spec/policies/referential_policy_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102

RSpec.describe ReferentialPolicy, type: :policy do

  let( :record ){ build_stubbed :referential }


  #
  # Collection Based Permissions differ from standard as there is no referential yet
  # --------------------------------------------------------------------------------

  permissions :create? do
    it 'permissions present → allowed' do
      add_permissions('referentials.create', for_user: user)
      expect_it.to permit(user_context, record)
    end
    it 'permissions absent → forbidden' do
      expect_it.not_to permit(user_context, record)
    end
  end

  permissions :new? do
    it 'permissions present → allowed' do
      add_permissions('referentials.create', for_user: user)
      expect_it.to permit(user_context, record)
    end
    it 'permissions absent → forbidden' do
      expect_it.not_to permit(user_context, record)
    end
  end

  #
  # Standard Destructive Action Permissions
  # ---------------------------------------

  permissions :destroy? do
    it_behaves_like 'permitted policy and same organisation', 'referentials.destroy', archived: true
  end
  permissions :edit? do
    it_behaves_like 'permitted policy and same organisation', 'referentials.update', archived: true
  end
  permissions :update? do
    it_behaves_like 'permitted policy and same organisation', 'referentials.update', archived: true
  end

  #
  # Custom Permissions
  # ------------------

  permissions :clone? do
    it_behaves_like 'permitted policy and same organisation', 'referentials.create', archived: true
  end

  permissions :archive? do

    context 'permission present →' do
      before do
        add_permissions('referentials.update', for_user: user)
      end

      it 'allowed for unarchived referentials' do
        expect_it.to permit(user_context, record)
      end

      it 'forbidden for archived referentials' do
        record.archived_at = 1.second.ago
        expect_it.not_to permit(user_context, record)
      end
    end

    context 'permission absent →' do 
      it 'is forbidden' do
        expect_it.not_to permit(user_context, record)
      end
    end

  end

  permissions :unarchive? do

    context 'permission present →' do
      before do
        add_permissions('referentials.update', for_user: user)
      end

      it 'forbidden for unarchived referentials' do
        expect_it.not_to permit(user_context, record)
      end

      it 'allowed for archived referentials' do
        record.archived_at = 1.second.ago
        expect_it.to permit(user_context, record)
      end
    end

    context 'permission absent →' do 
      it 'is forbidden' do
        record.archived_at = 1.second.ago
        expect_it.not_to permit(user_context, record)
      end
    end

  end
end