RubygemsResearch

Sha256: 12844dbaa6e7fca2ec6a5120e8b2a203cea86c1171d85b8cd751c84040153015

Contents?: true

Size: 1.56 KB

Versions: 103

Compression:

Stored size: 1.56 KB

Feature: Authorizing Access

  Ensure that access denied exceptions are managed

  Background:
    Given I am logged in
    And 1 post exists
    And a configuration of:
    """
    class OnlyAuthorsAuthorization < ActiveAdmin::AuthorizationAdapter

      def authorized?(action, subject = nil)
        case subject

        when normalized(Post)
          case action
          when ActiveAdmin::Auth::UPDATE, ActiveAdmin::Auth::DESTROY
            false
          else
            true
          end

        when ActiveAdmin::Page
          if subject.name == "No Access"
            false
          else
            true
          end

        else
          false
        end
      end

    end

    ActiveAdmin.application.namespace(:admin).authorization_adapter = OnlyAuthorsAuthorization

    ActiveAdmin.register Post do
    end

    ActiveAdmin.register_page "No Access" do
    end
    """
    And I am on the index page for posts

  @allow-rescue
  Scenario: Attempt to access a resource I am not authorized to see
    When I go to the last post's edit page
    Then I should see "You are not authorized to perform this action"

  Scenario: Viewing the default action items
    When I follow "View"
    Then I should not see an action item link to "Edit"

  @allow-rescue
  Scenario: Attempting to visit a Page without authorization
    When I go to the admin no access page
    Then I should see "You are not authorized to perform this action"

  @allow-rescue
  Scenario: Viewing a page with authorization
    When I go to the admin dashboard page
    Then I should see "Dashboard"

Version data entries

103 entries across 103 versions & 10 rubygems

Version	Path
lalala-4.0.0.dev.84	vendor/deps/active_admin/features/authorization.feature
lalala-4.0.0.dev.80	vendor/deps/active_admin/features/authorization.feature
lalala-4.0.0.dev.79	vendor/deps/active_admin/features/authorization.feature
lalala-4.0.0.dev.78	vendor/deps/active_admin/features/authorization.feature
lalala-4.0.0.dev.77	vendor/deps/active_admin/features/authorization.feature
lalala-4.0.0.dev.74	vendor/deps/active_admin/features/authorization.feature
lalala-4.0.0.dev.73	vendor/deps/active_admin/features/authorization.feature
lalala-4.0.0.dev.72	vendor/deps/active_admin/features/authorization.feature
lalala-4.0.0.dev.71	vendor/deps/active_admin/features/authorization.feature
lalala-4.0.0.dev.66	vendor/deps/active_admin/features/authorization.feature
lalala-4.0.0.dev.65	vendor/deps/active_admin/features/authorization.feature
activeadmin-0.6.0	features/authorization.feature
lalala-4.0.0.dev.64	vendor/deps/active_admin/features/authorization.feature
lalala-4.0.0.dev.63	vendor/deps/active_admin/features/authorization.feature
lalala-4.0.0.dev.62	vendor/deps/active_admin/features/authorization.feature
lalala-4.0.0.dev.61	vendor/deps/active_admin/features/authorization.feature
lalala-4.0.0.dev.60	vendor/deps/active_admin/features/authorization.feature
lalala-4.0.0.dev.59	vendor/deps/active_admin/features/authorization.feature
lalala-4.0.0.dev.58	vendor/deps/active_admin/features/authorization.feature
lalala-4.0.0.dev.57	vendor/deps/active_admin/features/authorization.feature