diff --git a/spec/policies/map_policy_spec.rb b/spec/policies/map_policy_spec.rb index b160fead..7dd33707 100644 --- a/spec/policies/map_policy_spec.rb +++ b/spec/policies/map_policy_spec.rb @@ -7,12 +7,12 @@ RSpec.describe MapPolicy, type: :policy do context 'commons' do let(:map) { create(:map, permission: :commons) } permissions :show? do - it 'can view' do + it 'permits access' do expect(subject).to permit(nil, map) end end permissions :create?, :update?, :destroy? do - it 'can not modify' do + it 'denies access' do expect(subject).to_not permit(nil, map) end end @@ -21,7 +21,7 @@ RSpec.describe MapPolicy, type: :policy do context 'private' do let(:map) { create(:map, permission: :private) } permissions :show?, :create?, :update?, :destroy? do - it 'can not view or modify' do + it 'permits access' do expect(subject).to_not permit(nil, map) end end @@ -39,15 +39,15 @@ RSpec.describe MapPolicy, type: :policy do let(:owner) { create(:user) } let(:map) { create(:map, permission: :commons, user: owner) } permissions :show?, :create?, :update? do - it 'can view and modify' do + it 'permits access' do expect(subject).to permit(user, map) end end permissions :destroy? do - it 'can not destroy' do + it 'denies access' do expect(subject).to_not permit(user, map) end - it 'owner can destroy' do + it 'permits access to owner' do expect(subject).to permit(owner, map) end end @@ -56,21 +56,16 @@ RSpec.describe MapPolicy, type: :policy do context 'public' do let(:owner) { create(:user) } let(:map) { create(:map, permission: :public, user: owner) } - permissions :show? do - it 'can view' do - expect(subject).to permit(user, map) - end - end - permissions :create? do - it 'can create' do + permissions :show?, :create? do + it 'permits access' do expect(subject).to permit(user, map) end end permissions :update?, :destroy? do - it 'can not update/destroy' do + it 'denies access' do expect(subject).to_not permit(user, map) end - it 'owner can update/destroy' do + it 'permits access to owner' do expect(subject).to permit(owner, map) end end @@ -80,15 +75,15 @@ RSpec.describe MapPolicy, type: :policy do let(:owner) { create(:user) } let(:map) { create(:map, permission: :private, user: owner) } permissions :create? do - it 'can create' do + it 'permits access' do expect(subject).to permit(user, map) end end permissions :show?, :update?, :destroy? do - it 'can not view or modify' do + it 'denies access' do expect(subject).to_not permit(user, map) end - it 'owner can view and modify' do + it 'permits access to owner' do expect(subject).to permit(owner, map) end end diff --git a/spec/policies/synapse_policy.rb b/spec/policies/synapse_policy.rb new file mode 100644 index 00000000..4c725e37 --- /dev/null +++ b/spec/policies/synapse_policy.rb @@ -0,0 +1,92 @@ +require 'rails_helper' + +RSpec.describe SynapsePolicy, type: :policy do + subject { described_class } + + context 'unauthenticated' do + context 'commons' do + let(:synapse) { create(:synapse, permission: :commons) } + permissions :show? do + it 'permits access' do + expect(subject).to permit(nil, synapse) + end + end + permissions :create?, :update?, :destroy? do + it 'denies access' do + expect(subject).to_not permit(nil, synapse) + end + end + end + + context 'private' do + let(:synapse) { create(:synapse, permission: :private) } + permissions :show?, :create?, :update?, :destroy? do + it 'denies access' do + expect(subject).to_not permit(nil, synapse) + end + end + end + end + + # + # Now begin the logged-in tests + # + + context 'logged in' do + let(:user) { create(:user) } + + context 'commons' do + let(:owner) { create(:user) } + let(:synapse) { create(:synapse, permission: :commons, user: owner) } + permissions :show?, :create?, :update? do + it 'permits access' do + expect(subject).to permit(user, synapse) + end + end + permissions :destroy? do + it 'denies access' do + expect(subject).to_not permit(user, synapse) + end + it 'permits access to owner' do + expect(subject).to permit(owner, synapse) + end + end + end + + context 'public' do + let(:owner) { create(:user) } + let(:synapse) { create(:synapse, permission: :public, user: owner) } + permissions :show?, :create? do + it 'permits access' do + expect(subject).to permit(user, synapse) + end + end + permissions :update?, :destroy? do + it 'denies access' do + expect(subject).to_not permit(user, synapse) + end + it 'permits access to owner' do + expect(subject).to permit(owner, synapse) + end + end + end + + context 'private' do + let(:owner) { create(:user) } + let(:synapse) { create(:synapse, permission: :private, user: owner) } + permissions :create? do + it 'permits access' do + expect(subject).to permit(user, synapse) + end + end + permissions :show?, :update?, :destroy? do + it 'denies access' do + expect(subject).to_not permit(user, synapse) + end + it 'permits access to owner' do + expect(subject).to permit(owner, synapse) + end + end + end + end +end diff --git a/spec/policies/topic_policy_spec.rb b/spec/policies/topic_policy_spec.rb new file mode 100644 index 00000000..7078496c --- /dev/null +++ b/spec/policies/topic_policy_spec.rb @@ -0,0 +1,92 @@ +require 'rails_helper' + +RSpec.describe TopicPolicy, type: :policy do + subject { described_class } + + context 'unauthenticated' do + context 'commons' do + let(:topic) { create(:topic, permission: :commons) } + permissions :show? do + it 'permits access' do + expect(subject).to permit(nil, topic) + end + end + permissions :create?, :update?, :destroy? do + it 'denies access' do + expect(subject).to_not permit(nil, topic) + end + end + end + + context 'private' do + let(:topic) { create(:topic, permission: :private) } + permissions :show?, :create?, :update?, :destroy? do + it 'denies access' do + expect(subject).to_not permit(nil, topic) + end + end + end + end + + # + # Now begin the logged-in tests + # + + context 'logged in' do + let(:user) { create(:user) } + + context 'commons' do + let(:owner) { create(:user) } + let(:topic) { create(:topic, permission: :commons, user: owner) } + permissions :show?, :create?, :update? do + it 'permits access' do + expect(subject).to permit(user, topic) + end + end + permissions :destroy? do + it 'denies access' do + expect(subject).to_not permit(user, topic) + end + it 'permits access to owner' do + expect(subject).to permit(owner, topic) + end + end + end + + context 'public' do + let(:owner) { create(:user) } + let(:topic) { create(:topic, permission: :public, user: owner) } + permissions :show?, :create? do + it 'permits access' do + expect(subject).to permit(user, topic) + end + end + permissions :update?, :destroy? do + it 'denies access' do + expect(subject).to_not permit(user, topic) + end + it 'permits access to owner' do + expect(subject).to permit(owner, topic) + end + end + end + + context 'private' do + let(:owner) { create(:user) } + let(:topic) { create(:topic, permission: :private, user: owner) } + permissions :create? do + it 'permits access' do + expect(subject).to permit(user, topic) + end + end + permissions :show?, :update?, :destroy? do + it 'denies access' do + expect(subject).to_not permit(user, topic) + end + it 'permits access to owner' do + expect(subject).to permit(owner, topic) + end + end + end + end +end