1234567891011121314151617181920212223242526272829303132333435363738394041424344 |
- # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
- require 'rails_helper'
- RSpec.describe Token::Permissions, type: :model do
- let(:user) { create(:agent) }
- let(:token) { create(:token, user:, preferences: { permission: ['ticket.agent', 'admin.users'] }) }
- describe '#permissions?' do
- it 'returns value from Auth::Permissions' do
- allow(Auth::Permissions).to receive(:authorized?).and_return(true)
- token.permissions?('ticket.agent')
- expect(Auth::Permissions).to have_received(:authorized?).with(token, 'ticket.agent')
- end
- it 'returns false if user does not have permission' do
- expect(token).not_to be_permissions('foo')
- end
- it 'returns false if token does not have permission' do
- expect(token).not_to be_permissions('user_preferences')
- end
- it 'returns true if both user and token has permission' do
- expect(token).to be_permissions('ticket.agent')
- end
- end
- describe '#permissions!' do
- it 'raises error if user does not have permission' do
- expect { token.permissions!('foo') }.to raise_error('Token authorization failed.')
- end
- it 'returns true if token has permission' do
- expect(user).to be_permissions('ticket.agent')
- end
- end
- describe '#permissions' do
- it 'returns permissions' do
- expect(token.permissions.pluck(:name)).to eq(['ticket.agent'])
- end
- end
- end
|