spec/authority_spec.rb in authority-1.1.0 vs spec/authority_spec.rb in authority-2.0.0

@@ -52,6 +52,33 @@
       expect { Authority.enforce(:read, AbilityModel, @user) }.not_to raise_error(Authority::SecurityViolation)
     end
 
   end
 
+  describe Authority::SecurityViolation do
+
+    before :each do
+      @user               = "I am a user"
+      @action             = :keelhaul
+      @resource           = "I am a resource"
+      @security_violation = Authority::SecurityViolation.new(@user, @action, @resource)
+    end
+
+    it "should have a reader for the user" do
+      @security_violation.user.should eq(@user)
+    end
+
+    it "should have a reader for the action" do
+      @security_violation.action.should eq(@action)
+    end
+
+    it "should have a reader for the resource" do
+      @security_violation.resource.should eq(@resource)
+    end
+
+    it "should use them all in its message" do
+      @security_violation.message.should eq("#{@user} is not authorized to #{@action} this resource: #{@resource}")
+    end
+
+  end
+
 end