require 'spec_helper'

describe User do
  let(:basic_user) { User.where(name: 'basic').first }
  let(:admin_user) { User.where(name: 'admin').first }

  before do
    Bootstrap.reset_database
  end

  it 'should compare privileges' do
    expect(admin_user.has_privileges_of?(basic_user)).to eq true
    expect(basic_user.has_privileges_of?(admin_user)).to eq false
  end
end

describe RightOn::Right do
  before do
    RightOn::Right.delete_all
    Model.delete_all

    @model = Model.create!(:name => 'Test')

    @users  = RightOn::Right.create!(:name => 'users', :controller => 'users')
    @other  = RightOn::Right.create!(:name => 'models', :controller => 'models')
    @index  = RightOn::Right.create!(:name => 'models#index', :controller => 'models', :action => 'index')
    @change = RightOn::Right.create!(:name => 'models#change', :controller => 'models', :action => 'change')
    @view   = RightOn::Right.create!(:name => 'models#view', :controller => 'models', :action => 'view')
  end

  it 'should display nicely with sensible_name and to_s' do
    expect(@model.right.to_s).to eq 'Model: Test'
    expect(@other.to_s).to eq 'models'
    expect(@index.to_s).to eq 'models#index'

    expect(@model.right.sensible_name).to eq 'Model: Test'
    expect(@other.sensible_name).to eq 'Models'
    expect(@index.sensible_name).to eq 'Models - Index'
  end

  it 'should create right for restricted right' do
    right = @model.right
    expect(right).to_not be_nil
    expect(right.name).to eq 'Model: Test'
    expect{right.destroy}.to raise_error(ActiveRecord::DetailedDeleteRestrictionError)
  end

  it 'should identify correct groups' do
    rights = RightOn::Right.regular_rights_with_group.sort_by{|r| r.name} # Sort for ruby 1.9 compatibility
    expect(rights.map(&:name)).to eq %w(models models#change models#index models#view users)
    expect(rights.map(&:group)).to eq %w(general general general general admin)

    expect(RightOn::Right.by_groups).to eq(
      'general' => [@other, @index, @view, @change],
      'admin' => [@users],
      'other' => [@model.right]
    )
  end

  it 'should determine if it is allowed based on context' do
    index_action = {:controller => 'models', :action => 'index'}
    edit_action  = {:controller => 'models', :action => 'edit'}
    hello_action = {:controller => 'models', :action => 'hello'}

    expect(@model.right.allowed?(index_action)).to eq false

    expect(@users.allowed?(:controller => 'users', :action => 'index')).to eq true
    expect(@users.allowed?(:controller => 'users', :action => 'edit' )).to eq true
    expect(@users.allowed?(:controller => 'users', :action => 'hello')).to eq true

    expect(@other.allowed?(index_action)).to eq false # as specific action exists
    expect(@other.allowed?(edit_action )).to eq false # as specific action exists
    expect(@other.allowed?(hello_action)).to eq true # as hello isn't defined

    expect(@index.allowed?(index_action)).to eq true
    expect(@index.allowed?(edit_action )).to eq false
    expect(@index.allowed?(hello_action)).to eq false

    expect(@view.allowed?(index_action)).to eq true
    expect(@view.allowed?(edit_action )).to eq false
    expect(@view.allowed?(hello_action)).to eq false

    expect(@change.allowed?(index_action)).to eq true
    expect(@change.allowed?(edit_action )).to eq true
    expect(@change.allowed?(hello_action)).to eq false
  end
end

describe RightOn::Right, "when created" do
  it "should validate presence of name" do
    subject.valid?
    expect(subject.errors[:name]).to_not be_blank
  end
end

describe RightOn::Right, "with a name and controller" do
  before do
    @new_right = RightOn::Right.new(:name => "tickets", :controller => "tickets")
    @new_right.save!
  end

  it "should create a new right" do
    expect(@new_right.name).to eq "tickets"
    expect(@new_right.controller).to eq "tickets"
    expect(@new_right.save).to eq true
  end

end

describe RightOn::Right, "with a name, controller and action" do
  before do
    @new_right = RightOn::Right.new(:name => "tickets@destroy", :controller => "tickets", :action => "destroy")
  end

  it "should create a new right" do
    expect(@new_right.name).to eq "tickets@destroy"
    expect(@new_right.controller).to eq "tickets"
    expect(@new_right.action).to eq "destroy"
    expect(@new_right.save).to eq true
  end
end

describe RightOn::Right, "with only a name" do
  before do
    @new_right = RightOn::Right.new(:name => "tickets2")
  end

  it "should create a new right" do
    expect(@new_right.save).to eq true
  end
end

describe RightOn::Right, "with the same name" do
  before do
    @old_right = RightOn::Right.new(:name => "tickets3", :controller => "tickets")
    @old_right.save!
    @new_right = RightOn::Right.new(:name => "tickets3", :controller => "tickets")
  end

  it "should not create a new right" do
    expect(@new_right.save).to eq false
  end
end

describe RightOn::Role, "can have many rights" do
  let(:role1) { RightOn::Role.new(:title => 'role 1') }

  specify { expect(role1.to_s).to eq 'Role 1' }

  context 'when assigned rights' do
    let(:right1) { RightOn::Right.create!(:name => 'right 1') }
    let(:right2) { RightOn::Right.create!(:name => 'right 2') }

    before do
      role1.save!
      role1.rights = [right1, right2]
    end

    after do
      role1.destroy
      right1.destroy
      right2.destroy
    end

    it "should have and belong to many" do
      expect(role1.rights.size).to eq 2
      expect(right1.roles.size).to eq 1
      expect(right2.roles.size).to eq 1
    end
  end
end

describe 'when checking accessibility to a controller' do

  let(:test_controller_right) { RightOn::Right.new(name: 'test', controller: 'test') }
  let(:user) { double(rights: [test_controller_right]) }
  let(:controller) { 'test' }
  let(:action) { 'index' }
  let(:params) { {controller: 'test', action: 'index'} }

  before do
    stub_const 'TestController', double(current_user: user, params: params)
    TestController.extend RightOn::ActionControllerExtensions
    allow(TestController).to receive(:rights_from).and_return(nil)
  end

  specify { expect(TestController.access_allowed?(controller)).to be_truthy }
  specify { expect(TestController.access_allowed?('other')).to be_falsey }
  specify { expect(TestController.access_allowed_to_controller?(controller)).to be_truthy }
  specify { expect(TestController.access_allowed_to_controller?('other')).to be_falsey }

  describe 'when inheriting rights' do
    let(:controller) { 'test_inherited' }

    before do
      stub_const 'TestInheritedController', double(current_user: user, params: params)
      TestInheritedController.extend RightOn::ActionControllerExtensions
      allow(TestInheritedController).to receive(:rights_from).and_return(:test)
    end

    specify { expect(TestInheritedController.access_allowed?(controller)).to be_falsey }
    specify { expect(TestInheritedController.access_allowed?('other')).to be_falsey }
    specify { expect(TestInheritedController.access_allowed_to_controller?(controller)).to be_truthy }
    specify { expect(TestInheritedController.access_allowed_to_controller?('other')).to be_falsey }
  end
end