RubyGems - ae_declarative_authorization - Versions diffs - 0.10.1 → 0.10.2 - Mend

ae_declarative_authorization 0.10.1 → 0.10.2

Files changed (56) hide show

checksums.yaml +4 -4
data/.circleci/config.yml +37 -0
data/.gitignore +32 -0
data/.ruby-version +1 -0
data/declarative_authorization.gemspec +1 -1
data/lib/declarative_authorization/version.rb +1 -1
metadata +6 -70
data/Gemfile.lock +0 -138
data/gemfiles/ruby_2.3.3_rails507.gemfile +0 -12
data/gemfiles/ruby_2.3.3_rails507.gemfile.lock +0 -164
data/gemfiles/ruby_2.3.3_rails516.gemfile +0 -12
data/gemfiles/ruby_2.3.3_rails516.gemfile.lock +0 -164
data/gemfiles/ruby_2.3.3_rails521.gemfile +0 -12
data/gemfiles/ruby_2.3.3_rails521.gemfile.lock +0 -172
data/gemfiles/ruby_2.3.3_rails522.gemfile +0 -12
data/gemfiles/ruby_2.3.3_rails522.gemfile.lock +0 -172
data/gemfiles/ruby_2.5.3_rails507.gemfile +0 -12
data/gemfiles/ruby_2.5.3_rails507.gemfile.lock +0 -164
data/gemfiles/ruby_2.5.3_rails516.gemfile +0 -12
data/gemfiles/ruby_2.5.3_rails516.gemfile.lock +0 -164
data/gemfiles/ruby_2.5.3_rails521.gemfile +0 -12
data/gemfiles/ruby_2.5.3_rails521.gemfile.lock +0 -172
data/gemfiles/ruby_2.5.3_rails522.gemfile +0 -12
data/gemfiles/ruby_2.5.3_rails522.gemfile.lock +0 -172
data/gemfiles/ruby_2.6.2_rails507.gemfile +0 -12
data/gemfiles/ruby_2.6.2_rails507.gemfile.lock +0 -164
data/gemfiles/ruby_2.6.2_rails516.gemfile +0 -12
data/gemfiles/ruby_2.6.2_rails516.gemfile.lock +0 -164
data/gemfiles/ruby_2.6.2_rails521.gemfile +0 -12
data/gemfiles/ruby_2.6.2_rails521.gemfile.lock +0 -172
data/gemfiles/ruby_2.6.2_rails522.gemfile +0 -12
data/gemfiles/ruby_2.6.2_rails522.gemfile.lock +0 -172
data/log/test.log +0 -89694
data/pkg/ae_declarative_authorization-0.10.0.gem +0 -0
data/pkg/ae_declarative_authorization-0.9.0.gem +0 -0
data/pkg/ae_declarative_authorization-0.9.0.tim1.gem +0 -0
data/pkg/ae_declarative_authorization-0.9.1.gem +0 -0
data/pkg/ae_declarative_authorization-0.9.2.gem +0 -0
data/test/authorization_test.rb +0 -1189
data/test/controller_filter_resource_access_test.rb +0 -573
data/test/database.yml +0 -3
data/test/dsl_reader_test.rb +0 -178
data/test/functional/filter_access_to_with_id_in_scope_test.rb +0 -88
data/test/functional/no_filter_access_to_test.rb +0 -79
data/test/functional/params_block_arity_test.rb +0 -39
data/test/grape_api_test.rb +0 -508
data/test/helper_test.rb +0 -248
data/test/maintenance_test.rb +0 -46
data/test/model_test.rb +0 -1840
data/test/profiles/access_checking +0 -100
data/test/rails_controller_test.rb +0 -478
data/test/schema.sql +0 -60
data/test/test_helper.rb +0 -117
data/test/test_support/grape.rb +0 -93
data/test/test_support/minitest_compatibility.rb +0 -27
data/test/test_support/rails.rb +0 -69

data/test/controller_filter_resource_access_test.rb DELETED Viewed

@@ -1,573 +0,0 @@
-require 'test_helper'
-class BasicResource < MockDataObject
-  def self.name
-    "BasicResource"
-  end
-end
-class BasicResourcesController < MocksController
-  filter_resource_access :strong_parameters => false
-  define_resource_actions
-end
-class BasicResourcesControllerTest < ActionController::TestCase
-  def test_basic_filter_index
-    reader = Authorization::Reader::DSLReader.new
-    reader.parse %{
-      authorization do
-        role :allowed_role do
-          has_permission_on :basic_resources, :to => :index do
-            if_attribute :id => is {"1"}
-          end
-        end
-      end
-    }
-    allowed_user = MockUser.new(:allowed_role)
-    request!(MockUser.new(:another_role), :index, reader)
-    assert !@controller.authorized?
