Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class Ability
- include CanCan::Ability
- def initialize(user)
- user ||= User.new
- case user.role
- when "admin"
- can :manage, :all
- when "lead"
- can :read, Company, :users => {:id => user.id}
- can :read, Project, :users => {:id => user.id}
- can :read, User do |user_model|
- user_model.company = user.company
- end
- can :update, User do |user_model|
- user_model.company = user.company
- end
- can :destroy, User do |user_model|
- user_model.company = user.company
- end
- can :create, User do |user_model|
- user_model.company = user.company
- end
- can :read, Shop, do |shop|
- user.projects.include?(shop.project_id)
- end
- # can :manage, User do |user_model|
- # user_model.company = user.company
- # end
- when "client"
- can :read, Company, :users => {:id => user.id}
- can :read, Project, :users => {:id => user.id}
- # can :read, Shop, do |shop|
- # user.projects.include?(shop.project_id)
- # end
- can :read, Shop, :project => { :users => { :id => user.id } }
- when "shopper"
- can :read, Shop, :shopper_id => user.id
- can :read, Project, :users => {:id => user.id}
- end
- end
- end
- Spec
- require 'spec_helper'
- Projects::ShopsController
- describe Projects::ShopsController do
- include Devise::TestHelpers
- def mock_company(stubs={})
- (@mock_company ||= mock_model(Company).as_null_object).tap do |company|
- company.stub(stubs) unless stubs.empty?
- end
- end
- def mock_project(stubs={})
- (@mock_project ||= mock_model(Project).as_null_object).tap do |project|
- project.stub(stubs) unless stubs.empty?
- end
- end
- def mock_shop(stubs={})
- (@mock_shop ||= mock_model(Shop).as_null_object).tap do |shop|
- shop.stub(stubs) unless stubs.empty?
- end
- end
- describe "shouble be authenticated" do
- it "should fail if we are not authenticated" do
- get :index, :project_id => 1, :company_id => 1
- response.should_not be_success
- end
- end
- describe "Admin examples" do
- before(:each) do
- @admin = User.create!(:first_name => "admin",
- :last_name => "admin",
- :email => "admin@perstrat.com",
- :password => "password",
- :password_confirmaiton => "password",
- :role => "admin")
- @admin.company = mock_company
- sign_in @admin
- @ability = Ability.new(@admin)
- @controller.stubs(:company_id).returns(@mock_company.id)
- Project.stub(:find) { mock_project }
- mock_project.stub(:shops) { mock_shop }
- end
- it "should use Projects::ShopsController" do
- controller.should be_an_instance_of(Projects::ShopsController)
- end
- #Index
- describe "GET projects" do
- it "should authorize an admin to view" do
- @ability.should be_able_to(:index, Shop)
- end
- it "assigns all pending shops as @shops" do
- mock_shop.stub(:paginate) { mock_shop }
- get :index, :project_id => mock_project.id
- assigns(:shops).should eq(mock_shop)
- end
- it "should render the index template" do
- get :index, :project_id => mock_project.id
- response.should render_template("projects/shops/index")
- end
- end
- #Show
- #New
- describe "New: GET projects/1/shops/new" do
- before(:each) do
- Shop.stub(:new) { mock_shop }
- Project.stub(:find) { mock_project }
- end
- describe "with a locked project" do
- before(:each) do
- mock_project.stub(:status => 1)
- end
- it "should find the project" do
- Project.expects(:find).with(1).returns(mock_project)
- get :new, :project_id => 1
- end
- it "should create a new instance of Shop" do
- Shop.expects(:new).returns(mock_shop)
- get :new, :project_id => 1
- end
- it "should assign an instance of Shop" do
- get :new, :project_id => 1
- assigns[:shop].should == mock_shop
- end
- it "should render the new layout" do
- get :new, :project_id => 1
- response.should render_template("projects/shops/new")
- end
- end
- describe "with an unlocked project" do
- before(:each) do
- mock_project.stub(:status => 0)
- end
- it "should present a flash message" do
- get :new, :project_id => 1
- flash[:error].should contain("Project is not locked.")
- end
- it "should redirect to the project's shops page" do
- get :new, :project_id => 1
- response.should redirect_to(project_shops_path(mock_project))
- end
- end
- #Edit
- #Create
- #Update
- #Destroy
- end
- describe "Client examples" do
- before(:each) do
- @client = User.create!(:first_name => "client",
- :last_name => "client",
- :email => "client@perstrat.com",
- :password => "password",
- :password_confirmaiton => "password",
- :role => "client")
- @client.company = mock_company
- sign_in @client
- @ability = Ability.new(@client)
- @controller.stubs(:company_id).returns(@mock_company.id)
- Project.stub(:find) { mock_project }
- mock_project.stub(:users) { [@client] }
- end
- #Index
- describe "GET projects" do
- it "should authorize a client to view" do
- @ability.should be_able_to(:index, Shop)
- end
- it "assigns all pending shops as @shops" do
- mock_shop.stub(:paginate) { mock_shop }
- get :index, :project_id => mock_project.id
- assigns(:shops).should eq(mock_shop)
- end
- end
- #Show
- #New
- describe "New: GET projects/1/shops/new" do
- it "should not authorize a client to view" do
- @ability.should_not be_able_to(:new, Shop)
- end
- end
- #Edit
- #Create
- #Update
- #Destroy
- end
- describe "Client not belonging to project examples" do
- before(:each) do
- @client = User.create!(:first_name => "client",
- :last_name => "client",
- :email => "client@perstrat.com",
- :password => "password",
- :password_confirmaiton => "password",
- :role => "client")
- @client.company = mock_company
- sign_in @client
- @ability = Ability.new(@client)
- @controller.stubs(:company_id).returns(@mock_company.id)
- Project.stub(:find) { mock_project }
- mock_project.stub(:users) { [] }
- end
- #Index
- describe "GET projects" do
- it "should authorize a client to view" do
- @ability.should_not be_able_to(:index, Shop)
- end
- it "assigns all pending shops as @shops" do
- mock_shop.stub(:paginate) { mock_shop }
- get :index, :project_id => mock_project.id
- assigns(:shops).should eq(mock_shop)
- end
- end
- end
- end
- end
Add Comment
Please, Sign In to add comment