diff options
| -rw-r--r-- | app/policies/api_key_policy.rb | 2 | ||||
| -rw-r--r-- | lib/stif/permission_translator.rb | 15 | ||||
| -rw-r--r-- | spec/lib/stif/netex_file_spec.rb | 2 | ||||
| -rw-r--r-- | spec/lib/stif/permission_translator_spec.rb | 1 | ||||
| -rw-r--r-- | spec/policies/api_key_policy_spec.rb | 12 |
5 files changed, 15 insertions, 17 deletions
diff --git a/app/policies/api_key_policy.rb b/app/policies/api_key_policy.rb index bc5c9e433..7b4c22e33 100644 --- a/app/policies/api_key_policy.rb +++ b/app/policies/api_key_policy.rb @@ -10,7 +10,7 @@ class ApiKeyPolicy < ApplicationPolicy end def create? - user.has_permission?('api_keys.create') + organisation_match? && user.has_permission?('api_keys.create') end def update? diff --git a/lib/stif/permission_translator.rb b/lib/stif/permission_translator.rb index 47ab2840f..d82e1c6b0 100644 --- a/lib/stif/permission_translator.rb +++ b/lib/stif/permission_translator.rb @@ -16,14 +16,15 @@ module Stif def all_resources %w[ + api_keys access_points - connection_links calendars - footnotes - journey_patterns - referentials routes routing_constraint_zones - time_tables - vehicle_journeys - api_keys + connection_links calendars + footnotes + journey_patterns + referentials routes routing_constraint_zones + time_tables + vehicle_journeys + api_keys ] end diff --git a/spec/lib/stif/netex_file_spec.rb b/spec/lib/stif/netex_file_spec.rb index d84807fe5..ef69b994c 100644 --- a/spec/lib/stif/netex_file_spec.rb +++ b/spec/lib/stif/netex_file_spec.rb @@ -1,5 +1,3 @@ -require "rails_helper" - RSpec.describe STIF::NetexFile do let( :zip_file ){ fixtures_path 'OFFRE_TRANSDEV_2017030112251.zip' } diff --git a/spec/lib/stif/permission_translator_spec.rb b/spec/lib/stif/permission_translator_spec.rb index 9675382e6..652dd2de2 100644 --- a/spec/lib/stif/permission_translator_spec.rb +++ b/spec/lib/stif/permission_translator_spec.rb @@ -1,4 +1,3 @@ -# coding: utf-8 RSpec.describe Stif::PermissionTranslator do context "No SSO Permissions" do diff --git a/spec/policies/api_key_policy_spec.rb b/spec/policies/api_key_policy_spec.rb index f9ef9916e..4c01ea520 100644 --- a/spec/policies/api_key_policy_spec.rb +++ b/spec/policies/api_key_policy_spec.rb @@ -5,23 +5,23 @@ RSpec.describe ApiKeyPolicy do subject { described_class } - permissions ".scope" do - pending "add some examples to (or delete) #{__FILE__}" + permissions :index? do + it_behaves_like 'always allowed' end permissions :show? do - pending "add some examples to (or delete) #{__FILE__}" + it_behaves_like 'always allowed' end permissions :create? do - pending "add some examples to (or delete) #{__FILE__}" + it_behaves_like 'permitted policy and same organisation', 'api_keys.create' end permissions :update? do - pending "add some examples to (or delete) #{__FILE__}" + it_behaves_like 'permitted policy and same organisation', 'api_keys.update' end permissions :destroy? do - pending "add some examples to (or delete) #{__FILE__}" + it_behaves_like 'permitted policy and same organisation', 'api_keys.destroy' end end |