|
|
@ -29,31 +29,44 @@ describe Ability do |
|
|
|
|
|
|
|
|
|
|
|
context "permitted" do |
|
|
|
context "permitted" do |
|
|
|
before do |
|
|
|
before do |
|
|
|
|
|
|
|
User.do_as(user) do |
|
|
|
|
|
|
|
domain |
|
|
|
|
|
|
|
subdomain |
|
|
|
|
|
|
|
subsubdomain |
|
|
|
permission # ensure permission to domain |
|
|
|
permission # ensure permission to domain |
|
|
|
end |
|
|
|
end |
|
|
|
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
|
|
it "allows other user to manage user's domains and records, if permitted" do |
|
|
|
it "allows other user to manage user's domains and records, if permitted" do |
|
|
|
|
|
|
|
User.do_as(user2) do |
|
|
|
user2.should be_able_to(crud, domain) |
|
|
|
user2.should be_able_to(crud, domain) |
|
|
|
user2.should be_able_to(crud, a_record) |
|
|
|
user2.should be_able_to(crud, a_record) |
|
|
|
user2.should be_able_to(crud, soa_record) |
|
|
|
user2.should be_able_to(crud, soa_record) |
|
|
|
end |
|
|
|
end |
|
|
|
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
|
|
it "denies third user to manage user's permitted domains and records" do |
|
|
|
it "denies third user to manage user's permitted domains and records" do |
|
|
|
|
|
|
|
User.do_as(user3) do |
|
|
|
user3.should_not be_able_to(crud, domain) |
|
|
|
user3.should_not be_able_to(crud, domain) |
|
|
|
user3.should_not be_able_to(crud, a_record) |
|
|
|
user3.should_not be_able_to(crud, a_record) |
|
|
|
user3.should_not be_able_to(crud, soa_record) |
|
|
|
user3.should_not be_able_to(crud, soa_record) |
|
|
|
end |
|
|
|
end |
|
|
|
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
|
|
it "allows other user to manage user's permitted subdomains" do |
|
|
|
it "allows other user to manage user's permitted subdomains" do |
|
|
|
|
|
|
|
User.do_as(user2) do |
|
|
|
user2.should be_able_to(crud, subdomain) |
|
|
|
user2.should be_able_to(crud, subdomain) |
|
|
|
user2.should be_able_to(crud, subsubdomain) |
|
|
|
user2.should be_able_to(crud, subsubdomain) |
|
|
|
end |
|
|
|
end |
|
|
|
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
|
|
it "denies third user to manage other user's permitted subdomains" do |
|
|
|
it "denies third user to manage other user's permitted subdomains" do |
|
|
|
|
|
|
|
User.do_as(user3) do |
|
|
|
user3.should_not be_able_to(crud, subdomain) |
|
|
|
user3.should_not be_able_to(crud, subdomain) |
|
|
|
user3.should_not be_able_to(crud, subsubdomain) |
|
|
|
user3.should_not be_able_to(crud, subsubdomain) |
|
|
|
end |
|
|
|
end |
|
|
|
end |
|
|
|
end |
|
|
|
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
|
|
context "permission" do |
|
|
|
context "permission" do |
|
|
|
it "allows me to manage my domain's permissions" do |
|
|
|
it "allows me to manage my domain's permissions" do |
|
|
|