fix and improve ability coverage to account for tokens

2018-06-10 11:31:54 -04:00 · 2018-06-10 11:31:54 -04:00 · 2a44ff581f
commit 2a44ff581f
parent 060c686c19
1 changed files with 61 additions and 4 deletions
--- a/test/models/abilities_test.rb
+++ b/test/models/abilities_test.rb
@ -4,8 +4,20 @@ require "test_helper"

 class AbilityTest < ActiveSupport::TestCase

+  def tokens(*toks)
+    AccessToken.new do |token|
+      toks.each do |t|
+        token.public_send("#{t}=", true)
+      end
+    end
+  end
+
+end
+
+class GuestAbilityTest < AbilityTest
+
  test "diary permissions for a guest" do
-    ability = Ability.new(nil, [])
+    ability = Ability.new nil, tokens
    [:list, :rss, :view, :comments].each do |action|
      assert ability.can?(action, DiaryEntry), "should be able to #{action} DiaryEntries"
    end
@ -16,8 +28,12 @@ class AbilityTest < ActiveSupport::TestCase
    end
  end

-  test "Diary permissions for a normal user" do
-    ability = Ability.new(create(:user), [])
+end
+
+class UserAbilityTest < AbilityTest
+
+  test "Diary permissions" do
+    ability = Ability.new create(:user), tokens

    [:list, :rss, :view, :comments, :create, :edit, :comment, :subscribe, :unsubscribe].each do |action|
      assert ability.can?(action, DiaryEntry), "should be able to #{action} DiaryEntries"
@ -29,8 +45,39 @@ class AbilityTest < ActiveSupport::TestCase
    end
  end

+  test "user preferences" do
+    user = create(:user)
+    ability = Ability.new create(:user), tokens
+
+    [:read, :read_one, :update, :update_one, :delete_one].each do |act|
+      assert ability.cannot? act, UserPreference
+    end
+
+    ability = Ability.new user, tokens(:allow_read_prefs)
+
+    [:update, :update_one, :delete_one].each do |act|
+      assert ability.cannot? act, UserPreference
+    end
+
+    [:read, :read_one].each do |act|
+      assert ability.can? act, UserPreference
+    end
+
+    ability = Ability.new user, tokens(:allow_write_prefs)
+    [:read, :read_one].each do |act|
+      assert ability.cannot? act, UserPreference
+    end
+
+    [:update, :update_one, :delete_one].each do |act|
+      assert ability.can? act, UserPreference
+    end
+  end
+end
+
+class AdministratorAbilityTest < AbilityTest
+
  test "Diary for an administrator" do
-    ability = Ability.new(create(:administrator_user), [])
+    ability = Ability.new create(:administrator_user), tokens
    [:list, :rss, :view, :comments, :create, :edit, :comment, :subscribe, :unsubscribe, :hide, :hidecomment].each do |action|
      assert ability.can?(action, DiaryEntry), "should be able to #{action} DiaryEntries"
    end
@ -39,4 +86,14 @@ class AbilityTest < ActiveSupport::TestCase
      assert ability.can?(action, DiaryComment), "should be able to #{action} DiaryComment"
    end
  end
+
+  test "administrator does not auto-grant user preferences" do
+    ability = Ability.new create(:administrator_user), tokens
+
+    [:read, :read_one, :update, :update_one, :delete_one].each do |act|
+      assert ability.cannot? act, UserPreference
+    end
+  end
+
+
 end