1 # frozen_string_literal: true
5 class AbilityTest < ActiveSupport::TestCase
8 AccessToken.new do |token|
10 token.public_send("#{t}=", true)
17 class GuestAbilityTest < AbilityTest
19 test "diary permissions for a guest" do
20 ability = Ability.new nil, tokens
21 [:list, :rss, :view, :comments].each do |action|
22 assert ability.can?(action, DiaryEntry), "should be able to #{action} DiaryEntries"
25 [:create, :edit, :comment, :subscribe, :unsubscribe, :hide, :hidecomment].each do |action|
26 assert ability.cannot?(action, DiaryEntry), "should be able to #{action} DiaryEntries"
27 assert ability.cannot?(action, DiaryComment), "should be able to #{action} DiaryEntries"
33 class UserAbilityTest < AbilityTest
35 test "Diary permissions" do
36 ability = Ability.new create(:user), tokens
38 [:list, :rss, :view, :comments, :create, :edit, :comment, :subscribe, :unsubscribe].each do |action|
39 assert ability.can?(action, DiaryEntry), "should be able to #{action} DiaryEntries"
42 [:hide, :hidecomment].each do |action|
43 assert ability.cannot?(action, DiaryEntry), "should be able to #{action} DiaryEntries"
44 assert ability.cannot?(action, DiaryComment), "should be able to #{action} DiaryEntries"
48 test "user preferences" do
50 ability = Ability.new create(:user), tokens
52 [:read, :read_one, :update, :update_one, :delete_one].each do |act|
53 assert ability.cannot? act, UserPreference
56 ability = Ability.new user, tokens(:allow_read_prefs)
58 [:update, :update_one, :delete_one].each do |act|
59 assert ability.cannot? act, UserPreference
62 [:read, :read_one].each do |act|
63 assert ability.can? act, UserPreference
66 ability = Ability.new user, tokens(:allow_write_prefs)
67 [:read, :read_one].each do |act|
68 assert ability.cannot? act, UserPreference
71 [:update, :update_one, :delete_one].each do |act|
72 assert ability.can? act, UserPreference
77 class AdministratorAbilityTest < AbilityTest
79 test "Diary for an administrator" do
80 ability = Ability.new create(:administrator_user), tokens
81 [:list, :rss, :view, :comments, :create, :edit, :comment, :subscribe, :unsubscribe, :hide, :hidecomment].each do |action|
82 assert ability.can?(action, DiaryEntry), "should be able to #{action} DiaryEntries"
85 [:hide, :hidecomment].each do |action|
86 assert ability.can?(action, DiaryComment), "should be able to #{action} DiaryComment"
90 test "administrator does not auto-grant user preferences" do
91 ability = Ability.new create(:administrator_user), tokens
93 [:read, :read_one, :update, :update_one, :delete_one].each do |act|
94 assert ability.cannot? act, UserPreference