fixes specs and makes stats for admins eyes only

2015-08-17 22:00:54 +02:00
parent 7582d53f50
commit 862a239d87
4 changed files with 25 additions and 10 deletions
--- a/app/controllers/api/api_controller.rb
+++ b/app/controllers/api/api_controller.rb
@@ -1,4 +1,13 @@
 class Api::ApiController < ApplicationController
  before_action :authenticate_user!
  protect_from_forgery with: :null_session
+
+  skip_authorization_check
+  before_action :verify_administrator
+
+  private
+
+    def verify_administrator
+      raise CanCan::AccessDenied unless current_user.try(:administrator?)
+    end
 end
--- a/spec/controllers/api/stats_controller_spec.rb
+++ b/spec/controllers/api/stats_controller_spec.rb
@@ -2,16 +2,14 @@ require 'rails_helper'

 describe Api::StatsController do

-  # GET index
-  #----------------------------------------------------------------------
-
  describe 'GET index' do
-    let(:user) { create :user }
+    let(:user) { create(:administrator).user }

    context 'events or visits not present' do
      it 'should respond with bad_request' do
        sign_in user
        get :show
+
        expect(response).to_not be_ok
        expect(response.status).to eq 400
      end
--- a/spec/controllers/debates_controller_spec.rb
+++ b/spec/controllers/debates_controller_spec.rb
@@ -2,15 +2,22 @@ require 'rails_helper'

 describe DebatesController do

-  # create
-  #----------------------------------------------------------------------
+  before(:all) do
+    @original_captcha_pass_value = SimpleCaptcha.always_pass
+    SimpleCaptcha.always_pass = true
+  end
+
+  after(:all) do
+    SimpleCaptcha.always_pass = @original_captcha_pass_value
+  end

  describe 'POST create' do
-    let(:user) { create :user }

    it 'should create an ahoy event' do
-      sign_in user
-      post :create, debate: { title: 'foo', description: 'foo bar', terms_of_service: 1  }
+
+      sign_in create(:user)
+
+      post :create, debate: { title: 'foo', description: 'foo bar', terms_of_service: 1 }
      expect(Ahoy::Event.where(name: :debate_created).count).to eq 1
      expect(Ahoy::Event.last.properties['debate_id']).to eq Debate.last.id
    end
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -1,6 +1,7 @@
 require 'factory_girl_rails'
 require 'database_cleaner'
-require "email_spec"
+require 'email_spec'
+require 'devise'
 Dir["./spec/support/**/*.rb"].sort.each { |f| require f }

 RSpec.configure do |config|