require_relative '../../spec_helper' require_relative '../../../services/data-repository/backend/sequel' require_relative '../../../app/models/visualization/member' require_relative '../../../services/data-repository/repository' require_relative '../../factories/organizations_contexts' include CartoDB describe Visualization::Member do include_context 'organization with users helper' before(:each) do bypass_named_maps end describe 'sharing tables and visualizations' do it 'should give read permission to table aka canonical visualization' do owner_table = create_table(@org_user_owner) carto_canonical_vis = owner_table.table_visualization canonical_vis = CartoDB::Visualization::Member.new(id: carto_canonical_vis.id).fetch canonical_vis.has_permission?(@org_user_owner, CartoDB::Visualization::Member::PERMISSION_READONLY).should eq true canonical_vis.has_permission?(@org_user_1, CartoDB::Visualization::Member::PERMISSION_READONLY).should eq false give_permission(canonical_vis, @org_user_1, CartoDB::Permission::ACCESS_READONLY) canonical_vis.has_permission?(@org_user_1, CartoDB::Visualization::Member::PERMISSION_READONLY).should eq true end it 'other user should not have permission until given' do owner_table = create_table(@org_user_owner) carto_vis = create_vis_from_table(owner_table.table_visualization.user, owner_table) vis = CartoDB::Visualization::Member.new(id: carto_vis.id).fetch vis.has_permission?(@org_user_owner, CartoDB::Visualization::Member::PERMISSION_READONLY).should eq true vis.has_permission?(@org_user_1, CartoDB::Visualization::Member::PERMISSION_READONLY).should eq false give_permission(vis, @org_user_1, CartoDB::Visualization::Member::PERMISSION_READONLY) vis.has_permission?(@org_user_1, CartoDB::Visualization::Member::PERMISSION_READONLY).should eq true end it 'other user will not get permission in private table when the table owners adds it to the visualization' do owner_table = create_table(@org_user_owner) carto_vis = create_vis_from_table(owner_table.table_visualization.user, owner_table) vis = CartoDB::Visualization::Member.new(id: carto_vis.id).fetch give_permission(vis, @org_user_1, CartoDB::Visualization::Member::PERMISSION_READONLY) vis.has_permission?(@org_user_1, CartoDB::Visualization::Member::PERMISSION_READONLY).should eq true other_table = create_table(@org_user_owner) other_vis = CartoDB::Visualization::Member.new(id: other_table.table_visualization.id).fetch add_layer_from_table(vis, other_table) vis.has_permission?(@org_user_1, CartoDB::Visualization::Member::PERMISSION_READONLY).should eq true other_vis.has_permission?(@org_user_1, CartoDB::Visualization::Member::PERMISSION_READONLY).should eq false end it 'should not remove access to visualization if table privacy is changed to private' do owner_table = create_table(@org_user_owner) carto_canonical_vis = owner_table.table_visualization canonical_vis = CartoDB::Visualization::Member.new(id: carto_canonical_vis.id).fetch carto_vis = create_vis_from_table(owner_table.table_visualization.user, owner_table) vis = CartoDB::Visualization::Member.new(id: carto_vis.id).fetch give_permission(vis, @org_user_1, CartoDB::Visualization::Member::PERMISSION_READONLY) # removes access to table canonical_vis.permission.clear canonical_vis.has_permission?(@org_user_1, CartoDB::Visualization::Member::PERMISSION_READONLY).should eq false vis.has_permission?(@org_user_1, CartoDB::Visualization::Member::PERMISSION_READONLY).should eq true end end private def add_layer_from_table(vis, table) layer = Layer.create(layer_params(table).slice(:kind, :options, :infowindow, :tooltip, :order)) vis.map.add_layer(layer) layer.register_table_dependencies vis.map.process_privacy_in(layer) end def create_vis_from_table(user, table) blender = Visualization::TableBlender.new(user, [table]) map = blender.blend vis = Visualization::Member.new( name: 'wadus_vis', map_id: map.id, type: Visualization::Member::TYPE_DERIVED, privacy: blender.blended_privacy, user_id: user.id ) vis.store vis end def give_permission(vis, user, access) per = vis.permission per.set_user_permission(user, access) per.save per.reload end # @return [CartoDB::Visualization::Member] def create_table(user) table = Table.new table.user_id = user.id table.name = 'wadus_table_' + UUIDTools::UUID.timestamp_create.to_s table.save table.reload # table = create_table(user_id: user.id, name: 'wadus_table') table.table_visualization.type.should eq Visualization::Member::TYPE_CANONICAL table end def layer_params(table) { :kind => "carto", :options => { :attribution => 'CartoDB', :type => 'CartoDB', :active => true, :query => '', :opacity => 0.99, :interactivity => 'cartodb_id', :interaction => true, :debug => false, :tiler_domain => 'localhost.lan', :tiler_port => '8181', :tiler_protocol => 'http', :sql_api_domain => 'localhost.lan', :sql_api_port => 8080, :sql_api_protocol => 'http', :extra_params => { :cache_policy => 'persist', :cache_buster => 1404930437358 }, :maxZoom => 28, :auto_bound => false, :visible => true, :sql_domain => 'localhost.lan', :sql_port => '80', :sql_protocol => 'http', :tile_style_history => ["##{table.name}{ line-color: #FF6600; line-width: 2; line-opacity: 0.7; }"], :style_version => '2.1.1', :table_name => table.name, :user_name => 'foo', :tile_style => "##{table.name}{ line-color: #FF6600; line-width: 2; line-opacity: 0.7; }", :use_server_style => true, :query_history => [], :wizard_properties => { :type => 'polygon', :properties => { 'line-width' => 2, 'line-color' => '#FF6600', 'line-opacity' => 0.7, 'line-comp-op' => 'none', 'text-name' => 'None', 'text-face-name' => 'DejaVu Sans Book', 'text-size' => 10, 'text-fill' => '#000', 'text-halo-fill' => '#FFF', 'text-halo-radius' => 1, 'text-dy' => -10, 'text-allow-overlap' => true, 'text-placement-type' => 'dummy', 'text-label-position-tolerance' => 0, 'text-placement' => 'point', 'geometry_type' => 'line' } }, :tile_style_custom => false, :query_wrapper => nil, :query_generated => false, :order => 2, :stat_tag => table.id, :sql_api_endpoint => '/api/v1/sql', :no_cdn => true, :force_cors => true }, :infowindow => { :template_name => 'table/views/infowindow_light', :fields => [] }, :tooltip => { :fields => [] }, :order => 2 } end end