blob: 3638a05b23d58a796ee0fcb64df08b88c329c872 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
RSpec.describe ApiKeyPolicy do
let( :record ){ build_stubbed :api_key }
before { stub_policy_scope(record) }
subject { described_class }
permissions :index? do
it_behaves_like 'always allowed'
end
permissions :show? do
it_behaves_like 'always allowed'
end
permissions :create? do
context 'permission absent → ' do
it "denies a user without organisation" do
expect_it.not_to permit(user_context, record)
end
end
context 'permission present → ' do
it 'allows a user with a different organisation' do
add_permissions('api_keys.create', to_user: user)
expect_it.to permit(user_context, record)
end
end
end
permissions :update? do
context 'permission absent → ' do
it "denies a user with a different organisation" do
expect_it.not_to permit(user_context, record)
end
it 'and also a user with the same organisation' do
user.organisation_id = record.organisation_id
expect_it.not_to permit(user_context, record)
end
end
context 'permission present → ' do
before do
add_permissions('api_keys.update', to_user: user)
end
it 'denies a user with a different organisation' do
expect_it.not_to permit(user_context, record)
end
it 'but allows it for a user with the same organisation' do
user.organisation_id = record.organisation_id
expect_it.to permit(user_context, record)
end
end
end
permissions :destroy? do
it_behaves_like 'permitted policy and same organisation', 'api_keys.destroy'
end
end
|
