spec/lib/ssh_access_spec.rb

	ssh_access_spec.rb revision 6876ece18854869a08606c12e0e814435fa73a29
require 'spec_helper'

describe SshAccess do

  let(:permission) { create :permission, role: 'reader' }
  let(:user) { permission.subject }
  let(:repository) { permission.item }

  context 'without a permission' do

    it 'should allow read on public readable repository' do
      repository.access = 'public_r'
      access = described_class.determine_permission('read', nil, repository)
      expect(access).to be true
    end

    it 'should disallow write on public readable repository' do
      repository.access = 'public_r'
      access = described_class.determine_permission('write', nil, repository)
      expect(access).to be false
    end

    it 'should allow read on public read-writeable repository' do
      repository.access = 'public_rw'
      access = described_class.determine_permission('read', nil, repository)
      expect(access).to be true
    end

    it 'should allow write on public read-writeable repository' do
      repository.access = 'public_rw'
      access = described_class.determine_permission('write', nil, repository)
      expect(access).to be true
    end

    it 'should disallow read on private readable repository' do
      repository.access = 'private_r'
      access = described_class.determine_permission('read', nil, repository)
      expect(access).to be false
    end

    it 'should disallow write on private readable repository' do
      repository.access = 'private_r'
      access = described_class.determine_permission('write', nil, repository)
      expect(access).to be false
    end

    it 'should disallow read on private read-writeable repository' do
      repository.access = 'private_rw'
      access = described_class.determine_permission('read', nil, repository)
      expect(access).to be false
    end

    it 'should disallow write on private read-writeable repository' do
      repository.access = 'private_rw'
      access = described_class.determine_permission('write', nil, repository)
      expect(access).to be false
    end

  end

  context 'with permission' do

    context 'denoting owner rights' do
      let(:permission) { create :permission, role: 'owner' }

      it 'should allow write on public readable repository' do
        repository.access = 'public_r'
        access = described_class.determine_permission('write', permission, repository)
        expect(access).to be true
      end

      it 'should allow write on private readable repository' do
        repository.access = 'private_r'
        access = described_class.determine_permission('write', permission, repository)
        expect(access).to be true
      end
    end

    context 'denoting editor rights' do
      let(:permission) { create :permission, role: 'editor' }

      it 'should allow write on public readable repository' do
        repository.access = 'public_r'
        access = described_class.determine_permission('write', permission, repository)
        expect(access).to be true
      end

      it 'should allow write on private readable repository' do
        repository.access = 'private_r'
        access = described_class.determine_permission('write', permission, repository)
        expect(access).to be true
      end
    end

    it 'should allow read on public readable repository' do
      repository.access = 'public_r'
      access = described_class.determine_permission('read', permission, repository)
      expect(access).to be true
    end

    it 'should disallow write on public readable repository' do
      repository.access = 'public_r'
      access = described_class.determine_permission('write', permission, repository)
      expect(access).to be false
    end

    it 'should allow read on public read-writeable repository' do
      repository.access = 'public_rw'
      access = described_class.determine_permission('read', permission, repository)
      expect(access).to be true
    end

    it 'should allow write on public read-writeable repository' do
      repository.access = 'public_rw'
      access = described_class.determine_permission('write', permission, repository)
      expect(access).to be true
    end

    it 'should allow read on private readable repository' do
      repository.access = 'private_r'
      access = described_class.determine_permission('read', permission, repository)
      expect(access).to be true
    end

    it 'should disallow write on private readable repository' do
      repository.access = 'private_r'
      access = described_class.determine_permission('write', permission, repository)
      expect(access).to be false
    end

    it 'should allow read on private read-writeable repository' do
      repository.access = 'private_rw'
      access = described_class.determine_permission('read', permission, repository)
      expect(access).to be true
    end

    it 'should allow write on private read-writeable repository' do
      repository.access = 'private_rw'
      access = described_class.determine_permission('write', permission, repository)
      expect(access).to be true
    end
  end

end