diff options
| author | Robert | 2017-05-23 12:49:39 +0200 |
|---|---|---|
| committer | Robert | 2017-05-23 18:10:10 +0200 |
| commit | 49e8c9b65f953bf725a39193797266ac4ac717f1 (patch) | |
| tree | 331b5c6794b4260b70cb91d360168f21e0e8f293 /spec/policies | |
| parent | 9b3961f69fd35105ded3b5a8f7d0055dc7443b82 (diff) | |
| download | chouette-core-49e8c9b65f953bf725a39193797266ac4ac717f1.tar.bz2 | |
Refs: #3383; boiv intermediate policy speced and implmntd
- Policy spex specific support code moved to spec/support/pundit
- Shared Xample group for policies permitting access depening on one specific permission and organisation_match
Diffstat (limited to 'spec/policies')
| -rw-r--r-- | spec/policies/application_policy_spec.rb | 31 | ||||
| -rw-r--r-- | spec/policies/boiv_policy_spec.rb | 16 | ||||
| -rw-r--r-- | spec/policies/time_table_policy_spec.rb | 23 |
3 files changed, 18 insertions, 52 deletions
diff --git a/spec/policies/application_policy_spec.rb b/spec/policies/application_policy_spec.rb index 4433e18b8..a7234461e 100644 --- a/spec/policies/application_policy_spec.rb +++ b/spec/policies/application_policy_spec.rb @@ -1,11 +1,5 @@ RSpec.describe ApplicationPolicy, type: :policy do - let( :user_context ) { create_user_context(user: user, referential: referential) } - let( :referentail ) { create :referential } - let( :user ) { create :user } - - subject { described_class } - permissions :organisation_match? do it "denies a user with a different organisation" do @@ -18,29 +12,4 @@ RSpec.describe ApplicationPolicy, type: :policy do end end - permissions :boiv_read_offer? do - - context "user of a different organisation → " do - it "denies a user with a different organisation" do - expect_it.not_to permit(user_context, referential) - end - it "even if she has the permisson" do - add_permissions('boiv:read-offer', for_user: user) - expect_it.not_to permit(user_context, referential) - end - end - - context "user of the same organisation → " do - before do - user.update_attribute :organisation, referential.organisation - end - it "denies if permission absent" do - expect_it.not_to permit(user_context, referential) - end - it "allows if permission present" do - add_permissions('boiv:read-offer', for_user: user) - expect_it.to permit(user_context, referential) - end - end - end end diff --git a/spec/policies/boiv_policy_spec.rb b/spec/policies/boiv_policy_spec.rb new file mode 100644 index 000000000..3af82ddfe --- /dev/null +++ b/spec/policies/boiv_policy_spec.rb @@ -0,0 +1,16 @@ +RSpec.describe BoivPolicy, type: :policy do + + + permissions :index? do + it_behaves_like 'permitted and same organisation', 'boiv:read-offer' + end + + permissions :boiv_read_offer? do + it_behaves_like 'permitted and same organisation', 'boiv:read-offer' + end + + permissions :show? do + it_behaves_like 'permitted and same organisation', 'boiv:read-offer' + end + +end diff --git a/spec/policies/time_table_policy_spec.rb b/spec/policies/time_table_policy_spec.rb index 63bd316e4..48beea75d 100644 --- a/spec/policies/time_table_policy_spec.rb +++ b/spec/policies/time_table_policy_spec.rb @@ -1,26 +1,7 @@ RSpec.describe TimeTablePolicy, type: :policy do permissions :duplicate? do - context "user of a different organisation" do - it "is denied" do - expect_it.not_to permit(user_context, referential) - end - it "even if she has the time_tables.create permission" do - add_permissions 'time_tables.create', for_user: user - expect_it.not_to permit(user_context, referential) - end - end - context "user of the same organisation" do - before do - user.update_attribute :organisation, referential.organisation - end - it "is denied" do - expect_it.not_to permit(user_context, referential) - end - it "unless she has the time_tables.create permission" do - add_permissions 'time_tables.create', for_user: user - expect_it.to permit(user_context, referential) - end - end + it_behaves_like 'permitted and same organisation', 'time_tables.create' end + end |