I have the following spec, policy and controller. For some reason, my permissions' index spec for business user is not passing, but it works on the front-end. My spec might be wrong or I might be overlooking something. Many thanks in advance for help.
App Policy
class AppPolicy
attr_reader :user, :model
def initialize(user, model)
@user = user
@app = model
end
class Scope
attr_reader :user, :scope
def initialize(user, scope)
@user = user
@scope = scope
end
def resolve
if user.super_user? || user.admin?
scope.all
elsif user.business_user? || user.user?
scope.where(user_id: user.id)
else
scope.none
end
end
end
def index?
@user.admin? || @user.super_user?|| @user.apps || @user == @apps.user
end
** App Controller**
class AppController < ApplicationController
def index
@apps = policy_scope(App).order(:name).page(params[:page]).per(25)
authorize @apps
@user = current_user
end
** App Policy Spec**
describe AppPolicy do
subject { AppPolicy }
let (:other_user) { FactoryGirl.build_stubbed :user }
let (:business_user) { FactoryGirl.build_stubbed :user, :business_user }
let (:admin) { FactoryGirl.build_stubbed :user, :admin }
let (:super_user) { FactoryGirl.build_stubbed :user, :super_user }
let (:app) { FactoryGirl.build_stubbed :app }
permissions :index? do
it "allows access for a regular user" do
expect(AppPolicy).to permit(app.user, app)
end
#failing spec below
it "denies access for a business user" do
expect(AppPolicy).not_to permit(business_user, app)
end
it "allows access for an admin" do
expect(AppPolicy).to permit(admin, app)
end
it "allows access for an super user" do
expect(AppPolicy).to permit(super_user, app)
end
end
** Update **
I was testing the wrong things. Will post answer on my solution.
