X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/efd50cd529990069dc1ca95f66ec6f61471fe29d..fa0a933c24f9866db17694dbef667e3c4d7ed08f:/test/abilities/capability_test.rb?ds=sidebyside diff --git a/test/abilities/capability_test.rb b/test/abilities/capability_test.rb index a25c67043..ed42ef01a 100644 --- a/test/abilities/capability_test.rb +++ b/test/abilities/capability_test.rb @@ -12,6 +12,90 @@ class CapabilityTest < ActiveSupport::TestCase end end +class ChangesetCommentCapabilityTest < CapabilityTest + test "as a normal user with permissionless token" do + token = create(:access_token) + capability = Capability.new token + + [:create, :destroy, :restore].each do |action| + assert capability.cannot? action, ChangesetComment + end + end + + test "as a normal user with allow_write_api token" do + token = create(:access_token, :allow_write_api => true) + capability = Capability.new token + + [:destroy, :restore].each do |action| + assert capability.cannot? action, ChangesetComment + end + + [:create].each do |action| + assert capability.can? action, ChangesetComment + end + end + + test "as a moderator with permissionless token" do + token = create(:access_token, :user => create(:moderator_user)) + capability = Capability.new token + + [:create, :destroy, :restore].each do |action| + assert capability.cannot? action, ChangesetComment + end + end + + test "as a moderator with allow_write_api token" do + token = create(:access_token, :user => create(:moderator_user), :allow_write_api => true) + capability = Capability.new token + + [:create, :destroy, :restore].each do |action| + assert capability.can? action, ChangesetComment + end + end +end + +class NoteCapabilityTest < CapabilityTest + test "as a normal user with permissionless token" do + token = create(:access_token) + capability = Capability.new token + + [:create, :comment, :close, :reopen, :destroy].each do |action| + assert capability.cannot? action, Note + end + end + + test "as a normal user with allow_write_notes token" do + token = create(:access_token, :allow_write_notes => true) + capability = Capability.new token + + [:destroy].each do |action| + assert capability.cannot? action, Note + end + + [:create, :comment, :close, :reopen].each do |action| + assert capability.can? action, Note + end + end + + test "as a moderator with permissionless token" do + token = create(:access_token, :user => create(:moderator_user)) + capability = Capability.new token + + [:destroy].each do |action| + assert capability.cannot? action, Note + end + end + + test "as a moderator with allow_write_notes token" do + token = create(:access_token, :user => create(:moderator_user), :allow_write_notes => true) + capability = Capability.new token + + [:destroy].each do |action| + assert capability.can? action, Note + end + end +end + class UserCapabilityTest < CapabilityTest test "user preferences" do # a user with no tokens