From 2a44ff581f4c547a3637ea52567a3398b1d8bfe0 Mon Sep 17 00:00:00 2001
From: Chris Flipse <cflipse@gmail.com>
Date: Sun, 10 Jun 2018 11:31:54 -0400
Subject: [PATCH] fix and improve ability coverage to account for tokens

---
 test/models/abilities_test.rb | 65 ++++++++++++++++++++++++++++++++---
 1 file changed, 61 insertions(+), 4 deletions(-)

diff --git a/test/models/abilities_test.rb b/test/models/abilities_test.rb
index bc8e24781..4976b0925 100644
--- a/test/models/abilities_test.rb
+++ b/test/models/abilities_test.rb
@@ -4,8 +4,20 @@ require "test_helper"
 
 class AbilityTest < ActiveSupport::TestCase
 
+  def tokens(*toks)
+    AccessToken.new do |token|
+      toks.each do |t|
+        token.public_send("#{t}=", true)
+      end
+    end
+  end
+
+end
+
+class GuestAbilityTest < AbilityTest
+
   test "diary permissions for a guest" do
-    ability = Ability.new(nil, [])
+    ability = Ability.new nil, tokens
     [:list, :rss, :view, :comments].each do |action|
       assert ability.can?(action, DiaryEntry), "should be able to #{action} DiaryEntries"
     end
@@ -16,8 +28,12 @@ class AbilityTest < ActiveSupport::TestCase
     end
   end
 
-  test "Diary permissions for a normal user" do
-    ability = Ability.new(create(:user), [])
+end
+
+class UserAbilityTest < AbilityTest
+
+  test "Diary permissions" do
+    ability = Ability.new create(:user), tokens
 
     [:list, :rss, :view, :comments, :create, :edit, :comment, :subscribe, :unsubscribe].each do |action|
       assert ability.can?(action, DiaryEntry), "should be able to #{action} DiaryEntries"
@@ -29,8 +45,39 @@ class AbilityTest < ActiveSupport::TestCase
     end
   end
 
+  test "user preferences" do
+    user = create(:user)
+    ability = Ability.new create(:user), tokens
+
+    [:read, :read_one, :update, :update_one, :delete_one].each do |act|
+      assert ability.cannot? act, UserPreference
+    end
+
+    ability = Ability.new user, tokens(:allow_read_prefs)
+
+    [:update, :update_one, :delete_one].each do |act|
+      assert ability.cannot? act, UserPreference
+    end
+
+    [:read, :read_one].each do |act|
+      assert ability.can? act, UserPreference
+    end
+
+    ability = Ability.new user, tokens(:allow_write_prefs)
+    [:read, :read_one].each do |act|
+      assert ability.cannot? act, UserPreference
+    end
+
+    [:update, :update_one, :delete_one].each do |act|
+      assert ability.can? act, UserPreference
+    end
+  end
+end
+
+class AdministratorAbilityTest < AbilityTest
+
   test "Diary for an administrator" do
-    ability = Ability.new(create(:administrator_user), [])
+    ability = Ability.new create(:administrator_user), tokens
     [:list, :rss, :view, :comments, :create, :edit, :comment, :subscribe, :unsubscribe, :hide, :hidecomment].each do |action|
       assert ability.can?(action, DiaryEntry), "should be able to #{action} DiaryEntries"
     end
@@ -39,4 +86,14 @@ class AbilityTest < ActiveSupport::TestCase
       assert ability.can?(action, DiaryComment), "should be able to #{action} DiaryComment"
     end
   end
+
+  test "administrator does not auto-grant user preferences" do
+    ability = Ability.new create(:administrator_user), tokens
+
+    [:read, :read_one, :update, :update_one, :delete_one].each do |act|
+      assert ability.cannot? act, UserPreference
+    end
+  end
+
+
 end
-- 
2.43.2