From 5d724aa129db8e77d25748ceff4c8f1047662491 Mon Sep 17 00:00:00 2001 From: ysksn Date: Thu, 20 Dec 2018 02:24:15 +0900 Subject: Add specs for BackupPolicy (#9576) --- spec/policies/backup_policy_spec.rb | 45 +++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 spec/policies/backup_policy_spec.rb (limited to 'spec/policies') diff --git a/spec/policies/backup_policy_spec.rb b/spec/policies/backup_policy_spec.rb new file mode 100644 index 000000000..80407e12f --- /dev/null +++ b/spec/policies/backup_policy_spec.rb @@ -0,0 +1,45 @@ +# frozen_string_literal: true + +require 'rails_helper' +require 'pundit/rspec' + +RSpec.describe BackupPolicy do + let(:subject) { described_class } + let(:john) { Fabricate(:user).account } + + permissions :create? do + context 'not user_signed_in?' do + it 'denies' do + expect(subject).to_not permit(nil, Backup) + end + end + + context 'user_signed_in?' do + context 'no backups' do + it 'permits' do + expect(subject).to permit(john, Backup) + end + end + + context 'backups are too old' do + it 'permits' do + travel(-8.days) do + Fabricate(:backup, user: john.user) + end + + expect(subject).to permit(john, Backup) + end + end + + context 'backups are newer' do + it 'denies' do + travel(-3.days) do + Fabricate(:backup, user: john.user) + end + + expect(subject).to_not permit(john, Backup) + end + end + end + end +end -- cgit From 5088213f5e5c4386f9f4afa80c0c96dcbc2aaab6 Mon Sep 17 00:00:00 2001 From: ysksn Date: Thu, 20 Dec 2018 11:24:28 +0900 Subject: Add specs for CustomEmojiPolicy (#9584) --- spec/policies/custom_emoji_policy_spec.rb | 38 +++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 spec/policies/custom_emoji_policy_spec.rb (limited to 'spec/policies') diff --git a/spec/policies/custom_emoji_policy_spec.rb b/spec/policies/custom_emoji_policy_spec.rb new file mode 100644 index 000000000..8def88212 --- /dev/null +++ b/spec/policies/custom_emoji_policy_spec.rb @@ -0,0 +1,38 @@ +# frozen_string_literal: true + +require 'rails_helper' +require 'pundit/rspec' + +RSpec.describe CustomEmojiPolicy do + let(:subject) { described_class } + let(:admin) { Fabricate(:user, admin: true).account } + let(:john) { Fabricate(:user).account } + + permissions :index?, :enable?, :disable? do + context 'staff' do + it 'permits' do + expect(subject).to permit(admin, CustomEmoji) + end + end + + context 'not staff' do + it 'denies' do + expect(subject).to_not permit(john, CustomEmoji) + end + end + end + + permissions :create?, :update?, :copy?, :destroy? do + context 'admin' do + it 'permits' do + expect(subject).to permit(admin, CustomEmoji) + end + end + + context 'not admin' do + it 'denies' do + expect(subject).to_not permit(john, CustomEmoji) + end + end + end +end -- cgit From e181f9973924f44f7b276a6271aeb1143289e1fb Mon Sep 17 00:00:00 2001 From: ysksn Date: Thu, 20 Dec 2018 11:47:51 +0900 Subject: Add specs for DomainBlockPolicy (#9585) --- spec/policies/domain_block_policy_spec.rb | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 spec/policies/domain_block_policy_spec.rb (limited to 'spec/policies') diff --git a/spec/policies/domain_block_policy_spec.rb b/spec/policies/domain_block_policy_spec.rb new file mode 100644 index 000000000..aea50ec0f --- /dev/null +++ b/spec/policies/domain_block_policy_spec.rb @@ -0,0 +1,24 @@ +# frozen_string_literal: true + +require 'rails_helper' +require 'pundit/rspec' + +RSpec.describe DomainBlockPolicy do + let(:subject) { described_class } + let(:admin) { Fabricate(:user, admin: true).account } + let(:john) { Fabricate(:user).account } + + permissions :index?, :show?, :create?, :destroy? do + context 