ae_declarative_authorization 0.9.0 → 0.9.1

data/test/authorization_test.rb

@@ -387,11 +387,11 @@ class AuthorizationTest < Test::Unit::TestCase
       end
     }
     engine = Authorization::Engine.new(reader)
-    assert engine.permit?(:lower, :context => :permissions,
-      :user => MockUser.new(:test_role))
+    assert engine.permit?(:test, context: :permissions, user: MockUser.new(:test_role))
+    assert engine.permit?(:lower, context: :permissions, user: MockUser.new(:test_role))
   end
 
-  def test_role_hierarchy_infinity
+  def test_role_hierarchy__recursive
     reader = Authorization::Reader::DSLReader.new
     reader.parse %{
       authorization do
@@ -400,14 +400,61 @@ class AuthorizationTest < Test::Unit::TestCase
           has_permission_on :permissions, :to => :test
         end
         role :lower_role do
-          includes :higher_role
           has_permission_on :permissions, :to => :lower
+          includes :lowest_role
+        end
+        role :lowest_role do
+          has_permission_on :permissions, :to => :lowest
         end
       end
     }
     engine = Authorization::Engine.new(reader)
-    assert engine.permit?(:lower, :context => :permissions,
-      :user => MockUser.new(:test_role))
+    assert engine.permit?(:test, context: :permissions, user: MockUser.new(:test_role))
+    assert engine.permit?(:lower, context: :permissions, user: MockUser.new(:test_role))
+    assert engine.permit?(:lowest, context: :permissions, user: MockUser.new(:test_role))
+  end
+
+  def test_role_hierarchy__circular
+    reader = Authorization::Reader::DSLReader.new
+    reader.parse %{
+      authorization do
+        role :test_role do
+          includes :lower_role
+          has_permission_on :permissions, :to => :test
+        end
+        role :lower_role do
+          includes :test_role
+          has_permission_on :permissions, :to => :lower
+        end
+      end
+    }
+    engine = Authorization::Engine.new(reader)
+    assert engine.permit?(:test, context: :permissions, user: MockUser.new(:test_role))
+    assert engine.permit?(:lower, context: :permissions, user: MockUser.new(:test_role))
+  end
+
+  def test_role_hierarchy__recursive__circular
+    reader = Authorization::Reader::DSLReader.new
+    reader.parse %{
+      authorization do
+        role :test_role do
+          includes :lower_role
+          has_permission_on :permissions, :to => :test
+        end
+        role :lower_role do
+          includes :lowest_role
+          has_permission_on :permissions, :to => :lower
+        end
+        role :lowest_role do
+          includes :test_role
+          has_permission_on :permissions, :to => :lowest
+        end
+      end
+    }
+    engine = Authorization::Engine.new(reader)
+    assert engine.permit?(:test, context: :permissions, user: MockUser.new(:test_role))
+    assert engine.permit?(:lower, context: :permissions, user: MockUser.new(:test_role))
+    assert engine.permit?(:lowest, context: :permissions, user: MockUser.new(:test_role))
   end
 
   def test_privilege_hierarchy
@@ -425,8 +472,29 @@ class AuthorizationTest < Test::Unit::TestCase
       end
     }
     engine = Authorization::Engine.new(reader)
-    assert engine.permit?(:lower, :context => :permissions,
-      :user => MockUser.new(:test_role))
+    assert engine.permit?(:lower, context: :permissions, user: MockUser.new(:test_role))
+  end
+
+  def test_privilege_hierarchy__recursive
+    reader = Authorization::Reader::DSLReader.new
+    reader.parse %{
+      privileges do
+        privilege :test, :permissions do
+          includes :lower
+        end
+        privilege :lower, :permissions do
+          includes :lowest
+        end
+      end
+      authorization do
+        role :test_role do
+          has_permission_on :permissions, :to => :test
+        end
+      end
+    }
+    engine = Authorization::Engine.new(reader)
+    assert engine.permit?(:lower, context: :permissions, user: MockUser.new(:test_role))
+    assert engine.permit?(:lowest, context: :permissions, user: MockUser.new(:test_role))
   end
 
   def test_privilege_hierarchy_without_context

data/test/model_test.rb

@@ -1,5 +1,5 @@
 require 'test_helper'
-require File.join(File.dirname(__FILE__), %w{.. lib declarative_authorization in_model})
+require File.expand_path(File.join(File.dirname(__FILE__), %w{.. lib declarative_authorization in_model}))
 
 ActiveRecord::Base.send :include, Authorization::AuthorizationInModel
 #ActiveRecord::Base.logger = Logger.new(STDOUT)

data/test/profiles/access_checking

@@ -38,3 +38,5 @@ UsersController
 ParamsBlockArityTest::ParamsBlockArityTestController
 UsersController
 ParamsBlockArityTest::ParamsBlockArityTestController
+UsersController
+ParamsBlockArityTest::ParamsBlockArityTestController

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ae_declarative_authorization
 version: !ruby/object:Gem::Version
-  version: 0.9.0
+  version: 0.9.1
 platform: ruby
 authors:
 - AppFolio
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-10-04 00:00:00.000000000 Z
+date: 2018-12-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: blockenspiel