Move access-related matchers to their own module

a2ecfdc5 · Robert Speicher · 1fee24a3 · a2ecfdc5 · a2ecfdc5 · a2ecfdc5
Commit a2ecfdc5 authored Jul 21, 2015 by Robert Speicher
11 changed files
--- a/spec/features/security/dashboard_access_spec.rb
+++ b/spec/features/security/dashboard_access_spec.rb
 require 'spec_helper'

 describe "Dashboard access", feature: true  do
+  include AccessMatchers
+
  describe "GET /dashboard" do
    subject { dashboard_path }


--- a/spec/features/security/group/group_access_spec.rb
+++ b/spec/features/security/group/group_access_spec.rb
 require 'spec_helper'

 describe "Group access", feature: true  do
+  include AccessMatchers
+
  describe "GET /projects/new" do
    it { expect(new_group_path).to be_allowed_for :admin }
    it { expect(new_group_path).to be_allowed_for :user }

--- a/spec/features/security/group/internal_group_access_spec.rb
+++ b/spec/features/security/group/internal_group_access_spec.rb
 require 'spec_helper'

 describe "Group with internal project access", feature: true  do
+  include AccessMatchers
+
  describe "Group" do
    let(:group) { create(:group) }


--- a/spec/features/security/group/mixed_group_access_spec.rb
+++ b/spec/features/security/group/mixed_group_access_spec.rb
 require 'spec_helper'

 describe "Group access", feature: true  do
+  include AccessMatchers
+
  describe "Group" do
    let(:group) { create(:group) }


--- a/spec/features/security/group/public_group_access_spec.rb
+++ b/spec/features/security/group/public_group_access_spec.rb
 require 'spec_helper'

 describe "Group with public project access", feature: true  do
+  include AccessMatchers
+
  describe "Group" do
    let(:group) { create(:group) }


--- a/spec/features/security/profile_access_spec.rb
+++ b/spec/features/security/profile_access_spec.rb
 require 'spec_helper'

 describe "Profile access", feature: true  do
+  include AccessMatchers
+
  before do
    @u1 = create(:user)
  end

--- a/spec/features/security/project/internal_access_spec.rb
+++ b/spec/features/security/project/internal_access_spec.rb
 require 'spec_helper'

 describe "Internal Project Access", feature: true  do
+  include AccessMatchers
+
  let(:project) { create(:project, :internal) }

  let(:master) { create(:user) }

--- a/spec/features/security/project/private_access_spec.rb
+++ b/spec/features/security/project/private_access_spec.rb
 require 'spec_helper'

 describe "Private Project Access", feature: true  do
+  include AccessMatchers
+
  let(:project) { create(:project) }

  let(:master)   { create(:user) }

--- a/spec/features/security/project/public_access_spec.rb
+++ b/spec/features/security/project/public_access_spec.rb
 require 'spec_helper'

 describe "Public Project Access", feature: true  do
+  include AccessMatchers
+
  let(:project) { create(:project) }

  let(:master) { create(:user) }
@@ -17,7 +19,6 @@ describe "Public Project Access", feature: true  do

    # readonly
    project.team << [reporter, :reporter]
-
  end

  describe "Project should be public" do

--- a/spec/support/matchers.rb
+++ b/spec/support/matchers.rb
-def emulate_user(user)
-  user = case user
-         when :user then create(:user)
-         when :visitor then nil
-         when :admin then create(:admin)
-         else user
-         end
-  login_with(user) if user
-end
-
-RSpec::Matchers.define :be_allowed_for do |user|
-  match do |url|
-    emulate_user(user)
-    visit url
-    status_code != 404 && current_path != new_user_session_path
-  end
-end
-
-RSpec::Matchers.define :be_denied_for do |user|
-  match do |url|
-    emulate_user(user)
-    visit url
-    status_code == 404 || current_path == new_user_session_path
-  end
-end
-
-RSpec::Matchers.define :be_not_found_for do |user|
-  match do |url|
-    emulate_user(user)
-    visit url
-    status_code == 404
-  end
-end
-
 RSpec::Matchers.define :include_module do |expected|
  match do
    described_class.included_modules.include?(expected)

--- a/spec/support/matchers/access_matchers.rb
+++ b/spec/support/matchers/access_matchers.rb
+# AccessMatchers
+#
+# The custom matchers contained in this module are used to test a user's access
+# to a URL by emulating a specific user or type of user account, visiting the
+# URL, and then checking the response status code and resulting path.
+module AccessMatchers
+  extend RSpec::Matchers::DSL
+  include Warden::Test::Helpers
+
+  def emulate_user(user)
+    case user
+    when :user
+      login_as(create(:user))
+    when :visitor
+      logout
+    when :admin
+      login_as(create(:admin))
+    when User
+      login_as(user)
+    else
+      raise ArgumentError, "cannot emulate user #{user}"
+    end
+  end
+
+  def description_for(user, type)
+    if user.kind_of?(User)
+      # User#inspect displays too much information for RSpec's description
+      # messages
+      "be #{type} for supplied User"
+    else
+      "be #{type} for #{user}"
+    end
+  end
+
+  matcher :be_allowed_for do |user|
+    match do |url|
+      emulate_user(user)
+      visit url
+      status_code != 404 && current_path != new_user_session_path
+    end
+
+    description { description_for(user, 'allowed') }
+  end
+
+  matcher :be_denied_for do |user|
+    match do |url|
+      emulate_user(user)
+      visit url
+      status_code == 404 || current_path == new_user_session_path
+    end
+
+    description { description_for(user, 'denied') }
+  end
+end