'admin' do + it 'permits' do + expect(subject).to permit(admin, DomainBlock) + end + end + + context 'not admin' do + it 'denies' do + expect(subject).to_not permit(john, DomainBlock) + end + end + end +end -- cgit From 08cb8a1ff39553cee605ff481695f6f504f6ac7f Mon Sep 17 00:00:00 2001 From: ysksn Date: Thu, 20 Dec 2018 11:51:31 +0900 Subject: Add specs for InstancePolicy (#9587) --- spec/policies/instance_policy_spec.rb | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 spec/policies/instance_policy_spec.rb (limited to 'spec/policies') diff --git a/spec/policies/instance_policy_spec.rb b/spec/policies/instance_policy_spec.rb new file mode 100644 index 000000000..fbfddd72f --- /dev/null +++ b/spec/policies/instance_policy_spec.rb @@ -0,0 +1,24 @@ +# frozen_string_literal: true + +require 'rails_helper' +require 'pundit/rspec' + +RSpec.describe InstancePolicy do + let(:subject) { described_class } + let(:admin) { Fabricate(:user, admin: true).account } + let(:john) { Fabricate(:user).account } + + permissions :index?, :resubscribe? do + context 'admin' do + it 'permits' do + expect(subject).to permit(admin, Instance) + end + end + + context 'not admin' do + it 'denies' do + expect(subject).to_not permit(john, Instance) + end + end + end +end -- cgit From 44189c33d1066340e414befdef33ba9beb223988 Mon Sep 17 00:00:00 2001 From: ysksn Date: Thu, 20 Dec 2018 11:51:41 +0900 Subject: Add specs for EmailDomainBlockPolicy (#9586) --- spec/policies/email_domain_block_policy_spec.rb | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 spec/policies/email_domain_block_policy_spec.rb (limited to 'spec/policies') diff --git a/spec/policies/email_domain_block_policy_spec.rb b/spec/policies/email_domain_block_policy_spec.rb new file mode 100644 index 000000000..a3e825e07 --- /dev/null +++ b/spec/policies/email_domain_block_policy_spec.rb @@ -0,0 +1,24 @@ +# frozen_string_literal: true + +require 'rails_helper' +require 'pundit/rspec' + +RSpec.describe EmailDomainBlockPolicy do + let(:subject) { described_class } + let(:admin) { Fabricate(:user, admin: true).account } + let(:john) { Fabricate(:user).account } + + permissions :index?, :create?, :destroy? do + context 'admin' do + it 'permits' do + expect(subject).to permit(admin, EmailDomainBlock) + end + end + + context 'not admin' do + it 'denies' do + expect(subject).to_not permit(john, EmailDomainBlock) + end + end + end +end -- cgit From d649d8459419e8dbdc075c416f1315267a184636 Mon Sep 17 00:00:00 2001 From: ysksn Date: Thu, 20 Dec 2018 12:23:09 +0900 Subject: Add specs for InvitePolicy (#9589) --- spec/policies/invite_policy_spec.rb | 94 +++++++++++++++++++++++++++++++++++++ 1 file changed, 94 insertions(+) create mode 100644 spec/policies/invite_policy_spec.rb (limited to 'spec/policies') diff --git a/spec/policies/invite_policy_spec.rb b/spec/policies/invite_policy_spec.rb new file mode 100644 index 000000000..e391455be --- /dev/null +++ b/spec/policies/invite_policy_spec.rb @@ -0,0 +1,94 @@ +# frozen_string_literal: true + +require 'rails_helper' +require 'pundit/rspec' + +RSpec.describe InvitePolicy do + let(:subject) { described_class } + let(:admin) { Fabricate(:user, admin: true).account } + let(:john) { Fabricate(:user).account } + + permissions :index? do + context 'staff?' do + it 'permits' do + expect(subject).to permit(admin, Invite) + end + end + end + + permissions :create? do + context 'min_required_role?' do + it 'permits' do + allow_any_instance_of(described_class).to receive(:min_required_role?) { true } + expect(subject).to permit(john, Invite) + end + end + + context 'not min_required_role?' do + it 