ability_test.rb revision 772a71bcc07f7001f5cd3cb4c3dc2cf393ffe9be
216N/Arequire 'test_helper'
216N/A
216N/Aclass AbilityTest < ActiveSupport::TestCase
216N/A
216N/A context 'Ontology' do
216N/A setup do
216N/A @owner = FactoryGirl.create :user # owner
216N/A @editor = FactoryGirl.create :user # editor
216N/A @user = FactoryGirl.create :user # regular user
216N/A
216N/A @item = FactoryGirl.create(:permission, subject: @owner, role: 'owner').item
216N/A FactoryGirl.create(:permission, subject: @editor, role: 'editor', item: @item)
216N/A end
216N/A
216N/A context 'owner' do
216N/A setup do
216N/A @ability = Ability.new(@owner)
216N/A end
216N/A
216N/A should 'be allowed: new, create' do
3996N/A [:new, :create].each do |perm|
216N/A assert @ability.can?(perm, Ontology.new)
216N/A end
216N/A end
216N/A
216N/A should 'be allowed: edit, update, destroy, permissions' do
216N/A [:edit, :update, :destroy, :permissions].each do |perm|
618N/A assert @ability.can?(perm, @item)
216N/A end
844N/A end
844N/A
216N/A should 'not be allowed on other: edit, update, destroy, permissions' do
1273N/A [:edit, :update, :destroy, :permissions].each do |perm|
1273N/A assert @ability.cannot?(perm, FactoryGirl.create(:ontology))
3661N/A end
3661N/A end
216N/A end
216N/A
3996N/A context 'editor' do
3996N/A setup do
3996N/A @ability = Ability.new(@editor)
216N/A end
216N/A
216N/A should 'be allowed: edit, update' do
216N/A [:edit, :update].each do |perm|
216N/A assert @ability.can?(perm, @item)
216N/A end
216N/A end
216N/A
216N/A should 'not be allowed: destroy, permissions' do
216N/A [:destroy, :permissions].each do |perm|
216N/A assert @ability.cannot?(perm, @item)
216N/A end
216N/A end
216N/A end
216N/A end
216N/A
216N/A context 'Team' do
216N/A setup do
3996N/A @user = FactoryGirl.create :user
3996N/A @other = FactoryGirl.create :user
3996N/A @ability = Ability.new(@user)
@memberteam = FactoryGirl.create(:team_user, user: @other).team
@memberteam.users << @user
@otherteam = FactoryGirl.create(:team_user, user: @other).team
end
context 'admin' do
should 'be allowed: edit, update, destroy' do
[:edit, :update, :destroy].each do |perm|
assert @ability.can?(perm, FactoryGirl.create(:team_user, user: @user).team)
end
end
end
context 'member' do
should 'be allowed: create, show, index' do
[:create, :show, :index].each do |perm|
assert @ability.can?(perm, Team.new)
end
end
should 'not be allowed: edit, update, destroy (without admin on team)' do
[:edit, :update, :destroy].each do |perm|
assert @ability.cannot?(perm, @memberteam)
end
end
should 'not be allowed: edit, update, destroy (without being on team)' do
[:edit, :update, :destroy].each do |perm|
assert @ability.cannot?(perm, @otherteam)
end
end
end
end
context 'Comment' do
setup do
@comment = FactoryGirl.create :comment
end
context 'author' do
setup do
@ability = Ability.new(@comment.user)
end
should 'destroy his own comment' do
assert @ability.can?(:destroy, @comment)
end
should 'not be allowed to destroy others comment' do
assert @ability.cannot?(:destroy, FactoryGirl.create(:comment))
end
end
context 'admin' do
setup do
@ability = Ability.new(FactoryGirl.create :admin)
end
should 'destroy others comment' do
assert @ability.can?(:destroy, @comment)
end
end
context 'comments repository owner' do
setup do
@owner = FactoryGirl.create :user
FactoryGirl.create(:permission, subject: @owner, role: 'owner', item: @comment.commentable.repository)
@ability = Ability.new(@owner)
end
should 'destroy others comments for his repository' do
assert @ability.can?(:destroy, @comment)
end
end
context 'comments repository editor' do
setup do
@owner = FactoryGirl.create :user
FactoryGirl.create(:permission, subject: @owner, role: 'editor', item: @comment.commentable.repository)
@ability = Ability.new(@owner)
end
should 'not destroy others comments for his repository' do
assert @ability.cannot?(:destroy, @comment)
end
end
end
end