Question

我已经实现了帖子和用户模型，其中帖子模型属于用户模型。我定义了授权的能力模型，以便只有创建该帖子的用户才能删除或更新该帖子。我有这样的后置控制器：

def edit
  @post = @topic.posts.find(params[:id])
  authorize! :update, @post
end

能力模型：

class Ability
  include CanCan::Ability

  def initialize(user)
    can :update, Post do |p|
      p.user == user
    end

    can :destroy, Post do |p|
      p.user == user
    end

    can :destroy, Comment do |c|
      c.user == user
    end

    can :create, Post
    can :create, Comment
  end
end

上述模型的rspec是什么？错误：

expected #<User id: nil, email: "", created_at: nil, updated_at: nil> to respond to `able_to?`

  0) User Check for Abilities What User can do should be able to :create and #<Post id: nil, title: nil, body: nil, created_at: nil, updated_at: nil, topic_id: nil, image_file_name: nil, image_content_type: nil, image_file_size: nil, image_updated_at: nil, user_id: nil>
     Failure/Error: it { should be_able_to(:create, Post.new) }
       expected #<User id: nil, email: "", created_at: nil, updated_at: nil> to respond to `able_to?`
     # ./spec/models/ability_spec.rb:8:in `block (4 levels) in <top (required)>'

expected #<User id: nil, email: "", created_at: nil, updated_at: nil> to respond to `able_to?`

  0) User Check for Abilities What User can do should be able to :update and #<Post id: nil, title: nil, body: nil, created_at: nil, updated_at: nil, topic_id: nil, image_file_name: nil, image_content_type: nil, image_file_size: nil, image_updated_at: nil, user_id: nil>
     Failure/Error: it { should be_able_to(:update, Post.new) }
       expected #<User id: nil, email: "", created_at: nil, updated_at: nil> to respond to `able_to?`
     # ./spec/models/ability_spec.rb:9:in `block (4 levels) in <top (required)>'

Answer 1

根据您提供的有限信息，我将分享一个测试能力的示例spec。

describe "User" do
    describe "Check for Abilities" do
        let(:user) { FactoryGirl.create(:user) }

        describe "What User can do" do
            it { should be_able_to(:create, Post.new) }
            it { should be_able_to(:update, Post.new) }
        end
    end
end

我在顶部提供的是一个示例，您必须在此基础上使用它。我的最新答案

require "cancan/matchers"

describe "User" do
  describe "abilities" do
    user = User.create!
    ability = Ability.new(user)
    expect(ability).to be_able_to(:create, Post.new)
    expect(ability).to_not be_able_to(:destory, Post.new)
    end
  end
end

Answer 2

让我们从重构您的能力文件开始。使用hash of conditions而不是块总是一个好主意。因此，您的能力文件应如下所示：

class Ability
  include CanCan::Ability

  def initialize(user)
    can [:update, :destroy], Post, user_id: user.id
    can :destroy, Comment, user_id: user.id
    can :create, Post
    can :create, Comment
  end
end

这是您现有产品的较短版本，功能更多。

这是一个基于cancancan documentation的示例，说明了如何编写测试：

require 'cancan/matchers'
RSpec.describe Ability do  
  subject(:ability) { described_class.new(user) }

  context 'when there is no user' do
    let(:user){ nil }

    it { is_expected.to_not be_able_to(:create, Post)
    ....
  end

  context 'when the user is present' do
    let(:user){ User.new }

    it { is_expected.to be_able_to(:create, Post) }
    ...
end

结束结束

我把其余的测试交给你了。

如何使用cancancan编写rspec以获取功能

2 个答案: