spec/authority/controller_spec.rb in authority-3.2.0 vs spec/authority/controller_spec.rb in authority-3.2.1
- old
+ new
@@ -136,10 +136,20 @@
new_actions = {:synthesize => :create}
child_controller.authorize_actions_for(resource_class, :actions => new_actions)
expect(child_controller.authority_action_map).to eq(updated_map)
end
+ it "if :opts option is given, it extracts extra options for the authorization check" do
+ controller_class.authorize_actions_for(resource_class, :args => [:foo, :bar])
+ expect(controller_class.authority_arguments).to eq([:foo, :bar])
+ end
+
+ it "if :opts option wasn't given, no extra options are set" do
+ controller_class.authorize_actions_for(resource_class)
+ expect(controller_class.authority_arguments?).not_to be true
+ end
+
end
describe "authority_resource" do
let(:child_controller) { Class.new(controller_class) }
@@ -278,9 +288,30 @@
it "checks authorization on the model specified" do
expect(controller_instance).to receive(:authorize_action_for).with(resource_class)
controller_instance.send(:run_authorization_check)
end
+ end
+
+ context "if extra opts were specified" do
+
+ let(:resource_class) { Hash }
+ let(:controller_class) do
+ Class.new(ExampleController).tap do |c|
+ c.send(:include, Authority::Controller)
+ c.authorize_actions_for(:method_to_find_class, args: [:extra, :args])
+ end
+ end
+
+ before :each do
+ allow(controller_instance).to receive(:method_to_find_class).and_return(resource_class)
+ end
+
+ it "uses extra args in authorization check" do
+ expect(controller_instance).to receive(:authorize_action_for).with(resource_class, :extra, :args)
+ controller_instance.send(:run_authorization_check)
+ end
+
end
context "if a method for determining the class was specified" do
let(:resource_class) { Hash }