end
end
+ test "get_all_permissions does not give any access to user without permission" do
+ authorize_with :admin
+ get :get_all_permissions
+ assert_response :success
+ assert_equal(authorized_keys(:project_viewer).authorized_user_uuid,
+ users(:project_viewer).uuid,
+ "project_viewer must have an authorized_key for this test to work")
+ json_response['repositories'].each do |repo|
+ assert_equal(false,
+ repo['user_permissions'].has_key?(users(:project_viewer).uuid),
+ "project_viewer user should not have perms for #{repo['uuid']}")
+ end
+ end
+
+ test "get_all_permissions gives gitolite R to user with read-only access" do
+ authorize_with :admin
+ get :get_all_permissions
+ assert_response :success
+ found_it = false
+ assert_equal(authorized_keys(:spectator).authorized_user_uuid,
+ users(:spectator).uuid,
+ "spectator must have an authorized_key for this test to work")
+ json_response['repositories'].each do |repo|
+ next unless repo['uuid'] == repositories(:foo).uuid
+ assert_equal('R',
+ repo['user_permissions'][users(:spectator).uuid]['gitolite_permissions'],
+ "spectator user should have just R access to #{repo['uuid']}")
+ found_it = true
+ end
+ assert_equal true, found_it, "spectator user does not have R on foo repo"
+ end
+
test "get_all_permissions provides admin and active user keys" do
authorize_with :admin
get :get_all_permissions
projects / arvados.git / blobdiff