policy_spec.rb in access-granted-1.3.3

- old
+ new

@@ -141,10 +141,20 @@
           expect(err.action).to eq(:create)
           expect(err.subject).to eq(Integer)
         end
       end
 
+      it "raises AccessDenied with supplied message if action is not allowed" do
+        message = 'You are not allowed to create Integer'
+        expect { klass.new(@member).authorize!(:create, Integer, message) }.to raise_error do |err|
+          expect(err).to be_a(AccessGranted::AccessDenied)
+          expect(err.action).to eq(:create)
+          expect(err.subject).to eq(Integer)
+          expect(err.message).to eq(message)
+        end
+      end
+
       it "returns the subject if allowed" do
         expect(klass.new(@member).authorize!(:create, String)).to equal String
       end
     end
   end
@@ -186,21 +196,30 @@
 
       expect(role.find_permission(:read, String).granted).to eq(true)
     end
   end
 
-  describe "#matching_roles" do
+  describe "#applicable_roles" do
     let(:user) { double("User", is_moderator: true, is_admin: true) }
+    subject(:policy) { klass.new(user) }
 
     before do
       policy.role(:administrator, { is_admin:     true })
       policy.role(:moderator,     { is_moderator: true })
       policy.role(:member)
     end
 
-    shared_examples 'role matcher' do
+    context "user matches all roles" do
       it "returns all matching roles in the order of priority" do
-        expect(subject.map(&:name)).to eq([:administrator, :moderator, :member])
+        expect(policy.applicable_roles.map(&:name)).to eq([:administrator, :moderator, :member])
+      end
+    end
+
+    context "user is just an admin" do
+      let(:user) { double("User", is_moderator: false, is_admin: true) }
+
+      it 'returns array with admin and member roles' do
+        expect(policy.applicable_roles.map(&:name)).to eq([:administrator, :member])
       end
     end
   end
 end