RubyGems - action_permission - Versions diffs - 1.0.0 - Mend

action_permission 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (28) hide show

checksums.yaml +7 -0
data/.gitignore +17 -0
data/.rspec +1 -0
data/Gemfile +4 -0
data/LICENSE.txt +22 -0
data/README.md +165 -0
data/Rakefile +1 -0
data/action_permission.gemspec +25 -0
data/lib/action_permission/base.rb +71 -0
data/lib/action_permission/controller.rb +56 -0
data/lib/action_permission/dispatch.rb +96 -0
data/lib/action_permission/railtie.rb +21 -0
data/lib/action_permission/version.rb +3 -0
data/lib/action_permission.rb +4 -0
data/lib/generators/action_permission/install/USAGE +3 -0
data/lib/generators/action_permission/install/install_generator.rb +37 -0
data/lib/generators/action_permission/install/templates/application.rb +32 -0
data/lib/generators/action_permission/permission/USAGE +2 -0
data/lib/generators/action_permission/permission/permission_generator.rb +14 -0
data/lib/generators/action_permission/permission/templates/permission.rb +45 -0
data/lib/generators/rails/USAGE +16 -0
data/lib/generators/rails/action_permission_controller_generator.rb +17 -0
data/lib/generators/rails/templates/controller.rb +98 -0
data/spec/base_spec.rb +108 -0
data/spec/controller_spec.rb +101 -0
data/spec/dispatch_spec.rb +164 -0
data/spec/spec_helper.rb +43 -0
metadata +148 -0

data/lib/generators/rails/templates/controller.rb ADDED Viewed

@@ -0,0 +1,98 @@
+<% module_namespacing do -%>
+class <%= controller_class_name %>Controller < ApplicationController
+  # GET <%= route_url %>
+  # GET <%= route_url %>.json
+  def index
+    @<%= plural_table_name %> = <%= orm_class.all(class_name) %>
+    respond_to do |format|
+      format.html # index.html.erb
+      format.json { render json: <%= "@#{plural_table_name}" %> }
+    end
+  end
+  # GET <%= route_url %>/1
+  # GET <%= route_url %>/1.json
+  def show
+    @<%= singular_table_name %> = <%= orm_class.find(class_name, "params[:id]") %>
+    respond_to do |format|
+      format.html # show.html.erb
+      format.json { render json: <%= "@#{singular_table_name}" %> }
+    end
+  end
+  # GET <%= route_url %>/new
+  # GET <%= route_url %>/new.json
+  def new
+    @<%= singular_table_name %> = <%= orm_class.build(class_name) %>
+    respond_to do |format|
+      format.html # new.html.erb
+      format.json { render json: <%= "@#{singular_table_name}" %> }
+    end
+  end
+  # GET <%= route_url %>/1/edit
+  def edit
+    @<%= singular_table_name %> = <%= orm_class.find(class_name, "params[:id]") %>
+  end
+  # POST <%= route_url %>
+  # POST <%= route_url %>.json
+  def create
+    @<%= singular_table_name %> = <%= orm_class.build(class_name, "#{singular_table_name}_params") %>
+    respond_to do |format|
+      if @<%= orm_instance.save %>
+        format.html { redirect_to @<%= singular_table_name %>, notice: <%= "'#{human_name} was successfully created.'" %> }
+        format.json { render json: <%= "@#{singular_table_name}" %>, status: :created, location: <%= "@#{singular_table_name}" %> }
+      else
+        format.html { render action: "new" }
+        format.json { render json: <%= "@#{orm_instance.errors}" %>, status: :unprocessable_entity }
+      end
+    end
+  end
+  # PATCH/PUT <%= route_url %>/1
+  # PATCH/PUT <%= route_url %>/1.json
+  def update
+    @<%= singular_table_name %> = <%= orm_class.find(class_name, "params[:id]") %>
+    respond_to do |format|
+      if @<%= orm_instance.update_attributes("#{singular_table_name}_params") %>
+        format.html { redirect_to @<%= singular_table_name %>, notice: <%= "'#{human_name} was successfully updated.'" %> }
+        format.json { head :no_content }
+      else
+        format.html { render action: "edit" }
+        format.json { render json: <%= "@#{orm_instance.errors}" %>, status: :unprocessable_entity }
+      end
+    end
+  end
+  # DELETE <%= route_url %>/1
+  # DELETE <%= route_url %>/1.json
+  def destroy
+    @<%= singular_table_name %> = <%= orm_class.find(class_name, "params[:id]") %>
+    @<%= orm_instance.destroy %>
+    respond_to do |format|
+      format.html { redirect_to <%= index_helper %>_url }
+      format.json { head :no_content }
+    end
+  end
+  private
+    # Use this method to whitelist the permissible parameters. Example:
+    # params.require(:person).permit(:name, :age)
+    # Also, you can specialize this method with per-user checking of permissible attributes.
+    # Use allowed_params_for to hook this into <%= controller_class_name %>Permission
+    def <%= "#{singular_table_name}_params" %>
+      allowed_params_for <%= ":#{singular_table_name}" %>, params
+      # delete the line above and uncomment this line to
+      # add back the default strong_parameters call
+      # params.require().permit(<%= attributes.map {|a| ":#{a.name}" }.sort.join(', ') %>)
+    end
+end
+<% end -%>

