Created
February 9, 2011 18:28
-
-
Save ryanbillingsley/818962 to your computer and use it in GitHub Desktop.
Re: Issue 268
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class Ability | |
include CanCan::Ability | |
def initialize(user) | |
user ||= User.new | |
case user.role | |
when "admin" | |
can :manage, :all | |
when "lead" | |
can :read, Company, :users => {:id => user.id} | |
can :read, Project, :users => {:id => user.id} | |
can :read, User do |user_model| | |
user_model.company = user.company | |
end | |
can :update, User do |user_model| | |
user_model.company = user.company | |
end | |
can :destroy, User do |user_model| | |
user_model.company = user.company | |
end | |
can :create, User do |user_model| | |
user_model.company = user.company | |
end | |
can :read, Shop, do |shop| | |
user.projects.include?(shop.project_id) | |
end | |
# can :manage, User do |user_model| | |
# user_model.company = user.company | |
# end | |
when "client" | |
can :read, Company, :users => {:id => user.id} | |
can :read, Project, :users => {:id => user.id} | |
# can :read, Shop, do |shop| | |
# user.projects.include?(shop.project_id) | |
# end | |
can :read, Shop, :project => { :users => { :id => user.id } } | |
when "shopper" | |
can :read, Shop, :shopper_id => user.id | |
can :read, Project, :users => {:id => user.id} | |
end | |
end | |
end | |
Spec | |
require 'spec_helper' | |
Projects::ShopsController | |
describe Projects::ShopsController do | |
include Devise::TestHelpers | |
def mock_company(stubs={}) | |
(@mock_company ||= mock_model(Company).as_null_object).tap do |company| | |
company.stub(stubs) unless stubs.empty? | |
end | |
end | |
def mock_project(stubs={}) | |
(@mock_project ||= mock_model(Project).as_null_object).tap do |project| | |
project.stub(stubs) unless stubs.empty? | |
end | |
end | |
def mock_shop(stubs={}) | |
(@mock_shop ||= mock_model(Shop).as_null_object).tap do |shop| | |
shop.stub(stubs) unless stubs.empty? | |
end | |
end | |
describe "shouble be authenticated" do | |
it "should fail if we are not authenticated" do | |
get :index, :project_id => 1, :company_id => 1 | |
response.should_not be_success | |
end | |
end | |
describe "Admin examples" do | |
before(:each) do | |
@admin = User.create!(:first_name => "admin", | |
:last_name => "admin", | |
:email => "admin@perstrat.com", | |
:password => "password", | |
:password_confirmaiton => "password", | |
:role => "admin") | |
@admin.company = mock_company | |
sign_in @admin | |
@ability = Ability.new(@admin) | |
@controller.stubs(:company_id).returns(@mock_company.id) | |
Project.stub(:find) { mock_project } | |
mock_project.stub(:shops) { mock_shop } | |
end | |
it "should use Projects::ShopsController" do | |
controller.should be_an_instance_of(Projects::ShopsController) | |
end | |
#Index | |
describe "GET projects" do | |
it "should authorize an admin to view" do | |
@ability.should be_able_to(:index, Shop) | |
end | |
it "assigns all pending shops as @shops" do | |
mock_shop.stub(:paginate) { mock_shop } | |
get :index, :project_id => mock_project.id | |
assigns(:shops).should eq(mock_shop) | |
end | |
it "should render the index template" do | |
get :index, :project_id => mock_project.id | |
response.should render_template("projects/shops/index") | |
end | |
end | |
#Show | |
#New | |
describe "New: GET projects/1/shops/new" do | |
before(:each) do | |
Shop.stub(:new) { mock_shop } | |
Project.stub(:find) { mock_project } | |
end | |
describe "with a locked project" do | |
before(:each) do | |
mock_project.stub(:status => 1) | |
end | |
it "should find the project" do | |
Project.expects(:find).with(1).returns(mock_project) | |
get :new, :project_id => 1 | |
end | |
it "should create a new instance of Shop" do | |
Shop.expects(:new).returns(mock_shop) | |
get :new, :project_id => 1 | |
end | |
it "should assign an instance of Shop" do | |
get :new, :project_id => 1 | |
assigns[:shop].should == mock_shop | |
end | |
it "should render the new layout" do | |
get :new, :project_id => 1 | |
response.should render_template("projects/shops/new") | |
end | |
end | |
describe "with an unlocked project" do | |
before(:each) do | |
mock_project.stub(:status => 0) | |
end | |
it "should present a flash message" do | |
get :new, :project_id => 1 | |
flash[:error].should contain("Project is not locked.") | |
end | |
it "should redirect to the project's shops page" do | |
get :new, :project_id => 1 | |
response.should redirect_to(project_shops_path(mock_project)) | |
end | |
end | |
#Edit | |
#Create | |
#Update | |
#Destroy | |
end | |
describe "Client examples" do | |
before(:each) do | |
@client = User.create!(:first_name => "client", | |
:last_name => "client", | |
:email => "client@perstrat.com", | |
:password => "password", | |
:password_confirmaiton => "password", | |
:role => "client") | |
@client.company = mock_company | |
sign_in @client | |
@ability = Ability.new(@client) | |
@controller.stubs(:company_id).returns(@mock_company.id) | |
Project.stub(:find) { mock_project } | |
mock_project.stub(:users) { [@client] } | |
end | |
#Index | |
describe "GET projects" do | |
it "should authorize a client to view" do | |
@ability.should be_able_to(:index, Shop) | |
end | |
it "assigns all pending shops as @shops" do | |
mock_shop.stub(:paginate) { mock_shop } | |
get :index, :project_id => mock_project.id | |
assigns(:shops).should eq(mock_shop) | |
end | |
end | |
#Show | |
#New | |
describe "New: GET projects/1/shops/new" do | |
it "should not authorize a client to view" do | |
@ability.should_not be_able_to(:new, Shop) | |
end | |
end | |
#Edit | |
#Create | |
#Update | |
#Destroy | |
end | |
describe "Client not belonging to project examples" do | |
before(:each) do | |
@client = User.create!(:first_name => "client", | |
:last_name => "client", | |
:email => "client@perstrat.com", | |
:password => "password", | |
:password_confirmaiton => "password", | |
:role => "client") | |
@client.company = mock_company | |
sign_in @client | |
@ability = Ability.new(@client) | |
@controller.stubs(:company_id).returns(@mock_company.id) | |
Project.stub(:find) { mock_project } | |
mock_project.stub(:users) { [] } | |
end | |
#Index | |
describe "GET projects" do | |
it "should authorize a client to view" do | |
@ability.should_not be_able_to(:index, Shop) | |
end | |
it "assigns all pending shops as @shops" do | |
mock_shop.stub(:paginate) { mock_shop } | |
get :index, :project_id => mock_project.id | |
assigns(:shops).should eq(mock_shop) | |
end | |
end | |
end | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment