abilities_spec.rb in authority-2.0.1

- old
+ new

@@ -33,18 +33,14 @@
       AbilityModel.authorizer_name.should_not_receive(:constantize)
       AbilityModel.authorizer
     end
 
     it "should raise a friendly error if the authorizer doesn't exist" do
-      AbilityModel.instance_variable_set(:@authorizer, nil)
-      AbilityModel.authorizer_name = 'NonExistentAuthorizer'
-      expect { AbilityModel.authorizer }.to raise_error(Authority::NoAuthorizerError)
-
-      # Cleanup to prevent affecting other tests
-      # TODO: Clean up this cleanup code. :)
-      AbilityModel.instance_variable_set(:@authorizer, nil)
-      AbilityModel.authorizer_name = 'ApplicationAuthorizer'
+      class NoAuthorizerModel < AbilityModel; end ;
+      NoAuthorizerModel.instance_variable_set(:@authorizer, nil)
+      NoAuthorizerModel.authorizer_name = 'NonExistentAuthorizer'
+      expect { NoAuthorizerModel.authorizer }.to raise_error(Authority::NoAuthorizerError)
     end
 
   end
 
   describe "class methods" do
@@ -89,11 +85,12 @@
 
     it "should provide an accessor for its authorizer" do
       @ability_model.should respond_to(:authorizer)
     end
 
-    # TODO: Nathan will comment more clearly in the future
-    # aka "don't memoize" (to prevent dirty models from contaminating authorization)
+    # When checking instance methods, we want to ensure that every check uses a new
+    # instance of the authorizer. Otherwise, you might check, make a change to the
+    # model instance, check again, and get an outdated answer.
     it "should always create a new authorizer instance when accessing the authorizer" do
       @ability_model.class.authorizer.should_receive(:new).with(@ability_model).twice
       2.times { @ability_model.authorizer }
     end
 