Sutty/trabajo-afectivo
5
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
trabajo-afectivo/spec/policies/ticket_policy_spec.rb

43 lines
1.3 KiB
Ruby
Raw Normal View History

Refactoring: Replaced home-rolled authorization logic in Controllers with Pundit.
2020-03-19 09:39:51 +00:00
require 'rails_helper'
describe TicketPolicy do
subject { described_class.new(user, record) }
let(:record) { create(:ticket) }
context 'when given tickets owner' do
let(:user) { record.owner }
it { is_expected.to permit_actions(%i[show full]) }
end
context 'when given a user that is neither owner nor customer' do
Refactoring: Restore consistency by replacing *_user suffix factories with just customer, admin and agent factory name.
2020-06-19 09:17:18 +00:00
let(:user) { create(:agent) }
Refactoring: Replaced home-rolled authorization logic in Controllers with Pundit.
2020-03-19 09:39:51 +00:00
it { is_expected.not_to permit_actions(%i[show full]) }
context 'but the user is an agent with full access to tickets group' do
before { user.group_names_access_map = { record.group.name => 'full' } }
it { is_expected.to permit_actions(%i[show full]) }
end
context 'but the user is a customer from the same organization as tickets customer' do
let(:record) { create(:ticket, customer: customer) }
Refactoring: Restore consistency by replacing *_user suffix factories with just customer, admin and agent factory name.
2020-06-19 09:17:18 +00:00
let(:customer) { create(:customer, organization: create(:organization)) }
let(:user) { create(:customer, organization: customer.organization) }
Refactoring: Replaced home-rolled authorization logic in Controllers with Pundit.
2020-03-19 09:39:51 +00:00
context 'and organization.shared is true (default)' do
it { is_expected.to permit_actions(%i[show full]) }
end
context 'but organization.shared is false' do
before { customer.organization.update(shared: false) }
it { is_expected.not_to permit_actions(%i[show full]) }
end
end
end
end
Reference in a new issue Copy permalink