1
0

account_policy_spec.rb 3.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159
  1. # frozen_string_literal: true
  2. require 'rails_helper'
  3. RSpec.describe AccountPolicy do
  4. subject { described_class }
  5. let(:admin) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')).account }
  6. let(:john) { Fabricate(:account) }
  7. let(:alice) { Fabricate(:account) }
  8. permissions :index? do
  9. context 'when staff' do
  10. it 'permits' do
  11. expect(subject).to permit(admin)
  12. end
  13. end
  14. context 'when not staff' do
  15. it 'denies' do
  16. expect(subject).to_not permit(john)
  17. end
  18. end
  19. end
  20. permissions :show?, :unsilence?, :unsensitive?, :remove_avatar?, :remove_header?, :sensitive?, :warn? do
  21. context 'when staff' do
  22. it 'permits' do
  23. expect(subject).to permit(admin, alice)
  24. end
  25. end
  26. context 'when not staff' do
  27. it 'denies' do
  28. expect(subject).to_not permit(john, alice)
  29. end
  30. end
  31. end
  32. permissions :unsuspend?, :unblock_email? do
  33. before do
  34. alice.suspend!
  35. end
  36. context 'when staff' do
  37. it 'permits' do
  38. expect(subject).to permit(admin, alice)
  39. end
  40. end
  41. context 'when not staff' do
  42. it 'denies' do
  43. expect(subject).to_not permit(john, alice)
  44. end
  45. end
  46. end
  47. permissions :redownload? do
  48. context 'when admin' do
  49. it 'permits' do
  50. expect(subject).to permit(admin)
  51. end
  52. end
  53. context 'when not admin' do
  54. it 'denies' do
  55. expect(subject).to_not permit(john)
  56. end
  57. end
  58. end
  59. permissions :suspend?, :silence? do
  60. let(:staff) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')).account }
  61. context 'when staff' do
  62. context 'when record is staff' do
  63. it 'denies' do
  64. expect(subject).to_not permit(admin, staff)
  65. end
  66. end
  67. context 'when record is not staff' do
  68. it 'permits' do
  69. expect(subject).to permit(admin, john)
  70. end
  71. end
  72. end
  73. context 'when not staff' do
  74. it 'denies' do
  75. expect(subject).to_not permit(john, Account)
  76. end
  77. end
  78. end
  79. permissions :memorialize? do
  80. let(:other_admin) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')).account }
  81. context 'when admin' do
  82. context 'when record is admin' do
  83. it 'denies' do
  84. expect(subject).to_not permit(admin, other_admin)
  85. end
  86. end
  87. context 'when record is not admin' do
  88. it 'permits' do
  89. expect(subject).to permit(admin, john)
  90. end
  91. end
  92. end
  93. context 'when not admin' do
  94. it 'denies' do
  95. expect(subject).to_not permit(john, Account)
  96. end
  97. end
  98. end
  99. permissions :review? do
  100. context 'when admin' do
  101. it 'permits' do
  102. expect(subject).to permit(admin)
  103. end
  104. end
  105. context 'when not admin' do
  106. it 'denies' do
  107. expect(subject).to_not permit(john)
  108. end
  109. end
  110. end
  111. permissions :destroy? do
  112. context 'when admin' do
  113. context 'with a temporarily suspended account' do
  114. before { allow(alice).to receive(:suspended_temporarily?).and_return(true) }
  115. it 'permits' do
  116. expect(subject).to permit(admin, alice)
  117. end
  118. end
  119. context 'with a not temporarily suspended account' do
  120. before { allow(alice).to receive(:suspended_temporarily?).and_return(false) }
  121. it 'denies' do
  122. expect(subject).to_not permit(admin, alice)
  123. end
  124. end
  125. end
  126. context 'when not admin' do
  127. it 'denies' do
  128. expect(subject).to_not permit(john, alice)
  129. end
  130. end
  131. end
  132. end