Class: PolicyAssertions::Test
- Inherits:
-
ActiveSupport::TestCase
- Object
- ActiveSupport::TestCase
- PolicyAssertions::Test
- Defined in:
- lib/policy_assertions.rb
Instance Method Summary collapse
- #assert_permit(user, record, *permissions) ⇒ Object
- #assert_strong_parameters(user, record, params_hash, allowed_params) ⇒ Object
- #refute_permit(user, record, *permissions) ⇒ Object (also: #assert_not_permitted)
Instance Method Details
#assert_permit(user, record, *permissions) ⇒ Object
18 19 20 21 22 23 24 25 |
# File 'lib/policy_assertions.rb', line 18 def assert_permit(user, record, *) (.flatten).each do || policy = find_policy!(user, record) assert policy.public_send(), "Expected #{policy.class.name} to grant #{} "\ "on #{record} for #{user} but it didn't" end end |
#assert_strong_parameters(user, record, params_hash, allowed_params) ⇒ Object
37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 |
# File 'lib/policy_assertions.rb', line 37 def assert_strong_parameters(user, record, params_hash, allowed_params) policy = find_policy!(user, record) param_key = find_param_key(record) params = ActionController::Parameters.new(param_key => params_hash) strong_params = params.require(param_key) .permit(*policy.permitted_attributes).keys strong_params.each do |param| assert_includes allowed_params, param.to_sym, "User #{user} should not be permitted to "\ "update parameter [#{param}]" end end |
#refute_permit(user, record, *permissions) ⇒ Object Also known as: assert_not_permitted
27 28 29 30 31 32 33 34 |
# File 'lib/policy_assertions.rb', line 27 def refute_permit(user, record, *) (.flatten).each do || policy = find_policy!(user, record) refute policy.public_send(), "Expected #{policy.class.name} not to grant #{} "\ "on #{record} for #{user} but it did" end end |