29 lines
659 B
Ruby
29 lines
659 B
Ruby
require 'rails_helper'
|
|
|
|
describe UserPolicy do
|
|
|
|
subject { described_class }
|
|
|
|
describe '#permitted_attributes' do
|
|
subject { Pundit.policy(user, user).permitted_attributes }
|
|
|
|
let(:user) { User.new }
|
|
|
|
it "includes basic form fields" do
|
|
expect(subject).to eq([:username, :name, :email, :theme_name, :asciicasts_private_by_default])
|
|
end
|
|
end
|
|
|
|
permissions :update? do
|
|
it "grants access if edited user is current user" do
|
|
user = User.new
|
|
expect(subject).to permit(user, user)
|
|
end
|
|
|
|
it "denies access if edited user is not current user" do
|
|
expect(subject).not_to permit(User.new, User.new)
|
|
end
|
|
end
|
|
|
|
end
|