action_permission 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,98 @@
1
+ <% module_namespacing do -%>
2
+ class <%= controller_class_name %>Controller < ApplicationController
3
+ # GET <%= route_url %>
4
+ # GET <%= route_url %>.json
5
+ def index
6
+ @<%= plural_table_name %> = <%= orm_class.all(class_name) %>
7
+
8
+ respond_to do |format|
9
+ format.html # index.html.erb
10
+ format.json { render json: <%= "@#{plural_table_name}" %> }
11
+ end
12
+ end
13
+
14
+ # GET <%= route_url %>/1
15
+ # GET <%= route_url %>/1.json
16
+ def show
17
+ @<%= singular_table_name %> = <%= orm_class.find(class_name, "params[:id]") %>
18
+
19
+ respond_to do |format|
20
+ format.html # show.html.erb
21
+ format.json { render json: <%= "@#{singular_table_name}" %> }
22
+ end
23
+ end
24
+
25
+ # GET <%= route_url %>/new
26
+ # GET <%= route_url %>/new.json
27
+ def new
28
+ @<%= singular_table_name %> = <%= orm_class.build(class_name) %>
29
+
30
+ respond_to do |format|
31
+ format.html # new.html.erb
32
+ format.json { render json: <%= "@#{singular_table_name}" %> }
33
+ end
34
+ end
35
+
36
+ # GET <%= route_url %>/1/edit
37
+ def edit
38
+ @<%= singular_table_name %> = <%= orm_class.find(class_name, "params[:id]") %>
39
+ end
40
+
41
+ # POST <%= route_url %>
42
+ # POST <%= route_url %>.json
43
+ def create
44
+ @<%= singular_table_name %> = <%= orm_class.build(class_name, "#{singular_table_name}_params") %>
45
+
46
+ respond_to do |format|
47
+ if @<%= orm_instance.save %>
48
+ format.html { redirect_to @<%= singular_table_name %>, notice: <%= "'#{human_name} was successfully created.'" %> }
49
+ format.json { render json: <%= "@#{singular_table_name}" %>, status: :created, location: <%= "@#{singular_table_name}" %> }
50
+ else
51
+ format.html { render action: "new" }
52
+ format.json { render json: <%= "@#{orm_instance.errors}" %>, status: :unprocessable_entity }
53
+ end
54
+ end
55
+ end
56
+
57
+ # PATCH/PUT <%= route_url %>/1
58
+ # PATCH/PUT <%= route_url %>/1.json
59
+ def update
60
+ @<%= singular_table_name %> = <%= orm_class.find(class_name, "params[:id]") %>
61
+
62
+ respond_to do |format|
63
+ if @<%= orm_instance.update_attributes("#{singular_table_name}_params") %>
64
+ format.html { redirect_to @<%= singular_table_name %>, notice: <%= "'#{human_name} was successfully updated.'" %> }
65
+ format.json { head :no_content }
66
+ else
67
+ format.html { render action: "edit" }
68
+ format.json { render json: <%= "@#{orm_instance.errors}" %>, status: :unprocessable_entity }
69
+ end
70
+ end
71
+ end
72
+
73
+ # DELETE <%= route_url %>/1
74
+ # DELETE <%= route_url %>/1.json
75
+ def destroy
76
+ @<%= singular_table_name %> = <%= orm_class.find(class_name, "params[:id]") %>
77
+ @<%= orm_instance.destroy %>
78
+
79
+ respond_to do |format|
80
+ format.html { redirect_to <%= index_helper %>_url }
81
+ format.json { head :no_content }
82
+ end
83
+ end
84
+
85
+ private
86
+
87
+ # Use this method to whitelist the permissible parameters. Example:
88
+ # params.require(:person).permit(:name, :age)
89
+ # Also, you can specialize this method with per-user checking of permissible attributes.
90
+ # Use allowed_params_for to hook this into <%= controller_class_name %>Permission
91
+ def <%= "#{singular_table_name}_params" %>
92
+ allowed_params_for <%= ":#{singular_table_name}" %>, params
93
+ # delete the line above and uncomment this line to
94
+ # add back the default strong_parameters call
95
+ # params.require().permit(<%= attributes.map {|a| ":#{a.name}" }.sort.join(', ') %>)
96
+ end
97
+ end
98
+ <% end -%>
data/spec/base_spec.rb ADDED
@@ -0,0 +1,108 @@
1
+ require 'spec_helper'
2
+
3
+ describe ActionPermission::Base do
4
+
5
+ let(:membership) { Membership.new }
6
+ let(:base_permission) { ActionPermission::Base.new(membership)}
7
+ let(:test_permission) { TestsPermission.new(membership) }
8
+
9
+ describe '#load' do
10
+ it 'should call #identify on object passed as membership' do
11
+ membership.should_receive(:identify)
12
+ base_permission
13
+ end
14
+
15
+ it 'should call a method on the permission equal to the value returned by membership#idenify' do
16
+ test_permission.should_receive(:guest)
17
+ test_permission.load(membership)
18
+ end
19
+
20
+ it 'should set membership on the permission instance' do
21
+ test_permission.membership.is_a?(Membership).should be_true
22
+ end
23
+ end
24
+
25
+ describe '#allow?' do
26
+ it 'should return the value of the key passed' do
27
+ base_permission.allow([:show])
28
+ base_permission.allow?(:show).should be_true
29
+ end
30
+
31
+ it 'should return false if passed value that is not a key' do
32
+ base_permission.allow([:show])
33
+ base_permission.allow?(:index).should be_false
34
+ end
35
+
36
+ it 'should return false if keys value is a proc but no resource exists' do
37
+ base_permission.allow([:show]){ 'test' }
38
+ base_permission.allow?(:show).should be_false
39
+ end
40
+
41
+ context "with a provided resource" do
42
+ it 'should return true if keys value is a proc that returns truthy' do
43
+ base_permission.allow([:show]){ |resource| resource }
44
+ base_permission.allow?(:show, true).should be_true
45
+ end
46
+
47
+ it 'should return false if keys value is a proc that returns falsey' do
48
+ base_permission.allow([:show]){ |resource| false }
49
+ base_permission.allow?(:show, true).should be_false
50
+ end
51
+ end
52
+ end
53
+
54
+ describe '#allow' do
55
+ it 'should add actions passed to instance allow_actions hash keys' do
56
+ base_permission.allow([:show])
57
+ base_permission.allowed_actions.keys.include?('show').should be_true
58
+ end
59
+
60
+ it 'should set value of action keys to true if no block was passed' do
61
+ base_permission.allow([:show])
62
+ base_permission.allowed_actions['show'].should be_true
63
+ end
64
+
65
+ it 'should set a block as the value of the action keys when a block was given' do
66
+ base_permission.allow [:show] { 'test' }
67
+ base_permission.allowed_actions['show'].call.should eq('test')
68
+ end
69
+ end
70
+
71
+ describe '#allow_rest_actions' do
72
+ it "should add all 7 basic rest actions to allowed_actions" do
73
+ base_permission.allow_rest_actions
74
+ base_permission.allowed_actions.keys.size.should eq(7)
75
+ base_permission.allowed_actions.keys.should eq(['index', 'new', 'create', 'show', 'edit', 'update', 'destroy'])
76
+ end
77
+ end
78
+
79
+ describe '#params' do
80
+ it "should return array of all params allowed by permission" do
81
+ test_permission.params.should eq([:name, :email])
82
+ end
83
+ end
84
+
85
+ describe '#allow_params' do
86
+ it "should set the allowed_params for the permission object" do
87
+ test_permission.should_receive(:params).and_return([:name,:email])
88
+ test_permission.allow_params
89
+ test_permission.allowed_params.should eq([:name, :email])
90
+ end
91
+
92
+ it "should call allow_params_with_options to handle options" do
93
+ test_permission.should_receive(:allow_params_with_options)
94
+ test_permission.allow_params(except: :email)
95
+ end
96
+
97
+ it 'should exclude params from array based on except option' do
98
+ test_permission.allow_params(except: :email)
99
+ test_permission.allowed_params.should_not include(:email)
100
+ end
101
+
102
+ it 'should include only params pasted from the only option' do
103
+ test_permission.allow_params(only: :name)
104
+ test_permission.allowed_params.should_not include(:email)
105
+ end
106
+ end
107
+
108
+ end
@@ -0,0 +1,101 @@
1
+ require 'spec_helper'
2
+
3
+ describe ActionPermission::Controller do
4
+
5
+ before do
6
+ class BadController
7
+ include ActionPermission::Controller
8
+ authorize_with :current_user
9
+ def current_user
10
+ "current_user"
11
+ end
12
+ end
13
+ end
14
+
15
+ let (:controller) { TestsController.new }
16
+ let (:bad_controller) { BadController.new }
17
+
18
+ describe 'included' do
19
+ it "should add delegate methods" do
20
+ TestsController.instance_methods.should include(:allow?)
