This repository is currently being migrated. It's locked while the migration is in progress.
-
Notifications
You must be signed in to change notification settings - Fork 94
Expand file tree
/
Copy pathpower_of_attorney_policy_spec.rb
More file actions
69 lines (59 loc) · 2.04 KB
/
power_of_attorney_policy_spec.rb
File metadata and controls
69 lines (59 loc) · 2.04 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
# frozen_string_literal: true
require 'rails_helper'
describe PowerOfAttorneyPolicy do
subject { described_class }
permissions :access? do
context 'when user is LOA3, has an ICN, and has a participant_id' do
let(:user) { build(:user, :loa3) }
it 'grants access and does not log' do
expect(Rails.logger).not_to receive(:info).with('POA ACCESS DENIED', anything)
expect(subject).to permit(user, :power_of_attorney)
end
end
context 'when user is LOA3 but does not have an ICN' do
let(:user) { build(:user, :loa3, icn: nil) }
it 'denies access due to missing ICN and logs the access denial details' do
expect(Rails.logger).to receive(:info).with(
'POA ACCESS DENIED',
hash_including(
loa_current: 3,
loa3: true,
icn_present: false,
participant_id_present: true
)
)
expect(subject).not_to permit(user, :power_of_attorney)
end
end
context 'when user is LOA3 but does not have a participant_id' do
let(:user) { build(:user, :loa3, participant_id: nil) }
it 'denies access due to missing participant_id and logs the access denial details' do
expect(Rails.logger).to receive(:info).with(
'POA ACCESS DENIED',
hash_including(
loa_current: 3,
loa3: true,
icn_present: true,
participant_id_present: false
)
)
expect(subject).not_to permit(user, :power_of_attorney)
end
end
context 'when user is not LOA3' do
let(:user) { build(:user, :loa1) }
it 'denies access due to not being LOA3 and logs the access denial details' do
expect(Rails.logger).to receive(:info).with(
'POA ACCESS DENIED',
hash_including(
loa_current: 1,
loa3: false,
icn_present: true,
participant_id_present: false
)
)
expect(subject).not_to permit(user, :power_of_attorney)
end
end
end
end