adeia 0.8.6 → 0.9.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 12c3d51dadb631d94c2edfa49ca0d776493af994
-  data.tar.gz: 01b37ba0aee47d8e4986f20c685804e9381ea1bc
+  metadata.gz: 66ce37ecc369635104a9414c77d3211a8cf44f17
+  data.tar.gz: a6d3b36ce560d07f44ec15356a866728dbdb2d51
 SHA512:
-  metadata.gz: 5dc0af21e0ae4b9839617689f9ba2324ace51732db43f4c1252ffc527a7d33230b0057204a78ed24889fba751fb4243703faa672a54a88c098e9ac0ec8202594
-  data.tar.gz: 90bb1b39b7ec685d02527ee03598d78e00cfb52d4c64b1a4067fa1d65bb5582fa47b532ff143e307681239e94c9734e90abdfd6943c6a8699efebc44232eabb3
+  metadata.gz: 75842f069596bc4999e6e2f56c4390e48c01cccc72de2deb26e41f09dde799031c4e075c430ddb8ad681ef083e7a868e3151596c23c3232e513c5d5a48652d66
+  data.tar.gz: f11f62d18f0840aefe789984dbcd2e743b08c9c0a77a916a898e26d5db526b45a34b7a4b8bc221025f592e269ee0a26bb834c9ca012a7019137a968ec0429360

data/config/locales/en.yml

@@ -4,6 +4,7 @@ en:
       login_required: "Please login before visiting this page !"
       access_denied: "You don't have access to this page !"
       missing_params: "params %{params} is missing !"
+      missing_user_model: "A model `User` is missing in the app !"
   errors:
     messages:
       right_required: "Please check at least one right or add an action"

data/config/locales/fr.yml

@@ -4,6 +4,7 @@ fr:
       login_required: "Veuillez vous connecter pour accéder à cette page !"
       access_denied: "Vous n'êtes pas autorisé à accéder à cette page !"
       missing_params: "Le paramètre %{params} est manquant !"
+      missing_user_model: "Aucun modèle `User` trouvé dans votre application !"
   errors:
     messages:
       right_required: "Vous devez cocher au moins un droit ou ajouter une action"

data/lib/adeia/authorization.rb

@@ -21,10 +21,14 @@ module Adeia
       end
     end
 
-    def can?
+    def rights?
       action_rights = @user.nil? ? {} : send("#{right_name}_rights")
       merge_permissions(token_rights(right_name), action_rights)
-      @rights.any? && authorize?
+      @rights.any?
+    end
+
+    def can?
+      rights? && authorize?
     end
 
     private

data/lib/adeia/controller_methods.rb

@@ -45,8 +45,12 @@ module Adeia
 
     def can?(action, controller=nil, resource=nil)
       args = { action: action, controller: controller, resource: resource }
-      var_name = "@#{action}#{controller.delete('/')}#{resource.try(:model_name).try(:human)}#{resource.try(:id)}"
-      instance_variable_get(var_name) || instance_variable_set(var_name, ControllerResource.new(self, **args).can?)
+      ControllerResource.new(self, **args).can?
+    end
+
+    def rights?(action, controller=nil, resource=nil)
+      args = { action: action, controller: controller, resource: resource }
+      ControllerResource.new(self, **args).rights?
     end
 
     # Redirect the user to the stored url or the default one provided

data/lib/adeia/controller_resource.rb

@@ -73,7 +73,11 @@ module Adeia
     end
 
     def can?
-      authorization.can?
+      instance_variable_get_or_set(:can?)
+    end
+
+    def rights?
+      instance_variable_get_or_set(:rights?)
     end
 
     private
@@ -90,6 +94,16 @@ module Adeia
       resource_class.model_name.element
     end
 
+    def var_name(method)
+      [method, @controller_name, @action_name, @resource.try(:model_name).try(:human), @resource.try(:id)].map do |s|
+        s.to_s.gsub("/", "_").delete("?") if s
+      end.compact.join("_").prepend("@")
+    end
+
+    def instance_variable_get_or_set(method)
+      @controller.instance_variable_get(var_name(method)) || @controller.instance_variable_set(var_name(method), authorization.send(method))
+    end
+
 
     # Store the current url in a cookie
     # 

data/lib/adeia/engine.rb

@@ -1,5 +1,7 @@
 require "adeia/controller_methods"
 require "adeia/helpers/sessions_helper"
+require "adeia/helpers/user_helper"
+require "adeia/exceptions"
 
 module Adeia
   class Engine < ::Rails::Engine
@@ -14,6 +16,16 @@ module Adeia
       g.factory_girl false
     end
 
+    initializer 'Adeia.requirements' do |app|
+      unless Rails.env.test?
+        raise MissingUserModel unless defined? User
+      end
+    end
+
+    initializer 'Adeia.user_addictions' do |app|
+      User.send :include, Adeia::Helpers::UserHelper
+    end
+
     initializer 'Adeia.controller_methods' do |app|
       ActionController::Base.send :include, Adeia::ControllerMethods
     end

data/lib/adeia/exceptions.rb

@@ -30,4 +30,12 @@ module Adeia
 
   end
 
+  class MissingUserModel < Error
+
+    def to_s
+      I18n.t("exceptions.messages.missing_user_model", params: @params)
+    end
+
+  end
+
 end

data/lib/adeia/helpers/user_helper.rb

@@ -0,0 +1,21 @@
+module Adeia
+  module Helpers
+    module UserHelper
+      extend ActiveSupport::Concern
+
+      module ClassMethods
+
+        def human_name
+          model_name.i18n_key
+        end
+      end
+
+      included do
+        extend ClassMethods
+
+        has_many :permissions, class_name: "Adeia::Permission"
+      end
+
+    end
+  end
+end

data/lib/adeia/version.rb

@@ -1,3 +1,3 @@
 module Adeia
-  VERSION = "0.8.6"
+  VERSION = "0.9.0"
 end

data/spec/adeia/controller_methods_spec.rb

@@ -0,0 +1,108 @@
+require 'rails_helper'
+
+module Adeia
+  describe "ControllerMethods", type: :controller do
+
+    describe "#require_login!" do
+
+      controller do
+        def index
+          require_login!
+          render nothing: true
+        end
+      end
+
+      it "requires to be logged in" do
+        expect { get :index }.to raise_error Adeia::LoginRequired
+      end
+
+      it "responds successfully when logged in" do
+        @user = create(:user)
+        sign_in @user
+        expect{ get :index }.not_to raise_error
+      end
+
+    end
+
+    describe "::require_login" do
+
+      controller do
+        require_login
+
+        def index
+          render nothing: true
+        end
+      end
+
+      it "requires to be logged in" do
+        expect { get :index }.to raise_error Adeia::LoginRequired
+      end
+
+      it "responds successfully when logged in" do
+        @user = create(:user)
+        sign_in @user
+        expect{ get :index }.not_to raise_error
+      end
+
+    end
+
+    describe "#can?" do
+
+      controller do
+        def index
+          @can = can? :read, "articles"
+          render nothing: true
+        end
+      end
+
+      it "returns false when the user is not authorized" do
+        get :index
+        expect(assigns(:can)).to be false
+      end
+
+      it "caches the result" do
+        get :index
+        expect(assigns(:can_articles_read)).to be false
+      end
+
+      it "returns true when the user is authorized" do
+        @user = create(:user)
+        sign_in @user
+        create(:permission, owner: @user, element_name: "articles", read_right: true)
+        get :index
+        expect(assigns(:can)).to be true
+      end
+
+    end
+
+     describe "#rights?" do
+
+      controller do
+        def index
+          @rights = rights? :read, "articles"
+          render nothing: true
+        end
+      end
+
+      it "returns false when the user is not authorized" do
+        get :index
+        expect(assigns(:rights)).to be false
+      end
+
+      it "caches the result" do
+        get :index
+        expect(assigns(:rights_articles_read)).to be false
+      end
+
+      it "returns true when the user has at least one right" do
+        @user = create(:user)
+        sign_in @user
+        create(:permission, owner: @user, element_name: "articles", type_name: "on_ownerships", read_right: true)
+        get :index
+        expect(assigns(:rights)).to be true
+      end
+
+    end
+
+  end
+end

data/spec/controllers/articles_controller_spec.rb

@@ -3,7 +3,7 @@ require "rails_helper"
 describe ArticlesController, :type => :controller do
   context "with a logged in user" do
     before(:each) do
-      @user = User.create!(name: "admin", password: "12341", password_confirmation: "12341")
+      @user = create(:user)
       sign_in @user
     end
 
@@ -119,39 +119,5 @@ describe ArticlesController, :type => :controller do
       end
 
     end
-
-    describe "POST #create" do
-
-      it "responds successfully" do
-        expect{ post :create, article: attributes_for(:article) }.not_to raise_error
-      end
-
-    end
-
-    describe "PATCH #update" do
-
-      it "responds successfully" do
-        article = create(:article)
-        expect{ patch :update, id: article.id, article: attributes_for(:article) }.not_to raise_error
-      end
-
-    end
-  end
-
-  describe "POST #create" do
-
-    it "required to be logged in" do
-      expect { post :create, article: attributes_for(:article) }.to raise_error Adeia::LoginRequired
-    end
-
-  end
-
-  describe "PATCH #update" do
-
-    it "required to be logged in" do
-      article = create(:article)
-      expect { patch :update, id: article.id, article: attributes_for(:article) }.to raise_error Adeia::LoginRequired
-    end
-
   end
 end