Add coverage for validation permissions

2024-10-12 17:18:31 -04:00 · 2024-10-12 17:18:31 -04:00 · da7997943c
parent 961afb47e8
commit da7997943c
2 changed files with 22 additions and 2 deletions
--- a/app/models/webhook.rb
+++ b/app/models/webhook.rb
@ -34,7 +34,7 @@ class Webhook < ApplicationRecord
  validates :events, presence: true

  validate :events_validation_error, if: :invalid_events?
-  validate :validate_permissions
+  validate :validate_permissions, if: -> { defined?(@current_account) }
  validate :validate_template

  normalizes :events, with: ->(events) { events.filter_map { |event| event.strip.presence } }
@ -80,7 +80,11 @@ class Webhook < ApplicationRecord
  end

  def validate_permissions
-    errors.add(:events, :invalid_permissions) if defined?(@current_account) && required_permissions.any? { |permission| !@current_account.user_role.can?(permission) }
+    errors.add(:events, :invalid_permissions) if current_account_role_lacking_permissions?
+  end
+
+  def current_account_role_lacking_permissions?
+    required_permissions.any? { |permission| !@current_account.user_role.can?(permission) }
  end

  def validate_template
--- a/spec/models/webhook_spec.rb
+++ b/spec/models/webhook_spec.rb
@ -11,6 +11,22 @@ RSpec.describe Webhook do
    it { is_expected.to validate_presence_of(:events) }

    it { is_expected.to_not allow_values([], %w(account.invalid)).for(:events) }
+
+    context 'when current_account is assigned' do
+      subject { Fabricate.build :webhook, current_account: account }
+
+      context 'with account that has permissions' do
+        let(:account) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')).account }
+
+        it { is_expected.to allow_values(%w(account.created)).for(:events) }
+      end
+
+      context 'with account lacking permissions' do
+        let(:account) { Fabricate :account }
+
+        it { is_expected.to_not allow_values(%w(account.created)).for(:events) }
+      end
+    end
  end

  describe 'Normalizations' do