abunchtell
/
mastodon
1
0
Fork 0
Code Issues 0 Activity
The code powering m.abunchtell.com https://m.abunchtell.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8571 Commits
1 Branch
94 MiB
 
 
 
 
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
mastodon/spec/policies/user_policy_spec.rb

168 lines
3.5 KiB
Raw Permalink Blame History 

  1. # frozen_string_literal: true

  2. 

  3. require 'rails_helper'

  4. require 'pundit/rspec'

  5. 

  6. RSpec.describe UserPolicy do

  7.   let(:subject) { described_class }

  8.   let(:admin)   { Fabricate(:user, admin: true).account }

  9.   let(:john)    { Fabricate(:user).account }

  10. 

  11.   permissions :reset_password?, :change_email? do

  12.     context 'staff?' do

  13.       context '!record.staff?' do

  14.         it 'permits' do

  15.           expect(subject).to permit(admin, john.user)

  16.         end

  17.       end

  18. 

  19.       context 'record.staff?' do

  20.         it 'denies' do

  21.           expect(subject).to_not permit(admin, admin.user)

  22.         end

  23.       end

  24.     end

  25. 

  26.     context '!staff?' do

  27.       it 'denies' do

  28.         expect(subject).to_not permit(john, User)

  29.       end

  30.     end

  31.   end

  32. 

  33.   permissions :disable_2fa? do

  34.     context 'admin?' do

  35.       context '!record.staff?' do

  36.         it 'permits' do

  37.           expect(subject).to permit(admin, john.user)

  38.         end

  39.       end

  40. 

  41.       context 'record.staff?' do

  42.         it 'denies' do

  43.           expect(subject).to_not permit(admin, admin.user)

  44.         end

  45.       end

  46.     end

  47. 

  48.     context '!admin?' do

  49.       it 'denies' do

  50.         expect(subject).to_not permit(john, User)

  51.       end

  52.     end

  53.   end

  54. 

  55.   permissions :confirm? do

  56.     context 'staff?' do

  57.       context '!record.confirmed?' do

  58.         it 'permits' do

  59.           john.user.update(confirmed_at: nil)

  60.           expect(subject).to permit(admin, john.user)

  61.         end

  62.       end

  63. 

  64.       context 'record.confirmed?' do

  65.         it 'denies' do

  66.           john.user.confirm!

  67.           expect(subject).to_not permit(admin, john.user)

  68.         end

  69.       end

  70.     end

  71. 

  72.     context '!staff?' do

  73.       it 'denies' do

  74.         expect(subject).to_not permit(john, User)

  75.       end

  76.     end

  77.   end

  78. 

  79.   permissions :enable? do

  80.     context 'staff?' do

  81.       it 'permits' do

  82.         expect(subject).to permit(admin, User)

  83.       end

  84.     end

  85. 

  86.     context '!staff?' do

  87.       it 'denies' do

  88.         expect(subject).to_not permit(john, User)

  89.       end

  90.     end

  91.   end

  92. 

  93.   permissions :disable? do

  94.     context 'staff?' do

  95.       context '!record.admin?' do

  96.         it 'permits' do

  97.           expect(subject).to permit(admin, john.user)

  98.         end

  99.       end

  100. 

  101.       context 'record.admin?' do

  102.         it 'denies' do

  103.           expect(subject).to_not permit(admin, admin.user)

  104.         end

  105.       end

  106.     end

  107. 

  108.     context '!staff?' do

  109.       it 'denies' do

  110.         expect(subject).to_not permit(john, User)

  111.       end

  112.     end

  113.   end

  114. 

  115.   permissions :promote? do

  116.     context 'admin?' do

  117.       context 'promoteable?' do

  118.         it 'permits' do

  119.           expect(subject).to permit(admin, john.user)

  120.         end

  121.       end

  122. 

  123.       context '!promoteable?' do

  124.         it 'denies' do

  125.           expect(subject).to_not permit(admin, admin.user)

  126.         end

  127.       end

  128.     end

  129. 

  130.     context '!admin?' do

  131.       it 'denies' do

  132.         expect(subject).to_not permit(john, User)

  133.       end

  134.     end

  135.   end

  136. 

  137.   permissions :demote? do

  138.     context 'admin?' do

  139.       context '!record.admin?' do

  140.         context 'demoteable?' do

  141.           it 'permits' do

  142.             john.user.update(moderator: true)

  143.             expect(subject).to permit(admin, john.user)

  144.           end

  145.         end

  146. 

  147.         context '!demoteable?' do

  148.           it 'denies' do

  149.             expect(subject).to_not permit(admin, john.user)

  150.           end

  151.         end

  152.       end

  153. 

  154.       context 'record.admin?' do

  155.         it 'denies' do

  156.           expect(subject).to_not permit(admin, admin.user)

  157.         end

  158.       end

  159.     end

  160. 

  161.     context '!admin?' do

  162.       it 'denies' do

  163.         expect(subject).to_not permit(john, User)

  164.       end

  165.     end

  166.   end

  167. end