It appears that the demand-loading of
config/authorization_rules.rb has problems when
fakefs is turned on. If the first test in a sequence to trigger
declarative_authorization checks has
fakefs turned on, none of the rules will get loaded. The odds of this are slim, but if you have rspec doing randomization the odds increase if you are rerunning a single spec file.
The workaround is simple. Just force
declarative_authorization to load the rules before any tests run. Just add the following to your
# This ensures authorization rules are loaded prior to tests that use FakeFS