htwkmooc/codeocean
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f5492ca35d3f800207ebe33f0f04d9591db65876
codeocean/spec/policies/code_ocean/file_policy_spec.rb
Sebastian Serth f5492ca35d Improve CodeOcean::FilePolicy with specs
2020-12-07 14:41:30 +01:00

89 lines
2.4 KiB
Ruby
Raw Blame History

require 'rails_helper'
describe CodeOcean::FilePolicy do
subject { described_class }
let(:exercise) { FactoryBot.create(:fibonacci) }
let(:submission) { FactoryBot.create(:submission) }
permissions :create? do
context 'as part of an exercise' do
let(:file) { exercise.files.first }
it 'grants access to admins' do
expect(subject).to permit(FactoryBot.build(:admin), file)
end
it 'grants access to authors' do
expect(subject).to permit(exercise.author, file)
end
it 'does not grant access to all other users' do
[:external_user, :teacher].each do |factory_name|
expect(subject).not_to permit(FactoryBot.build(factory_name), file)
end
end
end
context 'as part of a submission' do
let(:file) { submission.files.first }
context 'where file creation is allowed' do
before do
submission.exercise.update(allow_file_creation: true)
end
it 'grants access to authors' do
expect(subject).to permit(submission.author, file)
end
end
context 'where file creation is not allowed' do
before do
submission.exercise.update(allow_file_creation: false)
end
it 'grants access to authors' do
expect(subject).not_to permit(submission.author, file)
end
end
it 'does not grant access to all other users' do
[:admin, :external_user, :teacher].each do |factory_name|
expect(subject).not_to permit(FactoryBot.build(factory_name), file)
end
end
end
end
permissions :destroy? do
context 'as part of an exercise' do
let(:file) { exercise.files.first }
it 'grants access to admins' do
expect(subject).to permit(FactoryBot.build(:admin), file)
end
it 'grants access to authors' do
expect(subject).to permit(exercise.author, file)
end
it 'does not grant access to all other users' do
[:external_user, :teacher].each do |factory_name|
expect(subject).not_to permit(FactoryBot.build(factory_name), file)
end
end
end
context 'as part of a submission' do
let(:file) { submission.files.first }
it 'does not grant access to anyone' do
[:admin, :external_user, :teacher].each do |factory_name|
expect(subject).not_to permit(FactoryBot.build(factory_name), file)
end
end
end
end
end
Reference in New Issue View Git Blame Copy Permalink