Sha256: 726b0ca34c0293687eb20b22c177d47c9284558a41439f4367e248db7ba93022
Contents?: true
Size: 1.85 KB
Versions: 1
Compression:
Stored size: 1.85 KB
Contents
require 'spec_helper'
describe Outpost::Model::Authorization do
describe "#can_manage?" do
let(:permission1) { create :permission, resource: "Post" }
let(:permission2) { create :permission, resource: "Pidgeon" }
context "superuser" do
let(:superuser) { create :user, is_superuser: true }
it "is true for superusers" do
superuser.can_manage?("anything").should eq true
end
end
context "non-superuser" do
let(:user) { create :user, is_superuser: false }
it "is true if the user can manage all of the passed-in resources" do
user.permissions += [permission1, permission2]
user.can_manage?(Post, Pidgeon).should eq true
end
it "is false if the user can manage only some of the passed-in resources" do
user.permissions += [permission1]
user.can_manage?(Post, Pidgeon).should eq false
end
end
end
#--------------------
describe '#allowed_resource' do
let(:permission1) { create :permission, resource: "Post" }
let(:permission2) { create :permission, resource: "Pidgeon" }
context 'superuser' do
before :each do
# eager load
permission1
permission2
end
let(:superuser) { create :user, is_superuser: true }
it 'returns all Permissions' do
superuser.allowed_resources.should eq [Post, Pidgeon]
end
end
context 'user' do
let(:user) { create :user, is_superuser: false }
it "returns only that user's permissions" do
user.permissions = [permission1]
user.allowed_resources.should eq [Post]
end
it "ignores missing constants" do
bad_permission = create :permission, resource: "NotAModel"
user.permissions = [permission1, bad_permission]
user.allowed_resources.should eq [Post]
end
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| outpost-cms-0.0.3 | spec/lib/model/authorization_spec.rb |