diff --git a/spec/dummy_app/app/controllers/players_controller.rb b/spec/dummy_app/app/controllers/players_controller.rb new file mode 100644 index 0000000000..5d5704030b --- /dev/null +++ b/spec/dummy_app/app/controllers/players_controller.rb @@ -0,0 +1,5 @@ +class PlayersController < ApplicationController + def show + @player = Player.find(params[:id]) + end +end \ No newline at end of file diff --git a/spec/dummy_app/app/views/players/show.html.haml b/spec/dummy_app/app/views/players/show.html.haml new file mode 100644 index 0000000000..db7b052711 --- /dev/null +++ b/spec/dummy_app/app/views/players/show.html.haml @@ -0,0 +1 @@ +%h1=@player.name \ No newline at end of file diff --git a/spec/dummy_app/config/routes.rb b/spec/dummy_app/config/routes.rb index 359b593d4d..dcf0fd3b52 100644 --- a/spec/dummy_app/config/routes.rb +++ b/spec/dummy_app/config/routes.rb @@ -1,4 +1,7 @@ DummyApp::Application.routes.draw do + # Needed for :show_in_app tests + resources :players, :only => [:show] + mount RailsAdmin::Engine => '/admin', :as => 'rails_admin' devise_for :users root :to => "rails_admin::Main#dashboard" diff --git a/spec/requests/authorization/cancan_spec.rb b/spec/requests/authorization/cancan_spec.rb index a9518d52c4..501f6081ab 100644 --- a/spec/requests/authorization/cancan_spec.rb +++ b/spec/requests/authorization/cancan_spec.rb @@ -11,9 +11,11 @@ def initialize(user) can :update, Player, :retired => false if user.roles.include? :update_player can :destroy, Player, :retired => false if user.roles.include? :destroy_player can :history, Player, :retired => false if user.roles.include? :history_player + can :show_in_app, Player, :retired => false if user.roles.include? :show_in_app_player else can :access, :rails_admin can :manage, :all + can :show_in_app, :all cannot [:update, :destroy], Player, :retired => true end end @@ -23,6 +25,7 @@ class AdminAbility include CanCan::Ability def initialize(user) can :access, :rails_admin if user.roles.include? :admin + can :show_in_app, :all can :manage, :all end end @@ -80,6 +83,7 @@ def initialize(user) should_not have_css('.edit_object_link') should_not have_css('.delete_object_link') should_not have_css('.history_object_link') + should_not have_css('.show_in_app_object_link') end it "GET /admin/team should raise CanCan::AccessDenied" do @@ -141,6 +145,7 @@ def initialize(user) should_not have_content("Add new") should_not have_content("Delete") should_not have_content("History") + should_not have_content("Show in app") fill_in "player[name]", :with => "Jackie Robinson" click_button "Save" @player.reload @@ -182,6 +187,29 @@ def initialize(user) end end + describe "with show in app role" do + it 'shows links to show in app action' do + + @user.update_attribute(:roles, [:admin, :read_player, :show_in_app_player]) + @player = FactoryGirl.create :player + + visit index_path(:model_name => "player") + should have_css('.show_object_link') + should_not have_css('.edit_object_link') + should_not have_css('.delete_object_link') + should_not have_css('.history_object_link') + should have_css('.show_in_app_object_link') + + visit show_path(:model_name => 'player', :id => @player.id) + should have_content("Show") + should_not have_content("Edit") + should_not have_content("Delete") + should_not have_content("History") + should have_content("Show in app") + + end + end + describe "with all roles" do it 'shows links to all actions' do @@ -193,12 +221,14 @@ def initialize(user) should have_css('.edit_object_link') should have_css('.delete_object_link') should have_css('.history_object_link') + should have_css('.show_in_app_object_link') visit show_path(:model_name => 'player', :id => @player.id) should have_content("Show") should have_content("Edit") should have_content("Delete") should have_content("History") + should have_content("Show in app") end end @@ -314,4 +344,4 @@ def initialize(user) end end -end +end \ No newline at end of file