|
|
|
@ -4,7 +4,9 @@ require 'pundit/rspec' |
|
|
|
|
RSpec.describe StatusPolicy, type: :model do |
|
|
|
|
subject { described_class } |
|
|
|
|
|
|
|
|
|
let(:admin) { Fabricate(:user, admin: true) } |
|
|
|
|
let(:alice) { Fabricate(:account, username: 'alice') } |
|
|
|
|
let(:bob) { Fabricate(:account, username: 'bob') } |
|
|
|
|
let(:status) { Fabricate(:status, account: alice) } |
|
|
|
|
|
|
|
|
|
permissions :show?, :reblog? do |
|
|
|
@ -86,4 +88,22 @@ RSpec.describe StatusPolicy, type: :model do |
|
|
|
|
expect(subject).to_not permit(viewer, status) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
permissions :destroy?, :unreblog? do |
|
|
|
|
it 'grants access when account is deleter' do |
|
|
|
|
expect(subject).to permit(status.account, status) |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it 'grants access when account is admin' do |
|
|
|
|
expect(subject).to permit(admin.account, status) |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it 'denies access when account is not deleter' do |
|
|
|
|
expect(subject).to_not permit(bob, status) |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it 'denies access when no deleter' do |
|
|
|
|
expect(subject).to_not permit(nil, status) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|