Adapts AccountController to new permissions system
This commit is contained in:
kikito
@@ -1,7 +1,7 @@
|
|||||||
class AccountController < ApplicationController
|
class AccountController < ApplicationController
|
||||||
|
|
||||||
before_action :authenticate_user!
|
|
||||||
before_action :set_account
|
before_action :set_account
|
||||||
|
load_and_authorize_resource class: "User"
|
||||||
|
|
||||||
def show
|
def show
|
||||||
end
|
end
|
||||||
|
|||||||
@@ -6,6 +6,8 @@ class Ability
|
|||||||
can :read, Debate
|
can :read, Debate
|
||||||
|
|
||||||
if user # logged-in users
|
if user # logged-in users
|
||||||
|
can [:read, :update], User, id: user.id
|
||||||
|
|
||||||
can [:read, :create, :vote], Debate
|
can [:read, :create, :vote], Debate
|
||||||
can :update, Debate do |debate|
|
can :update, Debate do |debate|
|
||||||
debate.editable_by?(user)
|
debate.editable_by?(user)
|
||||||
|
|||||||
@@ -10,6 +10,7 @@ feature 'Account' do
|
|||||||
login_as(@user)
|
login_as(@user)
|
||||||
visit root_path
|
visit root_path
|
||||||
click_link "My account"
|
click_link "My account"
|
||||||
|
expect(current_path).to eq(account_path)
|
||||||
|
|
||||||
expect(page).to have_selector("input[value='Manuela']")
|
expect(page).to have_selector("input[value='Manuela']")
|
||||||
expect(page).to have_selector("input[value='Colau']")
|
expect(page).to have_selector("input[value='Colau']")
|
||||||
|
|||||||
@@ -5,7 +5,7 @@ describe Ability do
|
|||||||
subject(:ability) { Ability.new(user) }
|
subject(:ability) { Ability.new(user) }
|
||||||
let(:debate) { Debate.new }
|
let(:debate) { Debate.new }
|
||||||
|
|
||||||
describe "Non-logged in users" do
|
describe "Non-logged in user" do
|
||||||
let(:user) { nil }
|
let(:user) { nil }
|
||||||
|
|
||||||
it { should be_able_to(:index, Debate) }
|
it { should be_able_to(:index, Debate) }
|
||||||
@@ -14,13 +14,22 @@ describe Ability do
|
|||||||
it { should_not be_able_to(:vote, Debate) }
|
it { should_not be_able_to(:vote, Debate) }
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "Citizens" do
|
describe "Citizen" do
|
||||||
let(:user) { create(:user) }
|
let(:user) { create(:user) }
|
||||||
|
|
||||||
it { should be_able_to(:index, Debate) }
|
it { should be_able_to(:index, Debate) }
|
||||||
it { should be_able_to(:show, debate) }
|
it { should be_able_to(:show, debate) }
|
||||||
it { should be_able_to(:vote, debate) }
|
it { should be_able_to(:vote, debate) }
|
||||||
|
|
||||||
|
it { should be_able_to(:show, user) }
|
||||||
|
it { should be_able_to(:edit, user) }
|
||||||
|
|
||||||
|
describe "other users" do
|
||||||
|
let(:other_user) { create(:user) }
|
||||||
|
it { should_not be_able_to(:show, other_user) }
|
||||||
|
it { should_not be_able_to(:edit, other_user) }
|
||||||
|
end
|
||||||
|
|
||||||
describe "editing debates" do
|
describe "editing debates" do
|
||||||
let(:own_debate) { create(:debate, author: user) }
|
let(:own_debate) { create(:debate, author: user) }
|
||||||
let(:own_debate_non_editable) { create(:debate, author: user) }
|
let(:own_debate_non_editable) { create(:debate, author: user) }
|
||||||
@@ -33,7 +42,7 @@ describe Ability do
|
|||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "Moderators" do
|
describe "Moderator" do
|
||||||
let(:user) { create(:user) }
|
let(:user) { create(:user) }
|
||||||
before { create(:moderator, user: user) }
|
before { create(:moderator, user: user) }
|
||||||
|
|
||||||
@@ -43,7 +52,7 @@ describe Ability do
|
|||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "Administrators" do
|
describe "Administrator" do
|
||||||
let(:user) { create(:user) }
|
let(:user) { create(:user) }
|
||||||
before { create(:administrator, user: user) }
|
before { create(:administrator, user: user) }
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user