X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/060c686c1923534d2899ee129cc740e0f2fa7c9f..2a44ff581f4c547a3637ea52567a3398b1d8bfe0:/test/models/abilities_test.rb

diff --git a/test/models/abilities_test.rb b/test/models/abilities_test.rb
index bc8e24781..4976b0925 100644
--- a/test/models/abilities_test.rb
+++ b/test/models/abilities_test.rb
@@ -4,8 +4,20 @@ require "test_helper"
 
 class AbilityTest < ActiveSupport::TestCase
 
+  def tokens(*toks)
+    AccessToken.new do |token|
+      toks.each do |t|
+        token.public_send("#{t}=", true)
+      end
+    end
+  end
+
+end
+
+class GuestAbilityTest < AbilityTest
+
   test "diary permissions for a guest" do
-    ability = Ability.new(nil, [])
+    ability = Ability.new nil, tokens
     [:list, :rss, :view, :comments].each do |action|
       assert ability.can?(action, DiaryEntry), "should be able to #{action} DiaryEntries"
     end
@@ -16,8 +28,12 @@ class AbilityTest < ActiveSupport::TestCase
     end
   end
 
-  test "Diary permissions for a normal user" do
-    ability = Ability.new(create(:user), [])
+end
+
+class UserAbilityTest < AbilityTest
+
+  test "Diary permissions" do
+    ability = Ability.new create(:user), tokens
 
     [:list, :rss, :view, :comments, :create, :edit, :comment, :subscribe, :unsubscribe].each do |action|
       assert ability.can?(action, DiaryEntry), "should be able to #{action} DiaryEntries"
@@ -29,8 +45,39 @@ class AbilityTest < ActiveSupport::TestCase
     end
   end
 
+  test "user preferences" do
+    user = create(:user)
+    ability = Ability.new create(:user), tokens
+
+    [:read, :read_one, :update, :update_one, :delete_one].each do |act|
+      assert ability.cannot? act, UserPreference
+    end
+
+    ability = Ability.new user, tokens(:allow_read_prefs)
+
+    [:update, :update_one, :delete_one].each do |act|
+      assert ability.cannot? act, UserPreference
+    end
+
+    [:read, :read_one].each do |act|
+      assert ability.can? act, UserPreference
+    end
+
+    ability = Ability.new user, tokens(:allow_write_prefs)
+    [:read, :read_one].each do |act|
+      assert ability.cannot? act, UserPreference
+    end
+
+    [:update, :update_one, :delete_one].each do |act|
+      assert ability.can? act, UserPreference
+    end
+  end
+end
+
+class AdministratorAbilityTest < AbilityTest
+
   test "Diary for an administrator" do
-    ability = Ability.new(create(:administrator_user), [])
+    ability = Ability.new create(:administrator_user), tokens
     [:list, :rss, :view, :comments, :create, :edit, :comment, :subscribe, :unsubscribe, :hide, :hidecomment].each do |action|
       assert ability.can?(action, DiaryEntry), "should be able to #{action} DiaryEntries"
     end
@@ -39,4 +86,14 @@ class AbilityTest < ActiveSupport::TestCase
       assert ability.can?(action, DiaryComment), "should be able to #{action} DiaryComment"
     end
   end
+
+  test "administrator does not auto-grant user preferences" do
+    ability = Ability.new create(:administrator_user), tokens
+
+    [:read, :read_one, :update, :update_one, :delete_one].each do |act|
+      assert ability.cannot? act, UserPreference
+    end
+  end
+
+
 end