|
|
|
@ -8,16 +8,32 @@ describe WebhookPolicy do |
|
|
|
|
let(:admin) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')).account } |
|
|
|
|
let(:john) { Fabricate(:account) } |
|
|
|
|
|
|
|
|
|
permissions :index?, :create?, :show?, :update?, :enable?, :disable?, :rotate_secret?, :destroy? do |
|
|
|
|
permissions :index?, :create? do |
|
|
|
|
context 'with an admin' do |
|
|
|
|
it 'permits' do |
|
|
|
|
expect(policy).to permit(admin, Tag) |
|
|
|
|
expect(policy).to permit(admin, Webhook) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'with a non-admin' do |
|
|
|
|
it 'denies' do |
|
|
|
|
expect(policy).to_not permit(john, Tag) |
|
|
|
|
expect(policy).to_not permit(john, Webhook) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
permissions :show?, :update?, :enable?, :disable?, :rotate_secret?, :destroy? do |
|
|
|
|
let(:webhook) { Fabricate(:webhook, events: ['account.created', 'report.created']) } |
|
|
|
|
|
|
|
|
|
context 'with an admin' do |
|
|
|
|
it 'permits' do |
|
|
|
|
expect(policy).to permit(admin, webhook) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'with a non-admin' do |
|
|
|
|
it 'denies' do |
|
|
|
|
expect(policy).to_not permit(john, webhook) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|