-    request!(allowed_user, :index, reader)
-    assert @controller.authorized?
-  end
-  def test_basic_filter_show_with_id
-    reader = Authorization::Reader::DSLReader.new
-    reader.parse %{
-      authorization do
-        role :allowed_role do
-          has_permission_on :basic_resources, :to => :show do
-            if_attribute :id => is {"1"}
-          end
-        end
-      end
-    }
-    allowed_user = MockUser.new(:allowed_role)
-    request!(allowed_user, :show, reader, :id => "2")
-    assert !@controller.authorized?
-    request!(allowed_user, :show, reader, :id => "1", :clear => [:@basic_resource])
-    assert @controller.authorized?
-  end
-  def test_basic_filter_new_with_params
-    reader = Authorization::Reader::DSLReader.new
-    reader.parse %{
-      authorization do
-        role :allowed_role do
-          has_permission_on :basic_resources, :to => :new do
-            if_attribute :id => is {"1"}
-          end
-        end
-      end
-    }
-    allowed_user = MockUser.new(:allowed_role)
-    request!(allowed_user, :new, reader, :basic_resource => {:id => "2"})
-    assert !@controller.authorized?
-    request!(allowed_user, :new, reader, :basic_resource => {:id => "1"},
-        :clear => [:@basic_resource])
-    assert @controller.authorized?
-  end
-end
-class NestedResource < MockDataObject
-  def initialize(attributes = {})
-    if attributes[:id]
-      attributes[:parent_mock] ||= ParentMock.new(:id => attributes[:id])
-    end
-    super(attributes)
-  end
-  def self.name
-    "NestedResource"
-  end
-end
-class ShallowNestedResource < MockDataObject
-  def initialize(attributes = {})
-    if attributes[:id]
-      attributes[:parent_mock] ||= ParentMock.new(:id => attributes[:id])
-    end
-    super(attributes)
-  end
-  def self.name
-    "ShallowNestedResource"
-  end
-end
-class ParentMock < MockDataObject
-  def nested_resources
-    Class.new do
-      def initialize(parent_mock)
-        @parent_mock = parent_mock
-      end
-      def new(attributes = {})
-        NestedResource.new(attributes.merge(:parent_mock => @parent_mock))
-      end
-    end.new(self)
-  end
-  alias :shallow_nested_resources :nested_resources
-  def ==(other)
-    id == other.id
-  end
-  def self.name
-    "ParentMock"
-  end
-end
-class NestedResourcesController < MocksController
-  filter_resource_access :nested_in => :parent_mocks, :strong_parameters => false
-  define_resource_actions
-end
-class NestedResourcesControllerTest < ActionController::TestCase
-  def test_nested_filter_index
-    reader = Authorization::Reader::DSLReader.new
-    reader.parse %{
-      authorization do
-        role :allowed_role do
-          has_permission_on :nested_resources, :to => :index do
-            if_attribute :parent_mock => is {ParentMock.find("1")}
-          end
-        end
-      end
-    }
-    allowed_user = MockUser.new(:allowed_role)
-    request!(MockUser.new(:another_role), :index, reader, :parent_mock_id => "2")
-    assert !@controller.authorized?
-    request!(allowed_user, :index, reader, :parent_mock_id => "2",
-        :clear => [:@nested_resource, :@parent_mock])
-    assert !@controller.authorized?
-    request!(allowed_user, :index, reader, :parent_mock_id => "1",
-        :clear => [:@nested_resource, :@parent_mock])
-    assert @controller.authorized?
-  end
-  def test_nested_filter_show_with_id
-    reader = Authorization::Reader::DSLReader.new
-    reader.parse %{
-      authorization do
-        role :allowed_role do
-          has_permission_on :nested_resources, :to => :show do
-            if_attribute :parent_mock => is {ParentMock.find("1")}
-          end
-        end
-      end
-    }
-    allowed_user = MockUser.new(:allowed_role)
-    request!(allowed_user, :show, reader, :id => "2", :parent_mock_id => "2")
-    assert !@controller.authorized?
-    request!(allowed_user, :show, reader, :id => "1", :parent_mock_id => "1",
-        :clear => [:@nested_resource, :@parent_mock])
-    assert @controller.authorized?
-  end
-  def test_nested_filter_new_with_params
-    reader = Authorization::Reader::DSLReader.new
-    reader.parse %{
-      authorization do
-        role :allowed_role do
-          has_permission_on :nested_resources, :to => :new do
-            if_attribute :parent_mock => is {ParentMock.find("1")}
-          end
-        end
-      end
-    }
-    allowed_user = MockUser.new(:allowed_role)
-    request!(allowed_user, :new, reader, :parent_mock_id => "2",
-        :nested_resource => {:id => "2"})
-    assert !@controller.authorized?
-    request!(allowed_user, :new, reader, :parent_mock_id => "1",
-        :nested_resource => {:id => "1"},
-        :clear => [:@nested_resource, :@parent_mock])
-    assert @controller.authorized?
-  end
-end
-class ShallowNestedResourcesController < MocksController
-  filter_resource_access :nested_in => :parent_mocks,
-                         :shallow => true,
-                         :additional_member => :additional_member_action,
-                         :strong_parameters => false
-  define_resource_actions
-  define_action_methods :additional_member_action
-end
-class ShallowNestedResourcesControllerTest < ActionController::TestCase
-  def test_nested_filter_index
-    reader = Authorization::Reader::DSLReader.new
-    reader.parse %{
-      authorization do
-        role :allowed_role do
-          has_permission_on :shallow_nested_resources, :to => :index do
-            if_attribute :parent_mock => is {ParentMock.find("1")}
-          end
-        end
-      end
-    }
-    allowed_user = MockUser.new(:allowed_role)
-    request!(MockUser.new(:another_role), :index, reader, :parent_mock_id => "2")
-    assert !@controller.authorized?
-    request!(allowed_user, :index, reader, :parent_mock_id => "2",
-        :clear => [:@shallow_nested_resource, :@parent_mock])
-    assert !@controller.authorized?
-    request!(allowed_user, :index, reader, :parent_mock_id => "1",
-        :clear => [:@shallow_nested_resource, :@parent_mock])
-    assert assigns(:parent_mock)
-    assert @controller.authorized?
-  end
-  def test_nested_filter_show_with_id
-    reader = Authorization::Reader::DSLReader.new
-    reader.parse %{
-      authorization do
-        role :allowed_role do
-          has_permission_on :shallow_nested_resources, :to => :show do
-            if_attribute :parent_mock => is {ParentMock.find("1")}
-          end
-        end
-      end
-    }
-    allowed_user = MockUser.new(:allowed_role)
-    request!(allowed_user, :show, reader, :id => "2", :parent_mock_id => "2")
-    assert !@controller.authorized?
-    request!(allowed_user, :show, reader, :id => "1",
-        :clear => [:@shallow_nested_resource, :@parent_mock])
-    assert !assigns(:parent_mock)
-    assert assigns(:shallow_nested_resource)
-    assert @controller.authorized?
-  end
-  def test_nested_filter_new_with_params
-    reader = Authorization::Reader::DSLReader.new
-    reader.parse %{
-      authorization do
-        role :allowed_role do
-          has_permission_on :shallow_nested_resources, :to => :new do
-            if_attribute :parent_mock => is {ParentMock.find("1")}
-          end
-        end
-      end
-    }
-    allowed_user = MockUser.new(:allowed_role)
-    request!(allowed_user, :new, reader, :parent_mock_id => "2",
-        :shallow_nested_resource => {:id => "2"})
-    assert !@controller.authorized?
-    request!(allowed_user, :new, reader, :parent_mock_id => "1",
-        :shallow_nested_resource => {:id => "1"},
-        :clear => [:@shallow_nested_resource, :@parent_mock])
-    assert assigns(:parent_mock)
-    assert assigns(:shallow_nested_resource)
-    assert @controller.authorized?
-  end
-  def test_nested_filter_additional_member_action_with_id
-    reader = Authorization::Reader::DSLReader.new
-    reader.parse %{
-      authorization do
-        role :allowed_role do
-          has_permission_on :shallow_nested_resources, :to => :additional_member_action do
-            if_attribute :parent_mock => is {ParentMock.find("1")}
-          end
-        end
-      end
-    }
-    allowed_user = MockUser.new(:allowed_role)
-    request!(allowed_user, :additional_member_action, reader, :id => "2", :parent_mock_id => "2")
-    assert !@controller.authorized?
-    request!(allowed_user, :additional_member_action, reader, :id => "1",
-        :clear => [:@shallow_nested_resource, :@parent_mock])
-    assert !assigns(:parent_mock)
-    assert assigns(:shallow_nested_resource)
-    assert @controller.authorized?
