This repository has been archived by the owner on Dec 28, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 4
/
ability_spec.rb
76 lines (60 loc) · 2.32 KB
/
ability_spec.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
require 'spec_helper'
require 'cancan/matchers'
describe 'User' do
let(:admin_user) { create(:user, :admin) }
let(:admin_user_super) { create(:user, :super_admin, occupation: :administrative) }
let(:user) { FactoryBot.build(:user, id: 1) }
subject(:ability) { Ability.new(user) }
describe 'abilities admin' do
let(:ability_admin) { Ability.new(admin_user) }
it "can manage it's own punches" do
expect(ability_admin).to be_able_to :manage, Punch.new(user: admin_user)
end
it "can't delete Company" do
expect(ability_admin).to_not be_able_to :destroy, Company.new
end
it "can't delete Projects" do
expect(ability_admin).to_not be_able_to :destroy, Project.new
end
it "can't edit punch" do
expect(ability_admin).to_not be_able_to :edit, Punch.new
end
it "can't delete punch" do
expect(ability_admin).to_not be_able_to :destroy, Punch.new
end
it "can't manage Company" do
expect(ability_admin).to_not be_able_to :manage, Company.new
end
end
describe 'abilities super admin' do
let(:ability_admin_super) { Ability.new(admin_user_super) }
it 'able to manage punch' do
expect(ability_admin_super).to be_able_to :manage, Punch.new
end
it 'able to manage Company' do
expect(ability_admin_super).to be_able_to :manage, Company.new
end
it 'able to manage Projects' do
expect(ability_admin_super).to be_able_to :manage, Project.new
end
end
describe 'abilities user' do
context 'when is creating punches' do
it { is_expected.not_to be_able_to(:manage, Punch.new) }
end
context 'when is trying to manage Company' do
it { is_expected.not_to be_able_to(:manage, Company.new) }
end
context 'when is trying to manage Projects' do
it { is_expected.not_to be_able_to(:manage, Project.new) }
end
context 'when is trying to perform operations on Users' do
it { is_expected.to be_able_to(:read, User.new(company_id: user.company.id)) }
it { is_expected.not_to be_able_to(:read, User.new) }
it { is_expected.to be_able_to(:edit, User.new(id: user.id)) }
it { is_expected.not_to be_able_to(:edit, User.new) }
it { is_expected.to be_able_to(:update, User.new(id: user.id)) }
it { is_expected.not_to be_able_to(:update, User.new) }
end
end
end