diff options
| -rw-r--r-- | app/policies/boiv_policy.rb | 1 | ||||
| -rw-r--r-- | app/policies/line_policy.rb | 2 | ||||
| -rw-r--r-- | app/policies/route_policy.rb | 3 | ||||
| -rw-r--r-- | app/policies/time_table_policy.rb | 1 | ||||
| -rw-r--r-- | spec/policies/route_policy_spec.rb | 22 | ||||
| -rw-r--r-- | spec/support/pundit/shared_examples.rb | 22 |
6 files changed, 38 insertions, 13 deletions
diff --git a/app/policies/boiv_policy.rb b/app/policies/boiv_policy.rb index 7f7534813..4270dc686 100644 --- a/app/policies/boiv_policy.rb +++ b/app/policies/boiv_policy.rb @@ -1,3 +1,4 @@ +require_relative 'chain' class BoivPolicy < ApplicationPolicy def boiv_read_offer? diff --git a/app/policies/line_policy.rb b/app/policies/line_policy.rb index 68c373c1e..c3e0051c8 100644 --- a/app/policies/line_policy.rb +++ b/app/policies/line_policy.rb @@ -27,7 +27,7 @@ class LinePolicy < BoivPolicy end def destroy_footnote? - user.has_permission?('routes.destroy') + user.has_permission?('footnotes.destroy') end def update_footnote? ; edit_footnote? end diff --git a/app/policies/route_policy.rb b/app/policies/route_policy.rb index ff13d3163..dba3a27da 100644 --- a/app/policies/route_policy.rb +++ b/app/policies/route_policy.rb @@ -1,10 +1,13 @@ class RoutePolicy < BoivPolicy + extend Policies::Chain class Scope < Scope def resolve scope end end + chain_policies :archived?, :!, policies: %i{create? destroy? edit?} + def create? user.has_permission?('routes.create') # organisation match via referential is checked in the view end diff --git a/app/policies/time_table_policy.rb b/app/policies/time_table_policy.rb index 4b2bf0cd9..efab6ac00 100644 --- a/app/policies/time_table_policy.rb +++ b/app/policies/time_table_policy.rb @@ -1,4 +1,3 @@ -require_relative 'chain' class TimeTablePolicy < BoivPolicy extend Policies::Chain diff --git a/spec/policies/route_policy_spec.rb b/spec/policies/route_policy_spec.rb new file mode 100644 index 000000000..706ead3a3 --- /dev/null +++ b/spec/policies/route_policy_spec.rb @@ -0,0 +1,22 @@ +RSpec.describe RoutePolicy, type: :policy do + + permissions :create? do + it_behaves_like 'permitted policy', 'routes.create', restricted_ready: true + end + + permissions :destroy? do + it_behaves_like 'permitted policy and same organisation', 'routes.destroy', restricted_ready: true + end + + permissions :edit? do + it_behaves_like 'permitted policy and same organisation', 'routes.edit', restricted_ready: true + end + + permissions :new? do + it_behaves_like 'permitted policy', 'routes.create', restricted_ready: true + end + + permissions :update? do + it_behaves_like 'permitted policy and same organisation', 'routes.edit', restricted_ready: true + end +end diff --git a/spec/support/pundit/shared_examples.rb b/spec/support/pundit/shared_examples.rb index a5ee5f758..51a25ba7a 100644 --- a/spec/support/pundit/shared_examples.rb +++ b/spec/support/pundit/shared_examples.rb @@ -1,32 +1,32 @@ -RSpec.shared_examples "permitted policy and same organisation" do +RSpec.shared_examples 'permitted policy and same organisation' do | permission, restricted_ready: false| - context "permission absent → " do + context 'permission absent → ' do it "denies a user with a different organisation" do expect_it.not_to permit(user_context, referential) end - it "and also a user with the same organisation" do + it 'and also a user with the same organisation' do user.update_attribute :organisation, referential.organisation expect_it.not_to permit(user_context, referential) end end - context "permission present → " do + context 'permission present → ' do before do add_permissions(permission, for_user: user) end - it "denies a user with a different organisation" do + it 'denies a user with a different organisation' do expect_it.not_to permit(user_context, referential) end - it "but allows it for a user with the same organisation" do + it 'but allows it for a user with the same organisation' do user.update_attribute :organisation, referential.organisation expect_it.to permit(user_context, referential) end if restricted_ready - it "removes the permission for archived referentials" do + it 'removes the permission for archived referentials' do user.update_attribute :organisation, referential.organisation referential.update_attribute :ready, true expect_it.not_to permit(user_context, referential) @@ -37,21 +37,21 @@ end RSpec.shared_examples 'permitted policy' do | permission, restricted_ready: false| - context "permission absent → " do + context 'permission absent → ' do it "denies a user with a different organisation" do expect_it.not_to permit(user_context, referential) end end - context "permission present → " do + context 'permission present → ' do before do add_permissions(permission, for_user: user) end - it "allows a user with a different organisation" do + it 'allows a user with a different organisation' do expect_it.to permit(user_context, referential) end if restricted_ready - it "removes the permission for archived referentials" do + it 'removes the permission for archived referentials' do referential.update_attribute :ready, true expect_it.not_to permit(user_context, referential) end |