spec/requests/posts_controller_auth_spec.rb

require 'rails_helper'

RSpec.describe 'requests to posts controller', type: :request do
  let(:user) { FactoryBot.create(:user) }
  let(:moderator) { FactoryBot.create(:moderator) }
  let(:admin) { FactoryBot.create(:admin) }

  let(:p) { FactoryBot.create(:post) }
  let(:board) { FactoryBot.build_stubbed(:board) }

  let(:headers) { headers = { "ACCEPT" => "application/json" } }

  context 'when user is not logged in' do
    it 'fulfills index action' do
      get posts_path
      expect(response).to have_http_status(:success)
    end
    it 'fulfills show action' do
      get posts_path(p)
      expect(response).to have_http_status(:success)
    end
    it 'blocks create action' do
      post posts_path, params: { post: { title: p.title } }, headers: headers
      expect(response).to have_http_status(:unauthorized)
    end
    it 'blocks update action' do
      patch post_path(p), params: { post: { title: p.title } }, headers: headers
      expect(response).to have_http_status(:unauthorized)
    end
  end

  context 'user role' do
    before(:each) do
      user.confirm
      sign_in user
    end

    # it 'fulfills create action' do
    #   post posts_path, params: { post: { title: p.title, board_id: board.id, user_id: user.id } }, headers: headers
    #   expect(response).to have_http_status(:success)
    # end
    it 'blocks update action if from different user' do
      expect(user.id).not_to eq(p.user_id)
      patch post_path(p), params: { post: { title: p.title } }, headers: headers
      expect(response).to have_http_status(:unauthorized)
    end
  end

  context 'moderator role' do
    before(:each) do
      moderator.confirm
      sign_in moderator
    end

    it 'fulfills update action' do
      expect(user.id).not_to eq(p.user_id)
      patch post_path(p), params: { post: { title: p.title } }, headers: headers
      expect(response).to have_http_status(:success)
    end
  end
end
Improve rails controllers (#118) 2022-06-10 12:03:33 +02:00			`require 'rails_helper'`

			`RSpec.describe 'requests to posts controller', type: :request do`
			`let(:user) { FactoryBot.create(:user) }`
			`let(:moderator) { FactoryBot.create(:moderator) }`
			`let(:admin) { FactoryBot.create(:admin) }`

			`let(:p) { FactoryBot.create(:post) }`
			`let(:board) { FactoryBot.build_stubbed(:board) }`

			`let(:headers) { headers = { "ACCEPT" => "application/json" } }`

			`context 'when user is not logged in' do`
			`it 'fulfills index action' do`
			`get posts_path`
			`expect(response).to have_http_status(:success)`
			`end`
			`it 'fulfills show action' do`
			`get posts_path(p)`
			`expect(response).to have_http_status(:success)`
			`end`
			`it 'blocks create action' do`
			`post posts_path, params: { post: { title: p.title } }, headers: headers`
			`expect(response).to have_http_status(:unauthorized)`
			`end`
			`it 'blocks update action' do`
			`patch post_path(p), params: { post: { title: p.title } }, headers: headers`
			`expect(response).to have_http_status(:unauthorized)`
			`end`
			`end`

			`context 'user role' do`
			`before(:each) do`
			`user.confirm`
			`sign_in user`
			`end`

			`# it 'fulfills create action' do`
			`# post posts_path, params: { post: { title: p.title, board_id: board.id, user_id: user.id } }, headers: headers`
			`# expect(response).to have_http_status(:success)`
			`# end`
			`it 'blocks update action if from different user' do`
			`expect(user.id).not_to eq(p.user_id)`
			`patch post_path(p), params: { post: { title: p.title } }, headers: headers`
			`expect(response).to have_http_status(:unauthorized)`
			`end`
			`end`

			`context 'moderator role' do`
			`before(:each) do`
			`moderator.confirm`
			`sign_in moderator`
			`end`

			`it 'fulfills update action' do`
			`expect(user.id).not_to eq(p.user_id)`
			`patch post_path(p), params: { post: { title: p.title } }, headers: headers`
			`expect(response).to have_http_status(:success)`
			`end`
			`end`
			`end`