metamaps--metamaps/spec/policies/mapping_policy_spec.rb

97 lines
2.8 KiB
Ruby
Raw Permalink Normal View History

2016-09-24 03:00:46 +00:00
# frozen_string_literal: true
2017-11-06 16:15:18 +00:00
2016-03-14 03:15:10 +00:00
require 'rails_helper'
RSpec.describe MappingPolicy, type: :policy do
subject { described_class }
2016-09-05 02:47:11 +00:00
context 'unauthenticated' do
context 'commons' do
let(:map) { create(:map, permission: :commons) }
let(:topic) { create(:topic, permission: :commons) }
let(:mapping) { create(:mapping, mappable: topic, map: map) }
permissions :show? do
it 'permits access' do
expect(subject).to permit(nil, mapping)
end
end
permissions :create?, :update?, :destroy? do
it 'denies access' do
expect(subject).to_not permit(nil, mapping)
end
end
end
context 'private' do
let(:map) { create(:map, permission: :private) }
let(:topic) { create(:topic, permission: :private) }
let(:mapping) { create(:mapping, mappable: topic, map: map) }
permissions :show?, :create?, :update?, :destroy? do
it 'denies access' do
expect(subject).to_not permit(nil, mapping)
end
end
end
end
#
# Now begin the logged-in tests
#
context 'logged in' do
let(:user) { create(:user) }
context 'commons' do
let(:owner) { create(:user) }
let(:topic) { create(:topic, permission: :commons, user: owner) }
let(:map) { create(:map, permission: :commons, user: owner) }
let(:mapping) { create(:mapping, mappable: topic, map: map) }
permissions :show?, :create?, :update?, :destroy? do
it 'permits access' do
expect(subject).to permit(user, mapping)
end
end
end
context 'public' do
let(:owner) { create(:user) }
let(:topic) { create(:topic, permission: :public, user: owner) }
let(:map) { create(:map, permission: :public, user: owner) }
let(:mapping) { create(:mapping, mappable: topic, map: map) }
permissions :show? do
it 'permits access' do
expect(subject).to permit(user, mapping)
end
end
permissions :create?, :update?, :destroy? do
it 'denies access' do
expect(subject).to_not permit(user, mapping)
end
it 'permits access to owner' do
expect(subject).to permit(owner, mapping)
end
end
end
context 'private' do
let(:owner) { create(:user) }
let(:topic) { create(:topic, permission: :private, user: owner) }
let(:map) { create(:map, permission: :public, user: owner) }
let(:mapping) { create(:mapping, mappable: topic, map: map) }
permissions :show?, :create?, :update?, :destroy? do
it 'denies access' do
expect(subject).to_not permit(user, mapping)
end
it 'permits access to owner' do
expect(subject).to permit(owner, mapping)
end
end
end
end
2016-03-14 03:15:10 +00:00
end