attribute_ext 1.3.0 → 1.4.0

data/spec/dummy/config/routes.rb

@@ -0,0 +1,58 @@
+Dummy::Application.routes.draw do
+  # The priority is based upon order of creation:
+  # first created -> highest priority.
+
+  # Sample of regular route:
+  #   match 'products/:id' => 'catalog#view'
+  # Keep in mind you can assign values other than :controller and :action
+
+  # Sample of named route:
+  #   match 'products/:id/purchase' => 'catalog#purchase', :as => :purchase
+  # This route can be invoked with purchase_url(:id => product.id)
+
+  # Sample resource route (maps HTTP verbs to controller actions automatically):
+  #   resources :products
+
+  # Sample resource route with options:
+  #   resources :products do
+  #     member do
+  #       get 'short'
+  #       post 'toggle'
+  #     end
+  #
+  #     collection do
+  #       get 'sold'
+  #     end
+  #   end
+
+  # Sample resource route with sub-resources:
+  #   resources :products do
+  #     resources :comments, :sales
+  #     resource :seller
+  #   end
+
+  # Sample resource route with more complex sub-resources
+  #   resources :products do
+  #     resources :comments
+  #     resources :sales do
+  #       get 'recent', :on => :collection
+  #     end
+  #   end
+
+  # Sample resource route within a namespace:
+  #   namespace :admin do
+  #     # Directs /admin/products/* to Admin::ProductsController
+  #     # (app/controllers/admin/products_controller.rb)
+  #     resources :products
+  #   end
+
+  # You can have the root of your site routed with "root"
+  # just remember to delete public/index.html.
+  # root :to => 'welcome#index'
+
+  # See how all your routes lay out with "rake routes"
+
+  # This is a legacy wild controller route that's not recommended for RESTful applications.
+  # Note: This route will make all actions in every controller accessible via GET requests.
+  # match ':controller(/:action(/:id))(.:format)'
+end

data/spec/dummy/config.ru

@@ -0,0 +1,4 @@
+# This file is used by Rack-based servers to start the application.
+
+require ::File.expand_path('../config/environment',  __FILE__)
+run Dummy::Application

data/spec/dummy/db/migrate/20120306121700_create_users.rb

@@ -0,0 +1,26 @@
+class CreateUsers < ActiveRecord::Migration
+  def change
+    create_table :users do |t|
+      t.string :opts
+      
+      t.string :attribute_hash
+      t.string :attribute_if
+      t.string :attribute_if_hash
+      t.string :attribute_unless
+      t.string :attribute_unless_hash
+      t.string :attribute_if_unless
+      t.string :attribute_if_format
+      t.string :attribute_unless_format
+      t.string :attribute_if_opts
+      t.string :attribute_unless_opts
+      t.string :attribute_only_xml
+      t.string :attribute_only_json
+      t.string :attribute_only_hash
+      t.string :attribute_except_xml
+      t.string :attribute_except_json
+      t.string :attribute_except_hash
+      t.string :attribute_only_xml_txt
+      t.string :attribute_except_xml_txt
+    end
+  end
+end

data/spec/dummy/public/404.html

@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The page you were looking for doesn't exist (404)</title>
+  <style type="text/css">
+    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+    div.dialog {
+      width: 25em;
+      padding: 0 4em;
+      margin: 4em auto 0 auto;
+      border: 1px solid #ccc;
+      border-right-color: #999;
+      border-bottom-color: #999;
+    }
+    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/404.html -->
+  <div class="dialog">
+    <h1>The page you were looking for doesn't exist.</h1>
+    <p>You may have mistyped the address or the page may have moved.</p>
+  </div>
+</body>
+</html>

data/spec/dummy/public/422.html

@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The change you wanted was rejected (422)</title>
+  <style type="text/css">
+    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+    div.dialog {
+      width: 25em;
+      padding: 0 4em;
+      margin: 4em auto 0 auto;
+      border: 1px solid #ccc;
+      border-right-color: #999;
+      border-bottom-color: #999;
+    }
+    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/422.html -->
+  <div class="dialog">
+    <h1>The change you wanted was rejected.</h1>
+    <p>Maybe you tried to change something you didn't have access to.</p>
+  </div>
+</body>
+</html>

