about summary refs log tree commit diff
path: root/spec
diff options
context:
space:
mode:
authorJack Jennings <jack@standard-library.com>2017-05-30 06:16:14 -0700
committerEugen Rochko <eugen@zeonfederated.com>2017-05-30 15:16:14 +0200
commite031fd60ad9ee492fbbda319eaeb213098898d03 (patch)
tree212e09bc3b785addd5d0c45583b4b4a3ef7042eb /spec
parentbc4fad9e22695aae04cf06ada7f1c70887028cde (diff)
Move status reblog authorization into policy (#3425)
Diffstat (limited to 'spec')
-rw-r--r--spec/policies/status_policy_spec.rb32
1 files changed, 25 insertions, 7 deletions
diff --git a/spec/policies/status_policy_spec.rb b/spec/policies/status_policy_spec.rb
index ee7060b98..b969988e9 100644
--- a/spec/policies/status_policy_spec.rb
+++ b/spec/policies/status_policy_spec.rb
@@ -7,6 +7,20 @@ RSpec.describe StatusPolicy, type: :model do
   let(:alice) { Fabricate(:account, username: 'alice') }
   let(:status) { Fabricate(:status, account: alice) }
 
+  permissions :show?, :reblog? do
+    it 'grants access when no viewer' do
+      expect(subject).to permit(nil, status)
+    end
+
+    it 'denies access when viewer is blocked' do
+      block = Fabricate(:block)
+      status.visibility = :private
+      status.account = block.target_account
+
+      expect(subject).to_not permit(block.account, status)
+    end
+  end
+
   permissions :show? do
     it 'grants access when direct and account is viewer' do
       status.visibility = :direct
@@ -54,17 +68,21 @@ RSpec.describe StatusPolicy, type: :model do
 
       expect(subject).to_not permit(viewer, status)
     end
+  end
 
-    it 'grants access when no viewer' do
-      expect(subject).to permit(nil, status)
+  permissions :reblog? do
+    it 'denies access when private' do
+      viewer = Fabricate(:account)
+      status.visibility = :private
+
+      expect(subject).to_not permit(viewer, status)
     end
 
-    it 'denies access when viewer is blocked' do
-      block = Fabricate(:block)
-      status.visibility = :private
-      status.account = block.target_account
+    it 'denies access when direct' do
+      viewer = Fabricate(:account)
+      status.visibility = :direct
 
-      expect(subject).to_not permit(block.account, status)
+      expect(subject).to_not permit(viewer, status)
     end
   end
 end