RubygemsResearch

Sha256: 4d656740de6e8500d3254cbbb2282b83edf66028c4a8e9e9620d44de8c02a4dc

Contents?: true

Size: 1.95 KB

Versions: 2

Compression:

Stored size: 1.95 KB

require 'spec_helper'

describe UserRolesController do
  let(:ability) do
    ability = Object.new
    ability.extend(CanCan::Ability)
    allow(controller).to receive(:current_ability).and_return(ability)

    ability
  end

  let(:role) do
    Role.create(name: 'foo')
  end

  before(:each) do 
    @routes = Hydra::RoleManagement::Engine.routes
  end

  describe "with a user who cannot edit users" do
    it "should not be able to add a user" do
      expect { post :create, role_id: role, user_key: 'foo@example.com'}.to raise_error CanCan::AccessDenied
    end
    it "should not be able to remove a user" do
      expect { delete :destroy, role_id: role, id: 7}.to raise_error CanCan::AccessDenied
    end
  end

  describe "with a user who can edit users" do
    before do
      ability.can :read, Role
    end
    describe "adding users" do
      before do
        ability.can :add_user, Role
      end
      it "should not be able to add a user that doesn't exist" do
        expect(User).to receive(:find_by_email).with('foo@example.com').and_return(nil)
        post :create, role_id: role, user_key: 'foo@example.com'
        expect(flash[:error]).to eq "Unable to find the user foo@example.com"
      end
      it "should be able to add a user" do
        u = User.create!(email: 'foo@example.com', password: 'password', password_confirmation: 'password')
        post :create, role_id: role, user_key: 'foo@example.com'
        expect(role.reload.users).to eq [u]
      end
    end
    describe "removing users" do
      before do
        ability.can :remove_user, Role
      end
      let (:user) do
        u = User.new(email: 'foo@example.com', password: 'password', password_confirmation: 'password')
        u.roles = [role]
        u.save!
        u
      end
      it "should be able to remove a user" do
        expect(user.roles).to eq [role]
        delete :destroy, role_id: role, id: user.id
        expect(role.reload.users).to eq []
      end
    end
  end
end

Version data entries

2 entries across 2 versions & 1 rubygems

Version	Path
hydra-role-management-0.2.2	spec/controllers/user_roles_controller_spec.rb
hydra-role-management-0.2.1	spec/controllers/user_roles_controller_spec.rb