Edit abiltiy test
This commit is contained in:
parent
6403835872
commit
a28c89469e
|
@ -9,7 +9,9 @@ class Ability
|
||||||
if user.admin?
|
if user.admin?
|
||||||
can :manage, :all
|
can :manage, :all
|
||||||
elsif user.koelkast?
|
elsif user.koelkast?
|
||||||
can :manage, Order
|
can :manage, Order do |order|
|
||||||
|
!order.try(:user).try(:private)
|
||||||
|
end
|
||||||
can :quickpay, User
|
can :quickpay, User
|
||||||
else
|
else
|
||||||
can :read, :all
|
can :read, :all
|
||||||
|
|
|
@ -5,37 +5,44 @@ describe User do
|
||||||
subject(:ability){ Ability.new(user) }
|
subject(:ability){ Ability.new(user) }
|
||||||
let(:user) { nil}
|
let(:user) { nil}
|
||||||
|
|
||||||
|
# Admin
|
||||||
describe 'as admin' do
|
describe 'as admin' do
|
||||||
let(:user) { create :admin }
|
let(:user) { create :admin }
|
||||||
|
|
||||||
it{ should be_able_to(:manage, Product.new) }
|
|
||||||
it{ should be_able_to(:manage, Order.new) }
|
it{ should be_able_to(:manage, Order.new) }
|
||||||
|
it{ should be_able_to(:manage, OrderItem.new) }
|
||||||
|
it{ should be_able_to(:manage, Product.new) }
|
||||||
it{ should be_able_to(:manage, Stock.new) }
|
it{ should be_able_to(:manage, Stock.new) }
|
||||||
it{ should be_able_to(:manage, User.new) }
|
it{ should be_able_to(:manage, User.new) }
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# Normal User
|
||||||
describe 'as normal user' do
|
describe 'as normal user' do
|
||||||
let(:user) { create :user }
|
let(:user) { create :user }
|
||||||
|
|
||||||
it{ should be_able_to(:read, Product.new) }
|
|
||||||
it{ should_not be_able_to(:manage, Product.new) }
|
|
||||||
|
|
||||||
it{ should be_able_to(:create, Order.new(user: user)) }
|
it{ should be_able_to(:create, Order.new(user: user)) }
|
||||||
it{ should be_able_to(:delete, Order.new(user: user, created_at: (Rails.application.config.call_api_after - 1.minutes).ago)) }
|
it{ should be_able_to(:delete, Order.new(user: user, created_at: (Rails.application.config.call_api_after - 1.minutes).ago)) }
|
||||||
it{ should_not be_able_to(:delete, Order.new(user: user, created_at: 10.minutes.ago)) }
|
it{ should_not be_able_to(:delete, Order.new(user: user, created_at: 10.minutes.ago)) }
|
||||||
it{ should_not be_able_to(:manage, Order.new) }
|
it{ should_not be_able_to(:create, Order.new) }
|
||||||
|
it{ should_not be_able_to(:update, Order.new) }
|
||||||
|
|
||||||
it{ should_not be_able_to(:manage, Stock.new) }
|
it{ should be_able_to(:read, Product.new) }
|
||||||
|
it{ should_not be_able_to(:delete, Product.new) }
|
||||||
|
it{ should_not be_able_to(:update, Product.new) }
|
||||||
|
|
||||||
|
it{ should_not be_able_to(:create, Stock.new) }
|
||||||
|
|
||||||
it{ should be_able_to(:manage, user) }
|
it{ should be_able_to(:manage, user) }
|
||||||
it{ should_not be_able_to(:manage, User.new) }
|
it{ should_not be_able_to(:create, User.new) }
|
||||||
|
it{ should_not be_able_to(:update, User.new) }
|
||||||
end
|
end
|
||||||
|
|
||||||
describe 'as koelkast' do
|
describe 'as koelkast' do
|
||||||
let(:user) { create :koelkast }
|
let(:user) { create :koelkast }
|
||||||
|
|
||||||
it{ should_not be_able_to(:manage, Product.new) }
|
it{ should_not be_able_to(:manage, Product.new) }
|
||||||
it{ should be_able_to(:manage, Order.new) }
|
it{ should be_able_to(:manage, Order.new, user: create(:user)) }
|
||||||
|
it{ should_not be_able_to(:create, build(:order, user: create(:user, private: true))) }
|
||||||
it{ should_not be_able_to(:manage, Stock.new) }
|
it{ should_not be_able_to(:manage, Stock.new) }
|
||||||
it{ should_not be_able_to(:manage, User.new) }
|
it{ should_not be_able_to(:manage, User.new) }
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue