require File.dirname(__FILE__) + '/../test_helper' class PostTest < Test::Unit::TestCase should_belong_to :user should "be read?" do assert Post.read? end should "be find?" do assert Post.find? end should "be create?" do assert Post.create? end should "not be update?" do assert !Post.update? end should "not be destroy?" do assert !Post.destroy? end should "not error on create" do assert_nothing_raised do Post.create(Factory.attributes_for(:post)) end end context "a post" do setup do assert @post = Factory(:post) end should "not error on find with id" do assert_nothing_raised do Post.find(@post.id) end end should "find post with id" do assert_equal @post, Post.find(@post.id) end should "find post in find all" do assert_include Post.find(:all), @post end should "find post in all" do assert_include Post.all, @post end context "no method is authorized" do setup do Post.stubs(:create?).returns(false) Post.stubs(:find?).returns(false) Post.stubs(:update?).returns(false) Post.stubs(:destroy?).returns(false) end should "error on create" do assert_raise Warrant::AuthorizationError do Post.create(Factory.attributes_for(:post)) end end should "error on update attributes" do assert_raise Warrant::AuthorizationError do @post.update_attributes(:title => 'unauthorized title') end end should "error on update attribute" do assert_raise Warrant::AuthorizationError do @post.update_attribute(:title, 'unauthorized title') end end should "error on save" do assert_raise Warrant::AuthorizationError do @post.save end end should "error on destroy" do assert_raise Warrant::AuthorizationError do @post.destroy end end should "error on find with id" do assert_raise Warrant::AuthorizationError do Post.find(@post.id) end end should "not error on all" do assert_nothing_raised do Post.all end end should "not error on find all" do assert_nothing_raised do Post.find(:all) end end should "not find post in find all" do deny_include Post.find(:all), @post end should "not find post in all" do deny_include Post.all, @post end end end context "AR::Base has current_user" do setup do @user = Factory(:user) ActiveRecord::Base.current_user = @user end context "a post" do setup do @post = Factory(:post) end should "have a current_user" do assert_not_nil @post.current_user end end context "a post with no user" do setup do @post = Factory(:post, :user => nil) end should "not be related to current_user" do assert !@post.related_to_current_user? end end context "a post with an unrelated user" do setup do @user2 = Factory(:user) @post = Factory(:post, :user => @user2) end should "not be related to current_user" do assert !@post.related_to_current_user? end should "be allowed to create" do assert @post.create? end should "be allowed to read" do assert @post.read? end should "be allowed to find" do assert @post.find? end should "not be allowed to update" do assert !@post.update? end should "not be allowed to destroy" do assert !@post.destroy? end end context "a post with belonging to current user" do setup do @post = Factory(:post, :user => @user) end should "be related to current_user" do assert @post.related_to_current_user? end should "be allowed to create" do assert @post.create? end should "be allowed to read" do assert @post.read? end should "be allowed to find" do assert @post.find? end should "be allowed to update" do assert @post.update? end should "be allowed to destroy" do assert @post.destroy? end end end context "a post with all attributes and strict authorization" do setup do @title = 'Are you going to the mall later?' @body = 'That\'s what I\'m asking' @keyword = 'Car is blue' @spam = 'Probably' assert @post = Factory(:post, :title => @title, :body => @body, :keyword => @keyword, :spam => @spam) @obscure_with = 'shhh' @post.stubs(:obscure_spam_with).returns(@obscure_with) @post.stubs(:should_not_obscure_keyword?).returns(false) @post.stubs(:should_obscure_body?).returns(true) end should "obscure title" do assert_nil @post.title end should "obscure body" do assert_nil @post.body end should "obscure keyword" do assert_nil @post.keyword end should "obscure spam" do assert_equal @obscure_with, @post.spam end end context "a post with all attributes and loose authorization" do setup do @title = 'Are you going to the mall later?' @body = 'That\'s what I\'m asking' @keyword = 'Car is blue' @spam = 'Probably' assert @post = Factory(:post, :title => @title, :body => @body, :keyword => @keyword, :spam => @spam) @obscure_with = 'shhh' @post.stubs(:obscure_spam_with).returns(@obscure_with) @post.stubs(:should_not_obscure_keyword?).returns(true) @post.stubs(:should_obscure_body?).returns(false) end should "obscure title" do assert_nil @post.title end should "not obscure body" do assert_equal @body, @post.body end should "not obscure keyword" do assert_equal @keyword, @post.keyword end should "obscure spam" do assert_equal @obscure_with, @post.spam end end should_eventually "error when obscuring a non-existant method" do assert_raise Warrant::AuthorizationError do Post.obscure :invalid_method_here end end end