2011-10-08 21:36:38 +00:00
|
|
|
require 'spec_helper'
|
|
|
|
|
2014-04-12 08:56:37 +00:00
|
|
|
describe "Users Security", feature: true do
|
2011-10-08 21:36:38 +00:00
|
|
|
describe "Project" do
|
2011-10-26 13:46:25 +00:00
|
|
|
before do
|
2012-11-06 03:31:55 +00:00
|
|
|
@u1 = create(:user)
|
2011-10-08 21:36:38 +00:00
|
|
|
end
|
|
|
|
|
2011-10-26 13:46:25 +00:00
|
|
|
describe "GET /login" do
|
2015-02-12 18:17:35 +00:00
|
|
|
it { expect(new_user_session_path).not_to be_404_for :visitor }
|
2011-10-08 21:36:38 +00:00
|
|
|
end
|
|
|
|
|
2013-06-24 16:24:27 +00:00
|
|
|
describe "GET /profile/keys" do
|
|
|
|
subject { profile_keys_path }
|
2012-08-25 17:43:55 +00:00
|
|
|
|
2015-02-12 18:17:35 +00:00
|
|
|
it { is_expected.to be_allowed_for @u1 }
|
|
|
|
it { is_expected.to be_allowed_for :admin }
|
|
|
|
it { is_expected.to be_allowed_for :user }
|
|
|
|
it { is_expected.to be_denied_for :visitor }
|
2011-10-08 21:36:38 +00:00
|
|
|
end
|
|
|
|
|
2011-10-26 13:46:25 +00:00
|
|
|
describe "GET /profile" do
|
2012-08-25 17:43:55 +00:00
|
|
|
subject { profile_path }
|
|
|
|
|
2015-02-12 18:17:35 +00:00
|
|
|
it { is_expected.to be_allowed_for @u1 }
|
|
|
|
it { is_expected.to be_allowed_for :admin }
|
|
|
|
it { is_expected.to be_allowed_for :user }
|
|
|
|
it { is_expected.to be_denied_for :visitor }
|
2011-10-08 21:36:38 +00:00
|
|
|
end
|
|
|
|
|
2012-09-14 16:13:25 +00:00
|
|
|
describe "GET /profile/account" do
|
2013-10-09 16:03:09 +00:00
|
|
|
subject { profile_account_path }
|
2012-12-02 11:29:24 +00:00
|
|
|
|
2015-02-12 18:17:35 +00:00
|
|
|
it { is_expected.to be_allowed_for @u1 }
|
|
|
|
it { is_expected.to be_allowed_for :admin }
|
|
|
|
it { is_expected.to be_allowed_for :user }
|
|
|
|
it { is_expected.to be_denied_for :visitor }
|
2012-12-02 11:29:24 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
describe "GET /profile/design" do
|
|
|
|
subject { design_profile_path }
|
2012-08-25 17:43:55 +00:00
|
|
|
|
2015-02-12 18:17:35 +00:00
|
|
|
it { is_expected.to be_allowed_for @u1 }
|
|
|
|
it { is_expected.to be_allowed_for :admin }
|
|
|
|
it { is_expected.to be_allowed_for :user }
|
|
|
|
it { is_expected.to be_denied_for :visitor }
|
2011-10-08 21:36:38 +00:00
|
|
|
end
|
2013-09-25 11:05:03 +00:00
|
|
|
|
|
|
|
describe "GET /profile/history" do
|
|
|
|
subject { history_profile_path }
|
|
|
|
|
2015-02-12 18:17:35 +00:00
|
|
|
it { is_expected.to be_allowed_for @u1 }
|
|
|
|
it { is_expected.to be_allowed_for :admin }
|
|
|
|
it { is_expected.to be_allowed_for :user }
|
|
|
|
it { is_expected.to be_denied_for :visitor }
|
2013-09-25 11:05:03 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
describe "GET /profile/notifications" do
|
|
|
|
subject { profile_notifications_path }
|
|
|
|
|
2015-02-12 18:17:35 +00:00
|
|
|
it { is_expected.to be_allowed_for @u1 }
|
|
|
|
it { is_expected.to be_allowed_for :admin }
|
|
|
|
it { is_expected.to be_allowed_for :user }
|
|
|
|
it { is_expected.to be_denied_for :visitor }
|
2013-09-25 11:05:03 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
describe "GET /profile/groups" do
|
|
|
|
subject { profile_groups_path }
|
|
|
|
|
2015-02-12 18:17:35 +00:00
|
|
|
it { is_expected.to be_allowed_for @u1 }
|
|
|
|
it { is_expected.to be_allowed_for :admin }
|
|
|
|
it { is_expected.to be_allowed_for :user }
|
|
|
|
it { is_expected.to be_denied_for :visitor }
|
2013-09-25 11:05:03 +00:00
|
|
|
end
|
2011-10-08 21:36:38 +00:00
|
|
|
end
|
|
|
|
end
|