 unless user.roles.detect { |role|
30 unless user.roles.detect { |role|
31 role.rights.detect{ |right|
31 role.rights.detect{ |right|
32 right.controller == self.class.controller_name and
32 right.controller == self.class.controller_name and
33 (right.action == 'all' or right.action == action_name)
33 (right.action == 'all' or right.action == action_name)
34 }
34 }
You need to be logged in to leave comments. Login now