From 9522c302737442df8530250e123ff3092006355e Mon Sep 17 00:00:00 2001
From: Devin Howard <devin@callysto.com>
Date: Thu, 17 Dec 2015 23:20:53 +0800
Subject: [PATCH] finish map spec permissions

---
 spec/models/map_spec.rb | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/spec/models/map_spec.rb b/spec/models/map_spec.rb
index 688c4252..f12aa9e0 100644
--- a/spec/models/map_spec.rb
+++ b/spec/models/map_spec.rb
@@ -12,11 +12,29 @@ RSpec.describe Map, type: :model do
     let(:owner) { create :user }
     let(:other_user) { create :user }
     let(:map) { create :map, user: owner, permission: :commons }
+    let(:private_map) { create :map, user: owner, permission: :private }
+    let(:public_map) { create :map, user: owner, permission: :public }
 
     it 'prevents deletion by non-owner' do
       expect(map.authorize_to_delete(other_user)).to eq false
       expect(map.authorize_to_delete(owner)).to eq map
     end
+
+    it 'prevents visibility if private' do
+      expect(map.authorize_to_show(other_user)).to eq true
+      expect(map.authorize_to_show(owner)).to eq true
+      expect(private_map.authorize_to_show(owner)).to eq true
+      expect(private_map.authorize_to_show(other_user)).to eq false
+    end
+
+    it 'only allows editing if commons or owned' do
+      expect(map.authorize_to_edit(other_user)).to eq true
+      expect(map.authorize_to_edit(owner)).to eq true
+      expect(private_map.authorize_to_edit(other_user)).to eq false
+      expect(private_map.authorize_to_edit(owner)).to eq true
+      expect(public_map.authorize_to_edit(other_user)).to eq false
+      expect(public_map.authorize_to_edit(owner)).to eq true
+    end
   end
 end