Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

refactor action_role_spec

  • Loading branch information...
commit 7a645a2a11b068de1f0c9cd753205fd0714414f7 1 parent d9e657a
@lazylester lazylester authored
Showing with 50 additions and 44 deletions.
  1. +50 −44 spec/models/action_role_spec.rb
View
94 spec/models/action_role_spec.rb
@@ -2,58 +2,64 @@
describe 'permits_access_for class method' do
- before(:each) do
- @role = Role.create(:name => 'chief')
- @controller = Controller.create(:controller_name => 'traveller')
- @action = Action.create(:action_name => 'travel', :controller_id => @controller.id)
- @user = FactoryGirl.create(:user, :login => 'just_me')
- @user_role = UserRole.create(:role_id => @role.id, :user_id => @user.id)
- @action_role = ActionRole.create(:action_id => @action.id, :role_id => @role.id)
- end
+ subject{ access_permitted }
+ let(:role){ Role.create(:name => 'chief') }
+ let(:controller){ Controller.create(:controller_name => 'traveller') }
+ let(:action){ Action.create(:action_name => 'travel', :controller_id => controller.id) }
+ before { ActionRole.create(:action_id => action.id, :role_id => role.id) }
- it "action is permitted for user's role" do
- ActionRole.permits_access_for(@controller.controller_name, @action.action_name, @user.roles(true).map(&:id)).should == true
- end
+ context "access based on user's permitted roles" do
+ before(:each) do
+ @user = FactoryGirl.create(:user, :login => 'just_me')
+ UserRole.create(:role_id => role.id, :user_id => @user.id)
+ end
- it "action is not permitted for user's role" do
- ActionRole.permits_access_for(@controller.controller_name, 'some_action', @user.roles(true).map(&:id)).should == false
- end
+ let(:access_permitted){ ActionRole.permits_access_for(controller.controller_name, action.action_name, @user.roles(true).map(&:id)) }
- it "different user tries to access the action" do
- @user = FactoryGirl.create(:user, :login => 'another_person')
- ActionRole.permits_access_for(@controller.controller_name, @action.action_name, @user.roles.map(&:id)).should == false
- end
+ context "user accesses a permitted action" do
+ it { should == true }
+ end
- it "user has a role that does not permit access to the requested action" do
- UserRole.delete_all
- @user_role = UserRole.create(:role_id => 555, :user_id => @user.id)
- ActionRole.permits_access_for(@controller.controller_name, @action.action_name, @user.user_roles.map(&:role_id)).should == false
- end
+ context "user accesses an action not assigned to the user's role" do
+ before { action.action_name = "some_action" }
+ it { should == false }
+ end
- it "user's role does not permit access to the requested action" do
- ActionRole.delete_all
- @action_role = ActionRole.create(:action_id => @action.id, :role_id => 555)
- ActionRole.permits_access_for(@controller.controller_name, @action.action_name, @user.roles(true).map(&:id)).should == false
- end
-end
+ context "user has no roles assigned" do
+ before { @user = FactoryGirl.create(:user, :login => 'another_person') }
+ it { should == false }
+ end
-describe "permits_access_for class method" do
- before(:each) do
- @role = Role.create(:name => 'chief')
- @another_role = Role.create(:name => 'minion')
- @controller = Controller.create(:controller_name => 'traveller')
- @action = Action.create(:action_name => 'travel', :controller_id => @controller.id)
- @user = FactoryGirl.create(:user, :login => 'just_me')
- @action_role = ActionRole.create(:action_id => @action.id, :role_id => @role.id)
- end
+ context "user has a role that does not permit access to the requested action" do
+ before {
+ UserRole.delete_all
+ UserRole.create(:role_id => 555, :user_id => @user.id)
+ }
+ it { should == false }
+ end
- it "should permit when one of the passed-in roles has an action_role that links to the passed in controller/action" do
- role_ids = [@role.id]
- ActionRole.permits_access_for(@controller.controller_name, @action.action_name, role_ids).should == true
+ context "user's role does not permit access to the requested action" do
+ before {
+ ActionRole.delete_all
+ ActionRole.create(:action_id => action.id, :role_id => 555)
+ }
+ it { should == false }
+ end
end
- it "should not permit when none of the passed-in roles has an action role for the passed-in controller/action" do
- role_ids = [@another_role.id]
- ActionRole.permits_access_for(@controller.controller_name, @action.action_name, role_ids).should == false
+ context "access based on role id" do
+ let(:another_role){ Role.create(:name => 'minion') }
+ let(:user){ FactoryGirl.create(:user, :login => 'just_me') }
+ let(:access_permitted){ ActionRole.permits_access_for(controller.controller_name, action.action_name, @role_ids) }
+
+ context "should permit when one of the passed-in roles has an action_role that links to the passed in controller/action" do
+ before {@role_ids = [role.id]}
+ it { should == true }
+ end
+
+ context "should not permit when none of the passed-in roles has an action role for the passed-in controller/action" do
+ before { @role_ids = [another_role.id] }
+ it { should == false }
+ end
end
end
Please sign in to comment.
Something went wrong with that request. Please try again.