invite_policy_spec.rb 1.6 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576
  1. # frozen_string_literal: true
  2. require 'rails_helper'
  3. require 'pundit/rspec'
  4. RSpec.describe InvitePolicy do
  5. let(:subject) { described_class }
  6. let(:admin) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')).account }
  7. let(:john) { Fabricate(:user).account }
  8. permissions :index? do
  9. context 'staff?' do
  10. it 'permits' do
  11. expect(subject).to permit(admin, Invite)
  12. end
  13. end
  14. end
  15. permissions :create? do
  16. context 'has privilege' do
  17. before do
  18. UserRole.everyone.update(permissions: UserRole::FLAGS[:invite_users])
  19. end
  20. it 'permits' do
  21. expect(subject).to permit(john, Invite)
  22. end
  23. end
  24. context 'does not have privilege' do
  25. before do
  26. UserRole.everyone.update(permissions: UserRole::Flags::NONE)
  27. end
  28. it 'denies' do
  29. expect(subject).to_not permit(john, Invite)
  30. end
  31. end
  32. end
  33. permissions :deactivate_all? do
  34. context 'admin?' do
  35. it 'permits' do
  36. expect(subject).to permit(admin, Invite)
  37. end
  38. end
  39. context 'not admin?' do
  40. it 'denies' do
  41. expect(subject).to_not permit(john, Invite)
  42. end
  43. end
  44. end
  45. permissions :destroy? do
  46. context 'owner?' do
  47. it 'permits' do
  48. expect(subject).to permit(john, Fabricate(:invite, user: john.user))
  49. end
  50. end
  51. context 'not owner?' do
  52. context 'admin?' do
  53. it 'permits' do
  54. expect(subject).to permit(admin, Fabricate(:invite))
  55. end
  56. end
  57. context 'not admin?' do
  58. it 'denies' do
  59. expect(subject).to_not permit(john, Fabricate(:invite))
  60. end
  61. end
  62. end
  63. end
  64. end