role_policy_spec.rb 1.6 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. require 'rails_helper'
  3. describe RolePolicy do
  4. subject { described_class.new(user, record) }
  5. let(:record) { create(:role) }
  6. shared_examples 'restricts fields' do |method|
  7. it "restricts fields for #{method}", :aggregate_failures do
  8. expect(subject.public_send(method)).to permit_fields(%i[id groups permissions active])
  9. expect(subject.public_send(method)).to forbid_fields(%i[name])
  10. end
  11. end
  12. shared_examples 'does not restrict fields' do |method|
  13. it "does not restrict fields for #{method}" do
  14. expect(subject.public_send(method)).to be(true)
  15. end
  16. end
  17. context 'when user is admin' do
  18. let(:user) { create(:admin) }
  19. it { is_expected.to permit_actions(:show) }
  20. include_examples 'does not restrict fields', :show?
  21. end
  22. context 'when user is agent' do
  23. let(:user) { create(:agent) }
  24. context 'when user has access to role' do
  25. before { user.roles << record }
  26. it { is_expected.to permit_actions(:show) }
  27. include_examples 'does not restrict fields', :show?
  28. end
  29. context 'when user does not have access to role' do
  30. it { is_expected.to forbid_actions(:show) }
  31. end
  32. end
  33. context 'when user is customer' do
  34. let(:user) { create(:customer) }
  35. context 'when user has access to role' do
  36. before { user.roles << record }
  37. it { is_expected.to permit_actions(:show) }
  38. include_examples 'restricts fields', :show?
  39. end
  40. context 'when user does not have access to role' do
  41. it { is_expected.to forbid_actions(:show) }
  42. end
  43. end
  44. end