Class: PolicyAssertions::Test

Inherits:

ActiveSupport::TestCase

• Object
• ActiveSupport::TestCase
• PolicyAssertions::Test

Defined in:

lib/policy_assertions.rb

Instance Method Summary

• #assert_permit(user, record, *permissions) ⇒ Object
• #assert_strong_parameters(user, record, params_hash, allowed_params) ⇒ Object
• #refute_permit(user, record, *permissions) ⇒ Object

Instance Method Details

#assert_permit(user, record, *permissions) ⇒ Object

# File 'lib/policy_assertions.rb', line 12

def assert_permit(user, record, *permissions)
  get_permissions(permissions).each do |permission|
    policy = Pundit.policy!(user, record)
    assert policy.public_send(permission),
           "Expected #{policy.class.name} to grant #{permission} "\
           "on #{record} for #{user} but it didn't"
  end
end

#assert_strong_parameters(user, record, params_hash, allowed_params) ⇒ Object

# File 'lib/policy_assertions.rb', line 30

def assert_strong_parameters(user, record,
                             params_hash, allowed_params)
  params = ActionController::Parameters.new(class_symbol => params_hash)

  strong_params = params.require(class_symbol)
                  .permit(*get_strong_params(user, record)).keys

  strong_params.each do |param|
    assert_includes allowed_params,
                    param.to_sym,
                    "User #{user} should not be permitted to "\
                    "update parameter [#{param}]"
  end
end

#refute_permit(user, record, *permissions) ⇒ Object

# File 'lib/policy_assertions.rb', line 21

def refute_permit(user, record, *permissions)
  get_permissions(permissions).each do |permission|
    policy = Pundit.policy!(user, record)
    refute policy.public_send(permission),
           "Expected #{policy.class.name} not to grant #{permission} "\
           "on #{record} for #{user} but it did"
  end
end