Created
October 7, 2012 13:41
-
-
Save enricostano/3848429 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class Ability | |
include CanCan::Ability | |
def initialize(user) | |
# Define abilities for the passed in user here. For example: | |
user ||= User.new # guest user (not logged in) | |
if user.any_role? :super_admin | |
can :manage, :all | |
end | |
if user.any_role? :admin | |
can :manage, [User, Institution, Project, Order] | |
end | |
if user.any_role? :user | |
can :show, Project | |
can [:add, :change], :cart | |
can [:create, :show], Order, :user_id => user.id | |
can :download, UrlConnector | |
end | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module ControllerHelper | |
def should_authorize(action, subject) | |
controller.should_receive(:authorize!).with(action, subject).and_return('passed!') | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1) UsersController if the user passes all the authorizations GET #new assigns a new User to @user | |
Failure/Error: get :new | |
Mock "User_1001" received unexpected message :any_role? with (:super_admin) | |
# ./app/models/ability.rb:8:in `initialize' | |
# ./spec/controllers/users_controller_spec.rb:48:in `block (4 levels) in <top (required)>' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This file is copied to spec/ when you run 'rails generate rspec:install' | |
ENV["RAILS_ENV"] ||= 'test' | |
require File.expand_path("../../config/environment", __FILE__) | |
require 'rspec/rails' | |
require 'rspec/autorun' | |
# Requires supporting ruby files with custom matchers and macros, etc, | |
# in spec/support/ and its subdirectories. | |
Dir[Rails.root.join("spec/support/**/*.rb")].each {|f| require f} | |
RSpec.configure do |config| | |
# ## Mock Framework | |
# | |
# If you prefer to use mocha, flexmock or RR, uncomment the appropriate line: | |
# | |
# config.mock_with :mocha | |
# config.mock_with :flexmock | |
# config.mock_with :rr | |
# Remove this line if you're not using ActiveRecord or ActiveRecord fixtures | |
config.fixture_path = "#{::Rails.root}/spec/fixtures" | |
# If you're not using ActiveRecord, or you'd prefer not to run each of your | |
# examples within a transaction, remove the following line or assign false | |
# instead of true. | |
config.use_transactional_fixtures = true | |
# If true, the base class of anonymous controllers will be inferred | |
# automatically. This will be the default behavior in future versions of | |
# rspec-rails. | |
config.infer_base_class_for_anonymous_controllers = false | |
# Run specs in random order to surface order dependencies. If you find an | |
# order dependency and want to debug it, you can fix the order by providing | |
# the seed, which is printed after each run. | |
# --seed 1234 | |
config.order = "random" | |
# Add Devise Test Helpers | |
config.include Devise::TestHelpers, :type => :controller | |
config.extend ControllerMacros, :type => :controller | |
# Add ControllerHelper | |
config.include ControllerHelper, :type => :controller | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class UsersController < ApplicationController | |
load_and_authorize_resource | |
def show | |
@user = User.find(params[:id]) | |
respond_to do |format| | |
format.html # show.html.erb | |
format.json { render json: @user } | |
end | |
end | |
# GET /admin/users/new | |
# GET /admin/users/new.json | |
def new | |
@user = User.new | |
@roles = Role.all | |
respond_to do |format| | |
format.html # new.html.erb | |
format.json { render json: @user } | |
end | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
describe "GET #show" do | |
before(:each) do | |
@user = mock_model(User) | |
should_authorize(:show, @user) | |
User.stub!(:find).with("1").and_return(@user) | |
end | |
it "assigns the requested user to @user" do | |
User.should_receive(:find).with("1").and_return(@user) | |
get :show, id: "1" | |
end | |
it "renders the :show template" do | |
get :show, id: "1" | |
response.should render_template :show | |
end | |
end | |
describe "GET #new" do | |
before do | |
@user = mock_model(User) | |
User.stub!(:new).and_return(@user) | |
should_authorize(:new, User) | |
end | |
it "assigns a new User to @user" do | |
User.should_receive(:new).and_return(@user) | |
get :new | |
#@user.should be_an_instance_of User | |
end | |
it "populates an array of roles in @roles" | |
it "renders the :new template" | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment