diff options
| author | Vlatka Pavisic | 2017-03-22 15:34:05 +0100 |
|---|---|---|
| committer | Vlatka Pavisic | 2017-03-22 15:34:11 +0100 |
| commit | b9b8abc826fb542c1b4f65a796e2381f56cfe411 (patch) | |
| tree | b2e0d099f5da61f900275f3407d1bf3eee675218 | |
| parent | af71d3fbbf93cb4da1d2ebd1a1b705019f6cddb5 (diff) | |
| download | chouette-core-b9b8abc826fb542c1b4f65a796e2381f56cfe411.tar.bz2 | |
Refs #2902 : Referential#(un)archive policy check
| -rw-r--r-- | app/policies/referential_policy.rb | 9 | ||||
| -rw-r--r-- | spec/controllers/referentials_controller_spec.rb | 19 | ||||
| -rw-r--r-- | spec/support/devise.rb | 10 |
3 files changed, 33 insertions, 5 deletions
diff --git a/app/policies/referential_policy.rb b/app/policies/referential_policy.rb index 074aaec8b..1175ba5c6 100644 --- a/app/policies/referential_policy.rb +++ b/app/policies/referential_policy.rb @@ -17,8 +17,13 @@ class ReferentialPolicy < ApplicationPolicy edit? && !record.archived? end - def new? ; create? end - def destroy? ; edit? end + def archive? + edit? + end + + def unarchive? ; archive? end + def new? ; create? end + def destroy? ; edit? end end diff --git a/spec/controllers/referentials_controller_spec.rb b/spec/controllers/referentials_controller_spec.rb index 442a10bbd..1b4533fca 100644 --- a/spec/controllers/referentials_controller_spec.rb +++ b/spec/controllers/referentials_controller_spec.rb @@ -4,4 +4,23 @@ describe ReferentialsController, :type => :controller do login_user + let(:referential) { Referential.first } + let(:organisation) { create :organisation } + let(:other_referential) { create :referential, organisation: organisation } + + describe 'PUT archive' do + context "user's organisation matches referential's organisation" do + it 'returns http success' do + put :archive, id: referential.id + expect(response).to have_http_status(302) + end + end + + context "user's organisation doesn't match referential's organisation" do + it 'raises a ActiveRecord::RecordNotFound' do + expect { put :archive, id: other_referential.id }.to raise_error(ActiveRecord::RecordNotFound) + end + end + end + end diff --git a/spec/support/devise.rb b/spec/support/devise.rb index f692edab8..0e3ceefac 100644 --- a/spec/support/devise.rb +++ b/spec/support/devise.rb @@ -39,9 +39,13 @@ module DeviseControllerHelper before(:each) do @request.env["devise.mapping"] = Devise.mappings[:user] organisation = Organisation.where(:code => "first").first_or_create(attributes_for(:organisation)) - user = create(:user, :organisation => organisation, - :permissions => ['routes.create', 'routes.edit', 'routes.destroy', 'journey_patterns.create', 'journey_patterns.edit', 'journey_patterns.destroy']) - sign_in user + @user = create(:user, :organisation => organisation, + :permissions => ['routes.create', 'routes.edit', 'routes.destroy', 'journey_patterns.create', 'journey_patterns.edit', 'journey_patterns.destroy', + 'vehicle_journeys.create', 'vehicle_journeys.edit', 'vehicle_journeys.destroy', 'time_tables.create', 'time_tables.edit', 'time_tables.destroy', + 'footnotes.edit', 'footnotes.create', 'footnotes.destroy', 'routing_constraint_zones.create', 'routing_constraint_zones.edit', 'routing_constraint_zones.destroy', + 'access_points.create', 'access_points.edit', 'access_points.destroy', 'access_links.create', 'access_links.edit', 'access_links.destroy', + 'connection_links.create', 'connection_links.edit', 'connection_links.destroy', 'route_sections.create', 'route_sections.edit', 'route_sections.destroy']) + sign_in @user end end end |