data/spec/dummy/public/500.html

@@ -0,0 +1,25 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>We're sorry, but something went wrong (500)</title>
+  <style type="text/css">
+    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+    div.dialog {
+      width: 25em;
+      padding: 0 4em;
+      margin: 4em auto 0 auto;
+      border: 1px solid #ccc;
+      border-right-color: #999;
+      border-bottom-color: #999;
+    }
+    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/500.html -->
+  <div class="dialog">
+    <h1>We're sorry, but something went wrong.</h1>
+  </div>
+</body>
+</html>

data/spec/dummy/script/rails

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
+
+APP_PATH = File.expand_path('../../config/application',  __FILE__)
+require File.expand_path('../../config/boot',  __FILE__)
+require 'rails/commands'

data/spec/hidden_attributes_spec.rb

@@ -13,7 +13,7 @@ describe AttributeExt::HiddenAttributes do
     user = User.new
     user.hidden_attribute_names(:format).should_not include('attribute_if')
     
-    user = User.new :if => true
+    user = User.new :opts => { :if => true }
     user.hidden_attribute_names(:format).should include('attribute_if')
   end
   
@@ -21,7 +21,7 @@ describe AttributeExt::HiddenAttributes do
     user = User.new
     user.hidden_attribute_names(:format).should_not include('attribute_unless')
     
-    user = User.new :unless => false
+    user = User.new :opts => { :unless => false }
     user.hidden_attribute_names(:format).should include('attribute_unless')
   end
   
@@ -29,13 +29,13 @@ describe AttributeExt::HiddenAttributes do
     user = User.new
     user.hidden_attribute_names(:format).should_not include('attribute_if_unless')
     
-    user = User.new :if => true
+    user = User.new :opts => { :if => true }
     user.hidden_attribute_names(:format).should_not include('attribute_if_unless')
     
-    user = User.new :unless => false
+    user = User.new :opts => { :unless => false }
     user.hidden_attribute_names(:format).should_not include('attribute_if_unless')
     
-    user = User.new :unless => false, :if => true
+    user = User.new :opts => { :unless => false, :if => true }
     user.hidden_attribute_names(:format).should include('attribute_if_unless')
   end
   
@@ -70,13 +70,13 @@ describe AttributeExt::HiddenAttributes do
   end
   
   it 'only applies rules to hash if wanted (if condition)' do
-    user = User.new :if => true
+    user = User.new :opts => { :if => true }
     user.hidden_attribute_names(:hash).should_not include('attribute_if')
     user.hidden_attribute_names(:hash).should include('attribute_if_hash')
   end
   
   it 'only applies rules to hash if wanted (unless condition)' do
-    user = User.new :unless => false
+    user = User.new :opts => { :unless => false }
     user.hidden_attribute_names(:hash).should_not include('attribute_unless')
     user.hidden_attribute_names(:hash).should include('attribute_unless_hash')
   end
@@ -131,21 +131,71 @@ describe AttributeExt::HiddenAttributes do
   
   it 'supports json export' do
     user = User.new
-    user.hidden_attribute_names(:json).should == user.as_json[:except]
+    user.to_json.should == {
+      "attribute_except_json" => nil,
+      "attribute_if" => nil,
+      "attribute_if_format" => nil,
+      "attribute_if_hash" => nil,
+      "attribute_if_opts" => nil,
+      "attribute_if_unless" => nil,
+      "attribute_only_hash" => nil,
+      "attribute_only_xml" => nil,
+      "attribute_only_xml_txt" => nil,
+      "attribute_unless" => nil,
+      "attribute_unless_hash" => nil
+    }.to_json
   end
   
   it 'supports deep json export via serializable hash (depends on rails)' do
     user = User.new
-    user.hidden_attribute_names(:json).should == user.as_json({:include => true})[:except]
+    user.as_json.should == {
+      "attribute_except_json" => nil,
+      "attribute_if" => nil,
+      "attribute_if_format" => nil,
+      "attribute_if_hash" => nil,
+      "attribute_if_opts" => nil,
+      "attribute_if_unless" => nil,
+      "attribute_only_hash" => nil,
+      "attribute_only_xml" => nil,
+      "attribute_only_xml_txt" => nil,
+      "attribute_unless" => nil,
+      "attribute_unless_hash" => nil
+    }
   end
   
   it 'supports xml export' do
     user = User.new
-    user.hidden_attribute_names(:xml).should == user.to_xml[:except]
+    user.to_xml.should == {
+      "attribute_except_xml" => nil,
+      "attribute_except_xml_txt" => nil,
+      "attribute_if" => nil,
+      "attribute_if_format" => nil,
+      "attribute_if_hash" => nil,
+      "attribute_if_opts" => nil,
+      "attribute_if_unless" => nil,
+      "attribute_only_hash" => nil,
+      "attribute_only_json" => nil,
+      "attribute_unless" => nil,
+      "attribute_unless_hash" => nil
+    }.to_xml(:root => :user)
   end
   
