finish topic spec

spec/models/topic_spec.rb

@@ -4,6 +4,9 @@ RSpec.describe Topic, type: :model do
   it { is_expected.to belong_to :user }
   it { is_expected.to belong_to :metacode }
   it { is_expected.to have_many :maps }
+  it { is_expected.to have_many :mappings }
+  it { is_expected.to validate_presence_of :permission }
+  it { is_expected.to validate_inclusion_of(:permission).in_array Perm::ISSIONS.map(&:to_s) }
 
   context 'has_viewable_synapses function' do
     let (:user) { create(:user) }
@@ -48,6 +51,30 @@ RSpec.describe Topic, type: :model do
   end
 
   context 'permssions' do
-    pending "TODO"
+    let(:other_user) { create :user }
+    let(:topic) { create :topic, user: owner, permission: :commons }
+    let(:private_topic) { create :topic, user: owner, permission: :private }
+    let(:public_topic) { create :topic, user: owner, permission: :public }
+
+    it 'prevents deletion by non-owner' do
+      expect(topic.authorize_to_delete(other_user)).to eq false
+      expect(topic.authorize_to_delete(owner)).to eq topic
+    end
+
+    it 'prevents visibility if private' do
+      expect(topic.authorize_to_show(other_user)).to eq true
+      expect(topic.authorize_to_show(owner)).to eq true
+      expect(private_topic.authorize_to_show(owner)).to eq true
+      expect(private_topic.authorize_to_show(other_user)).to eq false
+    end
+
+    it 'only allows editing if commons or owned' do
+      expect(topic.authorize_to_edit(other_user)).to eq true
+      expect(topic.authorize_to_edit(owner)).to eq true
+      expect(private_topic.authorize_to_edit(other_user)).to eq false
+      expect(private_topic.authorize_to_edit(owner)).to eq true
+      expect(public_topic.authorize_to_edit(other_user)).to eq false
+      expect(public_topic.authorize_to_edit(owner)).to eq true
+    end
   end
 end