Initial commit

2020-05-31 22:38:19 +02:00
commit 858fafc3c5
1280 changed files with 65918 additions and 0 deletions
--- a/spec/policies/account_auth_policy_spec.rb
+++ b/spec/policies/account_auth_policy_spec.rb
@@ -0,0 +1,92 @@
+require "rails_helper"
+
+RSpec.describe AccountAuthPolicy, type: :policy  do
+  subject { described_class }
+
+  let(:account_auth) { build(:account_auth) }
+  let(:member_account_auth) { create(:account_auth, account: user.primary_account) }
+  let(:non_member_account_auth) { create(:account_auth) }
+  let(:user_context) { build(:user_context, user: user, account: user.primary_account) }
+
+  context "for an associate" do
+    let(:user) { create(:user, :associate) }
+
+    permissions :create? do
+      it { is_expected.not_to permit(user_context, AccountAuth) }
+    end
+    permissions :update? do
+      it { is_expected.not_to permit(user_context, account_auth) }
+    end
+    permissions :destroy? do
+      it { is_expected.not_to permit(user_context, account_auth) }
+    end
+
+    permissions ".scope" do
+      subject { Pundit.policy_scope!(user_context, AccountAuth) }
+      
+      it { is_expected.to be_empty }
+    end
+  end
+
+  context "for a manager" do
+    let(:user) { create(:user, :manager) }
+
+    permissions :create? do
+      it { is_expected.not_to permit(user_context, AccountAuth) }
+    end
+    permissions :update? do
+      it { is_expected.not_to permit(user_context, account_auth) }
+    end
+    permissions :destroy? do
+      it { is_expected.not_to permit(user_context, account_auth) }
+    end
+
+    permissions ".scope" do
+      subject { Pundit.policy_scope!(user_context, AccountAuth) }
+      
+      it { is_expected.to be_empty }
+    end
+  end
+
+  context "for an account manager" do
+    let(:user) { create(:user, :account_manager) }
+
+    permissions :create? do
+      it { is_expected.to permit(user_context, AccountAuth) }
+    end
+    permissions :update? do
+      it { is_expected.to permit(user_context, account_auth) }
+    end
+    permissions :destroy? do
+      it { is_expected.to permit(user_context, account_auth) }
+    end
+
+    permissions ".scope" do
+      subject { Pundit.policy_scope!(user_context, AccountAuth) }
+      
+      it { is_expected.to include(member_account_auth) }
+      it { is_expected.not_to include(non_member_account_auth) }
+    end
+  end
+
+  context "for an admin" do
+    let(:user) { create(:user, :admin) }
+
+    permissions :create? do
+      it { is_expected.to permit(user_context, AccountAuth) }
+    end
+    permissions :update? do
+      it { is_expected.to permit(user_context, account_auth) }
+    end
+    permissions :destroy? do
+      it { is_expected.to permit(user_context, account_auth) }
+    end
+
+    permissions ".scope" do
+      subject { Pundit.policy_scope!(user_context, AccountAuth) }
+      
+      it { is_expected.to include(member_account_auth) }
+      it { is_expected.to include(non_member_account_auth) }
+    end
+  end
+end