cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Pass scopes instead of token to ApiAbility

Browse source
This commit is contained in:
Anton Khorev 2025-02-12 18:13:56 +03:00
parent 304e0ef638
commit 77a2657d33
4 changed files with 55 additions and 60 deletions
Download patch file Download diff file Expand all files Collapse all files

11
test/abilities/api_abilities_test.rb
View file

@ -7,7 +7,8 @@ end
class GuestApiAbilityTest < ApiAbilityTest
test "note permissions for a guest" do
ability = ApiAbility.new nil, nil
scopes = Set.new
ability = ApiAbility.new nil, scopes
[:index, :create, :feed, :show, :search].each do |action|
assert ability.can?(action, Note), "should be able to #{action} Notes"
@ -22,8 +23,8 @@ end
class UserApiAbilityTest < ApiAbilityTest
test "Note permissions" do
user = create(:user)
token = create(:oauth_access_token, :user => user, :scopes => %w[write_notes])
ability = ApiAbility.new user, token
scopes = Set.new %w[write_notes]
ability = ApiAbility.new user, scopes
[:index, :create, :comment, :feed, :show, :search, :close, :reopen].each do |action|
assert ability.can?(action, Note), "should be able to #{action} Notes"
@ -38,8 +39,8 @@ end
class ModeratorApiAbilityTest < ApiAbilityTest
test "Note permissions" do
user = create(:moderator_user)
token = create(:oauth_access_token, :user => user, :scopes => %w[write_notes])
ability = ApiAbility.new user, token
scopes = Set.new %w[write_notes]
ability = ApiAbility.new user, scopes
[:index, :create, :comment, :feed, :show, :search, :close, :reopen, :destroy].each do |action|
assert ability.can?(action, Note), "should be able to #{action} Notes"