mirror of
https://github.com/internetee/registry.git
synced 2025-05-17 01:47:18 +02:00
Admin can change other users settings without user password #2646
This commit is contained in:
Priit Tark
parent
13b60d39ce
commit
4da89aaa87
9 changed files with 67 additions and 81 deletions
|
|
@ -4,95 +4,61 @@ require 'cancan/matchers'
|
|||
describe AdminUser do
|
||||
context 'with invalid attribute' do
|
||||
before :all do
|
||||
@user = AdminUser.new
|
||||
@admin_user = AdminUser.new
|
||||
end
|
||||
|
||||
it 'should not be valid' do
|
||||
@user.valid?
|
||||
@user.errors.full_messages.should match_array([
|
||||
@admin_user.valid?
|
||||
@admin_user.errors.full_messages.should match_array([
|
||||
"Country code is missing",
|
||||
"Email Email is missing",
|
||||
"Email Email is missing",
|
||||
"Password Password is missing",
|
||||
"Password Password is missing",
|
||||
"Password confirmation is missing",
|
||||
"Roles is missing",
|
||||
"Username Username is missing"
|
||||
])
|
||||
end
|
||||
|
||||
it 'should not have any versions' do
|
||||
@user.versions.should == []
|
||||
@admin_user.versions.should == []
|
||||
end
|
||||
end
|
||||
|
||||
context 'with valid attributes' do
|
||||
before :all do
|
||||
@user = Fabricate(:admin_user)
|
||||
@admin_user = Fabricate(:admin_user)
|
||||
end
|
||||
|
||||
it 'should be valid' do
|
||||
@user.valid?
|
||||
@user.errors.full_messages.should match_array([])
|
||||
@admin_user.valid?
|
||||
@admin_user.errors.full_messages.should match_array([])
|
||||
end
|
||||
|
||||
# it 'should be valid twice' do
|
||||
# @user = Fabricate(:admin_user)
|
||||
# @user.valid?
|
||||
# @user.errors.full_messages.should match_array([])
|
||||
# end
|
||||
it 'should be valid twice' do
|
||||
@admin_user = Fabricate(:admin_user)
|
||||
@admin_user.valid?
|
||||
@admin_user.errors.full_messages.should match_array([])
|
||||
end
|
||||
|
||||
# it 'should have one version' do
|
||||
# with_versioning do
|
||||
# @user.versions.should == []
|
||||
# @user.zip = 'New zip'
|
||||
# @user.save
|
||||
# @user.errors.full_messages.should match_array([])
|
||||
# @user.versions.size.should == 1
|
||||
# end
|
||||
# end
|
||||
it 'should have one version' do
|
||||
with_versioning do
|
||||
@admin_user.versions.should == []
|
||||
@admin_user.updated_at = Time.zone.now
|
||||
@admin_user.save
|
||||
@admin_user.errors.full_messages.should match_array([])
|
||||
@admin_user.versions.size.should == 1
|
||||
end
|
||||
end
|
||||
|
||||
it 'should require password confirmation when changing password' do
|
||||
@admin_user.valid?.should == true
|
||||
@admin_user.password = 'not confirmed'
|
||||
@admin_user.valid?
|
||||
@admin_user.errors.full_messages.should match_array([
|
||||
"Password confirmation doesn't match Password"
|
||||
])
|
||||
end
|
||||
end
|
||||
|
||||
# describe 'abilities' do
|
||||
# subject(:ability) { Ability.new(user) }
|
||||
# let(:user) { nil }
|
||||
|
||||
# context 'when user is admin' do
|
||||
# let(:user) { Fabricate(:admin_user) }
|
||||
|
||||
# it { should be_able_to(:manage, Domain.new) }
|
||||
# it { should be_able_to(:manage, Contact.new) }
|
||||
# it { should be_able_to(:manage, Registrar.new) }
|
||||
# it { should be_able_to(:manage, Setting.new) }
|
||||
# it { should be_able_to(:manage, ZonefileSetting.new) }
|
||||
# it { should be_able_to(:manage, DomainVersion.new) }
|
||||
# it { should be_able_to(:manage, User.new) }
|
||||
# it { should be_able_to(:manage, ApiUser.new) }
|
||||
# it { should be_able_to(:manage, Keyrelay.new) }
|
||||
# it { should be_able_to(:manage, LegalDocument.new) }
|
||||
# it { should be_able_to(:read, ApiLog::EppLog.new) }
|
||||
# it { should be_able_to(:read, ApiLog::ReppLog.new) }
|
||||
# it { should be_able_to(:index, :delayed_job) }
|
||||
# it { should be_able_to(:create, :zonefile) }
|
||||
# it { should be_able_to(:access, :settings_menu) }
|
||||
# end
|
||||
|
||||
# context 'when user is customer service' do
|
||||
# let(:user) { Fabricate(:user, roles: ['customer_service']) }
|
||||
|
||||
# it { should be_able_to(:manage, Domain.new) }
|
||||
# it { should be_able_to(:manage, Contact.new) }
|
||||
# it { should be_able_to(:manage, Registrar.new) }
|
||||
# it { should_not be_able_to(:manage, Setting.new) }
|
||||
# it { should_not be_able_to(:manage, ZonefileSetting.new) }
|
||||
# it { should_not be_able_to(:manage, DomainVersion.new) }
|
||||
# it { should_not be_able_to(:manage, User.new) }
|
||||
# it { should_not be_able_to(:manage, ApiUser.new) }
|
||||
# it { should_not be_able_to(:manage, LegalDocument.new) }
|
||||
# it { should_not be_able_to(:read, ApiLog::EppLog.new) }
|
||||
# it { should_not be_able_to(:read, ApiLog::ReppLog.new) }
|
||||
# it { should_not be_able_to(:index, :delayed_job) }
|
||||
# it { should_not be_able_to(:create, :zonefile) }
|
||||
# it { should_not be_able_to(:access, :settings_menu) }
|
||||
# end
|
||||
# end
|
||||
end
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue