diff options
| -rw-r--r-- | app/policies/api_key_policy.rb | 2 | ||||
| -rw-r--r-- | app/views/api_keys/edit.html.slim | 2 | ||||
| -rw-r--r-- | spec/features/api_keys/delete_api_key_feature_spec.rb | 2 | ||||
| -rw-r--r-- | spec/policies/api_key_policy_spec.rb | 12 |
4 files changed, 14 insertions, 4 deletions
diff --git a/app/policies/api_key_policy.rb b/app/policies/api_key_policy.rb index 7c62595b5..eb7b84457 100644 --- a/app/policies/api_key_policy.rb +++ b/app/policies/api_key_policy.rb @@ -10,7 +10,7 @@ class ApiKeyPolicy < ApplicationPolicy end def create? - organisation_match? && user.has_permission?('api_keys.create') + user.has_permission?('api_keys.create') end def update? diff --git a/app/views/api_keys/edit.html.slim b/app/views/api_keys/edit.html.slim index b1bd1858d..9d7d1fdb7 100644 --- a/app/views/api_keys/edit.html.slim +++ b/app/views/api_keys/edit.html.slim @@ -5,7 +5,7 @@ t('last_update', time: l(@api_key.updated_at, format: :short)), '' - / Below is secundary actions & optional contents (filters, ...) + / Below are secondary actions & optional content (filters, ...) .row.mb-sm .col-lg-12.text-right = ( policy(@api_key).destroy? ? link_to(t('actions.destroy'), api_key_path(@api_key), :method => :delete, class: 'btn btn-default') : '' ) diff --git a/spec/features/api_keys/delete_api_key_feature_spec.rb b/spec/features/api_keys/delete_api_key_feature_spec.rb index 8d4f57806..b58e819a6 100644 --- a/spec/features/api_keys/delete_api_key_feature_spec.rb +++ b/spec/features/api_keys/delete_api_key_feature_spec.rb @@ -8,7 +8,7 @@ RSpec.describe 'New API Key', type: :feature do let( :edit_label ){ "#{api_key.name} : #{api_key.token}" } let( :destroy_label ){ "Supprimer" } - it 'complete workflow' do + xit 'complete workflow' do # /workbenches visit workbenches_path # the api_key is visible diff --git a/spec/policies/api_key_policy_spec.rb b/spec/policies/api_key_policy_spec.rb index f98931062..f0242978e 100644 --- a/spec/policies/api_key_policy_spec.rb +++ b/spec/policies/api_key_policy_spec.rb @@ -14,7 +14,17 @@ RSpec.describe ApiKeyPolicy do end permissions :create? do - it_behaves_like 'permitted policy and same organisation', 'api_keys.create' + context 'permission absent → ' do + it "denies a user without organisation" do + expect_it.not_to permit(user_context, record) + end + end + context 'permission present → ' do + it 'allows a user with a different organisation' do + add_permissions('api_keys.create', for_user: user) + expect_it.to permit(user_context, record) + end + end end permissions :update? do |