API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 14th, 2016
86
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.12 KB | None | 0 0
raw download clone embed print report
  1. describe TokensController do
  2. before(:each) do
  3. @mock_user = User.new(:username => "bob", :email => "user@user.com", :password => "longpassword")
  4. @mock_user.role = "admin"
  5. sign_in @mock_user
  6. #Ability.stub!('can').and_return(true)
  7. end
  8. it "should let me see grids/:g_id/tokens index" do
  9. test_grid = mock_model(Grid)
  10. test_token = mock_model(Token)
  11. Grid.stub!(:find).and_return(test_grid)
  12. Token.stub!(:find).and_return(test_token)
  13. get 'index'
  14.  
  15. a1 = Ability.new(@mock_user)
  16. a1.can?(:index, Token).should be_true # This line works fine; as it should
  17. puts response.status #This returns 403, which means CanCan::AccessDenied was raised
  18. end
  19. end
  20.  
  21. authorize! :take_over, @the_world
  22.  
  23. before do
  24. @user = Factory.create(:user)
  25. sign_in @user
  26.  
  27. @abilities = Ability.new(@user)
  28. Ability.stub(:new).and_return(@abilities)
  29. end
  30. end
  31.  
  32. user = User.create!(:admin => true) # I recommend a factory for this
  33. # log in user however you like, alternatively stub `current_user` method
  34. session[:user_id] = user.id
  35. get :index
  36. assert_template :index # render the template since he should have access
  37.  
  38. def setup
  39. @ability = Object.new
  40. @ability.extend(CanCan::Ability)
  41. @controller.stubs(:current_ability).returns(@ability)
  42. end
  43.  
  44. test "render index if have read ability on project" do
  45. @ability.can :read, Project
  46. get :index
  47. assert_template :index
  48. end
  49.  
  50. can :manage, :all do
  51. user.is_ultrasuper == 1
  52. end
  53.  
  54. one:
  55. id: 1
  56. username: my_username
  57. is_ultrasuper: 1
  58.  
  59. let!(:user) {create :user}
  60. before { login_user_request user}
  61.  
  62. it "grants admin access to show action" do
  63. expect{ get :show, {id: user.id} }.to be_authorized
  64. end
  65. it "denies user access to edit action" do
  66. expect{ get :edit, {id: user.id} }.to be_un_authorized
  67. end
  68.  
  69. RSpec::Matchers.define :be_authorized do
  70. match do |block|
  71. block.call
  72. expect(response).to be_success
  73. end
  74.  
  75. def supports_block_expectations?
  76. true
  77. end
  78. end
  79.  
  80. RSpec::Matchers.define :be_un_authorized do
  81. match do |block|
  82. expect{
  83. block.call
  84. }.to raise_error(Pundit::NotAuthorizedError)
  85. end
  86.  
  87. def supports_block_expectations?
  88. true
  89. end
  90. end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!