2015-09-07 12:26:07 +00:00
|
|
|
require 'cancan/matchers'
|
2015-09-04 16:13:58 +00:00
|
|
|
|
|
|
|
describe User do
|
2015-09-07 12:26:07 +00:00
|
|
|
describe 'abilities' do
|
2015-09-04 16:13:58 +00:00
|
|
|
subject(:ability){ Ability.new(user) }
|
|
|
|
let(:user) { nil}
|
|
|
|
|
2015-09-07 12:26:07 +00:00
|
|
|
describe 'as admin' do
|
2015-09-04 16:13:58 +00:00
|
|
|
let(:user) { create :admin }
|
|
|
|
|
|
|
|
it{ should be_able_to(:manage, Product.new) }
|
|
|
|
it{ should be_able_to(:manage, Order.new) }
|
|
|
|
it{ should be_able_to(:manage, Stock.new) }
|
|
|
|
it{ should be_able_to(:manage, User.new) }
|
|
|
|
end
|
|
|
|
|
2015-09-07 12:26:07 +00:00
|
|
|
describe 'as normal user' do
|
2015-09-04 16:13:58 +00:00
|
|
|
let(:user) { create :user }
|
|
|
|
|
|
|
|
it{ should be_able_to(:read, Product.new) }
|
|
|
|
it{ should_not be_able_to(:manage, Product.new) }
|
|
|
|
|
2015-09-14 18:55:49 +00:00
|
|
|
it{ should be_able_to(:create, Order.new(user: user)) }
|
2015-09-18 18:59:06 +00:00
|
|
|
it{ should be_able_to(:delete, Order.new(user: user, created_at: Rails.application.config.call_api_after.minutes.ago)) }
|
2015-09-14 18:55:49 +00:00
|
|
|
it{ should_not be_able_to(:delete, Order.new(user: user, created_at: 10.minutes.ago)) }
|
2015-09-04 16:13:58 +00:00
|
|
|
it{ should_not be_able_to(:manage, Order.new) }
|
|
|
|
|
|
|
|
it{ should_not be_able_to(:manage, Stock.new) }
|
|
|
|
|
|
|
|
it{ should be_able_to(:manage, user) }
|
|
|
|
it{ should_not be_able_to(:manage, User.new) }
|
|
|
|
end
|
|
|
|
|
2015-09-07 12:26:07 +00:00
|
|
|
describe 'as koelkast' do
|
2015-09-04 16:13:58 +00:00
|
|
|
let(:user) { create :koelkast }
|
|
|
|
|
|
|
|
it{ should_not be_able_to(:manage, Product.new) }
|
|
|
|
it{ should be_able_to(:manage, Order.new) }
|
|
|
|
it{ should_not be_able_to(:manage, Stock.new) }
|
|
|
|
it{ should_not be_able_to(:manage, User.new) }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|