acl9 2.1.0 → 3.2.0

data/lib/generators/acl9/setup/templates/create_role_tables.rb

@@ -1,22 +1,31 @@
-class Create<%= role_class_name %>Tables < ActiveRecord::Migration
+class Create<%= role_class_name %>Tables < ActiveRecord::Migration[<%= ActiveRecord::Migration.current_version %>]
   def change
     create_table :<%= role_table_name %> do |t|
       t.string   :name,                   null: false
+      <% if r5? %>
+      t.references :authorizable, polymorphic: true
+      <% else %>
       t.string   :authorizable_type,      null: true
       t.integer  :authorizable_id,        null: true
+      <% end %>
       t.boolean  :system, default: false, null: false
       t.timestamps                        null: false
     end
 
     add_index :<%= role_table_name %>, :name
+
+    <% unless r5? %>
     add_index :<%= role_table_name %>, [:authorizable_type, :authorizable_id]
+    <% end -%>
 
     create_table :<%= habtm_table %>, id: false do |t|
       t.references  :<%= subject_name %>, null: false
       t.references  :<%= role_name %>, null: false
     end
 
+    <% unless r5? %>
     add_index :<%= habtm_table %>, :<%= subject_name %>_id
     add_index :<%= habtm_table %>, :<%= role_name %>_id
+    <% end %>
   end
 end

data/lib/generators/acl9/setup/templates/role.rb

@@ -1,3 +1,3 @@
-class <%= role_class_name %> < ActiveRecord::Base
+class <%= role_class_name %> < <%= model_base_name %>
   <%= role_helper %>
 end

data/test/controller_extensions/actions_test.rb

@@ -121,7 +121,7 @@ module ControllerExtensions
 
       assert set_all_actions
       permit_some owner,  @all_actions, :foo => foo
-      permit_some hacker, %w(show index destroy)
+      permit_some hacker, %w(show index destroy), foo: foo
       permit_some another_owner, %w(show index destroy), :foo => foo
     end
 

data/test/controller_extensions/multiple_role_arguments_test.rb

@@ -107,29 +107,30 @@ module ControllerExtensions
 
     test "should also respect :to and :except" do
       assert foo = Foo.create
+      assert too = Foo.create
 
-      assert ( foo = User.create ).has_role! :foo
+      assert ( goo = User.create ).has_role! :goo
       assert ( joo = User.create ).has_role! :joo, foo
       assert ( qoo = User.create ).has_role! :qoo, Bar
 
       @tester.acl_block! do
-        allow :foo, :boo,              :to => [:index, :show]
+        allow :goo, :boo,              :to => [:index, :show]
         allow :zoo, :joo, :by => :foo, :to => [:edit, :update]
         allow :qoo, :woo, :of => Bar
         deny  :qoo, :woo, :of => Bar,  :except => [:delete, :destroy]
       end
 
-      assert_permitted foo, 'index'
-      assert_permitted foo, 'show'
-      assert_forbidden foo, 'edit'
+      assert_permitted goo, 'index'
+      assert_permitted goo, 'show'
+      assert_forbidden goo, 'edit', foo: too
       assert_permitted joo, 'edit', :foo => foo
       assert_permitted joo, 'update', :foo => foo
       assert_forbidden joo, 'show', :foo => foo
-      assert_forbidden joo, 'show'
-      assert_permitted qoo, 'delete'
-      assert_permitted qoo, 'destroy'
-      assert_forbidden qoo, 'edit'
-      assert_forbidden qoo, 'show'
+      assert_forbidden joo, 'show', foo: foo
+      assert_permitted qoo, 'delete', foo: too
+      assert_permitted qoo, 'destroy', foo: too
+      assert_forbidden qoo, 'edit', foo: too
+      assert_forbidden qoo, 'show', foo: too
     end
   end
 end

data/test/controllers/acl_action_override_test.rb

@@ -2,23 +2,23 @@ require 'test_helper'
 
 class ACLActionOverrideTest < ActionController::TestCase
   test "anon can index" do
-    assert get :check_allow, :_action => :index
+    assert get :check_allow, params: { _action: :index }
     assert_response :ok
   end
 
   test "anon can't show" do
-    assert get :check_allow, :_action => :show
+    assert get :check_allow, params: { _action: :show }
     assert_response :unauthorized
   end
 
   test "normal user can't edit" do
-    assert get :check_allow_with_foo, :_action => :edit, :user_id => User.create.id
+    assert get :check_allow_with_foo, params: { _action: :edit, user_id: User.create.id }
     assert_response :unauthorized
   end
 
