diff options
author | Jack Jennings <jack@standard-library.com> | 2017-05-30 06:16:14 -0700 |
---|---|---|
committer | Eugen Rochko <eugen@zeonfederated.com> | 2017-05-30 15:16:14 +0200 |
commit | e031fd60ad9ee492fbbda319eaeb213098898d03 (patch) | |
tree | 212e09bc3b785addd5d0c45583b4b4a3ef7042eb /spec | |
parent | bc4fad9e22695aae04cf06ada7f1c70887028cde (diff) |
Move status reblog authorization into policy (#3425)
Diffstat (limited to 'spec')
-rw-r--r-- | spec/policies/status_policy_spec.rb | 32 |
1 files changed, 25 insertions, 7 deletions
diff --git a/spec/policies/status_policy_spec.rb b/spec/policies/status_policy_spec.rb index ee7060b98..b969988e9 100644 --- a/spec/policies/status_policy_spec.rb +++ b/spec/policies/status_policy_spec.rb @@ -7,6 +7,20 @@ RSpec.describe StatusPolicy, type: :model do let(:alice) { Fabricate(:account, username: 'alice') } let(:status) { Fabricate(:status, account: alice) } + permissions :show?, :reblog? do + it 'grants access when no viewer' do + expect(subject).to permit(nil, status) + end + + it 'denies access when viewer is blocked' do + block = Fabricate(:block) + status.visibility = :private + status.account = block.target_account + + expect(subject).to_not permit(block.account, status) + end + end + permissions :show? do it 'grants access when direct and account is viewer' do status.visibility = :direct @@ -54,17 +68,21 @@ RSpec.describe StatusPolicy, type: :model do expect(subject).to_not permit(viewer, status) end + end - it 'grants access when no viewer' do - expect(subject).to permit(nil, status) + permissions :reblog? do + it 'denies access when private' do + viewer = Fabricate(:account) + status.visibility = :private + + expect(subject).to_not permit(viewer, status) end - it 'denies access when viewer is blocked' do - block = Fabricate(:block) - status.visibility = :private - status.account = block.target_account + it 'denies access when direct' do + viewer = Fabricate(:account) + status.visibility = :direct - expect(subject).to_not permit(block.account, status) + expect(subject).to_not permit(viewer, status) end end end |