   it 'supports hash export' do
     user = User.new
-    user.hidden_attribute_names(:hash).should == user.serializable_hash[:except]
+    user.serializable_hash.should == {
+      "attribute_except_hash" => nil,
+      "attribute_if" => nil,
+      "attribute_if_format" => nil,
+      "attribute_if_hash" => nil,
+      "attribute_if_opts" => nil,
+      "attribute_if_unless" => nil,
+      "attribute_only_json" => nil,
+      "attribute_only_xml" => nil,
+      "attribute_only_xml_txt" => nil,
+      "attribute_unless" => nil,
+      "attribute_unless_format" => nil,
+      "attribute_unless_opts" => nil,
+      "attribute_unless_hash" => nil,
+    }
   end
 end

data/spec/safe_attributes_spec.rb

@@ -1,72 +1,105 @@
 
 require File.dirname(__FILE__) + '/spec_helper'
 
-describe AttributeExt::HiddenAttributes do
+describe AttributeExt::SafeAttributes do
   
   it 'uses mass assignment authorizer' do
     user = User.new
     
-    user.mass_assignment_authorizer.should include('always_there')
+    user.safe_attributes_authorizer.should include('always')
+  end
+
+  it 'should support attr_accessible' do
+    user = User.new
+    user.safe_attributes_authorizer.should include('opts')
   end
   
   it 'uses mass assignment authorizer with role' do
     user = User.new
     
-    user.mass_assignment_authorizer(:admin).should include('admin_role')
+    user.safe_attributes_authorizer(:admin).should include('admin_role')
   end
   
   it 'can whitelist attributes' do
     user = User.new
     
-    user.mass_assignment_authorizer.should include('always')
+    user.safe_attributes_authorizer.should include('always')
+  end
+  
+  it 'can whitelist attributes using an if condition with proc' do
+    user = User.new
+    user.safe_attributes_authorizer.should_not include('attribute_if')
+    
+    user = User.new :opts => { :if => true }
+    user.safe_attributes_authorizer.should include('attribute_if')
+  end
+  
+  it 'can whitelist attributes using an if condition with symbol' do
+    user = User.new
+    user.safe_attributes_authorizer.should_not include('attribute_if_2')
+    
+    user = User.new :opts => { :if => true }
+    user.safe_attributes_authorizer.should include('attribute_if_2')
+  end
+  
+  it 'can whitelist attributes using an unless condition with proc' do
+    user = User.new
+    user.safe_attributes_authorizer.should_not include('attribute_unless')
+    
+    user = User.new :opts => { :unless => false }
+    user.safe_attributes_authorizer.should include('attribute_unless')
   end
   
-  it 'can whitelist attributes using an if condition' do
+  it 'can whitelist attributes using an unless condition with symbol' do
     user = User.new
-    user.mass_assignment_authorizer.should_not include('attribute_if')
+    user.safe_attributes_authorizer.should_not include('attribute_unless_2')
     
-    user = User.new :if => true
-    user.mass_assignment_authorizer.should include('attribute_if')
+    user = User.new :opts => { :unless => false }
+    user.safe_attributes_authorizer.should include('attribute_unless_2')
   end
   
-  it 'can whitelist attributes using an unless condition' do
+  it 'can whitelist attributes using an if and an unless condition with proc' do
     user = User.new
-    user.mass_assignment_authorizer.should_not include('attribute_unless')
+    user.safe_attributes_authorizer.should_not include('attribute_if_unless')
+    user = User.new :opts => { :if => true }
+    user.safe_attributes_authorizer.should_not include('attribute_if_unless')
+    user = User.new :opts => { :unless => false }
+    user.safe_attributes_authorizer.should_not include('attribute_if_unless')
     
-    user = User.new :unless => false
-    user.mass_assignment_authorizer.should include('attribute_unless')
+    user = User.new :opts => { :if => true, :unless => false }
+    user.safe_attributes_authorizer.should include('attribute_if_unless')
   end
   
