Commit 1f7490a2 authored by Robert Speicher's avatar Robert Speicher Committed by Dmitriy Zaporozhets

Update spec/features/security specs

parent 20a871cc
......@@ -6,7 +6,7 @@ describe "Profile access", feature: true do
end
describe "GET /login" do
it { expect(new_user_session_path).not_to be_404_for :visitor }
it { expect(new_user_session_path).not_to be_not_found_for :visitor }
end
describe "GET /profile/keys" do
......
RSpec::Matchers.define :be_valid_commit do
match do |actual|
actual != nil
actual.id == ValidCommit::ID
actual.message == ValidCommit::MESSAGE
actual.author_name == ValidCommit::AUTHOR_FULL_NAME
actual &&
actual.id == ValidCommit::ID &&
actual.message == ValidCommit::MESSAGE &&
actual.author_name == ValidCommit::AUTHOR_FULL_NAME
end
end
def emulate_user(user)
user = case user
when :user then create(:user)
when :visitor then nil
when :admin then create(:admin)
else user
end
login_with(user) if user
end
RSpec::Matchers.define :be_allowed_for do |user|
match do |url|
include UrlAccess
url_allowed?(user, url)
emulate_user(user)
visit url
status_code != 404 && current_path != new_user_session_path
end
end
RSpec::Matchers.define :be_denied_for do |user|
match do |url|
include UrlAccess
url_denied?(user, url)
emulate_user(user)
visit url
status_code == 404 || current_path == new_user_session_path
end
end
RSpec::Matchers.define :be_404_for do |user|
RSpec::Matchers.define :be_not_found_for do |user|
match do |url|
include UrlAccess
url_404?(user, url)
emulate_user(user)
visit url
status_code == 404
end
end
......@@ -34,7 +47,7 @@ RSpec::Matchers.define :include_module do |expected|
end
description do
"include the #{expected} module"
"includes the #{expected} module"
end
failure_message do
......@@ -42,36 +55,6 @@ RSpec::Matchers.define :include_module do |expected|
end
end
module UrlAccess
def url_allowed?(user, url)
emulate_user(user)
visit url
(status_code != 404 && current_path != new_user_session_path)
end
def url_denied?(user, url)
emulate_user(user)
visit url
(status_code == 404 || current_path == new_user_session_path)
end
def url_404?(user, url)
emulate_user(user)
visit url
status_code == 404
end
def emulate_user(user)
user = case user
when :user then create(:user)
when :visitor then nil
when :admin then create(:admin)
else user
end
login_with(user) if user
end
end
# Extend shoulda-matchers
module Shoulda::Matchers::ActiveModel
class ValidateLengthOfMatcher
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment