38 lines
966 B
Ruby
38 lines
966 B
Ruby
# frozen_string_literal: true
|
|
require 'test_helper'
|
|
|
|
class UserPolicyTest < PolicyAssertions::Test
|
|
test 'should require current_user' do
|
|
assert_raise Pundit::NotAuthorizedError do
|
|
UserPolicy.new(nil, User.first).view?
|
|
end
|
|
end
|
|
|
|
test 'should allow admin to scope' do
|
|
scope = UserPolicy::Scope.new(users(:admin), User).resolve
|
|
assert_equal User.count, scope.count
|
|
end
|
|
|
|
test 'should not allow non_admin' do
|
|
assert_raise Pundit::NotAuthorizedError do
|
|
UserPolicy::Scope.new(users(:manager), User).resolve
|
|
end
|
|
end
|
|
|
|
def test_view
|
|
assert_permit users(:admin), User.first
|
|
|
|
refute_permit users(:manager), User.first
|
|
refute_permit users(:reviewer), User.first
|
|
refute_permit users(:recruiter), User.first
|
|
end
|
|
|
|
def test_create_and_update
|
|
assert_permit users(:admin), User
|
|
|
|
refute_permit users(:manager), User
|
|
refute_permit users(:reviewer), User
|
|
refute_permit users(:recruiter), User
|
|
end
|
|
end
|