authority_spec.rb in authority-2.3.0

- old
+ new
@@ -1,102 +1,98 @@
 require 'spec_helper'
-require 'support/example_model'
-require 'support/user'
+require 'support/example_classes'
 
 describe Authority do
 
-  it "should have a default list of abilities" do
-    Authority.abilities.should be_a(Hash)
+  it "has a default list of abilities" do
+    expect(Authority.abilities).to be_a(Hash)
   end
 
-  it "should not allow modification of the Authority.abilities hash directly" do
+  it "does not allow modification of the Authority.abilities hash directly" do
     expect { Authority.abilities[:exchange] = 'fungible' }.to raise_error(
       StandardError, /modify frozen/
     ) # can't modify frozen hash - exact error type and message depends on Ruby version
   end
 
-  it "should have a convenience accessor for the ability verbs" do
-    Authority.verbs.map(&:to_s).sort.should eq(['create', 'delete', 'read', 'update'])
+  it "has a convenience accessor for the ability verbs" do
+    expect(Authority.verbs.map(&:to_s).sort).to eq(%w[create delete read update])
   end
 
-  it "should have a convenience accessor for the ability adjectives" do
-    Authority.adjectives.sort.should eq(%w[creatable deletable readable updatable])
+  it "has a convenience accessor for the ability adjectives" do
+    expect(Authority.adjectives.sort).to eq(%w[creatable deletable readable updatable])
   end
 
   describe "configuring Authority" do
 
-    it "should have a configuration accessor" do
-      Authority.should respond_to(:configuration)
+    it "has a configuration accessor" do
+      expect(Authority).to respond_to(:configuration)
     end
 
-    it "should have a `configure` method" do
-      Authority.should respond_to(:configure)
+    it "has a `configure` method" do
+      expect(Authority).to respond_to(:configure)
     end
 
-    it "should require the remainder of library internals after configuration" do
+    it "requires the remainder of library internals after configuration" do
       Authority.should_receive(:require_authority_internals!)
       Authority.configure
     end
   end
 
   describe "enforcement" do
 
-    before :each do
-      @user = User.new
-    end
+    let(:user)           { ExampleUser.new }
+    let(:resource_class) { ExampleResource }
 
     describe "if given options" do
 
-      it "should check the user's authorization, passing along the options" do
+      it "checks the user's authorization, passing along the options" do
         options = { :for => 'context' }
-        @user.should_receive(:can_delete?).with(ExampleModel, options).and_return(true)
-        Authority.enforce(:delete, ExampleModel, @user, options)
+        user.should_receive(:can_delete?).with(resource_class, options).and_return(true)
+        Authority.enforce(:delete, resource_class, user, options)
       end
 
     end
 
     describe "if not given options" do
 
-      it "should check the user's authorization, passing no options" do
-        @user.should_receive(:can_delete?).with(ExampleModel).and_return(true)
-        Authority.enforce(:delete, ExampleModel, @user)
+      it "checks the user's authorization, passing no options" do
+        user.should_receive(:can_delete?).with(resource_class).and_return(true)
+        Authority.enforce(:delete, resource_class, user)
       end
 
     end
 
-    it "should raise a SecurityViolation if the action is unauthorized" do
-      expect { Authority.enforce(:update, ExampleModel, @user) }.to raise_error(Authority::SecurityViolation)
+    it "raises a SecurityViolation if the action is unauthorized" do
+      expect { Authority.enforce(:update, resource_class, user) }.to raise_error(Authority::SecurityViolation)
     end
 
-    it "should not raise a SecurityViolation if the action is authorized" do
-      expect { Authority.enforce(:read, ExampleModel, @user) }.not_to raise_error(Authority::SecurityViolation)
+    it "doesn't raise a SecurityViolation if the action is authorized" do
+      expect { Authority.enforce(:read, resource_class, user) }.not_to raise_error(Authority::SecurityViolation)
     end
 
   end
 
   describe Authority::SecurityViolation do
 
-    before :each do
-      @user               = "I am a user"
-      @action             = :keelhaul
-      @resource           = "I am a resource"
-      @security_violation = Authority::SecurityViolation.new(@user, @action, @resource)
-    end
+    let(:user)               { :"Cap'n Ned" }
+    let(:action)             { :keelhaul }
+    let(:resource)           { :houseplant }
+    let(:security_violation) { Authority::SecurityViolation.new(user, action, resource) }
 
-    it "should have a reader for the user" do
-      @security_violation.user.should eq(@user)
+    it "has a reader for the user" do
+      expect(security_violation.user).to eq(user)
     end
 
-    it "should have a reader for the action" do
-      @security_violation.action.should eq(@action)
+    it "has a reader for the action" do
+      expect(security_violation.action).to eq(action)
     end
 
-    it "should have a reader for the resource" do
-      @security_violation.resource.should eq(@resource)
+    it "has a reader for the resource" do
+      expect(security_violation.resource).to eq(resource)
     end
 
-    it "should use them all in its message" do
-      @security_violation.message.should eq("#{@user} is not authorized to #{@action} this resource: #{@resource}")
+    it "uses them all in its message" do
+      expect(security_violation.message).to eq("#{user} is not authorized to #{action} this resource: #{resource}")
     end
 
   end
 
 end