account_policy_spec.rb 2.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120
  1. # frozen_string_literal: true
  2. require 'rails_helper'
  3. require 'pundit/rspec'
  4. RSpec.describe AccountPolicy do
  5. let(:subject) { described_class }
  6. let(:admin) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')).account }
  7. let(:john) { Fabricate(:account) }
  8. let(:alice) { Fabricate(:account) }
  9. permissions :index? do
  10. context 'staff' do
  11. it 'permits' do
  12. expect(subject).to permit(admin)
  13. end
  14. end
  15. context 'not staff' do
  16. it 'denies' do
  17. expect(subject).to_not permit(john)
  18. end
  19. end
  20. end
  21. permissions :show?, :unsilence?, :unsensitive?, :remove_avatar?, :remove_header? do
  22. context 'staff' do
  23. it 'permits' do
  24. expect(subject).to permit(admin, alice)
  25. end
  26. end
  27. context 'not staff' do
  28. it 'denies' do
  29. expect(subject).to_not permit(john, alice)
  30. end
  31. end
  32. end
  33. permissions :unsuspend?, :unblock_email? do
  34. before do
  35. alice.suspend!
  36. end
  37. context 'staff' do
  38. it 'permits' do
  39. expect(subject).to permit(admin, alice)
  40. end
  41. end
  42. context 'not staff' do
  43. it 'denies' do
  44. expect(subject).to_not permit(john, alice)
  45. end
  46. end
  47. end
  48. permissions :redownload? do
  49. context 'admin' do
  50. it 'permits' do
  51. expect(subject).to permit(admin)
  52. end
  53. end
  54. context 'not admin' do
  55. it 'denies' do
  56. expect(subject).to_not permit(john)
  57. end
  58. end
  59. end
  60. permissions :suspend?, :silence? do
  61. let(:staff) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')).account }
  62. context 'staff' do
  63. context 'record is staff' do
  64. it 'denies' do
  65. expect(subject).to_not permit(admin, staff)
  66. end
  67. end
  68. context 'record is not staff' do
  69. it 'permits' do
  70. expect(subject).to permit(admin, john)
  71. end
  72. end
  73. end
  74. context 'not staff' do
  75. it 'denies' do
  76. expect(subject).to_not permit(john, Account)
  77. end
  78. end
  79. end
  80. permissions :memorialize? do
  81. let(:other_admin) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')).account }
  82. context 'admin' do
  83. context 'record is admin' do
  84. it 'denies' do
  85. expect(subject).to_not permit(admin, other_admin)
  86. end
  87. end
  88. context 'record is not admin' do
  89. it 'permits' do
  90. expect(subject).to permit(admin, john)
  91. end
  92. end
  93. end
  94. context 'not admin' do
  95. it 'denies' do
  96. expect(subject).to_not permit(john, Account)
  97. end
  98. end
  99. end
  100. end