diff options
| author | Robert | 2017-09-13 10:28:18 +0200 |
|---|---|---|
| committer | Robert | 2017-09-26 17:05:10 +0200 |
| commit | 353780bc16bb4377cc1eac3c3d677611a9bb6ec7 (patch) | |
| tree | c64325b43aa6845d77d4c50a9a6c401e7b62ccf9 | |
| parent | c6de5d6c2e67313e3f36f9b7c2014d1ab7f6c19d (diff) | |
| download | chouette-core-353780bc16bb4377cc1eac3c3d677611a9bb6ec7.tar.bz2 | |
Fixes: #4440@0.5h;
Added Controller Spec
Fixed Older Specs
| -rw-r--r-- | spec/controllers/imports_controller_spec.rb | 9 | ||||
| -rw-r--r-- | spec/policies/referential_policy_spec.rb | 8 | ||||
| -rw-r--r-- | spec/support/permissions.rb | 3 | ||||
| -rw-r--r-- | spec/support/pundit/policies.rb | 17 | ||||
| -rw-r--r-- | spec/support/pundit/shared_examples.rb | 8 |
5 files changed, 27 insertions, 18 deletions
diff --git a/spec/controllers/imports_controller_spec.rb b/spec/controllers/imports_controller_spec.rb index f07190496..22be9f6ed 100644 --- a/spec/controllers/imports_controller_spec.rb +++ b/spec/controllers/imports_controller_spec.rb @@ -5,10 +5,16 @@ RSpec.describe ImportsController, :type => :controller do let(:import) { create :import, workbench: workbench } describe 'GET #new' do - it 'should be successful' do + it 'should be successful if authorized' do get :new, workbench_id: workbench.id expect(response).to be_success end + + it 'should be unsuccessful unless authorized' do + remove_permissions('imports.create', from_user: @user, save: true) + get :new, workbench_id: workbench.id + expect(response).not_to be_success + end end describe 'GET #download' do @@ -18,4 +24,5 @@ RSpec.describe ImportsController, :type => :controller do expect( response.body ).to eq(import.file.read) end end + end diff --git a/spec/policies/referential_policy_spec.rb b/spec/policies/referential_policy_spec.rb index 69d0eb17b..d00415fc6 100644 --- a/spec/policies/referential_policy_spec.rb +++ b/spec/policies/referential_policy_spec.rb @@ -9,7 +9,7 @@ RSpec.describe ReferentialPolicy, type: :policy do permissions :create? do it 'permissions present → allowed' do - add_permissions('referentials.create', for_user: user) + add_permissions('referentials.create', to_user: user) expect_it.to permit(user_context, record) end it 'permissions absent → forbidden' do @@ -19,7 +19,7 @@ RSpec.describe ReferentialPolicy, type: :policy do permissions :new? do it 'permissions present → allowed' do - add_permissions('referentials.create', for_user: user) + add_permissions('referentials.create', to_user: user) expect_it.to permit(user_context, record) end it 'permissions absent → forbidden' do @@ -53,7 +53,7 @@ RSpec.describe ReferentialPolicy, type: :policy do context 'permission present →' do before do - add_permissions('referentials.update', for_user: user) + add_permissions('referentials.update', to_user: user) end context 'same organisation →' do @@ -108,7 +108,7 @@ RSpec.describe ReferentialPolicy, type: :policy do context 'permission present →' do before do - add_permissions('referentials.update', for_user: user) + add_permissions('referentials.update', to_user: user) end context 'same organisation →' do diff --git a/spec/support/permissions.rb b/spec/support/permissions.rb index baf537da8..13666aca3 100644 --- a/spec/support/permissions.rb +++ b/spec/support/permissions.rb @@ -8,7 +8,7 @@ module Support private def _destructive_permissions - _permitted_resources.product( %w{create destroy import update} ).map{ |model_action| model_action.join('.') } + _permitted_resources.product( %w{create destroy update} ).map{ |model_action| model_action.join('.') } end def _permitted_resources @@ -18,6 +18,7 @@ module Support connection_links calendars footnotes + imports journey_patterns referentials routes diff --git a/spec/support/pundit/policies.rb b/spec/support/pundit/policies.rb index d5bb63243..a3489d9db 100644 --- a/spec/support/pundit/policies.rb +++ b/spec/support/pundit/policies.rb @@ -3,18 +3,18 @@ require 'pundit/rspec' module Support module Pundit module Policies - def add_permissions(*permissions, for_user:) - for_user.permissions ||= [] - for_user.permissions += permissions.flatten + def add_permissions(*permissions, to_user:) + to_user.permissions ||= [] + to_user.permissions += permissions.flatten end def create_user_context(user:, referential:) UserContext.new(user, referential: referential) end - def add_permissions(*permissions, for_user:) - for_user.permissions ||= [] - for_user.permissions += permissions.flatten + def remove_permissions(*permissions, from_user:, save: false) + from_user.permissions -= permissions.flatten + from_user.save! if save end end @@ -30,7 +30,7 @@ module Support end def with_user_permission(permission, &blk) it "with user permission #{permission.inspect}" do - add_permissions(permission, for_user: user) + add_permissions(permission, to_user: user) blk.() end end @@ -41,7 +41,7 @@ module Support perms, options = permissions.partition{|x| String === x} context "with permissions #{perms.inspect}...", *options do before do - add_permissions(*permissions, for_user: @user) + add_permissions(*permissions, to_user: @user) end instance_eval(&blk) end @@ -51,6 +51,7 @@ module Support end RSpec.configure do | c | + c.include Support::Pundit::Policies, type: :controller c.include Support::Pundit::Policies, type: :policy c.extend Support::Pundit::PoliciesMacros, type: :policy c.include Support::Pundit::Policies, type: :feature diff --git a/spec/support/pundit/shared_examples.rb b/spec/support/pundit/shared_examples.rb index 63a106759..49c6845da 100644 --- a/spec/support/pundit/shared_examples.rb +++ b/spec/support/pundit/shared_examples.rb @@ -18,7 +18,7 @@ RSpec.shared_examples 'always allowed' do context 'different organisations →' do before do - add_permissions(permission, for_user: user) + add_permissions(permission, to_user: user) end it "allows a user with a different organisation" do expect_it.to permit(user_context, record) @@ -51,7 +51,7 @@ RSpec.shared_examples 'always forbidden' do context 'different organisations →' do before do - add_permissions(permission, for_user: user) + add_permissions(permission, to_user: user) end it "denies a user with a different organisation" do expect_it.not_to permit(user_context, record) @@ -80,7 +80,7 @@ RSpec.shared_examples 'permitted policy and same organisation' do context 'permission present → ' do before do - add_permissions(permission, for_user: user) + add_permissions(permission, to_user: user) end it 'denies a user with a different organisation' do @@ -113,7 +113,7 @@ RSpec.shared_examples 'permitted policy' do context 'permission present → ' do before do - add_permissions(permission, for_user: user) + add_permissions(permission, to_user: user) end it 'allows user' do |