raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-03-25 05:45:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add cancan ability tests on enterprise user roles

Browse Source
This commit is contained in:
David Cook
2013-08-06 11:12:37 +10:00
parent 7a92d99817
commit 0a7c5d4992
2 changed files with 105 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

72
spec/models/ability_spec.rb Normal file
View File

@@ -0,0 +1,72 @@
require 'spec_helper'
require "cancan/matchers"
require 'support/cancan_helper'
module Spree
describe User do
describe 'Roles' do
# create enterprises
let(:e1) { create(:enterprise) }
let(:e2) { create(:enterprise) }
let(:d1) { create(:distributor_enterprise) }
# create product for each enterprise
let(:p1) { create(:product, supplier: e1) }
let(:p2) { create(:product, supplier: e2) }
# create order
# let(:order) { create(:order, distributor: d1, bill_address: create(:address)) }
subject { user }
let(:user){ nil }
context "when is an enterprise user" do
# create enterprise user without full admin access
let (:user) do
user = create(:user)
user.spree_roles = []
e1.enterprise_roles.build(user: user).save
user
end
let (:order) {create(:order, )}
it "should be able to read/write their enterprises' products" do
should have_ability([:admin, :read, :update, :bulk_edit, :clone, :destroy], for: p1)
end
it "should be able to create a new product" do
should have_ability(:create, for: Spree::Product)
end
it "should be able to read/write their enterprises' product variants" do
should have_ability([:admin, :index, :read, :create, :edit], for: Spree::Variant)
end
it "should be able to read/write their enterprises' product properties" do
should have_ability([:admin, :index, :read, :create, :edit], for: Spree::ProductProperty)
end
it "should be able to read/write their enterprises' product images" do
should have_ability([:admin, :index, :read, :create, :edit], for: Spree::Image)
end
it "should be able to read Taxons (in order to create classifications)" do
should have_ability([:admin, :index, :read, :search], for: Spree::Taxon)
end
it "should be able to read/write Classifications on a product" do
should have_ability([:admin, :index, :read, :create, :edit], for: Spree::Classification)
end
#TODO: definitely should check this on enterprise_roles
it "should be able to read their enterprises' orders" # do
# should have_ability([:admin, :index, :read], for: o1)
# end
end
end
end
end

33
spec/support/cancan_helper.rb Normal file
View File

@@ -0,0 +1,33 @@
# From: https://github.com/ryanb/cancan/wiki/Testing-Abilities#rspec
require "cancan/matchers"
module Spree
RSpec::Matchers.define :have_ability do |ability_hash, options = {}|
match do |user|
ability = Ability.new(user)
target = options[:for]
@ability_result = {}
ability_hash = {ability_hash => true} if ability_hash.is_a? Symbol # e.g.: :create => {:create => true}
ability_hash = ability_hash.inject({}){|_, i| _.merge({i=>true}) } if ability_hash.is_a? Array # e.g.: [:create, :read] => {:create=>true, :read=>true}
ability_hash.each do |action, true_or_false|
@ability_result[action] = ability.can?(action, target)
end
!ability_hash.diff(@ability_result).any?
end
failure_message_for_should do |user|
ability_hash,options = expected
ability_hash = {ability_hash => true} if ability_hash.is_a? Symbol # e.g.: :create
ability_hash = ability_hash.inject({}){|_, i| _.merge({i=>true}) } if ability_hash.is_a? Array # e.g.: [:create, :read] => {:create=>true, :read=>true}
target = options[:for]
message = "expected User:#{user} to have ability:#{ability_hash} for #{target}, but actual result is #{@ability_result}"
end
#to clean up output of RSpec Documentation format
description do
target = expected.last[:for]
"have ability #{ability_hash.keys.join(", ")} for #{target.class.name}"
end
end
end