Skip to content

Commit

Permalink
Updated workflow_execution policy and workflow execution policy test …
Browse files Browse the repository at this point in the history
…to increase coverage
  • Loading branch information
deepsidhu85 committed Dec 20, 2024
1 parent 82df800 commit 5aef8a5
Show file tree
Hide file tree
Showing 3 changed files with 69 additions and 9 deletions.
6 changes: 6 additions & 0 deletions app/policies/application_policy.rb
Original file line number Diff line number Diff line change
Expand Up @@ -17,4 +17,10 @@ class ApplicationPolicy < ActionPolicy::Base
# record.user_id == user.id
# end
#
attr_accessor :details

def initialize(record = nil, **params)
super
@details ||= {}
end
end
31 changes: 22 additions & 9 deletions app/policies/workflow_execution_policy.rb
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ def effective_access_level(current_user = user)

@access_level ||= {}

user_type = if current_user.user_type == User.user_types[:project_automation_bot]
user_type = if project_automation_bot?(current_user)
:project_automation_bot
else
:human_user
Expand All @@ -17,9 +17,15 @@ def effective_access_level(current_user = user)
@access_level[user_type]
end

def destroy? # rubocop:disable Metrics/AbcSize
return true if record.submitter.id == user.id
return true if Member::AccessLevel.manageable.include?(effective_access_level)
def project_automation_bot?(user)
User.user_types[user.user_type] == User.user_types[:project_automation_bot]
end

def destroy? # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity
unless project_automation_bot?(user)
return true if record.submitter.id == user.id
return true if Member::AccessLevel.manageable.include?(effective_access_level)
end

if (record.namespace.type == Namespaces::ProjectNamespace.sti_name) &&
(record.submitter.id == record.namespace.automation_bot.id) &&
Expand All @@ -33,10 +39,15 @@ def destroy? # rubocop:disable Metrics/AbcSize
false
end

def read? # rubocop:disable Metrics/AbcSize
return true if record.submitter.id == user.id
def read? # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity
unless project_automation_bot?(user)
return true if record.submitter.id == user.id
return true if effective_access_level(user) > Member::AccessLevel::NO_ACCESS
end

if (record.namespace.type == Namespaces::ProjectNamespace.sti_name) &&
(record.submitter.id == record.namespace.automation_bot.id) &&
(record.namespace.automation_bot.id == user.id) &&
(effective_access_level(record.namespace.automation_bot) > Member::AccessLevel::NO_ACCESS)
return true
end
Expand All @@ -53,9 +64,11 @@ def create?
false
end

def cancel? # rubocop:disable Metrics/AbcSize
return true if record.submitter.id == user.id
return true if Member::AccessLevel.manageable.include?(effective_access_level)
def cancel? # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity
unless project_automation_bot?(user)
return true if record.submitter.id == user.id
return true if Member::AccessLevel.manageable.include?(effective_access_level)
end

if (record.namespace.type == Namespaces::ProjectNamespace.sti_name) &&
(record.submitter.id == record.namespace.automation_bot.id) &&
Expand Down
41 changes: 41 additions & 0 deletions test/policies/workflow_execution_policy_test.rb
Original file line number Diff line number Diff line change
Expand Up @@ -5,23 +5,45 @@
class WorkflowExecutionPolicyTest < ActiveSupport::TestCase
def setup
@user = users(:john_doe)
@automation_bot_user = users(:project1_automation_bot)
@workflow_execution = workflow_executions(:irida_next_example_prepared)
@policy = WorkflowExecutionPolicy.new(@workflow_execution, user: @user)

@details = {}
end

test '#read?' do
assert @policy.read?

user = users(:ryan_doe)
policy = WorkflowExecutionPolicy.new(@workflow_execution, user:)

assert policy.read?

user = users(:project1_automation_bot)
user_incorrect_permissions = users(:micha_doe)
workflow_execution = workflow_executions(:automated_workflow_execution)
policy = WorkflowExecutionPolicy.new(workflow_execution, user:)

assert policy.read?

policy = WorkflowExecutionPolicy.new(workflow_execution, user: @user)

assert policy.read?

policy = WorkflowExecutionPolicy.new(workflow_execution, user: user_incorrect_permissions)

assert_not policy.read?
end

test '#create?' do
assert @policy.create?

user_incorrect_permissions = users(:ryan_doe)
workflow_execution = workflow_executions(:automated_workflow_execution)
policy = WorkflowExecutionPolicy.new(workflow_execution, user: user_incorrect_permissions)

assert_not policy.create?
end

test '#cancel?' do
Expand All @@ -32,16 +54,35 @@ def setup
policy = WorkflowExecutionPolicy.new(workflow_execution, user:)

assert policy.cancel?

automated_workflow_execution = workflow_executions(:automated_workflow_execution)
policy = WorkflowExecutionPolicy.new(automated_workflow_execution, user: @user)

assert policy.cancel?

user_incorrect_permissions = users(:ryan_doe)
policy = WorkflowExecutionPolicy.new(workflow_execution, user: user_incorrect_permissions)

assert_not policy.cancel?
end

test '#destroy?' do
assert @policy.destroy?

user = users(:project1_automation_bot)
user_incorrect_permissions = users(:ryan_doe)
workflow_execution = workflow_executions(:automated_workflow_execution)
policy = WorkflowExecutionPolicy.new(workflow_execution, user:)

assert policy.destroy?

policy = WorkflowExecutionPolicy.new(workflow_execution, user: @user)

assert policy.destroy?

policy = WorkflowExecutionPolicy.new(workflow_execution, user: user_incorrect_permissions)

assert_not policy.destroy?
end

test 'automated scope' do
Expand Down

0 comments on commit 5aef8a5

Please sign in to comment.