attribute_ext 1.2.4 → 1.3.0

Sign up to get free protection for your applications and to get access to all the features.
data/README.md CHANGED
@@ -150,34 +150,26 @@ apply when calling serializable_hash.
150
150
  By default rules *do not* apply when serializing to hash.
151
151
 
152
152
 
153
- Changelog
154
- ---------
153
+ Using SafeAttributes with RSpec
154
+ -------------------------------
155
155
 
156
- Sep 24, 2011
156
+ AttributeExt provides a RSpec matcher that can be used to test own safe attributes rules.
157
157
 
158
- SafeAttributes provides methods to change default role and to map roles to
159
- specific values before processing rules. Also added full documentation to
160
- all public methods and methods that are usefull for testing own rules.
161
-
162
- Sep 22, 2011
163
-
164
- Nearly all features are successfully tested using a fake environment now.
165
- SafeAttributes provides a new quick role validation using the :as parameters and
166
- HiddenAttributes can apply rules only to specific formats via :only and :except
167
- parameters.
168
-
169
- Sep 1, 2011
170
-
171
- HiddenAttributes works on included model when serializing to json by hooking
172
- into serializable_hash now. Therefore it is possible to hide attributes when
173
- serializing to hash via serializable_hash method too.
174
- But by default rules will not be checked on serializable_hash, you have to
175
- add `:on_hash => true` to hide_attributes to enabled it for this rule.
158
+ Add
159
+
160
+ require 'attribute_ext/rspec'
161
+
162
+ to your `spec_helper.rb` and use it like this:
176
163
 
177
- Update: SafeAttributes works now with Rails 3.1 mass_assignment_authorizer that
178
- provides a role and pass this role to if and unless blocks as second
179
- parameter. Not tested but should also work with old mass_assignment_authorizer.
164
+ model.should have_no_safe_attributes.as(:guest, 'Guest').and_as(:blocked_user, 'Blocked User')
165
+ model.should have_safe_attributes(:name, :message)
166
+ model.should have_safe_attributes(:attribute).as(:admin, 'Admin')
167
+
168
+ The matcher will generate well formatted descriptions when running RSpec with `-fd`:
180
169
 
170
+ should have no safe attributes as Guest and as Blocked User
171
+ should have safe attributes name, message as default
172
+ should have safe attributes attribute as Admin
181
173
 
182
174
  License
183
175
  -------
@@ -3,7 +3,7 @@ $:.push File.expand_path("../lib", __FILE__)
3
3
 
4
4
  Gem::Specification.new do |s|
5
5
  s.name = "attribute_ext"
6
- s.version = "1.2.4"
6
+ s.version = "1.3.0"
7
7
  s.authors = ["Jan Graichen"]
8
8
  s.email = ["jan.graichen@altimos.de"]
9
9
  s.homepage = "https://github.com/jgraichen/attribute_ext"
@@ -0,0 +1,87 @@
1
+
2
+ if defined?(ActiveModel)
3
+ # Checks if a model has certain safe attributes.
4
+ #
5
+ # :call-seq:
6
+ # model.should have_safe_attributes(attribute1, attribute2 ...).as(role, name).and_as(role2, name2)
7
+ #
8
+ # model should be an instance of ActiveRecord::Base
9
+ # attribute should be the model attribute name as string or symbol
10
+ # role may be a role identifier
11
+ # name may be a name for role used for description
12
+ #
13
+ # Examples
14
+ #
15
+ # user.should have_no_safe_attributes()
16
+ # user.should have_safe_attributes(:email).as(:self, 'himself')
17
+ # user.should have_safe_attributes(:login, :email).as(:admin, 'Admin).and_as(:system, 'System')
18
+ #
19
+ # #as and #and_as can be used equally. #have_no_safe_attributes is
20
+ # an alias for #have_safe_attributes with no parameters.
21
+ #
22
+ # have_safe_attributes should not be used with should_not.
23
+ #
24
+ def have_safe_attributes(*attributes)
25
+ SafeAttributesMatcher.new(attributes)
26
+ end
27
+
28
+ def have_no_safe_attributes # :nodoc:
29
+ have_safe_attributes
30
+ end
31
+ end
32
+
33
+ class SafeAttributesMatcher # :nodoc:
34
+ def initialize(attributes)
35
+ @attributes = attributes.map(&:to_s)
36
+ @roles = []
37
+ @safe = []
38
+ end
39
+
40
+ def as(role, name = nil)
41
+ @roles << [role, name]
42
+ self
43
+ end
44
+ alias_method :and_as, :as
45
+
46
+ def matches?(model)
47
+ (@roles || [nil, nil]).each do |role, name|
48
+ @role = role
49
+ @name = name
50
+ @safe = model.safe_attribute_names(role)
51
+
52
+ @missing = (@attributes-@safe)
53
+ @extra = (@safe-@attributes)
54
+
55
+ return false if @missing.any? or @extra.any?
56
+ end
57
+ true
58
+ end
59
+
60
+ def does_not_match?(model)
61
+ !matches?(model)
62
+ end
63
+
64
+ def failure_message_for_should
65
+ output = "expected safe attributes: #{@attributes.inspect}\n" +
66
+ "but has safe attributes: #{@safe.inspect}\n"
67
+
68
+ output += "missing elements are: #{@missing.inspect}\n" if @missing.any?
69
+ output += "extra elements are: #{@extra.inspect}\n" if @extra.any?
70
+ output += "as #{@name || @role.to_s}" unless @role.nil?
71
+
72
+ output
73
+ end
74
+
75
+ def failure_message_for_should_not
76
+ "WARNING: have_safe_attributes should not be used with should_not."
77
+ end
78
+
79
+ def description
80
+ roles = @roles.any? ? (@roles || []).map { |r,n| n||r.to_s }.join(' and as ') : 'default'
81
+ if @attributes.any?
82
+ "have safe attributes #{@attributes.join(', ')} as #{roles}"
83
+ else
84
+ "have no safe attributes as #{roles}"
85
+ end
86
+ end
87
+ end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: attribute_ext
3
3
  version: !ruby/object:Gem::Version
4
- hash: 23
4
+ hash: 27
5
5
  prerelease:
6
6
  segments:
7
7
  - 1
8
- - 2
9
- - 4
10
- version: 1.2.4
8
+ - 3
9
+ - 0
10
+ version: 1.3.0
11
11
  platform: ruby
12
12
  authors:
13
13
  - Jan Graichen
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2011-09-24 00:00:00 Z
18
+ date: 2011-10-02 00:00:00 Z
19
19
  dependencies: []
20
20
 
21
21
  description: AttributeExt provides additional access control for rails model attributes.
@@ -37,6 +37,7 @@ files:
37
37
  - lib/attribute_ext.rb
38
38
  - lib/attribute_ext/hidden_attributes.rb
39
39
  - lib/attribute_ext/railtie.rb
40
+ - lib/attribute_ext/rspec.rb
40
41
  - lib/attribute_ext/safe_attributes.rb
41
42
  - spec/hidden_attributes_spec.rb
42
43
  - spec/safe_attributes_spec.rb