spec/models/permission_spec.rb

	permission_spec.rb revision 7c7a19761235efff584ee65a1c6dc4aa1735ff64
0N/Arequire 'spec_helper'
0N/A
0N/Adescribe Permission do
0N/A  context 'associations' do
0N/A    %i(creator item subject).each do |association|
0N/A      it { should belong_to(association) }
0N/A    end
0N/A  end
0N/A
0N/A  context 'validations' do
0N/A    %w(owner editor).each do |val|
0N/A      it { should allow_value(val).for :role }
0N/A    end
0N/A
0N/A    [ nil, '','foo' ].each do |val|
0N/A      it { should_not allow_value(val).for :role }
0N/A    end
0N/A  end
0N/A
0N/A  let(:owner)      { create :user }
0N/A  let(:permission) { create(:permission, subject: owner, role: 'owner') }
0N/A
0N/A  context 'one owner' do
0N/A    it 'should not be possible to remove him' do
0N/A      expect{ permission.destroy }.to raise_error(Permission::PowerVaccuumError)
0N/A    end
0N/A
0N/A    it 'should not be possible to degrade his role' do
0N/A      permission.role = 'editor'
0N/A      expect(permission).not_to be_valid
0N/A    end
0N/A
0N/A    %w(editor reader).each do |role|
0N/A      it "should be possible to remove a #{role} permission" do
0N/A        other_permission = create(:permission, subject: owner, role: role)
0N/A        expect{ other_permission.destroy }.not_to raise_error
0N/A      end
0N/A    end
0N/A  end
0N/A
0N/A  context 'many owners' do
0N/A    let(:other_owner)      { create(:user) }
0N/A    before do
0N/A      create(:permission, subject: other_owner, role: 'owner', item: permission.item)
0N/A    end
0N/A
0N/A    it 'should be possible to remove one' do
0N/A      expect{ permission.destroy }.not_to raise_error
0N/A    end
0N/A
0N/A    it 'should be possible to degrade his role' do
0N/A      permission.role = 'editor'
0N/A      expect(permission).to be_valid
0N/A    end
0N/A  end

  context 'repository' do
    let(:repository) { create :repository }

    context 'admin user' do
      let(:admin) { create :admin }

      %i(owner editor).each do |perm|
        it "have #{perm} permission" do
          expect(repository.permission?(perm, admin)).to be(true)
        end
      end
    end

    context 'owner user' do
      let(:permission) { create :permission, item: repository }

      %i(owner editor).each do |perm|
        it "have #{perm} permission" do
          expect(repository.permission?(perm, permission.subject)).to be(true)
        end
      end
    end

    context 'editor user' do
      let(:permission) do
        create :permission,
          item: repository, role: 'editor'
      end

      it 'not have owner permission' do
        expect(repository.permission?(:owner, permission.subject)).to be(false)
      end

      it 'have editor permission' do
        expect(repository.permission?(:editor, permission.subject)).to be(true)
      end
    end

    context 'team user' do
      let(:team_user) { create :team_user }
      let!(:permission) do
        create :permission,
          item: repository, subject: team_user.team
      end

      %i(owner editor).each do |perm|
        it "have #{perm} permission" do
          expect(repository.permission?(perm, team_user.user)).to be(true)
        end
      end
    end

    context 'bernd' do
      %i(owner editor).each do |perm|
        it "not have #{perm} permission" do
          expect(repository.permission?(perm, nil)).to be(false)
        end
      end
    end

    context 'user on other team' do
      let(:team_user) { create :team_user }
      let(:permission) { create :permission, item: repository }

      %i(owner editor).each do |perm|
        it "not have #{perm} permission" do
          expect(repository.permission?(perm, team_user.user)).to be(false)
        end
      end
    end

    context 'some user' do
      let(:user) { create :user }

      %i(owner editor).each do |perm|
        it "not have #{perm} permission" do
          expect(repository.permission?(perm, user)).to be(false)
        end
      end
    end
  end
end