docs/testing.md in action_policy-0.4.3 vs docs/testing.md in action_policy-0.4.4
- old
+ new
@@ -110,10 +110,12 @@
**NOTE:** the DSL is included only to example with the tag `type: :policy` or in the `spec/policies` folder. If you want to add this DSL to other examples, add `include ActionPolicy::RSpec::PolicyExampleGroup`.
### Testing scopes
+#### Active Record relation example
+
There is no single rule on how to test scopes, 'cause it dependes on the _nature_ of the scope.
Here's an example of RSpec tests for Active Record scoping rules:
```ruby
@@ -154,10 +156,39 @@
end
end
end
```
+#### Action Controller params example
+
+Here's an example of RSpec tests for Action Controller parameters scoping rules:
+
+```ruby
+describe PostPolicy do
+ describe "params scope" do
+ let(:user) { build_stubbed :user }
+ let(:context) { {user: user} }
+
+ let(:params) { {name: "a", password: "b"} }
+ let(:target) { ActionController::Parameters.new(params) }
+
+ # it's easier to asses the hash representation, not the AC::Params object
+ subject { policy.apply_scope(target, type: :action_controller_params).to_h }
+
+ context "as user" do
+ it { is_expected.to eq({name: "a"}) }
+ end
+
+ context "as manager" do
+ before { user.update!(role: :manager) }
+
+ it { is_expected.to eq({name: "a", password: "b"}) }
+ end
+ end
+end
+```
+
## Testing authorization
To test the act of authorization you have to make sure that the `authorize!` method is called with the appropriate arguments.
Action Policy provides tools for such kind of testing for Minitest and RSpec.
@@ -328,6 +359,32 @@
expect { subject }.to have_authorized_scope(:scope)
.with_scope_options(matching(with_deleted: a_falsey_value))
.with_target { |target|
expect(target).to eq(User.all)
}
+```
+
+
+## Testing views
+
+When you test views that call policies methods as `allowed_to?`, your may have `Missing policy authorization context: user` error.
+You may need to stub `current_user` to resolve the issue.
+
+Consider an RSpec example:
+
+```ruby
+describe "users/index.html.slim" do
+ let(:user) { build_stubbed :user }
+ let(:users) { create_list(:user, 2) }
+
+ before do
+ allow(controller).to receive(:current_user).and_return(user)
+
+ assign :users, users
+ render
+ end
+
+ describe "displays user#index correctly" do
+ it { expect(rendered).to have_link(users.first.email, href: edit_user_path(users.first)) }
+ end
+end
```