-  end
-end
-class CustomMembersCollectionsResourceController < MocksController
-  def self.controller_name
-    "basic_resources"
-  end
-  filter_resource_access :member => [[:other_show, :read]],
-      :collection => {:search => :read}, :new => [:other_new], :strong_parameters => false
-  define_action_methods :other_new, :search, :other_show
-end
-class CustomMembersCollectionsResourceControllerTest < ActionController::TestCase
-  def test_custom_members_filter_search
-    reader = Authorization::Reader::DSLReader.new
-    reader.parse %{
-      authorization do
-        role :allowed_role do
-          has_permission_on :basic_resources, :to => :read do
-            if_attribute :id => is {"1"}
-          end
-        end
-      end
-    }
-    request!(MockUser.new(:another_role), :search, reader)
-    assert !@controller.authorized?
-    request!(MockUser.new(:allowed_role), :search, reader)
-    assert @controller.authorized?
-  end
-  def test_custom_members_filter_other_show
-    reader = Authorization::Reader::DSLReader.new
-    reader.parse %{
-      authorization do
-        role :allowed_role do
-          has_permission_on :basic_resources, :to => :read do
-            if_attribute :id => is {"1"}
-          end
-        end
-      end
-    }
-    allowed_user = MockUser.new(:allowed_role)
-    request!(allowed_user, :other_show, reader, :id => "2")
-    assert !@controller.authorized?
-    request!(allowed_user, :other_show, reader, :id => "1", :clear => [:@basic_resource])
-    assert @controller.authorized?
-  end
-  def test_custom_members_filter_other_new
-    reader = Authorization::Reader::DSLReader.new
-    reader.parse %{
-      authorization do
-        role :allowed_role do
-          has_permission_on :basic_resources, :to => :other_new do
-            if_attribute :id => is {"1"}
-          end
-        end
-      end
-    }
-    allowed_user = MockUser.new(:allowed_role)
-    request!(allowed_user, :other_new, reader, :basic_resource => {:id => "2"})
-    assert !@controller.authorized?
-    request!(allowed_user, :other_new, reader, :basic_resource => {:id => "1"},
-        :clear => [:@basic_resource])
-    assert @controller.authorized?
-  end
-end
-class AdditionalMembersCollectionsResourceController < MocksController
-  def self.controller_name
-    "basic_resources"
-  end
-  filter_resource_access :additional_member => :other_show,
-      :additional_collection => [:search], :additional_new => {:other_new => :new}, :strong_parameters => false
-  define_resource_actions
-  define_action_methods :other_new, :search, :other_show
-end
-class AdditionalMembersCollectionsResourceControllerTest < ActionController::TestCase
-  def test_additional_members_filter_search_index
-    reader = Authorization::Reader::DSLReader.new
-    reader.parse %{
-      authorization do
-        role :allowed_role do
-          has_permission_on :basic_resources, :to => [:search, :index] do
-            if_attribute :id => is {"1"}
-          end
-        end
-      end
-    }
-    request!(MockUser.new(:another_role), :search, reader)
-    assert !@controller.authorized?
-    request!(MockUser.new(:another_role), :index, reader)
-    assert !@controller.authorized?
-    request!(MockUser.new(:allowed_role), :search, reader)
-    assert @controller.authorized?
-    request!(MockUser.new(:allowed_role), :index, reader)
-    assert @controller.authorized?
-  end
-  def test_additional_members_filter_other_show
-    reader = Authorization::Reader::DSLReader.new
-    reader.parse %{
-      authorization do
-        role :allowed_role do
-          has_permission_on :basic_resources, :to => [:show, :other_show] do
-            if_attribute :id => is {"1"}
-          end
-        end
-      end
-    }
-    allowed_user = MockUser.new(:allowed_role)
-    request!(allowed_user, :other_show, reader, :id => "2")
-    assert !@controller.authorized?
-    request!(allowed_user, :show, reader, :id => "2", :clear => [:@basic_resource])
-    assert !@controller.authorized?
-    request!(allowed_user, :other_show, reader, :id => "1", :clear => [:@basic_resource])
-    assert @controller.authorized?
-    request!(allowed_user, :show, reader, :id => "1", :clear => [:@basic_resource])
-    assert @controller.authorized?
-  end
-  def test_additional_members_filter_other_new
-    reader = Authorization::Reader::DSLReader.new
-    reader.parse %{
-      authorization do
-        role :allowed_role do
-          has_permission_on :basic_resources, :to => :new do
-            if_attribute :id => is {"1"}
-          end
-        end
-      end
-    }
-    allowed_user = MockUser.new(:allowed_role)
-    request!(allowed_user, :other_new, reader, :basic_resource => {:id => "2"})
-    assert !@controller.authorized?
