active_model_serializers_cancancan 0.0.3 → 0.0.4
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 51635d6ac71d004e31b78819b6a75770581a935a
|
4
|
+
data.tar.gz: 4b00c64ace4c8f841b6d89e400384a415e1c2091
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: af700feee294692d04313b3e44bfa6fc796ba410105f18681a59a1787430e311fa76b1312d357febcdc70bf7a56159f77bdc73f35c96b5791a63b2f1216164c3
|
7
|
+
data.tar.gz: 5ff61626515287b4354f0457c015a8e90b556630c186ed84098806d4e1fc695442e0c09844b0faf68b7e16d6f61ccf2ae300717ed6605d6a50018fa7faa9f307
|
@@ -1,16 +1,13 @@
|
|
1
1
|
module ActiveModel
|
2
2
|
class Serializer
|
3
|
-
module Associations
|
4
|
-
|
5
|
-
class Config #:nodoc:
|
6
|
-
|
3
|
+
module Associations
|
4
|
+
class Config
|
7
5
|
def authorize?
|
8
6
|
!!options[:authorize]
|
9
7
|
end
|
10
8
|
end
|
11
9
|
|
12
|
-
class HasMany
|
13
|
-
|
10
|
+
class HasMany
|
14
11
|
def serialize_with_cancan
|
15
12
|
return serialize_without_cancan unless authorize?
|
16
13
|
associated_object.select {|item| find_serializable(item).can?(:read, item) }.map do |item|
|
@@ -18,21 +15,24 @@ module ActiveModel
|
|
18
15
|
end
|
19
16
|
end
|
20
17
|
alias_method_chain :serialize, :cancan
|
21
|
-
|
22
18
|
end
|
23
19
|
|
24
|
-
class HasOne
|
25
|
-
|
20
|
+
class HasOne
|
26
21
|
def serialize_with_cancan
|
22
|
+
unless authorize?
|
23
|
+
return serialize_without_cancan
|
24
|
+
end
|
27
25
|
object = associated_object
|
28
26
|
serializer = find_serializable(object)
|
29
|
-
|
30
|
-
|
31
|
-
|
27
|
+
if serializer && serializer.can?(:read, object)
|
28
|
+
serialize_without_cancan
|
29
|
+
else
|
30
|
+
nil
|
31
|
+
end
|
32
32
|
end
|
33
33
|
alias_method_chain :serialize, :cancan
|
34
|
-
|
35
34
|
end
|
36
35
|
end
|
37
36
|
end
|
38
37
|
end
|
38
|
+
|
@@ -6,8 +6,40 @@ describe ActiveModel::Serializer::Associations do
|
|
6
6
|
|
7
7
|
let(:category) { Category.first }
|
8
8
|
|
9
|
-
context 'when authorize is set
|
9
|
+
context 'when authorize is not set' do
|
10
|
+
before do
|
11
|
+
Object.send(:remove_const, :CategorySerializer) if defined?(CategorySerializer)
|
12
|
+
Object.send(:remove_const, :ProjectSerializer) if defined?(ProjectSerializer)
|
13
|
+
Object.send(:remove_const, :Ability) if defined?(Ability)
|
14
|
+
|
15
|
+
CategorySerializer = Class.new(ActiveModel::Serializer) do
|
16
|
+
attributes :id
|
17
|
+
has_many :projects
|
18
|
+
has_one :project
|
19
|
+
end
|
10
20
|
|
21
|
+
ProjectSerializer = Class.new(ActiveModel::Serializer) do
|
22
|
+
attributes :id
|
23
|
+
end
|
24
|
+
|
25
|
+
Ability = Class.new do
|
26
|
+
include CanCan::Ability
|
27
|
+
def initialize(user)
|
28
|
+
cannot :read, :project
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
it 'should serialize forbidden has_many records' do
|
34
|
+
expect(CategorySerializer.new(category, scope: user).serializable_hash[:projects].length).to eq(2)
|
35
|
+
end
|
36
|
+
|
37
|
+
it 'should serialize forbidden has_one records' do
|
38
|
+
expect(CategorySerializer.new(category, scope: user).serializable_hash[:project]).to_not be_nil
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
context 'when authorize is set to false' do
|
11
43
|
before do
|
12
44
|
Object.send(:remove_const, :CategorySerializer) if defined?(CategorySerializer)
|
13
45
|
Object.send(:remove_const, :ProjectSerializer) if defined?(ProjectSerializer)
|
@@ -37,12 +69,11 @@ describe ActiveModel::Serializer::Associations do
|
|
37
69
|
|
38
70
|
it 'should serialize forbidden has_one records' do
|
39
71
|
expect(CategorySerializer.new(category, scope: user).serializable_hash[:project]).to_not be_nil
|
72
|
+
expect(CategorySerializer.new(category, scope: user).serializable_hash[:project]).to_not be_nil
|
40
73
|
end
|
41
|
-
|
42
74
|
end
|
43
75
|
|
44
76
|
context 'when authorize set to true' do
|
45
|
-
|
46
77
|
before do
|
47
78
|
Object.send(:remove_const, :CategorySerializer) if defined?(CategorySerializer)
|
48
79
|
Object.send(:remove_const, :ProjectSerializer) if defined?(ProjectSerializer)
|
@@ -80,7 +111,6 @@ describe ActiveModel::Serializer::Associations do
|
|
80
111
|
it 'should serialize authorized has_one records' do
|
81
112
|
expect(CategorySerializer.new(category, scope: User.find(2)).serializable_hash[:project]).to_not be_nil
|
82
113
|
end
|
83
|
-
|
84
114
|
end
|
85
115
|
|
86
116
|
end
|