123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960 |
- # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
- require 'rails_helper'
- describe Controllers::KnowledgeBase::FeedsControllerPolicy do
- subject { described_class.new(user, record) }
- include_context 'basic Knowledge Base'
- let(:record_class) { KnowledgeBase::FeedsController }
- let(:params) { {} }
- let(:record) do
- rec = record_class.new
- rec.params = params
- rec
- end
- context 'with KB user' do
- let(:user) { create(:admin) }
- it { is_expected.to permit_actions(:root, :category) }
- end
- context 'with non-KB user' do
- let(:user) { create(:customer) }
- it { is_expected.to forbid_actions(:root, :category) }
- end
- context 'with token with KB user' do
- let(:user) { create(:admin) }
- let(:token) { create(:token, action: 'KnowledgeBaseFeed', user: user) }
- let(:params) { { token: token.token } }
- it { is_expected.to permit_actions(:root, :category) }
- end
- context 'with token with non-KB user' do
- let(:user) { create(:customer) }
- let(:token) { create(:token, action: 'KnowledgeBaseFeed', user: user) }
- let(:params) { { token: token.token } }
- it { is_expected.to forbid_actions(:root, :category) }
- end
- context 'with nonexistant token' do
- let(:user) { nil }
- let(:params) { { token: 'foobar' } }
- it { is_expected.to forbid_actions(:root, :category) }
- end
- context 'without both token and user' do
- let(:user) { nil }
- it { is_expected.to forbid_actions(:root, :category) }
- end
- end
|