Tests

rzane · rzane · commit 37f6e2180d07 · 2016-03-27T14:22:31.000-04:00
diff --git a/Rakefile b/Rakefile
@@ -1,2 +1,8 @@
-require "bundler/gem_tasks"
+require 'bundler/gem_tasks'
+require 'rake/testtask'
 
+Rake::TestTask.new :test do |t|
+  t.test_files = FileList['test/**/*_test.rb']
+end
+
+task default: :test
diff --git a/grape-cancan.gemspec b/grape-cancan.gemspec
@@ -21,6 +21,8 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'grape', '>= 0.6.0'
   spec.add_dependency 'cancancan'
 
-  spec.add_development_dependency 'bundler', '~> 1.7'
+  spec.add_development_dependency 'bundler', '~> 1.11'
   spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'minitest', '~> 5.8.4'
+  spec.add_development_dependency 'rack-test'
 end
diff --git a/test/grape/cancan_test.rb b/test/grape/cancan_test.rb
@@ -0,0 +1,66 @@
+require 'minitest/autorun'
+require 'rack/test'
+require 'grape/cancan'
+require 'cancancan'
+
+User = Class.new
+
+class Ability
+  include CanCan::Ability
+
+  def initialize(user)
+    can :read, User
+    cannot :love, User
+  end
+end
+
+class API < Grape::API
+  authorize_routes!
+  helpers { define_method(:current_user) { User.new } }
+  get('/can') { can? :love, current_user }
+  get('/cannot') { cannot? :read, current_user }
+  get('/authorize_option', authorize: [:read, User])
+  get('/authorize_option_fail', authorize: [:love, User])
+  get('/authorize_explicit') { authorize! :read, current_user }
+  get('/authorize_explicit_fail') { authorize! :love, current_user }
+end
+
+class GrapeCancanTest < Minitest::Test
+  include Rack::Test::Methods
+
+  def app
+    API
+  end
+
+  def test_can
+    get '/can'
+    assert_equal 'false', last_response.body
+  end
+
+  def test_cannot
+    get '/cannot'
+    assert_equal 'false', last_response.body
+  end
+
+  def test_authorize_option
+    get '/authorize_option'
+    assert_equal 200, last_response.status
+  end
+
+  def test_authorize_option_failure
+    assert_raises CanCan::AccessDenied do
+      get '/authorize_option_fail'
+    end
+  end
+
+  def test_authorize_explicit
+    get '/authorize_explicit'
+    assert_equal 200, last_response.status
+  end
+
+  def test_authorize_explicit_failure
+    assert_raises CanCan::AccessDenied do
+      get '/authorize_explicit_fail'
+    end
+  end
+end
