Skip to content

Commit

Permalink
Merge pull request #14756 from foxweb/bug/52284-cost-report-destroy-5…
Browse files Browse the repository at this point in the history
…00-error

[#52284] CostReportsController#destroy - wrong method name was rename
  • Loading branch information
apfohl authored Feb 12, 2024
2 parents 98122ac + 0620ddd commit e93f504
Show file tree
Hide file tree
Showing 2 changed files with 62 additions and 8 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -148,7 +148,7 @@ def show
# RecordNotFound if the query at :id does not exist
def destroy
if @query
@query.destroy if allowed_in_report(:destroy, @query)
@query.destroy if allowed_in_report?(:destroy, @query)
else
raise ActiveRecord::RecordNotFound
end
Expand Down
68 changes: 61 additions & 7 deletions modules/reporting/spec/controllers/cost_reports_controller_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -26,28 +26,82 @@
# See COPYRIGHT and LICENSE files for more details.
#++

require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
require File.expand_path("#{File.dirname(__FILE__)}/../spec_helper")

RSpec.describe CostReportsController do
include OpenProject::Reporting::PluginSpecHelper

let(:user) { build(:user) }
let(:project) { build(:valid_project) }

before do
allow(User).to receive(:current).and_return(user)
end

describe "GET show" do
before do
is_member project, user, [:view_cost_entries]
allow(User).to receive(:current).and_return(user)
end

describe "WHEN providing invalid units
WHEN having the view_cost_entries permission" do
context 'with invalid units' do
context 'with :view_cost_entries permission' do
before do
get :show, params: { id: 1, unit: -1 }
end

it 'returns 404 Not found' do
expect(response).to have_http_status(:not_found)
end
end
end
end

describe 'DELETE destroy' do
let(:user) { build(:admin) }
let(:cost_query) { create(:public_cost_query, user:, project:) }

context 'with valid params' do
before do
get :show, params: { id: 1, unit: -1 }
delete :destroy, params: { id: cost_query.id, project_id: project.identifier }
end

it 'destroyed' do
expect(CostQuery.count).to be_zero
end

it 'redirected' do
expect(response).to have_http_status(:redirect)
end
end

context 'with invalid params' do
before do
create(:public_cost_query, user:, project:)
delete :destroy, params: { id: -1, project_id: -1 }
end

it 'not destroyed' do
expect(CostQuery.count).not_to be_zero
end

it 'returns 404 Not found' do
expect(response).to have_http_status(:not_found)
end
end

context 'with non-admin user' do
let(:user) { build(:user) }

before do
delete :destroy, params: { id: cost_query.id, project_id: project.identifier }
end

it 'not destroyed' do
expect(CostQuery.count).not_to be_zero
end

it "responds with a 404 error" do
expect(response.code).to eql("404")
it 'returns 403 Forbidden' do
expect(response).to have_http_status(:forbidden)
end
end
end
Expand Down

0 comments on commit e93f504

Please sign in to comment.