'denies' do + allow_any_instance_of(described_class).to receive(:min_required_role?) { false } + expect(subject).to_not permit(john, Invite) + end + end + end + + permissions :deactivate_all? do + context 'admin?' do + it 'permits' do + expect(subject).to permit(admin, Invite) + end + end + + context 'not admin?' do + it 'denies' do + expect(subject).to_not permit(john, Invite) + end + end + end + + permissions :destroy? do + context 'owner?' do + it 'permits' do + expect(subject).to permit(john, Fabricate(:invite, user: john.user)) + end + end + + context 'not owner?' do + context 'Setting.min_invite_role == "admin"' do + before do + Setting.min_invite_role = 'admin' + end + + context 'admin?' do + it 'permits' do + expect(subject).to permit(admin, Fabricate(:invite)) + end + end + + context 'not admin?' do + it 'denies' do + expect(subject).to_not permit(john, Fabricate(:invite)) + end + end + end + + context 'Setting.min_invite_role != "admin"' do + before do + Setting.min_invite_role = 'else' + end + + context 'staff?' do + it 'permits' do + expect(subject).to permit(admin, Fabricate(:invite)) + end + end + + context 'not staff?' do + it 'denies' do + expect(subject).to_not permit(john, Fabricate(:invite)) + end + end + end + end + end +end -- cgit From be9640bfc2be49961fef163510f630f481e02566 Mon Sep 17 00:00:00 2001 From: ysksn Date: Fri, 21 Dec 2018 01:51:55 +0900 Subject: Add specs for UserPolicy (#9593) --- spec/policies/user_policy_spec.rb | 167 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 167 insertions(+) create mode 100644 spec/policies/user_policy_spec.rb (limited to 'spec/policies') diff --git a/spec/policies/user_policy_spec.rb b/spec/policies/user_policy_spec.rb new file mode 100644 index 000000000..e37904f04 --- /dev/null +++ b/spec/policies/user_policy_spec.rb @@ -0,0 +1,167 @@ +# frozen_string_literal: true + +require 'rails_helper' +require 'pundit/rspec' + +RSpec.describe UserPolicy do + let(:subject) { described_class } + let(:admin) { Fabricate(:user, admin: true).account } + let(:john) { Fabricate(:user).account } + + permissions :reset_password?, :change_email? do + context 'staff?' do + context '!record.staff?' do + it 'permits' do + expect(subject).to permit(admin, john.user) + end + end + + context 'record.staff?' do + it 'denies' do + expect(subject).to_not permit(admin, admin.user) + end + end + end + + context '!staff?' do + it 'denies' do + expect(subject).to_not permit(john, User) + end + end + end + + permissions :disable_2fa? do + context 'admin?' do + context '!record.staff?' do + it 'permits' do + expect(subject).to permit(admin, john.user) + end + end + + context 'record.staff?' do + it 'denies' do + expect(subject).to_not permit(admin, admin.user) + end + end + end + + context '!admin?' do + it 'denies' do + expect(subject).to_not permit(john, User) + end + end + end + + permissions :confirm? do + context 'staff?' do + context '!record.confirmed?' do + it 'permits' do + john.user.update(confirmed_at: nil) + expect(subject).to permit(admin, john.user) + end + end + + context 'record.confirmed?' do + it 'denies' do + john.user.confirm! + expect(subject).to_not permit(admin, john.user) + end + end + end + + context '!staff?' do + it 'denies' do + expect(subject).to_not permit(john, User) + end + end + end + + permissions :enable? do + context 'staff?' do + it 'permits' do + expect(subject).to permit(admin, User) + end + end + + context '!staff?' do + it 'denies' do + expect(subject).to_not permit(john, User) + end + end + end + + permissions :disable? do + context 'staff?' do + context '!record.admin?' do + it 'permits' do + expect(subject).to permit(admin, john.user) + end + end + + context 'record.admin?' do + it 'denies' do + expect(subject).to_not permit(admin, admin.user) + end + end + end + + context '!staff?' do + it 'denies' do + expect(subject).to_not permit(john, User) + end + end + end + + permissions :promote? do + context 'admin?' do + context 'promoteable?' do + it 'permits' do + expect(subject).to permit(admin, john.user) + end + end + + context '!promoteable?' do + it 'denies' do + expect(subject).to_not permit(admin, admin.user) + end + end + end + + context '!admin?' do + it 'denies' do + expect(subject).to_not permit(john, User) + end + end + end + + permissions :demote? do + context 'admin?' do + context '!record.admin?' do + context 'demoteable?' do + it 'permits' do + john.user.update(moderator: true) + expect(subject).to permit(admin, john.user) + end + end + + context '!demoteable?' do + it 'denies' do + expect(subject).to_not permit(admin, john.user) + end + end + end + + context 'record.admin?' do + it 'denies' do + expect(subject).to_not permit(admin, admin.user) + end + end + end + + context '!admin?' do + it 'denies' do + expect(subject).to_not permit(john, User) + end + end + end +end -- cgit From b93e3178863fee1d6cb1da1f6baa5bb038903af4 Mon Sep 17 00:00:00 2001 From: ysksn Date: Fri, 21 Dec 2018 01:52:07 +0900 Subject: Add specs for policies (#9591) * Add spec for RelayPolicy * Add specs for SubscriptionPolicy * Add specs for SettingsPolicy * Add specs for TagPolicy * Add specs for ReportPolicy --- spec/policies/relay_policy_spec.rb | 24 ++++++++++++++++++++++++ spec/policies/report_policy_spec.rb | 24 ++++++++++++++++++++++++ spec/policies/settings_policy_spec.rb | 24 ++++++++++++++++++++++++ spec/policies/subscription_policy_spec.rb | 24 ++++++++++++++++++++++++ spec/policies/tag_policy_spec.rb | 24 ++++++++++++++++++++++++ 5 files changed, 120 insertions(+) create mode 100644 spec/policies/relay_policy_spec.rb create mode 100644 spec/policies/report_policy_spec.rb create mode 100644 spec/policies/settings_policy_spec.rb create mode 100644 spec/policies/subscription_policy_spec.rb create mode 100644 spec/policies/tag_policy_spec.rb (limited to 'spec/policies') diff --git a/spec/policies/relay_policy_spec.rb b/spec/policies/relay_policy_spec.rb new file mode 100644 index 000000000..640f27d54 --- /dev/null +++ b/spec/policies/relay_policy_spec.rb @@ -0,0 +1,24 @@ +# frozen_string_literal: true + +require 'rails_helper' +require 'pundit/rspec' + +RSpec.describe RelayPolicy do + let(:subject) { described_class } + let(:admin) { Fabricate(:user, admin: true).account } + let(:john) { Fabricate(:user).account } + + permissions :update? do + context 'admin?' do + it 'permits' do + expect(subject).to permit(admin, Relay) + end + end + + context '!admin?' do + it 'denies' do + expect(subject).to_not permit(john, Relay) + end + end + end +end diff --git a/spec/policies/report_policy_spec.rb b/spec/policies/report_policy_spec.rb new file mode 100644 index 000000000..c9ae1e87a --- /dev/null +++ b/spec/policies/report_policy_spec.rb @@ -0,0 +1,24 @@ +# frozen_string_literal: true + +require 'rails_helper' +require 'pundit/rspec' + +RSpec.describe ReportPolicy do + let(:subject) { described_class } + let(:admin) { Fabricate(:user, admin: true).account } + let(:john) { Fabricate(:user).account } + + permissions :update?, :index?, :show? do + context 'staff?' do + it 'permits' do + expect(subject).to permit(admin, Report) + end + end + + context '!staff?' do + it 'denies' do + expect(subject).to_not permit(john, Report) + end + end + end +end diff --git a/spec/policies/settings_policy_spec.rb