spec/authority_spec.rb in authority-2.1.0 vs spec/authority_spec.rb in authority-2.2.0
- old
+ new
@@ -1,7 +1,7 @@
require 'spec_helper'
-require 'support/ability_model'
+require 'support/example_model'
require 'support/user'
describe Authority do
it "should have a default list of abilities" do
@@ -42,15 +42,34 @@
before :each do
@user = User.new
end
+ describe "if given options" do
+
+ it "should check the user's authorization, passing along the options" do
+ options = { :for => 'context' }
+ @user.should_receive(:can_delete?).with(ExampleModel, options).and_return(true)
+ Authority.enforce(:delete, ExampleModel, @user, options)
+ end
+
+ end
+
+ describe "if not given options" do
+
+ it "should check the user's authorization, passing no options" do
+ @user.should_receive(:can_delete?).with(ExampleModel).and_return(true)
+ Authority.enforce(:delete, ExampleModel, @user)
+ end
+
+ end
+
it "should raise a SecurityViolation if the action is unauthorized" do
- expect { Authority.enforce(:update, AbilityModel, @user) }.to raise_error(Authority::SecurityViolation)
+ expect { Authority.enforce(:update, ExampleModel, @user) }.to raise_error(Authority::SecurityViolation)
end
it "should not raise a SecurityViolation if the action is authorized" do
- expect { Authority.enforce(:read, AbilityModel, @user) }.not_to raise_error(Authority::SecurityViolation)
+ expect { Authority.enforce(:read, ExampleModel, @user) }.not_to raise_error(Authority::SecurityViolation)
end
end
describe Authority::SecurityViolation do