1
0

user_policy_spec.rb 2.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115
  1. # frozen_string_literal: true
  2. require 'rails_helper'
  3. require 'pundit/rspec'
  4. RSpec.describe UserPolicy do
  5. subject { described_class }
  6. let(:admin) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')).account }
  7. let(:john) { Fabricate(:account) }
  8. permissions :reset_password?, :change_email? do
  9. context 'when staff?' do
  10. context 'with !record.staff?' do
  11. it 'permits' do
  12. expect(subject).to permit(admin, john.user)
  13. end
  14. end
  15. context 'when record.staff?' do
  16. it 'denies' do
  17. expect(subject).to_not permit(admin, admin.user)
  18. end
  19. end
  20. end
  21. context 'with !staff?' do
  22. it 'denies' do
  23. expect(subject).to_not permit(john, User)
  24. end
  25. end
  26. end
  27. permissions :disable_2fa? do
  28. context 'when admin?' do
  29. context 'with !record.staff?' do
  30. it 'permits' do
  31. expect(subject).to permit(admin, john.user)
  32. end
  33. end
  34. context 'when record.staff?' do
  35. it 'denies' do
  36. expect(subject).to_not permit(admin, admin.user)
  37. end
  38. end
  39. end
  40. context 'with !admin?' do
  41. it 'denies' do
  42. expect(subject).to_not permit(john, User)
  43. end
  44. end
  45. end
  46. permissions :confirm? do
  47. context 'when staff?' do
  48. context 'with !record.confirmed?' do
  49. it 'permits' do
  50. john.user.update(confirmed_at: nil)
  51. expect(subject).to permit(admin, john.user)
  52. end
  53. end
  54. context 'when record.confirmed?' do
  55. it 'denies' do
  56. john.user.mark_email_as_confirmed!
  57. expect(subject).to_not permit(admin, john.user)
  58. end
  59. end
  60. end
  61. context 'with !staff?' do
  62. it 'denies' do
  63. expect(subject).to_not permit(john, User)
  64. end
  65. end
  66. end
  67. permissions :enable? do
  68. context 'when staff?' do
  69. it 'permits' do
  70. expect(subject).to permit(admin, User)
  71. end
  72. end
  73. context 'with !staff?' do
  74. it 'denies' do
  75. expect(subject).to_not permit(john, User)
  76. end
  77. end
  78. end
  79. permissions :disable? do
  80. context 'when staff?' do
  81. context 'with !record.admin?' do
  82. it 'permits' do
  83. expect(subject).to permit(admin, john.user)
  84. end
  85. end
  86. context 'when record.admin?' do
  87. it 'denies' do
  88. expect(subject).to_not permit(admin, admin.user)
  89. end
  90. end
  91. end
  92. context 'with !staff?' do
  93. it 'denies' do
  94. expect(subject).to_not permit(john, User)
  95. end
  96. end
  97. end
  98. end