我有以下规范、策略和控制器。出于某种原因,我的业务用户权限索引规范没有通过,但它在前端有效。我的规格可能是错误的,或者我可能忽略了一些东西。非常感谢您的帮助。
应用政策
class AppPolicy
attr_reader :user, :model
def initialize(user, model)
@user = user
@app = model
end
class Scope
attr_reader :user, :scope
def initialize(user, scope)
@user = user
@scope = scope
end
def resolve
if user.super_user? || user.admin?
scope.all
elsif user.business_user? || user.user?
scope.where(user_id: user.id)
else
scope.none
end
end
end
def index?
@user.admin? || @user.super_user?|| @user.apps || @user == @apps.user
end
** 应用控制器**
class AppController < ApplicationController
def index
@apps = policy_scope(App).order(:name).page(params[:page]).per(25)
authorize @apps
@user = current_user
end
** 应用政策规范**
describe AppPolicy do
subject { AppPolicy }
let (:other_user) { FactoryGirl.build_stubbed :user }
let (:business_user) { FactoryGirl.build_stubbed :user, :business_user }
let (:admin) { FactoryGirl.build_stubbed :user, :admin }
let (:super_user) { FactoryGirl.build_stubbed :user, :super_user }
let (:app) { FactoryGirl.build_stubbed :app }
permissions :index? do
it "allows access for a regular user" do
expect(AppPolicy).to permit(app.user, app)
end
#failing spec below
it "denies access for a business user" do
expect(AppPolicy).not_to permit(business_user, app)
end
it "allows access for an admin" do
expect(AppPolicy).to permit(admin, app)
end
it "allows access for an super user" do
expect(AppPolicy).to permit(super_user, app)
end
end
** 更新 **
我在测试错误的东西。将在我的解决方案上发布答案。