lib/pundit/matchers.rb in pundit-matchers-1.6.0 vs lib/pundit/matchers.rb in pundit-matchers-1.7.0
- old
+ new
@@ -41,11 +41,12 @@
.inspect + '.'
end
end
end
- RSpec::Matchers.define :forbid_actions do |actions|
+ RSpec::Matchers.define :forbid_actions do |*actions|
+ actions.flatten!
match do |policy|
return false if actions.count < 1
@allowed_actions = actions.select do |action|
policy.public_send("#{action}?")
end
@@ -202,16 +203,37 @@
policy.public_send(Pundit::Matchers.configuration.user_alias)
.inspect + '.'
end
end
- RSpec::Matchers.define :permit_actions do |actions|
+ RSpec::Matchers.define :permit_actions do |*actions|
+ actions.flatten!
match do |policy|
return false if actions.count < 1
@forbidden_actions = actions.reject do |action|
policy.public_send("#{action}?")
end
@forbidden_actions.empty?
+ end
+
+ match_when_negated do |policy|
+ ::Kernel.warn 'Using expect { }.not_to permit_actions could produce \
+ confusing results. Please use `.to forbid_actions` instead. To \
+ clarify, `.not_to permit_actions` will look at all of the actions and \
+ checks if ANY actions fail, not if all actions fail. Therefore, you \
+ could result in something like this: \
+
+ it { is_expected.to permit_actions([:new, :create, :edit]) } \
+ it { is_expected.not_to permit_actions([:edit, :destroy]) } \
+
+ In this case, edit would be true and destroy would be false, but both \
+ tests would pass.'
+
+ return true if actions.count < 1
+ @forbidden_actions = actions.reject do |action|
+ policy.public_send("#{action}?")
+ end
+ !@forbidden_actions.empty?
end
attr_reader :forbidden_actions
zero_actions_failure_message = 'At least one action must be specified ' \