account_policy_spec.rb 1.9 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586
  1. # frozen_string_literal: true
  2. require 'rails_helper'
  3. require 'pundit/rspec'
  4. RSpec.describe AccountPolicy do
  5. let(:subject) { described_class }
  6. let(:admin) { Fabricate(:user, admin: true).account }
  7. let(:john) { Fabricate(:user).account }
  8. permissions :index?, :show?, :unsuspend?, :unsilence?, :remove_avatar?, :remove_header? do
  9. context 'staff' do
  10. it 'permits' do
  11. expect(subject).to permit(admin)
  12. end
  13. end
  14. context 'not staff' do
  15. it 'denies' do
  16. expect(subject).to_not permit(john)
  17. end
  18. end
  19. end
  20. permissions :redownload?, :subscribe?, :unsubscribe? do
  21. context 'admin' do
  22. it 'permits' do
  23. expect(subject).to permit(admin)
  24. end
  25. end
  26. context 'not admin' do
  27. it 'denies' do
  28. expect(subject).to_not permit(john)
  29. end
  30. end
  31. end
  32. permissions :suspend?, :silence? do
  33. let(:staff) { Fabricate(:user, admin: true).account }
  34. context 'staff' do
  35. context 'record is staff' do
  36. it 'denies' do
  37. expect(subject).to_not permit(admin, staff)
  38. end
  39. end
  40. context 'record is not staff' do
  41. it 'permits' do
  42. expect(subject).to permit(admin, john)
  43. end
  44. end
  45. end
  46. context 'not staff' do
  47. it 'denies' do
  48. expect(subject).to_not permit(john, Account)
  49. end
  50. end
  51. end
  52. permissions :memorialize? do
  53. let(:other_admin) { Fabricate(:user, admin: true).account }
  54. context 'admin' do
  55. context 'record is admin' do
  56. it 'denies' do
  57. expect(subject).to_not permit(admin, other_admin)
  58. end
  59. end
  60. context 'record is not admin' do
  61. it 'permits' do
  62. expect(subject).to permit(admin, john)
  63. end
  64. end
  65. end
  66. context 'not admin' do
  67. it 'denies' do
  68. expect(subject).to_not permit(john, Account)
  69. end
  70. end
  71. end
  72. end