permissions_spec.rb 1.4 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. require 'rails_helper'
  3. RSpec.describe Token::Permissions, type: :model do
  4. let(:user) { create(:agent) }
  5. let(:token) { create(:token, user:, preferences: { permission: ['ticket.agent', 'admin.users'] }) }
  6. describe '#permissions?' do
  7. it 'returns value from Auth::Permissions' do
  8. allow(Auth::Permissions).to receive(:authorized?).and_return(true)
  9. token.permissions?('ticket.agent')
  10. expect(Auth::Permissions).to have_received(:authorized?).with(token, 'ticket.agent')
  11. end
  12. it 'returns false if user does not have permission' do
  13. expect(token).not_to be_permissions('foo')
  14. end
  15. it 'returns false if token does not have permission' do
  16. expect(token).not_to be_permissions('user_preferences')
  17. end
  18. it 'returns true if both user and token has permission' do
  19. expect(token).to be_permissions('ticket.agent')
  20. end
  21. end
  22. describe '#permissions!' do
  23. it 'raises error if user does not have permission' do
  24. expect { token.permissions!('foo') }.to raise_error('Token authorization failed.')
  25. end
  26. it 'returns true if token has permission' do
  27. expect(user).to be_permissions('ticket.agent')
  28. end
  29. end
  30. describe '#permissions' do
  31. it 'returns permissions' do
  32. expect(token.permissions.pluck(:name)).to eq(['ticket.agent'])
  33. end
  34. end
  35. end