spec/models/ability_spec.rb in ddr-models-1.8.0 vs spec/models/ability_spec.rb in ddr-models-1.8.1
- old
+ new
@@ -52,11 +52,11 @@
end
context "and user lacks read permission" do
it { is_expected.not_to be_able_to(:download, resource) }
end
end
-
+ # Component
context "and user has the downloader role", roles: true do
before do
resource.roles.downloader << user.principal_name
resource.save
end
@@ -93,12 +93,59 @@
it { is_expected.not_to be_able_to(:download, resource) }
end
end
end
- context "on a datastream", datastreams: true do
+ context "on a Solr document" do
+ let(:resource) { SolrDocument.new(doc) }
+ context "for a Component" do
+ let(:doc) { {'id'=>'test:1', 'active_fedora_model_ssi'=>'Component'} }
+ context "on which the user has the downloader role" do
+ before { doc.merge!('admin_metadata__downloader_ssim'=>[user.to_s]) }
+ context "but does not have read permission" do
+ it { is_expected.not_to be_able_to(:download, resource) }
+ end
+ context "and has read permission" do
+ before { doc.merge!('read_access_person_ssim'=>[user.to_s]) }
+ it { is_expected.to be_able_to(:download, resource) }
+ end
+ context "and has edit permission" do
+ before { doc.merge!('edit_access_person_ssim'=>[user.to_s]) }
+ it { is_expected.to be_able_to(:download, resource) }
+ end
+ end
+ context "on which the user does NOT have the downloader role" do
+ context "and does not have read permission" do
+ it { is_expected.not_to be_able_to(:download, resource) }
+ end
+ context "but has read permission" do
+ before { doc.merge!('read_access_person_ssim'=>[user.to_s]) }
+ it { is_expected.not_to be_able_to(:download, resource) }
+ end
+ context "but has edit permission" do
+ before { doc.merge!('edit_access_person_ssim'=>[user.to_s]) }
+ it { is_expected.to be_able_to(:download, resource) }
+ end
+ end
+ end
+ context "for a non-Component" do
+ let(:doc) { {'id'=>'test:1', 'active_fedora_model_ssi'=>'Attachment'} }
+ context "on which the user does NOT have read permission" do
+ it { is_expected.not_to be_able_to(:download, resource) }
+ end
+ context "on which the user has read permission" do
+ before { doc.merge!('read_access_person_ssim'=>[user.to_s]) }
+ it { is_expected.to be_able_to(:download, resource) }
+ end
+ context "on which the user has edit permission" do
+ before { doc.merge!('edit_access_person_ssim'=>[user.to_s]) }
+ it { is_expected.to be_able_to(:download, resource) }
+ end
+ end
+ end
+ context "on a datastream", datastreams: true do
context "named 'content'", content: true do
let(:resource) { obj.content }
context "and object is a Component", components: true do
let(:obj) { FactoryGirl.create(:component) }
context "and user does not have the downloader role" do
@@ -111,11 +158,11 @@
end
context "and user lacks read permission on the object" do
it { is_expected.not_to be_able_to(:download, resource) }
end
end
-
+ # Component content datastream
context "and user has the downloader role", roles: true do
before do
obj.roles.downloader << user.principal_name
obj.save
end
@@ -129,11 +176,11 @@
context "and user lacks read permission on the object" do
it { is_expected.not_to be_able_to(:download, resource) }
end
end
end
-
+ # non-Component content datastream
context "and object is not a Component" do
let(:obj) { FactoryGirl.create(:test_content) }
context "and user has read permission on the object" do
before do
obj.read_users = [user.user_key]
@@ -145,10 +192,10 @@
it { is_expected.not_to be_able_to(:download, resource) }
end
end
end
-
+ # datastream - not "content"
context "not named 'content'" do
let(:obj) { FactoryGirl.create(:test_model) }
let(:resource) { obj.descMetadata }
context "and user has read permission on the object" do
before do