21
+ TestsController.instance_methods.should include(:allow_param?)
22
+ TestsController.instance_methods.should include(:allowed_params_for)
23
+ end
24
+
25
+ it "should add helper methods" do
26
+ TestsController._helper_methods.should include(:allow?)
27
+ TestsController._helper_methods.should include(:allow_param?)
28
+ TestsController._helper_methods.should include(:current_permission)
29
+ end
30
+ end
31
+
32
+ describe '.authorize_with' do
33
+ before do
34
+ class SomeController
35
+ include ActionPermission::Controller
36
+ authorize_with :dub_dub
37
+ def dub_dub; end
38
+ end
39
+ end
40
+
41
+ it 'should set permission_authorizer' do
42
+ SomeController.permission_authorizer.should eq(:dub_dub)
43
+ end
44
+
45
+ it 'should add method to helper methods' do
46
+ SomeController._helper_methods.should include(:dub_dub)
47
+ end
48
+ end
49
+
50
+ describe ".permission_authorizer" do
51
+
52
+ it "should respond as the method define with authorize_with" do
53
+ TestsController.permission_authorizer.should eq(:current_user)
54
+ end
55
+ end
56
+
57
+ describe "#current_permission" do
58
+ it "should respond with an instance of ActionPermission::Dispatch" do
59
+ controller.current_permission.is_a?(ActionPermission::Dispatch).should be_true
60
+ end
61
+
62
+ end
63
+
64
+ describe "#current_resource" do
65
+ it "should respond nil if inherited class has no current_resource method" do
66
+ bad_controller.current_resource.should be_nil
67
+ end
68
+
69
+ it "should respond with controller instance method if one is defined" do
70
+ controller.current_resource.should eq("current_resource")
71
+ end
72
+
73
+ end
74
+
75
+ describe '#authorize?' do
76
+ it 'should pass the current controller and action into dispatch' do
77
+ dispatch = double
78
+ allow(dispatch).to receive(:allow?).and_return(true)
79
+
80
+ controller.should_receive(:current_permission).
81
+ and_return(dispatch)
82
+
83
+ dispatch.should_receive(:allow?).
84
+ with("tests", "show", "current_resource")
85
+
86
+ controller.authorized?
87
+ end
88
+
89
+ it "should return true if action is allowed" do
90
+ controller.authorized?
91
+ end
92
+
93
+ it "should return false if action is not allowed" do
94
+ controller.should_receive(:params).and_return({controller: "tests", action: "new"})
95
+ controller.should_receive(:params).and_return({controller: "tests", action: "new"})
96
+
97
+ controller.authorized?
98
+ end
99
+ end
100
+
101
+ end
@@ -0,0 +1,164 @@
1
+ require 'spec_helper'
2
+
3
+ describe ActionPermission::Dispatch do
4
+
5
+ let(:membership) { Membership.new }
6
+ let(:dispatch) { ActionPermission::Dispatch.new(membership) }
7
+
8
+ describe '#allow?' do
9
+ it 'should load the appropriate permission file' do
10
+ dispatch.should_receive(:load_permission).
11
+ with(:test).
12
+ and_return(TestsPermission.new(membership))
13
+
14
+ dispatch.allow?(:test, :index)
15
+ end
16
+
17
+ it 'should return true for allowed actions' do
18
+ dispatch.allow?(:test, :index).should be_true
19
+ end
20
+
21
+ it 'should return false for actions now allowed' do
22
+ dispatch.allow?(:test, :new)
23
+ end
24
+ end
25
+
26
+ describe '#allowed_params_for' do
27
+
28
+ before do
29
+ class Test < ActiveRecord::Base; end
30
+ end
31
+
32
+ let(:params) do
33
+ p = double
34
+ allow(p).to receive(:require).and_return(p)
35
+ allow(p).to receive(:permit)
36
+ p
37
+ end
38
+
39
+ describe 'top level resources and controllers' do
40
+
41
+ before(:each) do
42
+ permission = double("TestsPermission", allowed_params: [:name, :email])
43
+ dispatch.should_receive(:load_permission)
44
+ .with("tests")
45
+ .and_return(permission)
46
+
47
+ params.should_receive(:permit)
48
+ .with(*permission.allowed_params)
49
+ end
50
+
51
+ let(:test_instance) do
52
+ test = double
53
+ allow(test).to receive(:class).and_return(Test)
54
+ test
55
+ end
56
+
57
+ context 'resource formatting' do
58
+ it "loads permission when provided a symbol" do
59
+ params.should_receive(:require).with("test")
60
+ dispatch.allowed_params_for(:test, params)
61
+ end
62
+ it 'loads permission when provided a string' do
63
+ params.should_receive(:require).with("test")
64
+ dispatch.allowed_params_for('test', params)
65
+ end
66
+ it 'loads permission when provided class' do
67
+ params.should_receive(:require).with("test")
68
+ dispatch.allowed_params_for(Test, params)
69
+ end
70
+ it 'loads permission when provided class instance' do
71
+ Test.should_receive(:new).and_return(test_instance)
72
+ params.should_receive(:require).with("test")
73
+ dispatch.allowed_params_for(Test.new, params)
74
+ end
75
+ end
76
+
77
+ context 'controller formatting' do
78
+ it 'loads permssion when provided a controller string' do
79
+ dispatch.allowed_params_for 'test', params, 'test'
80
+ end
81
+ it 'loads permssion when provided a controller symbol' do
82
+ dispatch.allowed_params_for 'test', params, :test
83
+ end
84
+ it 'loads permssion when provided a controller class' do
85
+ dispatch.allowed_params_for 'test', params, TestsController
86
+ end
87
+ it 'loads permssion when provided a controller string' do
88
+ dispatch.allowed_params_for 'test', params, TestsController.new
89
+ end
90
+ end
91
+ end
92
+
93
+ describe 'nested resources' do
94
+ before do
95
+ module Suite
96
+ class Test < ActiveRecord::Base; end
97
+ end
98
+ module Suites
99
+ class TestsController; end
100
+ end
101
+ end
102
+
103
+ before(:each) do
104
+ permission = double("TestsPermission", allowed_params: [:name, :email])
105
+ dispatch.should_receive(:load_permission)
106
+ .with("suites/tests")
107
+ .and_return(permission)
108
+ end
109
+
110
+ let(:test_instance) do
111
+ test = double
112
+ allow(test).to receive(:class).and_return(Suite::Test)
113
+ test
114
+ end
115
+
116
+ context 'resource formatting' do
117
+ it 'loads permission when provided a string' do
118
+ params.should_receive(:require).with("suite_test")
119
+ dispatch.allowed_params_for('suite/test', params)
120
+ end
121
+ it 'loads permission when provided class' do
122
+ params.should_receive(:require).with("suite_test")
123
+ dispatch.allowed_params_for(Suite::Test, params)
124
+ end
125
+ it 'loads permission when provided class instance' do
126
+ Suite::Test.should_receive(:new).and_return(test_instance)
127
+ params.should_receive(:require).with("suite_test")
128
+ dispatch.allowed_params_for(Suite::Test.new, params)
129
+ end
130
+ end
131
+
132
+ context 'controller formatting' do
133
+ it 'loads permssion when provided a controller string' do
134
+ dispatch.allowed_params_for 'test', params, 'suites/tests'
135
+ end
136
+ it 'loads permssion when provided a controller class' do
137
+ dispatch.allowed_params_for 'test', params, Suites::TestsController
138
+ end
139
+ it 'loads permssion when provided a controller string' do
140
+ dispatch.allowed_params_for 'test', params, Suites::TestsController.new
141
+ end
142
+ end
143
+ end
144
+ end
145
+
146
+ describe '#allow_param?' do
147
+ it 'should load the appropriate permission file' do
148
+ dispatch.should_receive(:load_permission).
