channel_policy_spec.rb 1.1 KB

12345678910111213141516171819202122232425262728293031323334353637
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. require 'rails_helper'
  3. describe ChannelPolicy do
  4. subject(:policy) { described_class.new(user, record) }
  5. let(:record) { create(:channel, area: area) }
  6. let(:area) { 'Email::Account' }
  7. context 'when user is admin' do
  8. let(:user) { create(:admin) }
  9. it { is_expected.to permit_actions(:show, :create, :update, :destroy) }
  10. end
  11. context 'when user is not admin with limited channel permissions' do
  12. let(:role) { create(:role, permission_names: %w[admin.channel_email]) }
  13. let(:user) { create(:user, roles: [role]) }
  14. context 'when user permission matches record' do
  15. it { is_expected.to permit_actions(:show, :create, :update, :destroy) }
  16. end
  17. context 'when user permission does not match record' do
  18. let(:area) { 'Facebook::Account' }
  19. it { is_expected.to forbid_actions(:show, :create, :update, :destroy) }
  20. end
  21. end
  22. context 'when user is not admin' do
  23. let(:user) { create(:agent) }
  24. it { is_expected.to forbid_actions(:show, :create, :update, :destroy) }
  25. end
  26. end