diff options
| -rw-r--r-- | app/policies/api_key_policy.rb | 2 | ||||
| -rw-r--r-- | lib/stif/permission_translator.rb | 1 | ||||
| -rw-r--r-- | spec/lib/stif/netex_file_spec.rb | 2 | ||||
| -rw-r--r-- | spec/policies/api_key_policy_spec.rb | 17 |
4 files changed, 10 insertions, 12 deletions
diff --git a/app/policies/api_key_policy.rb b/app/policies/api_key_policy.rb index eb7b84457..7c62595b5 100644 --- a/app/policies/api_key_policy.rb +++ b/app/policies/api_key_policy.rb @@ -10,7 +10,7 @@ class ApiKeyPolicy < ApplicationPolicy end def create? - user.has_permission?('api_keys.create') + organisation_match? && user.has_permission?('api_keys.create') end def update? diff --git a/lib/stif/permission_translator.rb b/lib/stif/permission_translator.rb index 3b38a5149..e780f4ba2 100644 --- a/lib/stif/permission_translator.rb +++ b/lib/stif/permission_translator.rb @@ -23,6 +23,7 @@ module Stif referentials routes routing_constraint_zones time_tables vehicle_journeys + api_keys ] end diff --git a/spec/lib/stif/netex_file_spec.rb b/spec/lib/stif/netex_file_spec.rb index d84807fe5..ef69b994c 100644 --- a/spec/lib/stif/netex_file_spec.rb +++ b/spec/lib/stif/netex_file_spec.rb @@ -1,5 +1,3 @@ -require "rails_helper" - RSpec.describe STIF::NetexFile do let( :zip_file ){ fixtures_path 'OFFRE_TRANSDEV_2017030112251.zip' } diff --git a/spec/policies/api_key_policy_spec.rb b/spec/policies/api_key_policy_spec.rb index 5b9d59fa3..4c01ea520 100644 --- a/spec/policies/api_key_policy_spec.rb +++ b/spec/policies/api_key_policy_spec.rb @@ -1,28 +1,27 @@ -require 'rails_helper' - RSpec.describe ApiKeyPolicy do - let(:user) { User.new } + let( :record ){ build_stubbed :api_key } + before { stub_policy_scope(record) } subject { described_class } - permissions ".scope" do - pending "add some examples to (or delete) #{__FILE__}" + permissions :index? do + it_behaves_like 'always allowed' end permissions :show? do - pending "add some examples to (or delete) #{__FILE__}" + it_behaves_like 'always allowed' end permissions :create? do - pending "add some examples to (or delete) #{__FILE__}" + it_behaves_like 'permitted policy and same organisation', 'api_keys.create' end permissions :update? do - pending "add some examples to (or delete) #{__FILE__}" + it_behaves_like 'permitted policy and same organisation', 'api_keys.update' end permissions :destroy? do - pending "add some examples to (or delete) #{__FILE__}" + it_behaves_like 'permitted policy and same organisation', 'api_keys.destroy' end end |