   test "foo owner can edit" do
     assert ( user = User.create ).has_role! :owner, Foo.first_or_create
-    assert get :check_allow_with_foo, :_action => :edit, :user_id => user.id
+    assert get :check_allow_with_foo, params: { _action: :edit, user_id: user.id }
     assert_response :ok
   end
 end

data/test/controllers/acl_helper_method_test.rb

@@ -8,15 +8,18 @@ class ACLHelperMethodTest < ActionController::TestCase
   test "foo owner allowed" do
     assert @user.has_role! :owner, Foo.first_or_create
 
-    assert get :allow, :user_id => @user.id
+    assert get :allow, params: { user_id: @user.id }
     assert_select 'div', 'OK'
   end
 
   test "another user denied" do
+    assert @another = User.create
+    assert @another.has_role! :owner, Foo.first_or_create
+
     assert @user.has_role! :owner
 
-    assert get :allow, :user_id => @user.id
-    assert_select 'div', 'OK'
+    assert get :allow, params: { user_id: @user.id }
+    assert_select 'div', 'AccessDenied'
   end
 
   test "anon denied" do

data/test/controllers/acl_ivars_test.rb

@@ -3,13 +3,13 @@ require 'test_helper'
 class ACLIvarsTest < ActionController::TestCase
   test "owner of foo destroys" do
     assert ( user = User.create ).has_role! :owner, Bar
-    assert delete :destroy, :id => 1, :user_id => user.id
+    assert delete :destroy, params: { id: 1, user_id: user.id }
     assert_response :ok
   end
 
   test "bartender at Foo destroys" do
     assert ( user = User.create ).has_role! :bartender, Foo
-    assert delete :destroy, :id => 1, :user_id => user.id
+    assert delete :destroy, params: { id: 1, user_id: user.id }
     assert_response :ok
   end
 end

data/test/controllers/acl_object_hash_test.rb

@@ -7,7 +7,7 @@ class ACLObjectsHashTest < ActionController::TestCase
   end
 
   test "objects hash preferred to @ivar" do
-    assert get :allow, :user_id => @user.id
+    assert get :allow, params: { user_id: @user.id }
     assert_response :ok
   end
 

data/test/controllers/acl_query_mixin.rb

@@ -6,7 +6,10 @@ module ACLQueryMixin
       setup do
         assert ( @editor = User.create ).has_role! :editor
         assert ( @viewer = User.create ).has_role! :viewer
-        assert ( @owneroffoo = User.create ).has_role! :owner, Foo.first_or_create
+        assert ( @foo = Foo.first_or_create )
+        assert ( @owneroffoo = User.create ).has_role! :owner, @foo
+
+        @controller.before_action
       end
 
       %i[edit update destroy].each do |meth|
@@ -44,7 +47,7 @@ module ACLQueryMixin
 
       test "should return true for foo owner" do
         assert @controller.current_user = @owneroffoo
-        assert @controller.acl? :fooize, :foo => Foo.first
+        assert @controller.acl? :fooize, foo: Foo.first
       end
     end
   end

data/test/controllers/acl_subject_method_test.rb

@@ -3,7 +3,7 @@ require 'test_helper'
 class ACLSubjectMethodTest < ActionController::TestCase
   test "allow the only user to index" do
     assert ( user = User.create ).has_role! :the_only_one
-    assert get :index, :user_id => user.id
+    assert get :index, params: { user_id: user.id }
     assert_response :ok
   end
 

data/test/controllers/arguments_checking_test.rb

@@ -25,18 +25,18 @@ class ArgumentsCheckingTest < ActionController::TestCase
     end
   end
 
-  test "raise ArgumentError with :helper => true and no method name" do
+  test "raise ArgumentError with helper: true and no method name" do
     assert_raise ArgumentError do
       class FailureController < ApplicationController
-        access_control :helper => true do end
+        access_control helper: true do end
       end
     end
   end
 
-  test "raise ArgumentError with :helper => :method and a method name" do
+  test "raise ArgumentError with helper: :method and a method name" do
     assert_raise ArgumentError do
       class FailureController < ApplicationController
-        access_control :meth, :helper => :another_meth do end
+        access_control :meth, helper: :another_meth do end
       end
     end
   end

data/test/dummy/app/controllers/acl_action_override.rb

@@ -1,8 +1,8 @@
 class ACLActionOverride < ApplicationController
-  access_control :allowed?, :filter => false do
-    allow all, :to => :index
-    deny all, :to => :show
-    allow :owner, :of => :foo, :to => :edit
+  access_control :allowed?, filter: false do
+    allow all, to: :index
+    deny all, to: :show
+    allow :owner, of: :foo, to: :edit
   end
 
   def check_allow
@@ -10,6 +10,6 @@ class ACLActionOverride < ApplicationController
   end
 
   def check_allow_with_foo
-    head allowed?(params[:_action], :foo => Foo.first) ? :ok : :unauthorized
+    head allowed?(params[:_action], foo: Foo.first) ? :ok : :unauthorized
   end
 end

data/test/dummy/app/controllers/acl_boolean_method.rb

@@ -1,12 +1,12 @@
 class ACLBooleanMethod < EmptyController
-  access_control :acl, :filter => false do
-    allow all, :to => [:index, :show], :if => :true_meth
-    allow :admin,                      :unless => :false_meth
-    allow all,                         :if => :false_meth
-    allow all,                         :unless => :true_meth
+  access_control :acl, filter: false do
+    allow all, to: [:index, :show], if: :true_meth
+    allow :admin,               unless: :false_meth
+    allow all,                      if: :false_meth
+    allow all,                  unless: :true_meth
   end
 
-  before_filter :check_acl
+  before_action :check_acl
 
   def check_acl
     if self.acl

data/test/dummy/app/controllers/acl_ivars.rb

@@ -1,11 +1,11 @@
 class ACLIvars < EmptyController
 
-  before_filter :set_ivars
+  before_action :set_ivars
 
   access_control do
     action :destroy do
-      allow :owner, :of => :foo
-      allow :bartender, :at => Foo
+      allow :owner, of: :foo
+      allow :bartender, at: Foo
     end
   end
 

data/test/dummy/app/controllers/acl_query_method_named.rb

@@ -8,6 +8,8 @@ class ACLQueryMethodNamed < ApplicationController
   end
 
   def acl?(*args)
+    @foo = Foo.first
+
     allow_ay(*args)
   end
 end

data/test/dummy/app/controllers/application_controller.rb

@@ -1,7 +1,13 @@
 class ApplicationController < ActionController::Base
+  before_action :before_action
+
   attr_accessor :current_user
 
   def current_user
     @current_user ||= User.find params[:user_id] if params[:user_id]
   end
+
+  def before_action
+    @foo = Foo.first
+  end
 end

data/test/dummy/app/controllers/empty_controller.rb

@@ -1,5 +1,5 @@
 class EmptyController < ApplicationController
   %i[index show new edit create update destroy].each do |action|
-    define_method(action) { render :text => 'OK' }
+    define_method(action) { render plain: 'OK' }
   end
 end

data/test/dummy/app/models/string_object_role.rb

@@ -0,0 +1,3 @@
+class StringObjectRole < ActiveRecord::Base
+  acts_as_authorization_role subject_class_name: "StringUser"
+end

data/test/dummy/app/models/string_user.rb

@@ -0,0 +1,3 @@
+class StringUser < ActiveRecord::Base
+  acts_as_authorization_subject role_class_name: "StringObjectRole"
+end

data/test/dummy/app/models/uuid.rb

@@ -1,4 +1,4 @@
 class Uuid < ActiveRecord::Base
   self.primary_key = "uuid"  
-  acts_as_authorization_object
+  acts_as_authorization_object role_class_name: "StringObjectRole", subject_class_name: "StringUser"
 end

data/test/dummy/config/environments/test.rb

@@ -13,8 +13,8 @@ Dummy::Application.configure do
   config.eager_load = false
 
   # Configure static asset server for tests with Cache-Control for performance.
-  config.serve_static_files  = true
-  config.static_cache_control = 'public, max-age=3600'
+  config.public_file_server.enabled = true
+  config.public_file_server.headers = { 'Cache-Control' => 'public, max-age=3600' }
 
