aboutsummaryrefslogtreecommitdiffstats
path: root/spec/policies
diff options
context:
space:
mode:
Diffstat (limited to 'spec/policies')
-rw-r--r--spec/policies/application_policy_spec.rb33
1 files changed, 30 insertions, 3 deletions
diff --git a/spec/policies/application_policy_spec.rb b/spec/policies/application_policy_spec.rb
index d7e8e5e27..c6e5b89bf 100644
--- a/spec/policies/application_policy_spec.rb
+++ b/spec/policies/application_policy_spec.rb
@@ -1,11 +1,12 @@
RSpec.describe ApplicationPolicy, type: :policy do
+ let( :user_context ) { create_user_context(user: user, referential: referential) }
+ let( :referentail ) { create :referential }
+ let( :user ) { create :user }
+
subject { described_class }
permissions :organisation_match? do
- let( :user_context ) { create_user_context(user: user, referential: referential) }
- let( :referentail ) { create :referential }
- let( :user ) { create :user }
it "denies a user with a different organisation" do
expect_it.not_to permit(user_context, referential)
@@ -16,4 +17,30 @@ RSpec.describe ApplicationPolicy, type: :policy do
expect_it.to permit(user_context, referential)
end
end
+
+ permissions :boiv_read_offer? do
+
+ context "user of a different organisation → " do
+ it "denies a user with a different organisation" do
+ expect_it.not_to permit(user_context, referential)
+ end
+ it "even if she has the permisson" do
+ add_permissions('boiv:read_offer', for_user: user)
+ expect_it.not_to permit(user_context, referential)
+ end
+ end
+
+ context "user of the same organisation → " do
+ before do
+ user.update_attribute :organisation, referential.organisation
+ end
+ it "denies if permission absent" do
+ expect_it.not_to permit(user_context, referential)
+ end
+ it "allows if permission present" do
+ add_permissions('boiv:read_offer', for_user: user)
+ expect_it.to permit(user_context, referential)
+ end
+ end
+ end
end
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-02 00:55:07 +0000