permission_spec.rb 2.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384
  1. # Copyright (C) 2012-2022 Zammad Foundation, https://zammad-foundation.org/
  2. require 'rails_helper'
  3. require 'models/contexts/factory_context'
  4. RSpec.describe KnowledgeBase::Permission, type: :model do
  5. subject(:kb_category_permission) { create(:knowledge_base_permission) }
  6. include_context 'basic Knowledge Base'
  7. include_context 'factory'
  8. describe '#permissionable' do
  9. it { is_expected.to belong_to(:permissionable).touch(true) }
  10. it 'allows multiple permissions for the same category' do
  11. permission = build(:knowledge_base_permission, permissionable: kb_category_permission.permissionable)
  12. permission.save
  13. expect(permission).to be_persisted
  14. end
  15. it 'does not allow same role/permission conbination' do
  16. permission = build(:knowledge_base_permission,
  17. permissionable: kb_category_permission.permissionable,
  18. role: kb_category_permission.role)
  19. permission.save
  20. expect(permission).not_to be_persisted
  21. end
  22. end
  23. describe '#role' do
  24. it { is_expected.to belong_to(:role) }
  25. it 'allows multiple permissions for the same category' do
  26. permission = build(:knowledge_base_permission, role: kb_category_permission.role)
  27. permission.save
  28. expect(permission).to be_persisted
  29. end
  30. end
  31. describe '#access' do
  32. it { is_expected.not_to allow_access_value(nil) }
  33. it { is_expected.not_to allow_access_value('foobar') }
  34. context 'when role is editor' do
  35. it { is_expected.to allow_access_value('editor') }
  36. it { is_expected.to allow_access_value('reader') }
  37. it { is_expected.to allow_access_value('none') }
  38. end
  39. context 'when role is reader' do
  40. subject(:kb_category_permission) { build(:knowledge_base_permission, role: create(:role, permission_names: 'knowledge_base.reader')) }
  41. it { is_expected.not_to allow_access_value('editor') }
  42. it { is_expected.to allow_access_value('reader') }
  43. it { is_expected.to allow_access_value('none') }
  44. end
  45. context 'when role has no KB access' do
  46. subject(:kb_category_permission) { build(:knowledge_base_permission, role: create(:role)) }
  47. it { is_expected.not_to allow_access_value('editor') }
  48. it { is_expected.not_to allow_access_value('reader') }
  49. it { is_expected.not_to allow_access_value('none') }
  50. end
  51. end
  52. matcher :allow_access_value do
  53. match do
  54. actual.access = expected
  55. actual.valid?
  56. end
  57. failure_message do
  58. "Expected to allow #{expected} as access, but was not allowed"
  59. end
  60. failure_message_when_negated do
  61. "Expected to not allow #{expected} as access, but was allowed"
  62. end
  63. end
  64. end