admission 0.5.3 → 0.5.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 71b602ebc6eb991561c298a07838ffc1832a3108
4
- data.tar.gz: 8610564b982d63a74056567a7358d64ef3c38b8a
3
+ metadata.gz: 7d0ddd21cf83cf7bbf30c34dd7e10ef53d919f8f
4
+ data.tar.gz: 005bfb63f14d000d9e2ee04761c67158a63686a7
5
5
  SHA512:
6
- metadata.gz: 2f9cfd81aecc86ba02926266113029354ce66e467c34c6ff46b444ba25349820ee443eadacbfad5a5bfa04959d59d39dec55551948bc37355d8398d45abacb45
7
- data.tar.gz: 1f482260466f15bbd8076565865c1f0a8b16493d6c0ace7a608f21803a807fe3c4e453eaf778c8b63dcdbf00239b7a722ae24d7554bf87a2c280cab2397da614
6
+ metadata.gz: cd2f8037bc53cbc86e22f1daa9eb1999dcf1f9d9d761c3d4574056a414307ff928383452628d3dd86b5e8f590ddcb4e3c0727f55daa2902d31d24cd2273b5e8b
7
+ data.tar.gz: 23f1de94269b77ce818d71166231ec201844b280b1a2e5653d0f4480b60b883199ba3df920560b78affb7c01991f956b9efb94a7050414eaf998b366846f5325
@@ -9,11 +9,9 @@ class Admission::Privilege
9
9
  attr_reader :inherited, :context
10
10
 
11
11
  def initialize name, level=nil
12
- name = name.to_sym
13
- @name = name
14
- level = level ? level.to_sym : BASE_LEVEL_NAME
15
- @level = level
16
- @hash = [name, level].hash
12
+ @name = name.to_sym
13
+ @level = level ? level.to_sym : BASE_LEVEL_NAME
14
+ @hash = [@name, @level].hash
17
15
  end
18
16
 
19
17
  def inherits_from *privileges
@@ -60,4 +58,4 @@ class Admission::Privilege
60
58
  ].join ''
61
59
  end
62
60
 
63
- end
61
+ end
@@ -0,0 +1,63 @@
1
+ require_relative './tests'
2
+
3
+ Minitest::Assertions.module_exec do
4
+
5
+ def get_privilege name, context=nil
6
+ p = Admission::Tests.order.get *Admission::Privilege.split_text_key(name)
7
+ p = p.dup_with_context context if context
8
+ p
9
+ end
10
+
11
+ def assert_admission status, privilege, request, scope
12
+ arbitration = status.instantiate_arbitration request, scope
13
+ arbitration.prepare_sitting privilege.context
14
+ result = arbitration.rule_per_privilege(privilege).eql?(true)
15
+
16
+ assert result, ->{ Admission::Tests.assertion_failed_message arbitration, privilege }
17
+ end
18
+
19
+ def refute_admission status, privilege, request, scope
20
+ arbitration = status.instantiate_arbitration request, scope
21
+ arbitration.prepare_sitting privilege.context
22
+ result = arbitration.rule_per_privilege(privilege).eql?(true)
23
+
24
+ refute result, ->{ Admission::Tests.refutation_failed_message arbitration, privilege }
25
+ end
26
+
27
+ def separate_privileges *args, &block
28
+ Admission::Tests.separate_privileges *args, &block
29
+ end
30
+
31
+ def assert_admissions_evaluation evaluation, request, to_assert, to_refute
32
+ should, should_not = evaluation.for_request(request).evaluate_groups to_assert, to_refute
33
+ assert should.empty?, ->{
34
+ Admission::Tests.assertion_failed_message evaluation.arbitration,
35
+ "any of: #{should.map{|p| p.privilege.to_s}.join ', '}"
36
+ }
37
+ assert should_not.empty?, ->{
38
+ Admission::Tests.refutation_failed_message evaluation.arbitration,
39
+ "any of: #{should_not.map{|p| p.privilege.to_s}.join ', '}"
40
+ }
41
+ end
42
+
43
+ end
44
+
45
+ if defined?(Mocha::Expectation) && defined?(Admission::Rails)
46
+
47
+ Admission::Tests.module_exec do
48
+
49
+ def self.create_action_mock controller
50
+ ->(action, scope, params: nil, &block){
51
+ c = controller.new
52
+ c.stubs(:action_name).returns action
53
+ c.expects(:request_admission!).
54
+ with(action.to_sym, scope)
55
+ c.stubs(:params).returns params if params
56
+ block.call c if block
57
+ c.send :assure_admission
58
+ }
59
+ end
60
+
61
+ end
62
+
63
+ end
@@ -0,0 +1,167 @@
1
+ module Admission::Tests
2
+
3
+ class << self
4
+ attr_accessor :order
5
+ attr_accessor :all_privileges
6
+
7
+ def assertion_failed_message arbitration, privilege
8
+ 'Admission denied to %s applying %s.' % [
9
+ arbitration.case_to_s,
10
+ privilege.to_s
11
+ ]
12
+ end
13
+
14
+ def refutation_failed_message arbitration, privilege
15
+ 'Admission given to %s applying %s.' % [
16
+ arbitration.case_to_s,
17
+ privilege.to_s
18
+ ]
19
+ end
20
+
21
+ def separate_privileges selector=nil, inheritance: true, list: all_privileges, &block
22
+ selector = block unless selector
23
+ selector = [selector] if selector.is_a? String
24
+
25
+ block = case selector
26
+ when Array
27
+ if inheritance
28
+ ref_privileges = selector.map do |s|
29
+ order.get *Admission::Privilege.split_text_key(s)
30
+ end
31
+ ->(p){
32
+ ref_privileges.any?{|ref_p| p.eql_or_inherits? ref_p }
33
+ }
34
+
35
+ else
36
+ ->(p){ selector.include? p.text_key }
37
+
38
+ end
39
+
40
+ when Proc
41
+ selector
42
+
43
+ else raise ArgumentError.new('bad selector type')
44
+ end
45
+
46
+ list.partition &block
47
+ end
48
+
49
+ end
50
+
51
+ @all_privileges = []
52
+
53
+ class Evaluation
54
+
55
+ attr_reader :status, :arbitration
56
+
57
+ def initialize status, scope
58
+ @status = status
59
+ @scope = scope
60
+ end
61
+
62
+ def request= name
63
+ @arbitration = status.instantiate_arbitration name.to_sym, @scope
64
+ end
65
+
66
+ def for_request name
67
+ self.request = name
68
+ self
69
+ end
70
+
71
+ def evaluate privilege
72
+ arbitration.prepare_sitting privilege.context
73
+ arbitration.rule_per_privilege(privilege).eql?(true)
74
+ end
75
+
76
+ def evaluate_groups to_assert, to_refute
77
+ to_assert = to_assert.map{|p| ContextSpecificPrivilege.new p}
78
+ to_refute = to_refute.map{|p| ContextSpecificPrivilege.new p}
79
+ sorted = (to_assert + to_refute).sort_by{|p| p.privilege.context}
80
+ admissible, denied = sorted.partition{|p| evaluate p.privilege}
81
+
82
+ [
83
+ (denied - to_refute),
84
+ (admissible - to_assert)
85
+ ]
86
+ end
87
+
88
+ def messages_for_groups should, should_not
89
+ [
90
+ should.map{|p| Admission::Tests.assertion_failed_message arbitration, p.privilege},
91
+ should_not.map{|p| Admission::Tests.refutation_failed_message arbitration, p.privilege}
92
+ ].flatten
93
+ end
94
+
95
+ end
96
+
97
+ class ContextSpecificPrivilege
98
+
99
+ attr_reader :privilege
100
+
101
+ def initialize privilege
102
+ @privilege = privilege
103
+ @hash = [privilege.name, privilege.level, privilege.context].hash
104
+ end
105
+
106
+ def eql? other
107
+ hash == other.hash
108
+ end
109
+
110
+ end
111
+
112
+ class RuleCheckContext
113
+
114
+ attr_reader :action
115
+
116
+ def initialize
117
+ @evaluations = []
118
+ action = yield self
119
+ self.set_rule_check_action = action if !self.action && Proc === action
120
+ end
121
+
122
+ def data
123
+ @data ||= {}
124
+ end
125
+
126
+ def set value
127
+ case value
128
+ when Proc then @data_builder = value
129
+ when Hash then @data = value
130
+ else raise('context must be Hash or Proc')
131
+ end
132
+ end
133
+
134
+ def prepare *args, &block
135
+ raise 'context is static (i.e. context was not set to a Proc)' unless @data_builder
136
+ @data = @data_builder.call *args, &block
137
+ end
138
+
139
+ def set_rule_check_action= action
140
+ @action = action
141
+ end
142
+
143
+ def [] value
144
+ data[value]
145
+ end
146
+
147
+ def []= name, value
148
+ data[name] = value
149
+ end
150
+
151
+ def add_evaluation *args
152
+ evaluation = Evaluation.new *args
153
+ @evaluations.push evaluation
154
+ evaluation
155
+ end
156
+
157
+ def evaluate request
158
+ raise 'no evaluation preset' if @evaluations.empty?
159
+ @evaluations.each do |evaluation|
160
+ evaluation.request = request
161
+ yield evaluation
162
+ end
163
+ end
164
+
165
+ end
166
+
167
+ end
@@ -1,3 +1,3 @@
1
1
  module Admission
2
- VERSION = '0.5.3'
2
+ VERSION = '0.5.5'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: admission
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.3
4
+ version: 0.5.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ondřej Želazko
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-04-30 00:00:00.000000000 Z
11
+ date: 2018-05-07 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: Admission rules to actions or resources, privileges system included
14
14
  email: zelazk.o@email.cz
@@ -23,7 +23,6 @@ files:
23
23
  - lib/admission/arbitration.rb
24
24
  - lib/admission/denied.rb
25
25
  - lib/admission/index.rb
26
- - lib/admission/minitest.rb
27
26
  - lib/admission/privilege.rb
28
27
  - lib/admission/privileges_order.rb
29
28
  - lib/admission/rails.rb
@@ -32,7 +31,8 @@ files:
32
31
  - lib/admission/rails/scope_resolver.rb
33
32
  - lib/admission/resource_arbitration.rb
34
33
  - lib/admission/status.rb
35
- - lib/admission/tests.rb
34
+ - lib/admission/tests/minitest.rb
35
+ - lib/admission/tests/tests.rb
36
36
  - lib/admission/version.rb
37
37
  homepage: https://github.com/doooby/admission
38
38
  licenses:
@@ -1,41 +0,0 @@
1
- require_relative './tests'
2
-
3
- # custom matchers
4
- Minitest::Assertions.module_exec do
5
-
6
- def assert_admission status, privilege, action, scope
7
- arbitration = status.instantiate_arbitration action, scope
8
- arbitration.prepare_sitting privilege.context
9
- result = arbitration.rule_per_privilege(privilege).eql?(true)
10
-
11
- assert result, ->{ Admission::Test.assertion_failed_message arbitration, privilege }
12
- end
13
-
14
- def refute_admission status, privilege, action, scope
15
- arbitration = status.instantiate_arbitration action, scope
16
- arbitration.prepare_sitting privilege.context
17
- result = arbitration.rule_per_privilege(privilege).eql?(true)
18
-
19
- refute result, ->{ Admission::Test.refutation_failed_message arbitration, privilege }
20
- end
21
-
22
- def assert_privileges_admission status, action, scope, assert: [], refute: []
23
- arbitration = status.instantiate_arbitration action, scope
24
- assert.sort_by! &:context
25
- refute.sort_by! &:context
26
-
27
- assert.each do |privilege|
28
- arbitration.prepare_sitting privilege.context
29
- result = arbitration.rule_per_privilege(privilege).eql?(true)
30
- assert result, ->{ Admission::Test.assertion_failed_message arbitration, privilege }
31
- end
32
-
33
- refute.each do |privilege|
34
- arbitration.prepare_sitting privilege.context
35
- result = arbitration.rule_per_privilege(privilege).eql?(true)
36
- refute result, ->{ Admission::Test.refutation_failed_message arbitration, privilege }
37
- end
38
-
39
- end
40
-
41
- end
@@ -1,60 +0,0 @@
1
- module Admission::Test
2
-
3
- class << self
4
- attr_accessor :order
5
- attr_accessor :all_privileges
6
-
7
- def assertion_failed_message arbitration, privilege
8
- 'Admission denied to %s using %s' % [
9
- arbitration.case_to_s,
10
- privilege.to_s
11
- ]
12
- end
13
-
14
- def refutation_failed_message arbitration, privilege
15
- 'Admission given to %s using %s' % [
16
- arbitration.case_to_s,
17
- privilege.to_s
18
- ]
19
- end
20
-
21
- def separate_privileges selector=nil, inheritance: false, list: all_privileges, &block
22
- selector = block unless selector
23
-
24
- block = case selector
25
- when String
26
- if inheritance
27
- ref_privilege = order.get *Admission::Privilege.split_text_key(selector)
28
- ->(p){ p.eql_or_inherits? ref_privilege }
29
-
30
- else
31
- ->(p){ p.text_key == selector }
32
-
33
- end
34
- when Array
35
- if inheritance
36
- ref_privileges = selector.map do |s|
37
- order.get *Admission::Privilege.split_text_key(s)
38
- end
39
- ->(p){
40
- ref_privileges.any?{|ref_p| p.eql_or_inherits? ref_p }
41
- }
42
-
43
- else
44
- ->(p){ selector.include? p.text_key }
45
-
46
- end
47
- when Proc
48
- selector
49
-
50
- else raise ArgumentError.new('bad selector type')
51
- end
52
-
53
- list.partition &block
54
- end
55
-
56
- end
57
-
58
- @all_privileges = []
59
-
60
- end