   # Show full error reports and disable caching.
   config.consider_all_requests_local       = true

data/test/dummy/config/routes.rb

@@ -1,3 +1,14 @@
 Dummy::Application.routes.draw do
-  get ':controller(/:action(/:id))'
+  resources :acl_action_override do
+    collection do
+      get :check_allow_with_foo
+      get :check_allow
+    end
+  end
+
+  resources :acl_boolean_method, :acl_block, :acl_ivars, :acl_method, :acl_method2, :acl_subject_method, :acl_arguments
+
+  get :acl_helper_method, to: "acl_helper_method#allow"
+  get :acl_objects_hash, to: "acl_objects_hash#allow"
+
 end

data/test/dummy/db/migrate/20141117132218_create_tables.rb

@@ -1,23 +1,38 @@
-class CreateTables < ActiveRecord::Migration
+class CreateTables < ActiveRecord::Migration[ActiveRecord::Migration.current_version]
+  def self.r5?
+    Rails.gem_version >= Gem::Version.new(5)
+  end
+  def r5?
+    self.class.r5?
+  end
+
   def change
     create_table :roles do |t|
       t.string   :name,              :limit => 40
       t.boolean  :system
-      t.string   :authorizable_type, :limit => 40
-      t.integer  :authorizable_id
+      if r5?
+        t.references :authorizable, polymorphic: true
+      else
+        t.string   :authorizable_type, :limit => 40
+        t.integer  :authorizable_id
+      end
       t.timestamps null: false
     end
 
-    add_index :roles, [:authorizable_type, :authorizable_id]
+    unless r5?
+      add_index :roles, [:authorizable_type, :authorizable_id]
+    end
 
     create_table :roles_users, id: false do |t|
       t.references  :user
       t.references  :role
     end
 
-    add_index :roles_users, :user_id
-    add_index :roles_users, :role_id
-    
+    unless r5?
+      add_index :roles_users, :user_id
+      add_index :roles_users, :role_id
+    end
+
     create_table :users do |t|
       t.string :name
       t.timestamps null: false
@@ -39,6 +54,25 @@ class CreateTables < ActiveRecord::Migration
       t.timestamps null: false
     end
 
+    create_table :string_object_roles do |t|
+      t.string :name
+      t.boolean  :system
+      t.string   :authorizable_type
+      t.string   :authorizable_id
+      t.timestamps null: false
+    end
+
+    create_table :string_object_roles_string_users, id: false do |t|
+      t.references  :string_user, index: { name: "susor" }
+      t.references  :string_object_role, index: { name: "sorsu" }
+    end
+
+    create_table :string_users do |t|
+      t.string :name
+      t.timestamps null: false
+    end
+
+
     create_table :accounts do |t|
       t.string :name
       t.timestamps null: false
@@ -47,20 +81,28 @@ class CreateTables < ActiveRecord::Migration
     create_table :accesses do |t|
       t.string :name
       t.boolean  :system
-      t.string   :authorizable_type, :limit => 40
-      t.integer  :authorizable_id
+      if r5?
+        t.references :authorizable, polymorphic: true
+      else
+        t.string   :authorizable_type, :limit => 40
+        t.integer  :authorizable_id
+      end
       t.timestamps null: false
     end
 
-    add_index :accesses, [:authorizable_type, :authorizable_id]
+    unless r5?
+      add_index :accesses, [:authorizable_type, :authorizable_id]
+    end
 
     create_table :accesses_accounts, id: false do |t|
       t.references  :account
       t.references  :access
     end
 
-    add_index :accesses_accounts, :access_id
-    add_index :accesses_accounts, :account_id
+    unless r5?
+      add_index :accesses_accounts, :access_id
+      add_index :accesses_accounts, :account_id
+    end
 
     create_table :foo_bars do |t|
       t.string :name
@@ -71,21 +113,29 @@ class CreateTables < ActiveRecord::Migration
     create_table :other_roles do |t|
       t.string   :name,              :limit => 40
       t.boolean  :system
-      t.string   :authorizable_type, :limit => 40
-      t.integer  :authorizable_id
+      if r5?
+        t.references :authorizable, polymorphic: true
+      else
+        t.string   :authorizable_type, :limit => 40
+        t.integer  :authorizable_id
+      end
       t.timestamps null: false
     end
 
-    add_index :other_roles, [:authorizable_type, :authorizable_id]
+    unless r5?
+      add_index :other_roles, [:authorizable_type, :authorizable_id]
+    end
 
     create_table :other_roles_users, id: false do |t|
       t.references  :user
       t.references  :role
     end
 
-    add_index :other_roles_users, :user_id
-    add_index :other_roles_users, :role_id
-    
+    unless r5?
+      add_index :other_roles_users, :user_id
+      add_index :other_roles_users, :role_id
+    end
+
     create_table :other_users do |t|
       t.string :name
       t.timestamps null: false