2016-09-24 03:00:46 +00:00
|
|
|
# frozen_string_literal: true
|
2017-11-25 19:23:47 +00:00
|
|
|
|
2016-03-12 01:27:31 +00:00
|
|
|
require 'rails_helper'
|
|
|
|
|
|
|
|
RSpec.describe MapPolicy, type: :policy do
|
|
|
|
subject { described_class }
|
|
|
|
|
|
|
|
context 'unauthenticated' do
|
|
|
|
context 'commons' do
|
|
|
|
let(:map) { create(:map, permission: :commons) }
|
|
|
|
permissions :show? do
|
2016-03-14 03:00:54 +00:00
|
|
|
it 'permits access' do
|
2016-03-12 01:27:31 +00:00
|
|
|
expect(subject).to permit(nil, map)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
permissions :create?, :update?, :destroy? do
|
2016-03-14 03:00:54 +00:00
|
|
|
it 'denies access' do
|
2016-03-12 01:27:31 +00:00
|
|
|
expect(subject).to_not permit(nil, map)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'private' do
|
|
|
|
let(:map) { create(:map, permission: :private) }
|
|
|
|
permissions :show?, :create?, :update?, :destroy? do
|
2017-11-04 17:23:11 +00:00
|
|
|
it 'denies access' do
|
2016-03-12 01:27:31 +00:00
|
|
|
expect(subject).to_not permit(nil, map)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
#
|
|
|
|
# Now begin the logged-in tests
|
|
|
|
#
|
|
|
|
|
|
|
|
context 'logged in' do
|
|
|
|
let(:user) { create(:user) }
|
|
|
|
|
|
|
|
context 'commons' do
|
|
|
|
let(:owner) { create(:user) }
|
|
|
|
let(:map) { create(:map, permission: :commons, user: owner) }
|
|
|
|
permissions :show?, :create?, :update? do
|
2016-03-14 03:00:54 +00:00
|
|
|
it 'permits access' do
|
2016-03-12 01:27:31 +00:00
|
|
|
expect(subject).to permit(user, map)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
permissions :destroy? do
|
2016-03-14 03:00:54 +00:00
|
|
|
it 'denies access' do
|
2016-03-12 01:27:31 +00:00
|
|
|
expect(subject).to_not permit(user, map)
|
|
|
|
end
|
2016-03-14 03:00:54 +00:00
|
|
|
it 'permits access to owner' do
|
2016-03-12 01:27:31 +00:00
|
|
|
expect(subject).to permit(owner, map)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'public' do
|
|
|
|
let(:owner) { create(:user) }
|
|
|
|
let(:map) { create(:map, permission: :public, user: owner) }
|
2016-03-14 03:00:54 +00:00
|
|
|
permissions :show?, :create? do
|
|
|
|
it 'permits access' do
|
2016-03-12 01:27:31 +00:00
|
|
|
expect(subject).to permit(user, map)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
permissions :update?, :destroy? do
|
2016-03-14 03:00:54 +00:00
|
|
|
it 'denies access' do
|
2016-03-12 01:27:31 +00:00
|
|
|
expect(subject).to_not permit(user, map)
|
|
|
|
end
|
2016-03-14 03:00:54 +00:00
|
|
|
it 'permits access to owner' do
|
2016-03-12 01:27:31 +00:00
|
|
|
expect(subject).to permit(owner, map)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'private' do
|
|
|
|
let(:owner) { create(:user) }
|
|
|
|
let(:map) { create(:map, permission: :private, user: owner) }
|
|
|
|
permissions :create? do
|
2016-03-14 03:00:54 +00:00
|
|
|
it 'permits access' do
|
2016-03-12 01:27:31 +00:00
|
|
|
expect(subject).to permit(user, map)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
permissions :show?, :update?, :destroy? do
|
2016-03-14 03:00:54 +00:00
|
|
|
it 'denies access' do
|
2016-03-12 01:27:31 +00:00
|
|
|
expect(subject).to_not permit(user, map)
|
|
|
|
end
|
2016-03-14 03:00:54 +00:00
|
|
|
it 'permits access to owner' do
|
2016-03-12 01:27:31 +00:00
|
|
|
expect(subject).to permit(owner, map)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|