ref: master
vendor/plugins/access_control/test/permission_check_test.rb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 |
require_relative 'test_helper' class PermissionCheckTest < ActionController::TestCase def setup @controller = AccessControlTestController.new end def test_access_denied get :index assert_response 403 assert_template 'shared/access_denied' end def test_specific_permission_granted user = AccessControlTestAccessor.create!(:name => 'other_user') role = Role.create!(:name => 'other_role', :permissions => ['do_some_stuff']) resource = AccessControlTestResource.create!(:name => 'some_resource') assert user.add_role(role, resource) assert user.has_permission?('do_some_stuff', resource) get :other_stuff, :user => user.id, :resource => resource.id assert_response :success assert_template nil end def test_try_render_shared_access_denied_view File.expects(:exists?).with(File.join(Rails.root, 'app', 'views', 'access_control', 'access_denied.html.erb')) File.expects(:exists?).with(File.join(Rails.root, 'app', 'views', 'shared', 'access_denied.html.erb')) AccessControlTestController.access_denied_template_path end def test_allow_access_to_user_with_one_of_multiple_permissions user = AccessControlTestAccessor.create!(:name => 'other_user') role = Role.create!(:name => 'other_role', :permissions => ['permission1']) resource = AccessControlTestResource.create!(:name => 'some_resource') assert user.add_role(role, resource) assert user.has_permission?('permission1', resource) get :stuff_with_multiple_permission, :user => user.id, :resource => resource.id assert_response :success end end |