lurraca/policy_spec_structure.rb

## policy_spec_structure.rb
# Version 1

require 'spec_helper'
require 'pundit/rspec'


describe OrganizationPolicy do
  subject { OrganizationPolicy.new(user, organization) }

  context "for a super admin" do
    let(:user) { FactoryGirl.create(:user, role: "super_admin") }
    let(:organization) { FactoryGirl.create(:organization) }

    permissions :index?, :show?, :update?, :destroy? do

      it "should allow allow access actions" do
        expect(described_class).to permit(user, organization)
      end

    end
  end

  context "for an admin" do
    let(:user) do
      _user = FactoryGirl.create(:user, role: "user")
      _user.managed_organizations << organization
      _user.save
      _user
    end

    let(:organization) { FactoryGirl.create(:organization) }

    permissions :index?, :show?, :update? do
      it "should allow allow access to actions" do
        expect(described_class).to permit(user, organization)
      end
    end

    permissions :destroy? do
      it "should allow not allow access to actions" do
        expect(described_class).not_to permit(user, organization)
      end
    end

  end

  context "for an admin" do
    let(:user) { FactoryGirl.create(:user, role: "user") }
    let(:organization) { FactoryGirl.create(:organization) }

    permissions :index?, :show?, :update?, :destroy? do

      it "should allow allow not access actions" do
        expect(described_class).not_to permit(user, organization)
      end

    end
  end
 end

 VERSION #2

require 'spec_helper'
require 'pundit/rspec'

describe OrganizationPolicy do
  subject { OrganizationPolicy.new(user, organization) }

  context "for a super admin" do
    let(:user) { FactoryGirl.create(:user, role: "super_admin") }
    let(:organization) { FactoryGirl.create(:organization) }

    it "is authorized" do
      expect(subject.index?).to eql(true)
      expect(subject.show?).to eql(true)
      expect(subject.create?).to eql(true)
      expect(subject.update?).to eql(true)
      expect(subject.destroy?).to eql(true)
    end

  end

  context "for an admin" do
    let(:user) do
      _user = FactoryGirl.create(:user, role: "user")
      _user.managed_organizations << organization
      _user.save
      _user
    end

    let(:organization) { FactoryGirl.create(:organization) }

    it "is authorized" do
      expect(subject.index?).to eql(true)
      expect(subject.create?).to eql(true)
      expect(subject.update?).to eql(true)
      expect(subject.destroy?).not_to eql(true)
    end

  end

  context "for a user" do
    let(:user) { FactoryGirl.create(:user, role: "user") }
    let(:organization) { FactoryGirl.create(:organization) }

    it "is authorized" do
      expect(subject.index?).not_to eql(true)
      expect(subject.create?).not_to eql(true)
      expect(subject.update?).not_to eql(true)
      expect(subject.destroy?).not_to eql(true)
    end

  end

end
	# Version 1

	require 'spec_helper'
	require 'pundit/rspec'


	describe OrganizationPolicy do
	subject { OrganizationPolicy.new(user, organization) }

	context "for a super admin" do
	let(:user) { FactoryGirl.create(:user, role: "super_admin") }
	let(:organization) { FactoryGirl.create(:organization) }

	permissions :index?, :show?, :update?, :destroy? do

	it "should allow allow access actions" do
	expect(described_class).to permit(user, organization)
	end

	end
	end

	context "for an admin" do
	let(:user) do
	_user = FactoryGirl.create(:user, role: "user")
	_user.managed_organizations << organization
	_user.save
	_user
	end

	let(:organization) { FactoryGirl.create(:organization) }

	permissions :index?, :show?, :update? do
	it "should allow allow access to actions" do
	expect(described_class).to permit(user, organization)
	end
	end

	permissions :destroy? do
	it "should allow not allow access to actions" do
	expect(described_class).not_to permit(user, organization)
	end
	end

	end

	context "for an admin" do
	let(:user) { FactoryGirl.create(:user, role: "user") }
	let(:organization) { FactoryGirl.create(:organization) }

	permissions :index?, :show?, :update?, :destroy? do

	it "should allow allow not access actions" do
	expect(described_class).not_to permit(user, organization)
	end

	end
	end
	end

	VERSION #2

	require 'spec_helper'
	require 'pundit/rspec'

	describe OrganizationPolicy do
	subject { OrganizationPolicy.new(user, organization) }

	context "for a super admin" do
	let(:user) { FactoryGirl.create(:user, role: "super_admin") }
	let(:organization) { FactoryGirl.create(:organization) }

	it "is authorized" do
	expect(subject.index?).to eql(true)
	expect(subject.show?).to eql(true)
	expect(subject.create?).to eql(true)
	expect(subject.update?).to eql(true)
	expect(subject.destroy?).to eql(true)
	end

	end

	context "for an admin" do
	let(:user) do
	_user = FactoryGirl.create(:user, role: "user")
	_user.managed_organizations << organization
	_user.save
	_user
	end

	let(:organization) { FactoryGirl.create(:organization) }

	it "is authorized" do
	expect(subject.index?).to eql(true)
	expect(subject.create?).to eql(true)
	expect(subject.update?).to eql(true)
	expect(subject.destroy?).not_to eql(true)
	end

	end

	context "for a user" do
	let(:user) { FactoryGirl.create(:user, role: "user") }
	let(:organization) { FactoryGirl.create(:organization) }

	it "is authorized" do
	expect(subject.index?).not_to eql(true)
	expect(subject.create?).not_to eql(true)
	expect(subject.update?).not_to eql(true)
	expect(subject.destroy?).not_to eql(true)
	end

	end

	end