b/spec/policies/settings_policy_spec.rb new file mode 100644 index 000000000..92f1f4869 --- /dev/null +++ b/spec/policies/settings_policy_spec.rb @@ -0,0 +1,24 @@ +# frozen_string_literal: true + +require 'rails_helper' +require 'pundit/rspec' + +RSpec.describe SettingsPolicy do + let(:subject) { described_class } + let(:admin) { Fabricate(:user, admin: true).account } + let(:john) { Fabricate(:user).account } + + permissions :update?, :show? do + context 'admin?' do + it 'permits' do + expect(subject).to permit(admin, Settings) + end + end + + context '!admin?' do + it 'denies' do + expect(subject).to_not permit(john, Settings) + end + end + end +end diff --git a/spec/policies/subscription_policy_spec.rb b/spec/policies/subscription_policy_spec.rb new file mode 100644 index 000000000..21d60c15f --- /dev/null +++ b/spec/policies/subscription_policy_spec.rb @@ -0,0 +1,24 @@ +# frozen_string_literal: true + +require 'rails_helper' +require 'pundit/rspec' + +RSpec.describe SubscriptionPolicy do + let(:subject) { described_class } + let(:admin) { Fabricate(:user, admin: true).account } + let(:john) { Fabricate(:user).account } + + permissions :index? do + context 'admin?' do + it 'permits' do + expect(subject).to permit(admin, Subscription) + end + end + + context '!admin?' do + it 'denies' do + expect(subject).to_not permit(john, Subscription) + end + end + end +end diff --git a/spec/policies/tag_policy_spec.rb b/spec/policies/tag_policy_spec.rb new file mode 100644 index 000000000..c7afaa7c9 --- /dev/null +++ b/spec/policies/tag_policy_spec.rb @@ -0,0 +1,24 @@ +# frozen_string_literal: true + +require 'rails_helper' +require 'pundit/rspec' + +RSpec.describe TagPolicy do + let(:subject) { described_class } + let(:admin) { Fabricate(:user, admin: true).account } + let(:john) { Fabricate(:user).account } + + permissions :index?, :hide?, :unhide? do + context 'staff?' do + it 'permits' do + expect(subject).to permit(admin, Tag) + end + end + + context '!staff?' do + it 'denies' do + expect(subject).to_not permit(john, Tag) + end + end + end +end -- cgit From 6a2d030c2f5aec5cbfcfd88ab4ec4c12864e35ba Mon Sep 17 00:00:00 2001 From: ysksn Date: Fri, 21 Dec 2018 01:52:18 +0900 Subject: Add specs for ReportNotePolicy (#9592) --- spec/policies/report_note_policy_spec.rb | 48 ++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 spec/policies/report_note_policy_spec.rb (limited to 'spec/policies') diff --git a/spec/policies/report_note_policy_spec.rb b/spec/policies/report_note_policy_spec.rb new file mode 100644 index 000000000..596d7d7a9 --- /dev/null +++ b/spec/policies/report_note_policy_spec.rb @@ -0,0 +1,48 @@ +# frozen_string_literal: true + +require 'rails_helper' +require 'pundit/rspec' + +RSpec.describe ReportNotePolicy do + let(:subject) { described_class } + let(:admin) { Fabricate(:user, admin: true).account } + let(:john) { Fabricate(:user).account } + + permissions :create? do + context 'staff?' do + it 'permits' do + expect(subject).to permit(admin, ReportNote) + end + end + + context '!staff?' do + it 'denies' do + expect(subject).to_not permit(john, ReportNote) + end + end + end + + permissions :destroy? do + context 'admin?' do + it 'permit' do + expect(subject).to permit(admin, ReportNote) + end + end + + context 'admin?' do + context 'owner?' do + it 'permit' do + report_note = Fabricate(:report_note, account: john) + expect(subject).to permit(john, report_note) + end + end + + context '!owner?' do + it 'denies' do + report_note = Fabricate(:report_note) + expect(subject).to_not permit(john, report_note) + end + end + end + end +end -- cgit