spec/policies/referential_policy_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161

# coding: utf-8
RSpec.describe ReferentialPolicy, type: :policy do

  #
  # Collection Based Permissions differ from standard as there is no referential yet
  # --------------------------------------------------------------------------------
  context "on a ready referential" do
    let( :record ){ referential }
    permissions :create? do
      it 'permissions present → allowed' do
        add_permissions('referentials.create', to_user: user)
        expect_it.to permit(user_context, record)
      end
      it 'permissions absent → forbidden' do
        expect_it.not_to permit(user_context, record)
      end
    end

    permissions :new? do
      it 'permissions present → allowed' do
        add_permissions('referentials.create', to_user: user)
        expect_it.to permit(user_context, record)
      end
      it 'permissions absent → forbidden' do
        expect_it.not_to permit(user_context, record)
      end
    end

    #
    # Standard Destructive Action Permissions
    # ---------------------------------------

    permissions :destroy? do
      it_behaves_like 'permitted policy and same organisation', 'referentials.destroy', archived_and_finalised: true
    end
    permissions :edit? do
      it_behaves_like 'permitted policy and same organisation', 'referentials.update', archived_and_finalised: true
    end
    permissions :update? do
      it_behaves_like 'permitted policy and same organisation', 'referentials.update', archived_and_finalised: true
    end

    #
    # Custom Permissions
    # ------------------

    # permissions :clone? do
    #   it_behaves_like 'permitted policy', 'referentials.create', archived_and_finalised: true
    # end

    permissions :archive? do

      context 'permission present →' do
        before do
          add_permissions('referentials.update', to_user: user)
        end

        context 'same organisation →' do
          before do
            user.organisation_id = referential.organisation_id
          end
          it "allows a user with the same organisation" do
            expect_it.to permit(user_context, record)
          end
          describe "archived" do
            let( :record ){ build_stubbed :referential, archived_at: 2.minutes.ago, ready: true  }
            it 'does remove permission for archived referentials' do
              expect_it.not_to permit(user_context, record)
            end
          end
        end

        context 'different organisations →' do
          it "forbids a user with a different organisation" do
            expect_it.not_to permit(user_context, record)
          end

          describe "archived" do
            let( :record ){ build_stubbed :referential, archived_at: 2.minutes.ago, ready: true  }
            it 'forbids for archived referentials' do
              expect_it.not_to permit(user_context, record)
            end
          end

        end
      end

      context 'permission absent →' do
        context 'same organisation →' do
          before do
            user.organisation_id = referential.organisation_id
          end
          it "forbids a user with the same organisation" do
            expect_it.not_to permit(user_context, record)
          end
          describe "archived" do
            let( :record ){ build_stubbed :referential, archived_at: 2.minutes.ago, ready: true  }
            it 'forbids for archived referentials' do
              expect_it.not_to permit(user_context, record)
            end
          end
        end
      end
    end

    permissions :unarchive? do

      context 'permission present →' do
        before do
          add_permissions('referentials.update', to_user: user)
        end

        context 'same organisation →' do
          before do
            user.organisation_id = referential.organisation_id
          end
          it "forbids a user with the same organisation" do
            expect_it.not_to permit(user_context, record)
          end
          describe "archived" do
            let( :record ){ build_stubbed :referential, archived_at: 2.minutes.ago, ready: true  }
            it 'adds permission for archived referentials' do
              expect_it.to permit(user_context, record)
            end
          end
        end

        context 'different organisations →' do
          it "forbids a user with a different organisation" do
            expect_it.not_to permit(user_context, record)
          end

          describe "archived" do
            let( :record ){ build_stubbed :referential, archived_at: 2.minutes.ago, ready: true  }
            it 'still forbids for archived referentials' do
              expect_it.not_to permit(user_context, record)
            end
          end

        end
      end

      context 'permission absent →' do
        context 'same organisation →' do
          before do
            user.organisation_id = referential.organisation_id
          end
          it "forbids a user with a different rganisation" do
            expect_it.not_to permit(user_context, record)
          end
          describe "archived" do
            let( :record ){ build_stubbed :referential, archived_at: 2.minutes.ago, ready: true  }
            it 'still forbids for archived referentials' do
              expect_it.not_to permit(user_context, record)
            end
          end
        end
      end
    end
  end
end