172 lines
4.9 KiB
Ruby
172 lines
4.9 KiB
Ruby
|
require 'rails_helper'
|
||
|
|
||
|
describe UserPolicy do
|
||
|
subject { described_class.new(user, record) }
|
||
|
|
||
|
context 'when user is an admin' do
|
||
|
let(:user) { create(:user, roles: [partial_admin_role]) }
|
||
|
|
||
|
context 'with "admin.user" privileges' do
|
||
|
let(:partial_admin_role) do
|
||
|
create(:role).tap { |role| role.permission_grant('admin.user') }
|
||
|
end
|
||
|
|
||
|
context 'wants to read, change, or delete any user' do
|
||
|
|
||
|
context 'when record is an admin user' do
|
||
|
let(:record) { create(:admin_user) }
|
||
|
|
||
|
it { is_expected.to permit_actions(%i[show update destroy]) }
|
||
|
end
|
||
|
|
||
|
context 'when record is an agent user' do
|
||
|
let(:record) { create(:agent_user) }
|
||
|
|
||
|
it { is_expected.to permit_actions(%i[show update destroy]) }
|
||
|
end
|
||
|
|
||
|
context 'when record is a customer user' do
|
||
|
let(:record) { create(:customer_user) }
|
||
|
|
||
|
it { is_expected.to permit_actions(%i[show update destroy]) }
|
||
|
end
|
||
|
|
||
|
context 'when record is any user' do
|
||
|
let(:record) { create(:user) }
|
||
|
|
||
|
it { is_expected.to permit_actions(%i[show update destroy]) }
|
||
|
end
|
||
|
|
||
|
context 'when record is the same user' do
|
||
|
let(:record) { user }
|
||
|
|
||
|
it { is_expected.to permit_actions(%i[show update destroy]) }
|
||
|
end
|
||
|
end
|
||
|
end
|
||
|
|
||
|
context 'without "admin.user" privileges' do
|
||
|
let(:partial_admin_role) do
|
||
|
create(:role).tap { |role| role.permission_grant('admin.tag') }
|
||
|
end
|
||
|
|
||
|
context 'when record is an admin user' do
|
||
|
let(:record) { create(:admin_user) }
|
||
|
|
||
|
it { is_expected.to permit_action(:show) }
|
||
|
it { is_expected.not_to permit_actions(%i[update destroy]) }
|
||
|
end
|
||
|
|
||
|
context 'when record is an agent user' do
|
||
|
let(:record) { create(:agent_user) }
|
||
|
|
||
|
it { is_expected.to permit_action(:show) }
|
||
|
it { is_expected.not_to permit_actions(%i[update destroy]) }
|
||
|
end
|
||
|
|
||
|
context 'when record is a customer user' do
|
||
|
let(:record) { create(:customer_user) }
|
||
|
|
||
|
it { is_expected.to permit_action(:show) }
|
||
|
it { is_expected.not_to permit_actions(%i[update destroy]) }
|
||
|
end
|
||
|
|
||
|
context 'when record is any user' do
|
||
|
let(:record) { create(:user) }
|
||
|
|
||
|
it { is_expected.to permit_action(:show) }
|
||
|
it { is_expected.not_to permit_actions(%i[update destroy]) }
|
||
|
end
|
||
|
|
||
|
context 'when record is the same user' do
|
||
|
let(:record) { user }
|
||
|
|
||
|
it { is_expected.to permit_action(:show) }
|
||
|
it { is_expected.not_to permit_actions(%i[update destroy]) }
|
||
|
end
|
||
|
end
|
||
|
end
|
||
|
|
||
|
context 'when user is an agent' do
|
||
|
let(:user) { create(:agent_user) }
|
||
|
|
||
|
context 'when record is an admin user' do
|
||
|
let(:record) { create(:admin_user) }
|
||
|
|
||
|
it { is_expected.to permit_action(:show) }
|
||
|
it { is_expected.not_to permit_actions(%i[update destroy]) }
|
||
|
end
|
||
|
|
||
|
context 'when record is an agent user' do
|
||
|
let(:record) { create(:agent_user) }
|
||
|
|
||
|
it { is_expected.to permit_action(:show) }
|
||
|
it { is_expected.not_to permit_actions(%i[update destroy]) }
|
||
|
end
|
||
|
|
||
|
context 'when record is a customer user' do
|
||
|
let(:record) { create(:customer_user) }
|
||
|
|
||
|
it { is_expected.to permit_actions(%i[show update]) }
|
||
|
it { is_expected.not_to permit_action(:destroy) }
|
||
|
end
|
||
|
|
||
|
context 'when record is any user' do
|
||
|
let(:record) { create(:user) }
|
||
|
|
||
|
it { is_expected.to permit_action(:show) }
|
||
|
it { is_expected.not_to permit_actions(%i[update destroy]) }
|
||
|
end
|
||
|
|
||
|
context 'when record is the same user' do
|
||
|
let(:record) { user }
|
||
|
|
||
|
it { is_expected.to permit_action(:show) }
|
||
|
it { is_expected.not_to permit_actions(%i[update destroy]) }
|
||
|
end
|
||
|
end
|
||
|
|
||
|
context 'when user is a customer' do
|
||
|
let(:user) { create(:customer_user) }
|
||
|
|
||
|
context 'when record is an admin user' do
|
||
|
let(:record) { create(:admin_user) }
|
||
|
|
||
|
it { is_expected.not_to permit_actions(%i[show update destroy]) }
|
||
|
end
|
||
|
|
||
|
context 'when record is an agent user' do
|
||
|
let(:record) { create(:agent_user) }
|
||
|
|
||
|
it { is_expected.not_to permit_actions(%i[show update destroy]) }
|
||
|
end
|
||
|
|
||
|
context 'when record is a customer user' do
|
||
|
let(:record) { create(:customer_user) }
|
||
|
|
||
|
it { is_expected.not_to permit_actions(%i[show update destroy]) }
|
||
|
end
|
||
|
|
||
|
context 'when record is any user' do
|
||
|
let(:record) { create(:user) }
|
||
|
|
||
|
it { is_expected.not_to permit_actions(%i[show update destroy]) }
|
||
|
end
|
||
|
|
||
|
context 'when record is a colleague' do
|
||
|
let(:user) { create(:customer_user, :with_org) }
|
||
|
let(:record) { create(:customer_user, organization: user.organization) }
|
||
|
|
||
|
it { is_expected.to permit_action(:show) }
|
||
|
it { is_expected.not_to permit_actions(%i[update destroy]) }
|
||
|
end
|
||
|
|
||
|
context 'when record is the same user' do
|
||
|
let(:record) { user }
|
||
|
|
||
|
it { is_expected.to permit_action(:show) }
|
||
|
it { is_expected.not_to permit_actions(%i[update destroy]) }
|
||
|
end
|
||
|
end
|
||
|
end
|