-    request!(allowed_user, :new, reader, :basic_resource => {:id => "2"},
-        :clear => [:@basic_resource])
-    assert !@controller.authorized?
-    request!(allowed_user, :other_new, reader, :basic_resource => {:id => "1"},
-        :clear => [:@basic_resource])
-    assert @controller.authorized?
-    request!(allowed_user, :new, reader, :basic_resource => {:id => "1"},
-        :clear => [:@basic_resource])
-    assert @controller.authorized?
-  end
-end
-class CustomMethodsResourceController < MocksController
-  # not implemented yet
-end
-class ExplicitContextResourceController < MocksController
-  filter_resource_access :context => :basic_resources, :strong_parameters => false
-  define_resource_actions
-end
-class ExplicitContextResourceControllerTest < ActionController::TestCase
-  def test_explicit_context_filter_index
-    reader = Authorization::Reader::DSLReader.new
-    reader.parse %{
-      authorization do
-        role :allowed_role do
-          has_permission_on :basic_resources, :to => :index do
-            if_attribute :id => is {"1"}
-          end
-        end
-      end
-    }
-    allowed_user = MockUser.new(:allowed_role)
-    request!(MockUser.new(:another_role), :index, reader)
-    assert !@controller.authorized?
-    request!(allowed_user, :index, reader)
-    assert @controller.authorized?
-  end
-  def test_explicit_context_filter_show_with_id
-    reader = Authorization::Reader::DSLReader.new
-    reader.parse %{
-      authorization do
-        role :allowed_role do
-          has_permission_on :basic_resources, :to => :show do
-            if_attribute :id => is {"1"}
-          end
-        end
-      end
-    }
-    allowed_user = MockUser.new(:allowed_role)
-    request!(allowed_user, :show, reader, :id => "2")
-    assert !@controller.authorized?
-    request!(allowed_user, :show, reader, :id => "1", :clear => [:@basic_resource])
-    assert @controller.authorized?
-  end
-  def test_explicit_context_filter_new_with_params
-    reader = Authorization::Reader::DSLReader.new
-    reader.parse %{
-      authorization do
-        role :allowed_role do
-          has_permission_on :basic_resources, :to => :new do
-            if_attribute :id => is {"1"}
-          end
-        end
-      end
-    }
-    allowed_user = MockUser.new(:allowed_role)
-    request!(allowed_user, :new, reader, :basic_resource => {:id => "2"})
-    assert !@controller.authorized?
-    request!(allowed_user, :new, reader, :basic_resource => {:id => "1"},
-        :clear => [:@basic_resource])
-    assert @controller.authorized?
-  end
-end
-class StrongResource < MockDataObject
-  def self.name
-    "StrongResource"
-  end
-end
-class StrongResourcesController < MocksController
-  def self.controller_name
-    "strong_resources"
-  end
-  filter_resource_access :strong_parameters => true
-  define_resource_actions
-  private
-  def strong_resource_params
-    params.require(:strong_resource).permit(:test_param1, :test_param2)
-  end
-end
-class StrongResourcesControllerTest < ActionController::TestCase
-  def test_still_authorized_with_strong_params
-    reader = Authorization::Reader::DSLReader.new
-    reader.parse %{
-      authorization do
-        role :allowed_role do
-          has_permission_on :strong_resources, :to => :show do
-            if_attribute :id => "1"
-          end
-        end
-      end
-    }
-    allowed_user = MockUser.new(:allowed_role)
-    request!(allowed_user, :show, reader, :id => "2")
-    assert !@controller.authorized?
-    request!(allowed_user, :show, reader, :id => "1", :clear => [:@strong_resource])
-    assert @controller.authorized?
-  end
-  def test_new_strong_resource
-    reader = Authorization::Reader::DSLReader.new
-    reader.parse %{
-      authorization do
-        role :allowed_role do
-          has_permission_on :strong_resources, :to => :new
-        end
-      end
-    }
-    allowed_user = MockUser.new(:allowed_role)
-    request!(allowed_user, :new, reader, :strong_resource => {:id => "1"},
-        :clear => [:@strong_resource])
-    assert @controller.authorized?
-    # allowed_user = MockUser.new(:allowed_role)
-    # request!(allowed_user, :new, reader, :strong_resource => {:id => "1"}, :clear => [:@strong_resource])
-    # assert @controller.authorized?
-    # assert assigns :strong_resource
-  end
-end