149
+ with("tests").
150
+ and_return(TestsPermission.new(membership))
151
+
152
+ dispatch.allow_param?(:test, :index)
153
+ end
154
+
155
+ it 'should return true for allowed params' do
156
+ dispatch.allow_param?(:test, :name).should be_true
157
+ end
158
+
159
+ it 'should return false for actions now allowed' do
160
+ dispatch.allow_param?(:test, :password)
161
+ end
162
+ end
163
+
164
+ end
@@ -0,0 +1,43 @@
1
+ require 'rubygems'
2
+ require 'rails'
3
+ require 'rspec'
4
+ require './lib/action_permission.rb'
5
+
6
+ require 'abstract_controller/helpers'
7
+ require 'active_record'
8
+ require 'nulldb/rails'
9
+
10
+ ActiveRecord::Base.establish_connection :adapter => :nulldb
11
+
12
+ class Membership
13
+ def identify
14
+ 'guest'
15
+ end
16
+ end
17
+
18
+ class TestsPermission < ActionPermission::Base
19
+ def params
20
+ [:name, :email]
21
+ end
22
+ def guest
23
+ allow([:show, :index])
24
+ allow_params
25
+ end
26
+ end
27
+
28
+ class TestsController
29
+ include ActionPermission::Controller
30
+ authorize_with :current_user
31
+ def current_user
32
+ Membership.new
33
+ end
34
+ def current_resource
35
+ "current_resource"
36
+ end
37
+ def params
38
+ {controller: "tests", action: "show"}
39
+ end
40
+ end
41
+
42
+ RSpec.configure do |config|
43
+ end
metadata ADDED
@@ -0,0 +1,148 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: action_permission
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.0.0
5
+ platform: ruby
6
+ authors:
7
+ - Matt Duffy
8
+ - Brian McElaney
9
+ - Mark Platt
10
+ autorequire:
11
+ bindir: bin
12
+ cert_chain: []
13
+ date: 2014-03-14 00:00:00.000000000 Z
14
+ dependencies:
15
+ - !ruby/object:Gem::Dependency
16
+ name: rails
17
+ requirement: !ruby/object:Gem::Requirement
18
+ requirements:
19
+ - - ~>
20
+ - !ruby/object:Gem::Version
21
+ version: '4'
22
+ type: :runtime
23
+ prerelease: false
24
+ version_requirements: !ruby/object:Gem::Requirement
25
+ requirements:
26
+ - - ~>
27
+ - !ruby/object:Gem::Version
28
+ version: '4'
29
+ - !ruby/object:Gem::Dependency
30
+ name: bundler
31
+ requirement: !ruby/object:Gem::Requirement
32
+ requirements:
33
+ - - ~>
34
+ - !ruby/object:Gem::Version
35
+ version: '1.3'
36
+ type: :development
37
+ prerelease: false
38
+ version_requirements: !ruby/object:Gem::Requirement
39
+ requirements:
40
+ - - ~>
41
+ - !ruby/object:Gem::Version
42
+ version: '1.3'
43
+ - !ruby/object:Gem::Dependency
44
+ name: rake
45
+ requirement: !ruby/object:Gem::Requirement
46
+ requirements:
47
+ - - '>='
48
+ - !ruby/object:Gem::Version
49
+ version: '0'
50
+ type: :development
51
+ prerelease: false
52
+ version_requirements: !ruby/object:Gem::Requirement
53
+ requirements:
54
+ - - '>='
55
+ - !ruby/object:Gem::Version
56
+ version: '0'
57
