access_policy_rails 0.0.1

data/spec/support/base_controller_dummy.rb

@@ -0,0 +1,26 @@
+class BaseControllerDummy
+  def self.hide_action(method)
+    @hidden_actions ||= []
+    @hidden_actions << method
+  end
+
+  def self.helper_method(*)
+
+  end
+
+  def self.hidden_actions
+    @hidden_actions
+  end
+
+  def self.policy_class
+    Struct.new(:current_user, :controller) do
+      def create?
+        current_user && current_user.create_allowed?
+      end
+
+      def show?
+        current_user && current_user.show_allowed?
+      end
+    end
+  end
+end

data/spec/unit/lib/access_policy_rails/controller_extensions_spec.rb

@@ -0,0 +1,89 @@
+require 'unit_spec_helper'
+
+module AccessPolicyRails
+  describe ControllerExtensions do
+
+    subject{
+      Class.new(BaseControllerDummy) do
+        include ControllerExtensions
+
+        attr_accessor :current_user
+
+        def initialize(current_user=nil)
+          self.current_user = current_user
+        end
+
+        guarded_action :create do
+
+        end
+
+        guarded_action :show do
+
+        end
+
+      end
+    }
+
+    let(:user){
+      double('user', create_allowed?: false, show_allowed?: true)
+    }
+
+
+    describe '.include' do
+      it 'sets the storage to request local' do
+        expect(subject.new._scope_storage).to be AccessPolicyRails::RequestLocalStorage
+      end
+    end
+
+    describe '.guarded_action' do
+      it 'creates a guarded method' do
+        expect(subject.new).to respond_to :create
+        expect(subject.hidden_actions).to include :create_with_guard
+        expect(subject.hidden_actions).to include :create_with_guard_unsafe
+      end
+
+      it 'protects access to guarded methods' do
+        expect{subject.new(user).create}.to raise_error AccessPolicy::NotAuthorizedError
+        expect{subject.new(user).show}.not_to raise_error
+      end
+
+      it 'skips action authorization when wanted' do
+        controller = Class.new(subject) do
+
+          guarded_action :update, authorize_action: false do
+            authorize(self,'show')
+          end
+        end.new(user)
+
+        expect{controller.update}.not_to raise_error
+      end
+
+    end
+
+    describe '#policy_check_user' do
+      let(:user_without_rights){
+        double('user', create_allowed?: false, show_allowed?: false)
+      }
+
+      it 'uses the current_user as default' do
+        expect(subject.new(user).policy_check_user).to eq user
+      end
+
+      it 'is used for policy checks' do
+        controller = subject.new(user)
+        def controller.policy_check_user
+          user_without_rights
+        end
+
+        expect{controller.show}.to raise_error
+      end
+
+    end
+
+    describe '#policy_for' do
+      it 'returns a wrapped policy' do
+        expect(subject.new(user).policy_for).to be_kind_of PolicyWrapper
+      end
+    end
+  end
+end

data/spec/unit/lib/access_policy_rails/policy_wrapper_spec.rb

@@ -0,0 +1,20 @@
+require 'unit_spec_helper'
+
+module AccessPolicyRails
+  describe PolicyWrapper do
+    subject{
+      PolicyWrapper.new(policy)
+    }
+
+    let(:policy){
+      double('policy', create?: true)
+    }
+
+    describe '#allow?'do
+      it 'delegates to the policy object' do
+        expect(subject.allow?(:create)).to be_truthy
+      end
+    end
+
+  end
+end

data/spec/unit/lib/access_policy_rails/request_local_storage_spec.rb

@@ -0,0 +1,52 @@
+require 'spec_helper'
+
+module AccessPolicyRails
+  describe RequestLocalStorage do
+    subject {
+      RequestLocalStorage
+    }
+
+    let(:storage) {
+      subject.for
+    }
+
+    describe '.for' do
+      it 'creates a new object for every thread' do
+        subject.for
+
+        threat_one_object_id = nil
+        threat_two_object_id = nil
+        threats = []
+
+        threats << Thread.new {
+          threat_one_object_id = RequestLocalStorage.for
+        }
+
+        threats << Thread.new {
+          threat_two_object_id = RequestLocalStorage.for
+        }
+
+        threats.each &:join
+
+        expect(threat_one_object_id).not_to eq threat_two_object_id
+      end
+
+      it 'supports naming different scopes' do
+        second_scope = subject.for 'the second scope'
+        expect(second_scope.object_id).not_to be subject.for.object_id
+      end
+    end
+
+    it 'supports hash like accessors' do
+      storage['key'] = 1
+      expect(storage['key']).to eq 1
+      expect(storage.fetch 'key').to eq 1
+
+      storage.clear!
+
+      expect(storage['key']).to be_nil
+
+    end
+
+  end
+end

data/spec/unit_spec_helper.rb

@@ -0,0 +1 @@
+require 'spec_helper'

metadata

@@ -0,0 +1,387 @@
+--- !ruby/object:Gem::Specification
+name: access_policy_rails
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Dieter Späth
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-02-12 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: access_policy
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: request_store
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 4.0.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 4.0.1
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 2.99.0.beta1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 2.99.0.beta1
+- !ruby/object:Gem::Dependency
+  name: fuubar
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry-remote
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: guard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: guard-rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: guard-bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rb-fsevent
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry-stack_explorer
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry-debugger
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Object oriented authorization for ruby.
+email:
+- shad0wrunner@gmx.de
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".rspec"
+- ".travis.yml"
+- Gemfile
+- Guardfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- access_policy_rails.gemspec
+- lib/access_policy_rails.rb
+- lib/access_policy_rails/change_storage_scope.rb
+- lib/access_policy_rails/controller_extensions.rb
+- lib/access_policy_rails/policy_wrapper.rb
+- lib/access_policy_rails/railtie.rb
+- lib/access_policy_rails/request_local_storage.rb
+- lib/access_policy_rails/version.rb
+- spec/acceptance/dummy/README.rdoc
+- spec/acceptance/dummy/Rakefile
+- spec/acceptance/dummy/app/assets/images/.keep
+- spec/acceptance/dummy/app/assets/javascripts/application.js
+- spec/acceptance/dummy/app/assets/stylesheets/application.css
+- spec/acceptance/dummy/app/controllers/application_controller.rb
+- spec/acceptance/dummy/app/controllers/concerns/.keep
+- spec/acceptance/dummy/app/helpers/application_helper.rb
+- spec/acceptance/dummy/app/mailers/.keep
+- spec/acceptance/dummy/app/models/.keep
+- spec/acceptance/dummy/app/models/concerns/.keep
+- spec/acceptance/dummy/app/views/layouts/application.html.erb
+- spec/acceptance/dummy/bin/bundle
+- spec/acceptance/dummy/bin/rails
+- spec/acceptance/dummy/bin/rake
+- spec/acceptance/dummy/config.ru
+- spec/acceptance/dummy/config/application.rb
+- spec/acceptance/dummy/config/boot.rb
+- spec/acceptance/dummy/config/environment.rb
+- spec/acceptance/dummy/config/environments/development.rb
+- spec/acceptance/dummy/config/environments/production.rb
+- spec/acceptance/dummy/config/environments/test.rb
+- spec/acceptance/dummy/config/initializers/backtrace_silencers.rb
+- spec/acceptance/dummy/config/initializers/filter_parameter_logging.rb
+- spec/acceptance/dummy/config/initializers/inflections.rb
+- spec/acceptance/dummy/config/initializers/mime_types.rb
+- spec/acceptance/dummy/config/initializers/secret_token.rb
+- spec/acceptance/dummy/config/initializers/session_store.rb
+- spec/acceptance/dummy/config/initializers/wrap_parameters.rb
+- spec/acceptance/dummy/config/locales/en.yml
+- spec/acceptance/dummy/config/routes.rb
+- spec/acceptance/dummy/lib/assets/.keep
+- spec/acceptance/dummy/log/.keep
+- spec/acceptance/dummy/log/test.log
+- spec/acceptance/dummy/public/404.html
+- spec/acceptance/dummy/public/422.html
+- spec/acceptance/dummy/public/500.html
+- spec/acceptance/dummy/public/favicon.ico
+- spec/acceptance/enables_permission_query_spec.rb
+- spec/acceptance/enforce_authorize_outside_of_action_spec.rb
+- spec/acceptance/protect_controller_actions_spec.rb
+- spec/acceptance/support/dummy_controller.rb
+- spec/acceptance/support/dummy_controller_policy.rb
+- spec/acceptance/support/feature.rb
+- spec/acceptance/use_different_user_for_policy_checks_spec.rb
+- spec/acceptance_spec_helper.rb
+- spec/spec_helper.rb
+- spec/support/base_controller_dummy.rb
+- spec/unit/lib/access_policy_rails/controller_extensions_spec.rb
+- spec/unit/lib/access_policy_rails/policy_wrapper_spec.rb
+- spec/unit/lib/access_policy_rails/request_local_storage_spec.rb
+- spec/unit_spec_helper.rb
+homepage: ''
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.1
+signing_key: 
+specification_version: 4
+summary: Object oriented authorization for ruby.
+test_files:
+- spec/acceptance/dummy/README.rdoc
+- spec/acceptance/dummy/Rakefile
+- spec/acceptance/dummy/app/assets/images/.keep
+- spec/acceptance/dummy/app/assets/javascripts/application.js
+- spec/acceptance/dummy/app/assets/stylesheets/application.css
+- spec/acceptance/dummy/app/controllers/application_controller.rb
+- spec/acceptance/dummy/app/controllers/concerns/.keep
+- spec/acceptance/dummy/app/helpers/application_helper.rb
+- spec/acceptance/dummy/app/mailers/.keep
+- spec/acceptance/dummy/app/models/.keep
+- spec/acceptance/dummy/app/models/concerns/.keep
+- spec/acceptance/dummy/app/views/layouts/application.html.erb
+- spec/acceptance/dummy/bin/bundle
+- spec/acceptance/dummy/bin/rails
+- spec/acceptance/dummy/bin/rake
+- spec/acceptance/dummy/config.ru
+- spec/acceptance/dummy/config/application.rb
+- spec/acceptance/dummy/config/boot.rb
+- spec/acceptance/dummy/config/environment.rb
+- spec/acceptance/dummy/config/environments/development.rb
+- spec/acceptance/dummy/config/environments/production.rb
+- spec/acceptance/dummy/config/environments/test.rb
+- spec/acceptance/dummy/config/initializers/backtrace_silencers.rb
+- spec/acceptance/dummy/config/initializers/filter_parameter_logging.rb
+- spec/acceptance/dummy/config/initializers/inflections.rb
+- spec/acceptance/dummy/config/initializers/mime_types.rb
+- spec/acceptance/dummy/config/initializers/secret_token.rb
+- spec/acceptance/dummy/config/initializers/session_store.rb
+- spec/acceptance/dummy/config/initializers/wrap_parameters.rb
+- spec/acceptance/dummy/config/locales/en.yml
+- spec/acceptance/dummy/config/routes.rb
+- spec/acceptance/dummy/lib/assets/.keep
+- spec/acceptance/dummy/log/.keep
+- spec/acceptance/dummy/log/test.log
+- spec/acceptance/dummy/public/404.html
+- spec/acceptance/dummy/public/422.html
+- spec/acceptance/dummy/public/500.html
+- spec/acceptance/dummy/public/favicon.ico
+- spec/acceptance/enables_permission_query_spec.rb
+- spec/acceptance/enforce_authorize_outside_of_action_spec.rb
+- spec/acceptance/protect_controller_actions_spec.rb
+- spec/acceptance/support/dummy_controller.rb
+- spec/acceptance/support/dummy_controller_policy.rb
+- spec/acceptance/support/feature.rb
+- spec/acceptance/use_different_user_for_policy_checks_spec.rb
+- spec/acceptance_spec_helper.rb
+- spec/spec_helper.rb
+- spec/support/base_controller_dummy.rb
+- spec/unit/lib/access_policy_rails/controller_extensions_spec.rb
+- spec/unit/lib/access_policy_rails/policy_wrapper_spec.rb
+- spec/unit/lib/access_policy_rails/request_local_storage_spec.rb
+- spec/unit_spec_helper.rb