6 let(:user1) { create(:user) }
7 let(:user2) { create(:user) }
8 let(:admin) { create(:admin) }
9 let!(:group1) { create(:group, owner: user1) }
10 let!(:group2) { create(:group, owner: user2) }
12 describe "GET /groups" do
13 context "when unauthenticated" do
14 it "should return authentication error" do
16 response.status.should == 401
20 context "when authenticated as user" do
21 it "normal user: should return an array of groups of user1" do
22 get api("/groups", user1)
23 response.status.should == 200
24 json_response.should be_an Array
25 json_response.length.should == 1
26 json_response.first['name'].should == group1.name
30 context "when authenticated as admin" do
31 it "admin: should return an array of all groups" do
32 get api("/groups", admin)
33 response.status.should == 200
34 json_response.should be_an Array
35 json_response.length.should == 2
40 describe "GET /groups/:id" do
41 context "when authenticated as user" do
42 it "should return one of user1's groups" do
43 get api("/groups/#{group1.id}", user1)
44 response.status.should == 200
45 json_response['name'] == group1.name
48 it "should not return a non existing group" do
49 get api("/groups/1328", user1)
50 response.status.should == 404
53 it "should not return a group not attached to user1" do
54 get api("/groups/#{group2.id}", user1)
55 response.status.should == 404
59 context "when authenticated as admin" do
60 it "should return any existing group" do
61 get api("/groups/#{group2.id}", admin)
62 response.status.should == 200
63 json_response['name'] == group2.name
66 it "should not return a non existing group" do
67 get api("/groups/1328", admin)
68 response.status.should == 404
73 describe "POST /groups" do
74 context "when authenticated as user" do
75 it "should not create group" do
76 post api("/groups", user1), attributes_for(:group)
77 response.status.should == 403
81 context "when authenticated as admin" do
82 it "should create group" do
83 post api("/groups", admin), attributes_for(:group)
84 response.status.should == 201
87 it "should not create group, duplicate" do
88 post api("/groups", admin), {name: "Duplicate Test", path: group2.path}
89 response.status.should == 404
92 it "should return 400 bad request error if name not given" do
93 post api("/groups", admin), { path: group2.path }
94 response.status.should == 400
97 it "should return 400 bad request error if path not given" do
98 post api("/groups", admin), { name: 'test' }
99 response.status.should == 400
104 describe "POST /groups/:id/projects/:project_id" do
105 let(:project) { create(:project) }
107 project.stub!(:transfer).and_return(true)
108 Project.stub(:find).and_return(project)
112 context "when authenticated as user" do
113 it "should not transfer project to group" do
114 post api("/groups/#{group1.id}/projects/#{project.id}", user2)
115 response.status.should == 403
119 context "when authenticated as admin" do
120 it "should transfer project to group" do
121 project.should_receive(:transfer)
122 post api("/groups/#{group1.id}/projects/#{project.id}", admin)