Skip to content

Instantly share code, notes, and snippets.

@ryanbillingsley
Created February 9, 2011 18:28
Show Gist options
  • Save ryanbillingsley/818962 to your computer and use it in GitHub Desktop.
Save ryanbillingsley/818962 to your computer and use it in GitHub Desktop.
Re: Issue 268
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new
case user.role
when "admin"
can :manage, :all
when "lead"
can :read, Company, :users => {:id => user.id}
can :read, Project, :users => {:id => user.id}
can :read, User do |user_model|
user_model.company = user.company
end
can :update, User do |user_model|
user_model.company = user.company
end
can :destroy, User do |user_model|
user_model.company = user.company
end
can :create, User do |user_model|
user_model.company = user.company
end
can :read, Shop, do |shop|
user.projects.include?(shop.project_id)
end
# can :manage, User do |user_model|
# user_model.company = user.company
# end
when "client"
can :read, Company, :users => {:id => user.id}
can :read, Project, :users => {:id => user.id}
# can :read, Shop, do |shop|
# user.projects.include?(shop.project_id)
# end
can :read, Shop, :project => { :users => { :id => user.id } }
when "shopper"
can :read, Shop, :shopper_id => user.id
can :read, Project, :users => {:id => user.id}
end
end
end
Spec
require 'spec_helper'
Projects::ShopsController
describe Projects::ShopsController do
include Devise::TestHelpers
def mock_company(stubs={})
(@mock_company ||= mock_model(Company).as_null_object).tap do |company|
company.stub(stubs) unless stubs.empty?
end
end
def mock_project(stubs={})
(@mock_project ||= mock_model(Project).as_null_object).tap do |project|
project.stub(stubs) unless stubs.empty?
end
end
def mock_shop(stubs={})
(@mock_shop ||= mock_model(Shop).as_null_object).tap do |shop|
shop.stub(stubs) unless stubs.empty?
end
end
describe "shouble be authenticated" do
it "should fail if we are not authenticated" do
get :index, :project_id => 1, :company_id => 1
response.should_not be_success
end
end
describe "Admin examples" do
before(:each) do
@admin = User.create!(:first_name => "admin",
:last_name => "admin",
:email => "admin@perstrat.com",
:password => "password",
:password_confirmaiton => "password",
:role => "admin")
@admin.company = mock_company
sign_in @admin
@ability = Ability.new(@admin)
@controller.stubs(:company_id).returns(@mock_company.id)
Project.stub(:find) { mock_project }
mock_project.stub(:shops) { mock_shop }
end
it "should use Projects::ShopsController" do
controller.should be_an_instance_of(Projects::ShopsController)
end
#Index
describe "GET projects" do
it "should authorize an admin to view" do
@ability.should be_able_to(:index, Shop)
end
it "assigns all pending shops as @shops" do
mock_shop.stub(:paginate) { mock_shop }
get :index, :project_id => mock_project.id
assigns(:shops).should eq(mock_shop)
end
it "should render the index template" do
get :index, :project_id => mock_project.id
response.should render_template("projects/shops/index")
end
end
#Show
#New
describe "New: GET projects/1/shops/new" do
before(:each) do
Shop.stub(:new) { mock_shop }
Project.stub(:find) { mock_project }
end
describe "with a locked project" do
before(:each) do
mock_project.stub(:status => 1)
end
it "should find the project" do
Project.expects(:find).with(1).returns(mock_project)
get :new, :project_id => 1
end
it "should create a new instance of Shop" do
Shop.expects(:new).returns(mock_shop)
get :new, :project_id => 1
end
it "should assign an instance of Shop" do
get :new, :project_id => 1
assigns[:shop].should == mock_shop
end
it "should render the new layout" do
get :new, :project_id => 1
response.should render_template("projects/shops/new")
end
end
describe "with an unlocked project" do
before(:each) do
mock_project.stub(:status => 0)
end
it "should present a flash message" do
get :new, :project_id => 1
flash[:error].should contain("Project is not locked.")
end
it "should redirect to the project's shops page" do
get :new, :project_id => 1
response.should redirect_to(project_shops_path(mock_project))
end
end
#Edit
#Create
#Update
#Destroy
end
describe "Client examples" do
before(:each) do
@client = User.create!(:first_name => "client",
:last_name => "client",
:email => "client@perstrat.com",
:password => "password",
:password_confirmaiton => "password",
:role => "client")
@client.company = mock_company
sign_in @client
@ability = Ability.new(@client)
@controller.stubs(:company_id).returns(@mock_company.id)
Project.stub(:find) { mock_project }
mock_project.stub(:users) { [@client] }
end
#Index
describe "GET projects" do
it "should authorize a client to view" do
@ability.should be_able_to(:index, Shop)
end
it "assigns all pending shops as @shops" do
mock_shop.stub(:paginate) { mock_shop }
get :index, :project_id => mock_project.id
assigns(:shops).should eq(mock_shop)
end
end
#Show
#New
describe "New: GET projects/1/shops/new" do
it "should not authorize a client to view" do
@ability.should_not be_able_to(:new, Shop)
end
end
#Edit
#Create
#Update
#Destroy
end
describe "Client not belonging to project examples" do
before(:each) do
@client = User.create!(:first_name => "client",
:last_name => "client",
:email => "client@perstrat.com",
:password => "password",
:password_confirmaiton => "password",
:role => "client")
@client.company = mock_company
sign_in @client
@ability = Ability.new(@client)
@controller.stubs(:company_id).returns(@mock_company.id)
Project.stub(:find) { mock_project }
mock_project.stub(:users) { [] }
end
#Index
describe "GET projects" do
it "should authorize a client to view" do
@ability.should_not be_able_to(:index, Shop)
end
it "assigns all pending shops as @shops" do
mock_shop.stub(:paginate) { mock_shop }
get :index, :project_id => mock_project.id
assigns(:shops).should eq(mock_shop)
end
end
end
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment