Description:
[web] added main_controller_spec
git-svn-id: http://theory.cpe.ku.ac.th/grader/web/trunk@148 6386c4cd-e34a-4fa8-8920-d93eb39b512e
Commit status:
[Not Reviewed]
References:
Diff options:
Comments:
0 Commit comments
0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Author
jittat
-
r71:62f19d94e35a - - 2 files changed: 48 inserted, 6 deleted
| @@ -0,0 +1,42 | |||
|
|
1 | + | |
|
|
2 | + require File.dirname(__FILE__) + '/../spec_helper' | |
|
|
3 | + | |
|
|
4 | + describe MainController do | |
|
|
5 | + | |
|
|
6 | + before(:each) do | |
|
|
7 | + @problem = mock(Problem, :name => 'test') | |
|
|
8 | + @language = mock(Language, :name => 'cpp', :ext => 'cpp') | |
|
|
9 | + @submission = mock(Submission, | |
|
|
10 | + :id => 1, | |
|
|
11 | + :user_id => 1, | |
|
|
12 | + :problem => @problem, | |
|
|
13 | + :language => @language, | |
|
|
14 | + :source => 'sample source', | |
|
|
15 | + :compiler_message => 'none') | |
|
|
16 | + @user = mock(User, :id => 1, :login => 'john') | |
|
|
17 | + Submission.should_receive(:find).with(@user.id.to_s).and_return(@submission) | |
|
|
18 | + end | |
|
|
19 | + | |
|
|
20 | + it "should let user sees her own source" do | |
|
|
21 | + get 'source', {:id => 1}, {:user_id => 1} | |
|
|
22 | + response.should be_success | |
|
|
23 | + end | |
|
|
24 | + | |
|
|
25 | + it "should let user sees her own compiler message" do | |
|
|
26 | + get 'compiler_msg', {:id => 1}, {:user_id => 1} | |
|
|
27 | + response.should be_success | |
|
|
28 | + end | |
|
|
29 | + | |
|
|
30 | + it "should not let user sees other user's source" do | |
|
|
31 | + get 'source', {:id => 1}, {:user_id => 2} | |
|
|
32 | + flash[:notice].should =~ /[Ee]rror/ | |
|
|
33 | + response.should redirect_to(:action => 'list') | |
|
|
34 | + end | |
|
|
35 | + | |
|
|
36 | + it "should not let user sees other user's compiler message" do | |
|
|
37 | + get 'compiler_msg', {:id => 1}, {:user_id => 2} | |
|
|
38 | + flash[:notice].should =~ /[Ee]rror/ | |
|
|
39 | + response.should redirect_to(:action => 'list') | |
|
|
40 | + end | |
|
|
41 | + | |
|
|
42 | + end | |
| @@ -3,31 +3,31 | |||
|
|
3 | 3 | |
|
|
4 | 4 | class ApplicationController < ActionController::Base |
|
|
5 | 5 | # Pick a unique cookie name to distinguish our session data from others' |
|
|
6 | 6 | session :session_key => '_grader_session_id' |
|
|
7 | 7 | |
|
|
8 | 8 | protected |
|
|
9 | 9 | def authenticate |
|
|
10 | 10 | unless session[:user_id] |
|
|
11 | 11 | redirect_to :controller => 'main', :action => 'login' |
|
|
12 | 12 | return false |
|
|
13 | 13 | end |
|
|
14 | 14 | |
|
|
15 | - user = User.find(session[:user_id]) | |
|
|
16 | 15 | # check if run in single user mode |
|
|
17 |
- if |
|
|
|
18 | - (SINGLE_USER_MODE) and | |
|
|
19 |
- user.login != 'root' |
|
|
|
20 | - redirect_to :controller => 'main', :action => 'login' | |
|
|
21 | - return false | |
|
|
16 | + if defined?(SINGLE_USER_MODE) and (SINGLE_USER_MODE) | |
|
|
17 | + user = User.find(session[:user_id]) | |
|
|
18 | + if user==nil or user.login != 'root' | |
|
|
19 | + redirect_to :controller => 'main', :action => 'login' | |
|
|
20 | + return false | |
|
|
21 | + end | |
|
|
22 | 22 | end |
|
|
23 | 23 | |
|
|
24 | 24 | return true |
|
|
25 | 25 | end |
|
|
26 | 26 | |
|
|
27 | 27 | def authorization |
|
|
28 | 28 | return false unless authenticate |
|
|
29 | 29 | user = User.find(session[:user_id]) |
|
|
30 | 30 | unless user.roles.detect { |role| |
|
|
31 | 31 | role.rights.detect{ |right| |
|
|
32 | 32 | right.controller == self.class.controller_name and |
|
|
33 | 33 | (right.action == 'all' or right.action == action_name) |
You need to be logged in to leave comments.
Login now