+ def show_project_using(auth_key, proj_key='aproject')
+ project_uuid = api_fixture('groups')[proj_key]['uuid']
+ visit(page_with_token(auth_key, "/projects/#{project_uuid}"))
+ assert(page.has_text?("A Project"), "not on expected project page")
+ end
+
+ def share_rows
+ find('#project_sharing').all('tr')
+ end
+
+ def add_share_and_check(share_type, name)
+ assert(page.has_no_text?(name), "project is already shared with #{name}")
+ start_share_count = share_rows.size
+ click_on("Share with #{share_type}")
+ find(".selectable", text: name).click
+ find(".modal-footer a,button", text: "Add").click
+ using_wait_time(Capybara.default_wait_time * 3) do
+ assert(page.has_link?(name),
+ "new share was not added to sharing table")
+ assert_equal(start_share_count + 1, share_rows.size,
+ "new share did not add row to sharing table")
+ end
+ end
+
+ def modify_share_and_check(name)
+ start_rows = share_rows
+ link_row = start_rows.select { |row| row.has_text?(name) }
+ assert_equal(1, link_row.size, "row with new permission not found")
+ within(link_row.first) do
+ click_on("Read")
+ select("Write", from: "share_change_level")
+ click_on("editable-submit")
+ assert(has_link?("Write"),
+ "failed to change access level on new share")
+ click_on "Revoke"
+ end
+ using_wait_time(Capybara.default_wait_time * 3) do
+ assert(page.has_no_text?(name),
+ "new share row still exists after being revoked")
+ assert_equal(start_rows.size - 1, share_rows.size,
+ "revoking share did not remove row from sharing table")
+ end
+ end
+
+ test "project viewer can't see project sharing tab" do
+ show_project_using("project_viewer")
+ assert(page.has_no_link?("Sharing"),
+ "read-only project user sees sharing tab")
+ end
+
+ test "project owner can manage sharing for another user" do
+ add_user = api_fixture('users')['future_project_user']
+ new_name = ["first_name", "last_name"].map { |k| add_user[k] }.join(" ")
+
+ show_project_using("active")
+ click_on "Sharing"
+ add_share_and_check("users", new_name)
+ modify_share_and_check(new_name)
+ end
+
+ test "project owner can manage sharing for another group" do
+ new_name = api_fixture('groups')['future_project_viewing_group']['name']
+
+ show_project_using("active")
+ click_on "Sharing"
+ add_share_and_check("groups", new_name)
+ modify_share_and_check(new_name)
+ end