+ - !ruby/object:Gem::Dependency
58
+ name: rspec
59
+ requirement: !ruby/object:Gem::Requirement
60
+ requirements:
61
+ - - ~>
62
+ - !ruby/object:Gem::Version
63
+ version: '2'
64
+ type: :development
65
+ prerelease: false
66
+ version_requirements: !ruby/object:Gem::Requirement
67
+ requirements:
68
+ - - ~>
69
+ - !ruby/object:Gem::Version
70
+ version: '2'
71
+ - !ruby/object:Gem::Dependency
72
+ name: activerecord-nulldb-adapter
73
+ requirement: !ruby/object:Gem::Requirement
74
+ requirements:
75
+ - - '>='
76
+ - !ruby/object:Gem::Version
77
+ version: '0'
78
+ type: :development
79
+ prerelease: false
80
+ version_requirements: !ruby/object:Gem::Requirement
81
+ requirements:
82
+ - - '>='
83
+ - !ruby/object:Gem::Version
84
+ version: '0'
85
+ description:
86
+ email:
87
+ - matt@mttdffy.com
88
+ - ''
89
+ - ''
90
+ executables: []
91
+ extensions: []
92
+ extra_rdoc_files: []
93
+ files:
94
+ - .gitignore
95
+ - .rspec
96
+ - Gemfile
97
+ - LICENSE.txt
98
+ - README.md
99
+ - Rakefile
100
+ - action_permission.gemspec
101
+ - lib/action_permission.rb
102
+ - lib/action_permission/base.rb
103
+ - lib/action_permission/controller.rb
104
+ - lib/action_permission/dispatch.rb
105
+ - lib/action_permission/railtie.rb
106
+ - lib/action_permission/version.rb
107
+ - lib/generators/action_permission/install/USAGE
108
+ - lib/generators/action_permission/install/install_generator.rb
109
+ - lib/generators/action_permission/install/templates/application.rb
110
+ - lib/generators/action_permission/permission/USAGE
111
+ - lib/generators/action_permission/permission/permission_generator.rb
112
+ - lib/generators/action_permission/permission/templates/permission.rb
113
+ - lib/generators/rails/USAGE
114
+ - lib/generators/rails/action_permission_controller_generator.rb
115
+ - lib/generators/rails/templates/controller.rb
116
+ - spec/base_spec.rb
117
+ - spec/controller_spec.rb
118
+ - spec/dispatch_spec.rb
119
+ - spec/spec_helper.rb
120
+ homepage: https://github.com/mttdffy/action_permission
121
+ licenses:
122
+ - MIT
123
+ metadata: {}
124
+ post_install_message:
125
+ rdoc_options: []
126
+ require_paths:
127
+ - lib
128
+ required_ruby_version: !ruby/object:Gem::Requirement
129
+ requirements:
130
+ - - '>='
131
+ - !ruby/object:Gem::Version
132
+ version: '0'
133
+ required_rubygems_version: !ruby/object:Gem::Requirement
134
+ requirements:
135
+ - - '>='
136
+ - !ruby/object:Gem::Version
137
+ version: '0'
138
+ requirements: []
139
+ rubyforge_project:
140
+ rubygems_version: 2.2.2
141
+ signing_key:
142
+ specification_version: 4
143
+ summary: Controller-based action and attribute permissions
144
+ test_files:
145
+ - spec/base_spec.rb
146
+ - spec/controller_spec.rb
147
+ - spec/dispatch_spec.rb
148
+ - spec/spec_helper.rb