Description:
[web] added main_controller_spec
git-svn-id: http://theory.cpe.ku.ac.th/grader/web/trunk@148 6386c4cd-e34a-4fa8-8920-d93eb39b512e
Commit status:
[Not Reviewed]
References:
Diff options:
Comments:
0 Commit comments
0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Author
jittat
-
r71:62f19d94e35a - - 2 files changed: 48 inserted, 6 deleted
| @@ -0,0 +1,42 | |||||
|
|
|
1 | + | ||
|
|
|
2 | + require File.dirname(__FILE__) + '/../spec_helper' | ||
|
|
|
3 | + | ||
|
|
|
4 | + describe MainController do | ||
|
|
|
5 | + | ||
|
|
|
6 | + before(:each) do | ||
|
|
|
7 | + @problem = mock(Problem, :name => 'test') | ||
|
|
|
8 | + @language = mock(Language, :name => 'cpp', :ext => 'cpp') | ||
|
|
|
9 | + @submission = mock(Submission, | ||
|
|
|
10 | + :id => 1, | ||
|
|
|
11 | + :user_id => 1, | ||
|
|
|
12 | + :problem => @problem, | ||
|
|
|
13 | + :language => @language, | ||
|
|
|
14 | + :source => 'sample source', | ||
|
|
|
15 | + :compiler_message => 'none') | ||
|
|
|
16 | + @user = mock(User, :id => 1, :login => 'john') | ||
|
|
|
17 | + Submission.should_receive(:find).with(@user.id.to_s).and_return(@submission) | ||
|
|
|
18 | + end | ||
|
|
|
19 | + | ||
|
|
|
20 | + it "should let user sees her own source" do | ||
|
|
|
21 | + get 'source', {:id => 1}, {:user_id => 1} | ||
|
|
|
22 | + response.should be_success | ||
|
|
|
23 | + end | ||
|
|
|
24 | + | ||
|
|
|
25 | + it "should let user sees her own compiler message" do | ||
|
|
|
26 | + get 'compiler_msg', {:id => 1}, {:user_id => 1} | ||
|
|
|
27 | + response.should be_success | ||
|
|
|
28 | + end | ||
|
|
|
29 | + | ||
|
|
|
30 | + it "should not let user sees other user's source" do | ||
|
|
|
31 | + get 'source', {:id => 1}, {:user_id => 2} | ||
|
|
|
32 | + flash[:notice].should =~ /[Ee]rror/ | ||
|
|
|
33 | + response.should redirect_to(:action => 'list') | ||
|
|
|
34 | + end | ||
|
|
|
35 | + | ||
|
|
|
36 | + it "should not let user sees other user's compiler message" do | ||
|
|
|
37 | + get 'compiler_msg', {:id => 1}, {:user_id => 2} | ||
|
|
|
38 | + flash[:notice].should =~ /[Ee]rror/ | ||
|
|
|
39 | + response.should redirect_to(:action => 'list') | ||
|
|
|
40 | + end | ||
|
|
|
41 | + | ||
|
|
|
42 | + end | ||
| @@ -1,44 +1,44 | |||||
|
|
1 | # Filters added to this controller apply to all controllers in the application. |
|
1 | # Filters added to this controller apply to all controllers in the application. |
|
|
2 | # Likewise, all the methods added will be available for all controllers. |
|
2 | # Likewise, all the methods added will be available for all controllers. |
|
|
3 |
|
3 | ||
|
|
4 | class ApplicationController < ActionController::Base |
|
4 | class ApplicationController < ActionController::Base |
|
|
5 | # Pick a unique cookie name to distinguish our session data from others' |
|
5 | # Pick a unique cookie name to distinguish our session data from others' |
|
|
6 | session :session_key => '_grader_session_id' |
|
6 | session :session_key => '_grader_session_id' |
|
|
7 |
|
7 | ||
|
|
8 | protected |
|
8 | protected |
|
|
9 | def authenticate |
|
9 | def authenticate |
|
|
10 | unless session[:user_id] |
|
10 | unless session[:user_id] |
|
|
11 | redirect_to :controller => 'main', :action => 'login' |
|
11 | redirect_to :controller => 'main', :action => 'login' |
|
|
12 | return false |
|
12 | return false |
|
|
13 | end |
|
13 | end |
|
|
14 |
|
14 | ||
|
|
15 | - user = User.find(session[:user_id]) |
|
||
|
|
16 | # check if run in single user mode |
|
15 | # check if run in single user mode |
|
|
17 |
- if |
|
16 | + if defined?(SINGLE_USER_MODE) and (SINGLE_USER_MODE) |
|
|
18 | - (SINGLE_USER_MODE) and |
|
17 | + user = User.find(session[:user_id]) |
|
|
19 |
- user.login != 'root' |
|
18 | + if user==nil or user.login != 'root' |
|
|
20 | - redirect_to :controller => 'main', :action => 'login' |
|
19 | + redirect_to :controller => 'main', :action => 'login' |
|
|
21 | - return false |
|
20 | + return false |
|
|
|
21 | + end | ||
|
|
22 | end |
|
22 | end |
|
|
23 |
|
23 | ||
|
|
24 | return true |
|
24 | return true |
|
|
25 | end |
|
25 | end |
|
|
26 |
|
26 | ||
|
|
27 | def authorization |
|
27 | def authorization |
|
|
28 | return false unless authenticate |
|
28 | return false unless authenticate |
|
|
29 | user = User.find(session[:user_id]) |
|
29 | user = User.find(session[:user_id]) |
|
|
30 | unless user.roles.detect { |role| |
|
30 | unless user.roles.detect { |role| |
|
|
31 | role.rights.detect{ |right| |
|
31 | role.rights.detect{ |right| |
|
|
32 | right.controller == self.class.controller_name and |
|
32 | right.controller == self.class.controller_name and |
|
|
33 | (right.action == 'all' or right.action == action_name) |
|
33 | (right.action == 'all' or right.action == action_name) |
|
|
34 | } |
|
34 | } |
|
|
35 | } |
|
35 | } |
|
|
36 | flash[:notice] = 'You are not authorized to view the page you requested' |
|
36 | flash[:notice] = 'You are not authorized to view the page you requested' |
|
|
37 | #request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login') |
|
37 | #request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login') |
|
|
38 | redirect_to :controller => 'main', :action => 'login' |
|
38 | redirect_to :controller => 'main', :action => 'login' |
|
|
39 | return false |
|
39 | return false |
|
|
40 | end |
|
40 | end |
|
|
41 | end |
|
41 | end |
|
|
42 |
|
42 | ||
|
|
43 | end |
|
43 | end |
|
|
44 |
|
44 | ||
You need to be logged in to leave comments.
Login now