midgard/tap
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #79 from ZeusWPI/tests

Browse source 
Rewrite ability
This commit is contained in:
benji 2015-12-01 21:56:54 +01:00
commit 0b0e766c86
2 changed files with 2 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
app/models/ability.rb
View file

@ -25,9 +25,7 @@ class Ability
def initialize_user(user) def initialize_user(user)
can :read, :all can :read, :all
can :manage, User, id: user.id can :manage, User, id: user.id
can :create, Order do |order| can :create, Order, user: user
order.try(:user) == user
end
can :destroy, Order do |order| can :destroy, Order do |order|
order.try(:user) == user && order.deletable order.try(:user) == user && order.deletable
end end

1
spec/models/ability_spec.rb
View file

@ -24,6 +24,7 @@ describe User do
it{ should be_able_to(:destroy, Order.new(user: user, created_at: (Rails.application.config.call_api_after - 1.minutes).ago)) } it{ should be_able_to(:destroy, Order.new(user: user, created_at: (Rails.application.config.call_api_after - 1.minutes).ago)) }
it{ should_not be_able_to(:destroy, Order.new(user: user, created_at: 10.minutes.ago)) } it{ should_not be_able_to(:destroy, Order.new(user: user, created_at: 10.minutes.ago)) }
it{ should_not be_able_to(:create, Order.new) } it{ should_not be_able_to(:create, Order.new) }
it{ should_not be_able_to(:create, Order.new(user: create(:user))) }
it{ should_not be_able_to(:update, Order.new) } it{ should_not be_able_to(:update, Order.new) }
it{ should be_able_to(:read, Product.new) } it{ should be_able_to(:read, Product.new) }