aboutsummaryrefslogtreecommitdiffstats
path: root/spec/lib/stif/permission_translator_spec.rb
blob: 9771af187ca3c1cc0bc1087b19624fb790ceec25 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61

# coding: utf-8
RSpec.describe Stif::PermissionTranslator do

  context "No SSO Permissions" do
    it { expect(described_class.translate([])).to be_empty  }
  end

  context "SSO Permission boiv:read-offer →" do

    it "sessions.create only" do
      expect( described_class.translate(%w{boiv:read-offer}) ).to eq(%w{sessions.create})
    end

  end

  context "SSO Permission boiv:edit-offer →" do

    it "all permissions" do
      expect( described_class.translate(%w{boiv:edit-offer}) ).to match_array(Support::Permissions.all_permissions)
    end

    it "all permissions, no doubletons" do
      expect( described_class.translate(%w{boiv:edit-offer boiv:read-offer}) ).to match_array(Support::Permissions.all_permissions)
    end

    it "all permissions, input order agnostic" do
      expect( described_class.translate(%w{boiv:read-offer boiv:edit-offer}) ).to match_array(Support::Permissions.all_permissions)
    end
  end

  context "SSO Permission ignores garbage (no injection) →" do
    it "remains empty" do
      expect( described_class.translate(%w{referentials.create}) ).to be_empty
    end

    it "remains at boiv:read-offer level" do
      expect( described_class.translate(%w{referentials.create boiv:read-offer calendars.delete}) ).to eq(%w{sessions.create})
    end

    it "does not add garbage or doubletons for boiv:edit-offer level" do
      expect(
        described_class.translate(%w{xxx boiv:read-offer lines.delete boiv:edit-offer footnotes.update})
      ).to match_array(Support::Permissions.all_permissions)
    end
  end

  context "For the STIF organisation" do
    let(:organisation){ build_stubbed :organisation, name: "STIF" }
    let(:permissions){ %w{calendars.share stop_area_referentials.synchronize line_referentials.synchronize}.sort }
    it "adds the STIF permission" do
      expect(described_class.translate([], organisation).sort).to eq permissions
    end

    context "with the case changed" do
      let(:organisation){ build_stubbed :organisation, name: "StiF" }
      it "adds the STIF permission" do
        expect(described_class.translate([], organisation).sort).to eq permissions
      end
    end
  end
end
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-02 05:44:51 +0000