diff options
| author | ThibG <thib@sitedethib.com> | 2018-12-19 16:19:00 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-12-19 16:19:00 +0100 |
| commit | aae088aaf0d5de542d917d11b7b2e86047645dd7 (patch) | |
| tree | a4a58bba9c294d0c3ed0ea5c6c54e3bfa0507263 /spec/policies/account_policy_spec.rb | |
| parent | 655da1be2029cecedcaf86479938d7805e72107d (diff) | |
| parent | 222865584842de9c2bd3f47737e9ccf6aa8eac93 (diff) | |
Merge pull request #865 from ThibG/glitch-soc/merge-upstream
Merge upstream changes
Diffstat (limited to 'spec/policies/account_policy_spec.rb')
| -rw-r--r-- | spec/policies/account_policy_spec.rb | 86 |
1 files changed, 86 insertions, 0 deletions
diff --git a/spec/policies/account_policy_spec.rb b/spec/policies/account_policy_spec.rb new file mode 100644 index 000000000..6648b0888 --- /dev/null +++ b/spec/policies/account_policy_spec.rb @@ -0,0 +1,86 @@ +# frozen_string_literal: true + +require 'rails_helper' +require 'pundit/rspec' + +RSpec.describe AccountPolicy do + let(:subject) { described_class } + let(:admin) { Fabricate(:user, admin: true).account } + let(:john) { Fabricate(:user).account } + + permissions :index?, :show?, :unsuspend?, :unsilence?, :remove_avatar?, :remove_header? do + context 'staff' do + it 'permits' do + expect(subject).to permit(admin) + end + end + + context 'not staff' do + it 'denies' do + expect(subject).to_not permit(john) + end + end + end + + permissions :redownload?, :subscribe?, :unsubscribe? do + context 'admin' do + it 'permits' do + expect(subject).to permit(admin) + end + end + + context 'not admin' do + it 'denies' do + expect(subject).to_not permit(john) + end + end + end + + permissions :suspend?, :silence? do + let(:staff) { Fabricate(:user, admin: true).account } + + context 'staff' do + context 'record is staff' do + it 'denies' do + expect(subject).to_not permit(admin, staff) + end + end + + context 'record is not staff' do + it 'permits' do + expect(subject).to permit(admin, john) + end + end + end + + context 'not staff' do + it 'denies' do + expect(subject).to_not permit(john, Account) + end + end + end + + permissions :memorialize? do + let(:other_admin) { Fabricate(:user, admin: true).account } + + context 'admin' do + context 'record is admin' do + it 'denies' do + expect(subject).to_not permit(admin, other_admin) + end + end + + context 'record is not admin' do + it 'permits' do + expect(subject).to permit(admin, john) + end + end + end + + context 'not admin' do + it 'denies' do + expect(subject).to_not permit(john, Account) + end + end + end +end |