2020-04-19 13:35:58 -07:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2022-06-21 12:33:07 -07:00
|
|
|
require "rails_helper"
|
2022-06-21 12:33:46 -07:00
|
|
|
require "support/pghero_stubby"
|
2020-04-19 13:35:58 -07:00
|
|
|
|
2022-06-21 12:33:07 -07:00
|
|
|
describe "role-constrained routes", type: :request do
|
|
|
|
shared_examples_for "fails to access route" do
|
|
|
|
it "fails to access route" do
|
2022-07-03 14:50:17 -07:00
|
|
|
# 302 = redirect to login
|
2020-04-19 13:35:58 -07:00
|
|
|
# 404 = no user found -- we have a fallback route if something could not be matched
|
2022-07-03 14:50:17 -07:00
|
|
|
expect(subject).to be_in [302, 404]
|
2020-04-19 13:35:58 -07:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2022-06-21 12:33:07 -07:00
|
|
|
shared_examples_for "routes for" do |roles, subject_block, skip_reason: nil|
|
2020-04-19 13:35:58 -07:00
|
|
|
before { skip(skip_reason) } if skip_reason
|
|
|
|
|
|
|
|
subject(&subject_block)
|
|
|
|
|
2022-06-21 12:33:07 -07:00
|
|
|
context "not signed in" do
|
|
|
|
include_examples "fails to access route"
|
2020-04-19 13:35:58 -07:00
|
|
|
end
|
|
|
|
|
|
|
|
roles.each do |role|
|
|
|
|
context "signed in user without #{role} role" do
|
2022-06-21 12:33:07 -07:00
|
|
|
let(:user) { FactoryBot.create(:user, password: "test1234") }
|
2020-04-19 13:35:58 -07:00
|
|
|
|
|
|
|
before(:each) do
|
2022-06-21 12:33:07 -07:00
|
|
|
post "/sign_in", params: { user: { login: user.email, password: user.password } }
|
2020-04-19 13:35:58 -07:00
|
|
|
end
|
|
|
|
|
2022-06-21 12:33:07 -07:00
|
|
|
include_examples "fails to access route"
|
2020-04-19 13:35:58 -07:00
|
|
|
end
|
|
|
|
|
|
|
|
context "signed in user with #{role} role" do
|
2022-06-21 12:33:07 -07:00
|
|
|
let(:user) { FactoryBot.create(:user, password: "test1234", roles: [role]) }
|
2020-04-19 13:35:58 -07:00
|
|
|
|
|
|
|
before(:each) do
|
2022-06-21 12:33:07 -07:00
|
|
|
post "/sign_in", params: { user: { login: user.email, password: user.password } }
|
2020-04-19 13:35:58 -07:00
|
|
|
end
|
|
|
|
|
2022-06-21 12:33:07 -07:00
|
|
|
it "can access route" do
|
2020-04-19 13:35:58 -07:00
|
|
|
expect(subject).to be_in 200..299
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2022-06-21 12:33:07 -07:00
|
|
|
it_behaves_like("routes for", [:administrator], -> { get("/justask_admin") })
|
|
|
|
it_behaves_like("routes for", [:administrator], -> { get("/sidekiq") })
|
2022-06-21 12:33:46 -07:00
|
|
|
it_behaves_like("routes for", [:administrator], -> { get("/pghero") })
|
2022-06-21 12:33:07 -07:00
|
|
|
it_behaves_like("routes for", %i[administrator moderator], -> { get("/moderation") })
|
2020-04-19 13:35:58 -07:00
|
|
|
end
|