1 # frozen_string_literal: true
5 class AbilityTest < ActiveSupport::TestCase
8 class GuestAbilityTest < AbilityTest
9 test "geocoder permission for a guest" do
10 ability = Ability.new nil
12 [:search, :search_latlon, :search_osm_nominatim,
13 :search_osm_nominatim_reverse].each do |action|
14 assert ability.can?(action, :geocoder), "should be able to #{action} geocoder"
18 test "diary permissions for a guest" do
19 ability = Ability.new nil
20 [:index, :rss, :show].each do |action|
21 assert ability.can?(action, DiaryEntry), "should be able to #{action} DiaryEntries"
24 [:index].each do |action|
25 assert ability.can?(action, DiaryComment), "should be able to #{action} DiaryComments"
28 [:create, :edit, :subscribe, :unsubscribe, :hide, :unhide].each do |action|
29 assert ability.cannot?(action, DiaryEntry), "should not be able to #{action} DiaryEntries"
32 [:create, :hide, :unhide].each do |action|
33 assert ability.cannot?(action, DiaryComment), "should not be able to #{action} DiaryComments"
37 test "note permissions for a guest" do
38 ability = Ability.new nil
40 [:index].each do |action|
41 assert ability.can?(action, Note), "should be able to #{action} Notes"
45 test "user roles permissions for a guest" do
46 ability = Ability.new nil
48 [:create, :destroy].each do |action|
49 assert ability.cannot?(action, UserRole), "should not be able to #{action} UserRoles"
54 class UserAbilityTest < AbilityTest
55 test "Diary permissions" do
56 ability = Ability.new create(:user)
58 [:index, :rss, :show, :create, :edit, :subscribe, :unsubscribe].each do |action|
59 assert ability.can?(action, DiaryEntry), "should be able to #{action} DiaryEntries"
62 [:index, :create].each do |action|
63 assert ability.can?(action, DiaryComment), "should be able to #{action} DiaryComments"
66 [:hide, :unhide].each do |action|
67 assert ability.cannot?(action, DiaryEntry), "should not be able to #{action} DiaryEntries"
68 assert ability.cannot?(action, DiaryComment), "should not be able to #{action} DiaryComment"
71 [:index, :show, :resolve, :ignore, :reopen].each do |action|
72 assert ability.cannot?(action, Issue), "should not be able to #{action} Issues"
77 class ModeratorAbilityTest < AbilityTest
78 test "Issue permissions" do
79 ability = Ability.new create(:moderator_user)
81 [:index, :show, :resolve, :ignore, :reopen].each do |action|
82 assert ability.can?(action, Issue), "should be able to #{action} Issues"
86 test "User Roles permissions" do
87 ability = Ability.new create(:moderator_user)
89 [:create, :destroy].each do |action|
90 assert ability.cannot?(action, UserRole), "should not be able to #{action} UserRoles"
93 [:hide, :unhide].each do |action|
94 assert ability.can?(action, DiaryEntry), "should be able to #{action} DiaryEntries"
95 assert ability.can?(action, DiaryComment), "should be able to #{action} DiaryComment"
99 test "Active block update permissions" do
100 creator_user = create(:moderator_user)
101 other_moderator_user = create(:moderator_user)
102 block = create(:user_block, :creator => creator_user)
104 creator_ability = Ability.new creator_user
105 assert creator_ability.can?(:edit, block)
106 assert creator_ability.can?(:update, block)
108 other_moderator_ability = Ability.new other_moderator_user
109 assert other_moderator_ability.can?(:edit, block)
110 assert other_moderator_ability.can?(:update, block)
113 test "Expired block update permissions" do
114 creator_user = create(:moderator_user)
115 other_moderator_user = create(:moderator_user)
116 block = create(:user_block, :expired, :creator => creator_user)
118 creator_ability = Ability.new creator_user
119 assert creator_ability.can?(:edit, block)
120 assert creator_ability.can?(:update, block)
122 other_moderator_ability = Ability.new other_moderator_user
123 assert other_moderator_ability.cannot?(:edit, block)
124 assert other_moderator_ability.cannot?(:update, block)
127 test "Revoked block update permissions" do
128 creator_user = create(:moderator_user)
129 revoker_user = create(:moderator_user)
130 other_moderator_user = create(:moderator_user)
131 block = create(:user_block, :revoked, :creator => creator_user, :revoker => revoker_user)
133 creator_ability = Ability.new creator_user
134 assert creator_ability.can?(:edit, block)
135 assert creator_ability.can?(:update, block)
137 revoker_ability = Ability.new revoker_user
138 assert revoker_ability.can?(:edit, block)
139 assert revoker_ability.can?(:update, block)
141 other_moderator_ability = Ability.new other_moderator_user
142 assert other_moderator_ability.cannot?(:edit, block)
143 assert other_moderator_ability.cannot?(:update, block)
147 class AdministratorAbilityTest < AbilityTest
148 test "Diary for an administrator" do
149 ability = Ability.new create(:administrator_user)
150 [:index, :rss, :show, :create, :edit, :subscribe, :unsubscribe, :hide, :unhide].each do |action|
151 assert ability.can?(action, DiaryEntry), "should be able to #{action} DiaryEntries"
154 [:index, :create, :hide, :unhide].each do |action|
155 assert ability.can?(action, DiaryComment), "should be able to #{action} DiaryComments"
159 test "User Roles permissions for an administrator" do
160 ability = Ability.new create(:administrator_user)
162 [:create, :destroy].each do |action|
163 assert ability.can?(action, UserRole), "should be able to #{action} UserRoles"