proctoru / policy-assertions Goto Github PK
View Code? Open in Web Editor NEWMinitest assertions for Pundit policies
License: MIT License
Minitest assertions for Pundit policies
License: MIT License
This is a really great gem I stumbled across today while reading about how to test Pundit with Minitest as I'm new to Pundit and new-ish to Minitest.
As I'm reading your instructions and testing things out, one thing jumped out at me.
In a permissions model where a particular show page is accessible to one user, but not another based on whatever criteria, it does not appear you can specifically test that using this gem. Would it be a good idea to have a test like:
def test_show(user(:first_user))
assert_permit user(:first_user), User
refute_permit nil, User
refute_permit user(:other_user), User
end
Basically so I'm testing a specific "show" page rather than any show page?
Hi there
thank you for this gem.
Here is a sample out put:
Expected ProjectPolicy to grant update? on #<Project:0x00007f7d04514ef0> for #<User:0x00007f7d045001a8> but it didn't
The msg prints the user object. Is it possible to monkey patch it so that the msg is more meaningful?
Looks like it is coming from this line:
Or should I simply monkey patch user.to_s
? but woulld you know how to do that only within the context of the PolicyAssertions::Test
class? Pointers would be appreciated.
regards
Ben
Hi,
thanks for this usefull gem. I'm trying to test the permitted attributes defined in my policy, but I don't get your example :
assert_strong_parameters(users(:staff), Article, article_attributes, params)
What is "article_attributes" ? It should return a hash, I guess, but in my project, I don't have any "model_attributes" helper ... where does it come from ?
thanks.
It's not really an issue - more of a question:
I want to override assert_permit and refute_permit to make a slight tweak to the error message:
"Expected #{policy.class.name} to grant #{permission} "\
"on #{record} for #{user} but it didn't"
due to a slight difference in my Pundit set-up the user
I authorize is a role with an associated user so I get:
Expected AreaPolicy to grant new? on Area for #<Enrollment:0x007fe58dc01de8> but it didn't
test/policies/area_policy_test.rb:20:in `test_new_and_create'
I just want to change #{user} to #{user.user}. I know I could fork this etc. but it seems way easier to just override the methods. Can I do this?
We are using a pundit_user
method in our application controller and a UserContext
object with can either have a user or an Ahoy::Visit - it is initialized: UserContext.new(user: current_user, visit: current_visit)
Any idea how I could test this for the Ahoy::Visit? Visits can have associated resources, so passing in nil
as the user won't work.
I'm working on a project that requires keeping policy classes in modules and this line is giving me a problem since it is trimming my module names.
Could you give me an explanation why do we need to demodulize Policy class names here? I don't believe that this reflects Pundit functionality for obtaining Policy class names. Be aware of Manually specifying policy classes.
Thanks!
It would be good if this gem provided a module that you can just include in your test class instead of a class you have to inherit from. For example:
https://github.com/thoughtbot/factory_girl/blob/master/GETTING_STARTED.md#testunit
or (my own gem):
https://github.com/pupeno/assert_difference
You can still provide the class for people that want to use it and backward compatibility. If this is a change you'd be happy to adopt, I can provide the PR.
Hi - I understand this gem is probably not maintained - but is there currently a recommended pattern for testing that the scope returned by the policy matches the expectations?
Should I just do something like this? Is there a shorter / cleaner way?
expected = 10
actual = described_class::Scope.new(user, record).resolve.count
assert_equal expected, actual
I am following the docs on this but in my case I have an added scope to my policies - an enrollment which associates uses with a given tenant in my multi-tenant app. So for example my tests look like this:
test 'guests can not comment' do
refute_permit users(:guest).enrollment, AssetCategory, 'comment?'
end
When a test fails I get something like this:
Expected AssetCategoryPolicy not to grant new? on AssetCategory for #<Enrollment:0x00007fb0890d8e00> but it did
I tried to monkey patch like this:
module PatchEnrollment
refine Enrollment do
def to_s
user.name_last
end
end
end
In my fixtures I created a user for each type of role they are assigned and made the last name the same for situations like this. My hope was to have an output like this:
Expected AssetCategoryPolicy not to grant new? on AssetCategory for Guest but it did
My patch does not seem to be applied and throws no error (I do have using PatchEnrollment
applied in my test_helper BTW).
Any ideas here? Can anyone confirm that the documented monkey patch works?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.