data/spec/base_spec.rb ADDED Viewed

@@ -0,0 +1,108 @@
+require 'spec_helper'
+describe ActionPermission::Base do
+  let(:membership) { Membership.new }
+  let(:base_permission) { ActionPermission::Base.new(membership)}
+  let(:test_permission) { TestsPermission.new(membership) }
+  describe '#load' do
+    it 'should call #identify on object passed as membership' do
+      membership.should_receive(:identify)
+      base_permission
+    end
+    it 'should call a method on the permission equal to the value returned by membership#idenify' do
+      test_permission.should_receive(:guest)
+      test_permission.load(membership)
+    end
+    it 'should set membership on the permission instance' do
+      test_permission.membership.is_a?(Membership).should be_true
+    end
+  end
+  describe '#allow?' do
+    it 'should return the value of the key passed' do
+      base_permission.allow([:show])
+      base_permission.allow?(:show).should be_true
+    end
+    it 'should return false if passed value that is not a key' do
+      base_permission.allow([:show])
+      base_permission.allow?(:index).should be_false
+    end
+    it 'should return false if keys value is a proc but no resource exists' do
+      base_permission.allow([:show]){ 'test' }
+      base_permission.allow?(:show).should be_false
+    end
+    context "with a provided resource" do
+      it 'should return true if keys value is a proc that returns truthy' do
+        base_permission.allow([:show]){ |resource|  resource }
+        base_permission.allow?(:show, true).should be_true
+      end
+      it 'should return false if keys value is a proc that returns falsey' do
+        base_permission.allow([:show]){ |resource|  false }
+        base_permission.allow?(:show, true).should be_false
+      end
+    end
+  end
+  describe '#allow' do
+    it 'should add actions passed to instance allow_actions hash keys' do
+      base_permission.allow([:show])
+      base_permission.allowed_actions.keys.include?('show').should be_true
+    end
+    it 'should set value of action keys to true if no block was passed' do
+      base_permission.allow([:show])
+      base_permission.allowed_actions['show'].should be_true
+    end
+    it 'should set a block as the value of the action keys when a block was given' do
+      base_permission.allow [:show] { 'test' }
+      base_permission.allowed_actions['show'].call.should eq('test')
+    end
+  end
+  describe '#allow_rest_actions' do
+    it "should add all 7 basic rest actions to allowed_actions" do
+      base_permission.allow_rest_actions
+      base_permission.allowed_actions.keys.size.should eq(7)
+      base_permission.allowed_actions.keys.should eq(['index', 'new', 'create', 'show', 'edit', 'update', 'destroy'])
+    end
+  end
+  describe '#params' do
+    it "should return array of all params allowed by permission" do
+      test_permission.params.should eq([:name, :email])
+    end
+  end
+  describe '#allow_params' do
+    it "should set the allowed_params for the permission object" do
+      test_permission.should_receive(:params).and_return([:name,:email])
+      test_permission.allow_params
+      test_permission.allowed_params.should eq([:name, :email])
+    end
+    it "should call allow_params_with_options to handle options" do
+      test_permission.should_receive(:allow_params_with_options)
+      test_permission.allow_params(except: :email)
+    end
+    it 'should exclude params from array based on except option' do
+      test_permission.allow_params(except: :email)
+      test_permission.allowed_params.should_not include(:email)
+    end
+    it 'should include only params pasted from the only option' do
+      test_permission.allow_params(only: :name)
+      test_permission.allowed_params.should_not include(:email)
+    end
+  end
+end

data/spec/controller_spec.rb ADDED Viewed

@@ -0,0 +1,101 @@
+require 'spec_helper'
+describe ActionPermission::Controller do
+  before do
+    class BadController
+      include ActionPermission::Controller
+      authorize_with :current_user
+      def current_user
+        "current_user"
+      end
+    end
+  end
+  let (:controller) { TestsController.new }
+  let (:bad_controller) { BadController.new }
+  describe 'included' do
+    it "should add delegate methods" do
+      TestsController.instance_methods.should include(:allow?)
+      TestsController.instance_methods.should include(:allow_param?)
+      TestsController.instance_methods.should include(:allowed_params_for)
+    end
+    it "should add helper methods" do
+      TestsController._helper_methods.should include(:allow?)
+      TestsController._helper_methods.should include(:allow_param?)
+      TestsController._helper_methods.should include(:current_permission)
+    end
+  end
+  describe '.authorize_with' do
+    before do
+      class SomeController
+        include ActionPermission::Controller
+        authorize_with :dub_dub
+        def dub_dub; end
+      end
+    end
+    it 'should set permission_authorizer' do
+      SomeController.permission_authorizer.should eq(:dub_dub)
+    end
+    it 'should add method to helper methods' do
+      SomeController._helper_methods.should include(:dub_dub)
+    end
+  end
+  describe ".permission_authorizer" do
+    it "should respond as the method define with authorize_with" do
+      TestsController.permission_authorizer.should eq(:current_user)
+    end
+  end
+  describe "#current_permission" do
+    it "should respond with an instance of ActionPermission::Dispatch" do
+      controller.current_permission.is_a?(ActionPermission::Dispatch).should be_true
+    end
+  end
+  describe "#current_resource" do
+    it "should respond nil if inherited class has no current_resource method" do
+      bad_controller.current_resource.should be_nil
+    end
+    it "should respond with controller instance method if one is defined" do
+      controller.current_resource.should eq("current_resource")
+    end
+  end
+  describe '#authorize?' do
+    it 'should pass the current controller and action into dispatch' do
+      dispatch = double
+      allow(dispatch).to receive(:allow?).and_return(true)
+      controller.should_receive(:current_permission).
+        and_return(dispatch)
+      dispatch.should_receive(:allow?).
+        with("tests", "show", "current_resource")
+      controller.authorized?
+    end
+    it "should return true if action is allowed" do
+      controller.authorized?
+    end
+    it "should return false if action is not allowed" do
+      controller.should_receive(:params).and_return({controller: "tests", action: "new"})
+      controller.should_receive(:params).and_return({controller: "tests", action: "new"})
+      controller.authorized?
+    end
+  end
+end

data/spec/dispatch_spec.rb ADDED Viewed

@@ -0,0 +1,164 @@
+require 'spec_helper'
+describe ActionPermission::Dispatch do
+  let(:membership) { Membership.new }
+  let(:dispatch) { ActionPermission::Dispatch.new(membership) }
+  describe '#allow?' do
+    it 'should load the appropriate permission file' do
+      dispatch.should_receive(:load_permission).
+        with(:test).
+        and_return(TestsPermission.new(membership))
+      dispatch.allow?(:test, :index)
+    end
+    it 'should return true for allowed actions' do
+      dispatch.allow?(:test, :index).should be_true
+    end
+    it 'should return false for actions now allowed' do
+      dispatch.allow?(:test, :new)
+    end
+  end
+  describe '#allowed_params_for' do
+    before do
+      class Test < ActiveRecord::Base; end
+    end
+    let(:params) do
+      p = double
+      allow(p).to receive(:require).and_return(p)
+      allow(p).to receive(:permit)
+      p
+    end
+    describe 'top level resources and controllers' do
+      before(:each) do
+        permission = double("TestsPermission", allowed_params: [:name, :email])
+        dispatch.should_receive(:load_permission)
+          .with("tests")
+          .and_return(permission)
+        params.should_receive(:permit)
+          .with(*permission.allowed_params)
+      end
+      let(:test_instance) do
+        test = double
+        allow(test).to receive(:class).and_return(Test)
+        test
+      end
+      context 'resource formatting' do
+        it "loads permission when provided a symbol" do
+          params.should_receive(:require).with("test")
+          dispatch.allowed_params_for(:test, params)
+        end
+        it 'loads permission when provided a string' do
+          params.should_receive(:require).with("test")
+          dispatch.allowed_params_for('test', params)
+        end
+        it 'loads permission when provided class' do
+          params.should_receive(:require).with("test")
+          dispatch.allowed_params_for(Test, params)
+        end
+        it 'loads permission when provided class instance' do
+          Test.should_receive(:new).and_return(test_instance)
+          params.should_receive(:require).with("test")
+          dispatch.allowed_params_for(Test.new, params)
+        end
+      end
+      context 'controller formatting' do
+        it 'loads permssion when provided a controller string' do
+          dispatch.allowed_params_for 'test', params, 'test'
+        end
+        it 'loads permssion when provided a controller symbol' do
+          dispatch.allowed_params_for 'test', params, :test
+        end
+        it 'loads permssion when provided a controller class' do
+          dispatch.allowed_params_for 'test', params, TestsController
+        end
+        it 'loads permssion when provided a controller string' do
+          dispatch.allowed_params_for 'test', params, TestsController.new
+        end
+      end
+    end
+    describe 'nested resources' do
+      before do
+        module Suite
+          class Test < ActiveRecord::Base; end
+        end
+        module Suites
+          class TestsController; end
+        end
+      end
+      before(:each) do
+        permission = double("TestsPermission", allowed_params: [:name, :email])
+        dispatch.should_receive(:load_permission)
+          .with("suites/tests")
+          .and_return(permission)
+      end
+      let(:test_instance) do
+        test = double
+        allow(test).to receive(:class).and_return(Suite::Test)
+        test
+      end
+      context 'resource formatting' do
+        it 'loads permission when provided a string' do
+          params.should_receive(:require).with("suite_test")
+          dispatch.allowed_params_for('suite/test', params)
+        end
+        it 'loads permission when provided class' do
+          params.should_receive(:require).with("suite_test")
+          dispatch.allowed_params_for(Suite::Test, params)
+        end
+        it 'loads permission when provided class instance' do
+          Suite::Test.should_receive(:new).and_return(test_instance)
+          params.should_receive(:require).with("suite_test")
+          dispatch.allowed_params_for(Suite::Test.new, params)
+        end
+      end
+      context 'controller formatting' do
+        it 'loads permssion when provided a controller string' do
+          dispatch.allowed_params_for 'test', params, 'suites/tests'
+        end
+        it 'loads permssion when provided a controller class' do
+          dispatch.allowed_params_for 'test', params, Suites::TestsController
+        end
+        it 'loads permssion when provided a controller string' do
+          dispatch.allowed_params_for 'test', params, Suites::TestsController.new
+        end
+      end
+    end
+  end
+  describe '#allow_param?' do
+    it 'should load the appropriate permission file' do
+      dispatch.should_receive(:load_permission).
+        with("tests").
+        and_return(TestsPermission.new(membership))
+      dispatch.allow_param?(:test, :index)
+    end
+    it 'should return true for allowed params' do
+      dispatch.allow_param?(:test, :name).should be_true
+    end
+    it 'should return false for actions now allowed' do
+      dispatch.allow_param?(:test, :password)
+    end
+  end
+end

data/spec/spec_helper.rb ADDED Viewed

@@ -0,0 +1,43 @@
+require 'rubygems'
+require 'rails'
+require 'rspec'
+require './lib/action_permission.rb'
+require 'abstract_controller/helpers'
+require 'active_record'
+require 'nulldb/rails'
+ActiveRecord::Base.establish_connection :adapter => :nulldb
+class Membership
+  def identify
+    'guest'
+  end
+end
+class TestsPermission < ActionPermission::Base
+  def params
+    [:name, :email]
+  end
+  def guest
+    allow([:show, :index])
+    allow_params
+  end
+end
+class TestsController
+  include ActionPermission::Controller
+  authorize_with :current_user
+  def current_user
+    Membership.new
+  end
+  def current_resource
+    "current_resource"
+  end
+  def params
+    {controller: "tests", action: "show"}
+  end
+end
+RSpec.configure do |config|
+end

metadata ADDED Viewed

@@ -0,0 +1,148 @@
+--- !ruby/object:Gem::Specification
+name: action_permission
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Matt Duffy
+- Brian McElaney
+- Mark Platt
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2014-03-14 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '4'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '4'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2'
+- !ruby/object:Gem::Dependency
+  name: activerecord-nulldb-adapter
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description:
+email:
+- matt@mttdffy.com
+- ''
+- ''
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .rspec
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- action_permission.gemspec
+- lib/action_permission.rb
+- lib/action_permission/base.rb
+- lib/action_permission/controller.rb
+- lib/action_permission/dispatch.rb
+- lib/action_permission/railtie.rb
+- lib/action_permission/version.rb
+- lib/generators/action_permission/install/USAGE
+- lib/generators/action_permission/install/install_generator.rb
+- lib/generators/action_permission/install/templates/application.rb
+- lib/generators/action_permission/permission/USAGE
+- lib/generators/action_permission/permission/permission_generator.rb
+- lib/generators/action_permission/permission/templates/permission.rb
+- lib/generators/rails/USAGE
+- lib/generators/rails/action_permission_controller_generator.rb
+- lib/generators/rails/templates/controller.rb
+- spec/base_spec.rb
+- spec/controller_spec.rb
+- spec/dispatch_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/mttdffy/action_permission
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.2.2
+signing_key:
+specification_version: 4
+summary: Controller-based action and attribute permissions
+test_files:
+- spec/base_spec.rb
+- spec/controller_spec.rb
+- spec/dispatch_spec.rb
+- spec/spec_helper.rb