asciinema.org/spec/policies/user_policy_spec.rb
2015-05-10 16:40:39 +00:00

29 lines
659 B
Ruby

require 'rails_helper'
describe UserPolicy do
subject { described_class }
describe '#permitted_attributes' do
subject { Pundit.policy(user, user).permitted_attributes }
let(:user) { User.new }
it "includes basic form fields" do
expect(subject).to eq([:username, :name, :email, :theme_name, :asciicasts_private_by_default])
end
end
permissions :update? do
it "grants access if edited user is current user" do
user = User.new
expect(subject).to permit(user, user)
end
it "denies access if edited user is not current user" do
expect(subject).not_to permit(User.new, User.new)
end
end
end