adeia 0.9.2 → 0.10.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/adeia/controller_methods.rb +4 -6
- data/lib/adeia/controller_resource.rb +20 -9
- data/lib/adeia/version.rb +1 -1
- data/spec/adeia/controller_methods_spec.rb +58 -23
- data/spec/support/spec_login_helper.rb +5 -0
- data/spec/test_app/log/test.log +1603 -0
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f30f7fa1eed97db1750a87c086adbf844427bfc2
|
4
|
+
data.tar.gz: 0f0805b6158786a85b585c9ef57142abe87944b7
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b5f3dc2e53876486e29c471b40178989924d9fd7e2525a2ed63921a25806988569b17fb1085f33f0481217fa5e72c117a2791ccf68efe33b1459a3559a7ed632
|
7
|
+
data.tar.gz: d259aa746873ad3d115fb9f29e62ff305c02f9ad724987438a699901462c85df6cf887920a87b3c7010ebe3cc5e2b8eadfeb92979e52ba69f9a4ad54b3301ef0
|
@@ -43,14 +43,12 @@ module Adeia
|
|
43
43
|
raise LoginRequired unless signed_in?
|
44
44
|
end
|
45
45
|
|
46
|
-
def can?(action,
|
47
|
-
|
48
|
-
ControllerResource.new(self, **args).can?
|
46
|
+
def can?(action, element, resource=nil)
|
47
|
+
ControllerResource.new(self, action: action).authorized?(:can?, element, resource)
|
49
48
|
end
|
50
49
|
|
51
|
-
def rights?(action,
|
52
|
-
|
53
|
-
ControllerResource.new(self, **args).rights?
|
50
|
+
def rights?(action, element, resource=nil)
|
51
|
+
ControllerResource.new(self, action: action).authorized?(:rights?, element, resource)
|
54
52
|
end
|
55
53
|
|
56
54
|
# Redirect the user to the stored url or the default one provided
|
@@ -72,12 +72,9 @@ module Adeia
|
|
72
72
|
authorization.check_permissions!
|
73
73
|
end
|
74
74
|
|
75
|
-
def
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
def rights?
|
80
|
-
instance_variable_get_or_set(:rights?)
|
75
|
+
def authorized?(method, element, resource)
|
76
|
+
@controller_name, @resource = get_controller_and_resource(element, resource)
|
77
|
+
instance_variable_get_or_set(method)
|
81
78
|
end
|
82
79
|
|
83
80
|
private
|
@@ -94,16 +91,30 @@ module Adeia
|
|
94
91
|
resource_class.model_name.element
|
95
92
|
end
|
96
93
|
|
94
|
+
def controller_name(resource)
|
95
|
+
resource.model_name.collection
|
96
|
+
end
|
97
|
+
|
97
98
|
def var_name(method)
|
98
|
-
[method, @controller_name, @action_name, @resource.try(:model_name).try(:human), @resource.try(:id)].map do |s|
|
99
|
-
s.to_s.gsub("/", "_").delete("?")
|
100
|
-
end.
|
99
|
+
[method, @controller_name, @action_name, @resource.try(:model_name).try(:human), @resource.try(:id)].compact.map do |s|
|
100
|
+
s.to_s.gsub("/", "_").delete("?")
|
101
|
+
end.join("_").prepend("@")
|
101
102
|
end
|
102
103
|
|
103
104
|
def instance_variable_get_or_set(method)
|
104
105
|
@controller.instance_variable_get(var_name(method)) || @controller.instance_variable_set(var_name(method), authorization.send(method))
|
105
106
|
end
|
106
107
|
|
108
|
+
def get_controller_and_resource(element, resource)
|
109
|
+
if element.is_a? String
|
110
|
+
return element, resource
|
111
|
+
elsif element.is_a? ActiveRecord::Base
|
112
|
+
return controller_name(element), element
|
113
|
+
elsif element.is_a? Array
|
114
|
+
resource = element.second
|
115
|
+
return "#{element.first}/#{controller_name(resource)}", resource
|
116
|
+
end
|
117
|
+
end
|
107
118
|
|
108
119
|
# Store the current url in a cookie
|
109
120
|
#
|
data/lib/adeia/version.rb
CHANGED
@@ -17,8 +17,7 @@ module Adeia
|
|
17
17
|
end
|
18
18
|
|
19
19
|
it "responds successfully when logged in" do
|
20
|
-
|
21
|
-
sign_in @user
|
20
|
+
sign_in_user
|
22
21
|
expect{ get :index }.not_to raise_error
|
23
22
|
end
|
24
23
|
|
@@ -39,8 +38,7 @@ module Adeia
|
|
39
38
|
end
|
40
39
|
|
41
40
|
it "responds successfully when logged in" do
|
42
|
-
|
43
|
-
sign_in @user
|
41
|
+
sign_in_user
|
44
42
|
expect{ get :index }.not_to raise_error
|
45
43
|
end
|
46
44
|
|
@@ -48,29 +46,67 @@ module Adeia
|
|
48
46
|
|
49
47
|
describe "#can?" do
|
50
48
|
|
51
|
-
controller do
|
52
|
-
|
53
|
-
|
54
|
-
|
49
|
+
context "with a controller provided" do
|
50
|
+
|
51
|
+
controller do
|
52
|
+
def index
|
53
|
+
@can = can? :read, "articles"
|
54
|
+
render nothing: true
|
55
|
+
end
|
55
56
|
end
|
56
|
-
end
|
57
57
|
|
58
|
-
|
59
|
-
|
60
|
-
|
58
|
+
it "returns false when the user is not authorized" do
|
59
|
+
get :index
|
60
|
+
expect(assigns(:can)).to be false
|
61
|
+
end
|
62
|
+
|
63
|
+
it "caches the result" do
|
64
|
+
get :index
|
65
|
+
expect(assigns(:can_articles_read)).to be false
|
66
|
+
end
|
67
|
+
|
68
|
+
it "returns true when the user is authorized" do
|
69
|
+
sign_in_user
|
70
|
+
create(:permission, owner: @user, element_name: "articles", read_right: true)
|
71
|
+
get :index
|
72
|
+
expect(assigns(:can)).to be true
|
73
|
+
end
|
61
74
|
end
|
62
75
|
|
63
|
-
|
64
|
-
|
65
|
-
|
76
|
+
context "with a resource provided" do
|
77
|
+
|
78
|
+
controller do
|
79
|
+
def index
|
80
|
+
@article = Article.create(title: "Rspec tests", content: "Lorem ipsum", id: 100)
|
81
|
+
@can = can? :read, @article
|
82
|
+
render nothing: true
|
83
|
+
end
|
84
|
+
end
|
85
|
+
|
86
|
+
it "guesses the element from the resource" do
|
87
|
+
sign_in_user
|
88
|
+
create(:permission, owner: @user, element_name: "articles", type_name: "on_entry", resource_id: 100, read_right: true)
|
89
|
+
get :index
|
90
|
+
expect(assigns(:can)).to be true
|
91
|
+
end
|
66
92
|
end
|
67
93
|
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
94
|
+
context "with a resource and a namespace" do
|
95
|
+
|
96
|
+
controller do
|
97
|
+
def index
|
98
|
+
@article = Article.create(title: "Rspec tests", content: "Lorem ipsum", id: 100)
|
99
|
+
@can = can? :read, [:admin, @article]
|
100
|
+
render nothing: true
|
101
|
+
end
|
102
|
+
end
|
103
|
+
|
104
|
+
it "guesses an namespaced element from the resource" do
|
105
|
+
sign_in_user
|
106
|
+
create(:permission, owner: @user, element_name: "admin/articles", type_name: "on_entry", resource_id: 100, read_right: true)
|
107
|
+
get :index
|
108
|
+
expect(assigns(:can)).to be true
|
109
|
+
end
|
74
110
|
end
|
75
111
|
|
76
112
|
end
|
@@ -95,8 +131,7 @@ module Adeia
|
|
95
131
|
end
|
96
132
|
|
97
133
|
it "returns true when the user has at least one right" do
|
98
|
-
|
99
|
-
sign_in @user
|
134
|
+
sign_in_user
|
100
135
|
create(:permission, owner: @user, element_name: "articles", type_name: "on_ownerships", read_right: true)
|
101
136
|
get :index
|
102
137
|
expect(assigns(:rights)).to be true
|