finish map spec permissions

2015-12-17 23:20:53 +08:00 · 2015-12-17 23:20:53 +08:00 · 9522c30273
parent 006acac6b5
commit 9522c30273
1 changed files with 18 additions and 0 deletions
--- a/spec/models/map_spec.rb
+++ b/spec/models/map_spec.rb
@ -12,11 +12,29 @@ RSpec.describe Map, type: :model do
    let(:owner) { create :user }
    let(:other_user) { create :user }
    let(:map) { create :map, user: owner, permission: :commons }
+    let(:private_map) { create :map, user: owner, permission: :private }
+    let(:public_map) { create :map, user: owner, permission: :public }

    it 'prevents deletion by non-owner' do
      expect(map.authorize_to_delete(other_user)).to eq false
      expect(map.authorize_to_delete(owner)).to eq map
    end
+
+    it 'prevents visibility if private' do
+      expect(map.authorize_to_show(other_user)).to eq true
+      expect(map.authorize_to_show(owner)).to eq true
+      expect(private_map.authorize_to_show(owner)).to eq true
+      expect(private_map.authorize_to_show(other_user)).to eq false
+    end
+
+    it 'only allows editing if commons or owned' do
+      expect(map.authorize_to_edit(other_user)).to eq true
+      expect(map.authorize_to_edit(owner)).to eq true
+      expect(private_map.authorize_to_edit(other_user)).to eq false
+      expect(private_map.authorize_to_edit(owner)).to eq true
+      expect(public_map.authorize_to_edit(other_user)).to eq false
+      expect(public_map.authorize_to_edit(owner)).to eq true
+    end
  end
 end