dymk/redux-scraper
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
redux-scraper/spec/policies/telegram_bot_log_policy_spec.rb
Dylan Knutson 24a59d50f2 telegram bot logs, first pass
2025-08-05 05:05:21 +00:00

69 lines
2.3 KiB
Ruby
Raw Permalink Blame History

# typed: false
require "rails_helper"
RSpec.describe TelegramBotLogPolicy, type: :policy do
let(:admin_user) { create(:user, role: :admin) }
let(:regular_user) { create(:user, role: :user) }
let(:telegram_bot_log) { create(:telegram_bot_log, :successful) }
describe "permissions" do
describe "index?" do
it "grants access for admin users" do
policy = TelegramBotLogPolicy.new(admin_user, TelegramBotLog)
expect(policy.index?).to be true
end
it "denies access for regular users" do
policy = TelegramBotLogPolicy.new(regular_user, TelegramBotLog)
expect(policy.index?).to be false
end
end
describe "show?" do
it "grants access for admin users" do
policy = TelegramBotLogPolicy.new(admin_user, telegram_bot_log)
expect(policy.show?).to be true
end
it "denies access for regular users" do
policy = TelegramBotLogPolicy.new(regular_user, telegram_bot_log)
expect(policy.show?).to be false
end
end
describe "other actions" do
it "denies new/create/edit/update/destroy for all users" do
admin_policy = TelegramBotLogPolicy.new(admin_user, telegram_bot_log)
regular_policy =
TelegramBotLogPolicy.new(regular_user, telegram_bot_log)
# These methods are inherited from ApplicationPolicy and should be false
expect(admin_policy.create?).to be false
expect(admin_policy.new?).to be false
expect(admin_policy.edit?).to be false
expect(admin_policy.update?).to be false
expect(admin_policy.destroy?).to be false
expect(regular_policy.create?).to be false
expect(regular_policy.new?).to be false
expect(regular_policy.edit?).to be false
expect(regular_policy.update?).to be false
expect(regular_policy.destroy?).to be false
end
end
end
describe "scope" do
let!(:log1) { create(:telegram_bot_log, :successful) }
let!(:log2) { create(:telegram_bot_log, :with_error) }
it "returns all logs for admin users" do
scope = Pundit.policy_scope(admin_user, TelegramBotLog)
expect(scope).to include(log1, log2)
end
# Note: The policy scope returns scope.all for all users, but actual access control
# is handled at the controller level via authorize calls
end
end
Reference in New Issue View Git Blame Copy Permalink