-  it 'can whitelist attributes using an if and an unless condition' do
+  it 'can whitelist attributes using an if and an unless condition with symbol' do
     user = User.new
-    user.mass_assignment_authorizer.should_not include('attribute_if_unless')
-    user = User.new :if => true
-    user.mass_assignment_authorizer.should_not include('attribute_if_unless')
-    user = User.new :unless => false
-    user.mass_assignment_authorizer.should_not include('attribute_if_unless')
+    user.safe_attributes_authorizer.should_not include('attribute_if_unless_2')
+    user = User.new :opts => { :if => true }
+    user.safe_attributes_authorizer.should_not include('attribute_if_unless_2')
+    user = User.new :opts => { :unless => false }
+    user.safe_attributes_authorizer.should_not include('attribute_if_unless_2')
     
-    user = User.new :if => true, :unless => false
-    user.mass_assignment_authorizer.should include('attribute_if_unless')
+    user = User.new :opts => { :if => true, :unless => false }
+    user.safe_attributes_authorizer.should include('attribute_if_unless_2')
   end
   
   it 'can whitelist attributes checking role in if condition' do
     user = User.new
-    user.mass_assignment_authorizer(:default).should_not include('attribute_if_admin')
+    user.safe_attributes_authorizer(:default).should_not include('attribute_if_admin')
     user = User.new
-    user.mass_assignment_authorizer(:admin).should include('attribute_if_admin')
+    user.safe_attributes_authorizer(:admin).should include('attribute_if_admin')
   end
   
   it 'can whitelist attributes checking role in unless condition' do
     user = User.new
-    user.mass_assignment_authorizer(:default).should include('attribute_unless_admin')
+    user.safe_attributes_authorizer(:default).should include('attribute_unless_admin')
     user = User.new
-    user.mass_assignment_authorizer(:admin).should_not include('attribute_unless_admin')
+    user.safe_attributes_authorizer(:admin).should_not include('attribute_unless_admin')
   end
   
   it 'can provide a global default role' do
     AttributeExt::SafeAttributes.default_role = :new_default
     AttributeExt::SafeAttributes.default_role.should == :new_default
-    User.new.mass_assignment_authorizer.should include("new_default")
+    User.new.safe_attributes_authorizer.should include("new_default")
   end
   
   context '#role_mapper' do
@@ -106,17 +139,17 @@ describe AttributeExt::HiddenAttributes do
         [:guest, :user, :admin].include?(role) ? role : :guest
       end
       
-      User.new.mass_assignment_authorizer.should include('role_mapper_guest')
-      User.new.mass_assignment_authorizer.should_not include('role_mapper_user')
-      User.new.mass_assignment_authorizer.should_not include('role_mapper_admin')
+      User.new.safe_attributes_authorizer.should include('role_mapper_guest')
+      User.new.safe_attributes_authorizer.should_not include('role_mapper_user')
+      User.new.safe_attributes_authorizer.should_not include('role_mapper_admin')
       
-      User.new.mass_assignment_authorizer(:user).should_not include('role_mapper_guest')
-      User.new.mass_assignment_authorizer(:user).should include('role_mapper_user')
-      User.new.mass_assignment_authorizer(:user).should_not include('role_mapper_admin')
+      User.new.safe_attributes_authorizer(:user).should_not include('role_mapper_guest')
+      User.new.safe_attributes_authorizer(:user).should include('role_mapper_user')
+      User.new.safe_attributes_authorizer(:user).should_not include('role_mapper_admin')
       
-      User.new.mass_assignment_authorizer(:admin).should_not include('role_mapper_guest')
-      User.new.mass_assignment_authorizer(:admin).should_not include('role_mapper_user')
-      User.new.mass_assignment_authorizer(:admin).should include('role_mapper_admin')
+      User.new.safe_attributes_authorizer(:admin).should_not include('role_mapper_guest')
+      User.new.safe_attributes_authorizer(:admin).should_not include('role_mapper_user')
+      User.new.safe_attributes_authorizer(:admin).should include('role_mapper_admin')
     end
   end
 end

data/spec/spec_helper.rb

@@ -1,8 +1,14 @@
 
-require File.dirname(__FILE__) + '/support/fake_environment'
-require File.dirname(__FILE__) + '/../init'
-require File.dirname(__FILE__) + '/support/stub'
+ENV["RAILS_ENV"] ||= 'test'
+require File.expand_path("../dummy/config/environment", __FILE__)
+require 'rspec/rails'
+require 'rspec/autorun'
+
+Dir[File.expand_path("../support/**/*.rb", __FILE__)].each {|f| require f}
 
 RSpec.configure do |config|
-  config.mock_with :rspec
+  config.use_transactional_fixtures = true
+  config.infer_base_class_for_anonymous_controllers = false
+
+  initialize_in_memory_database if in_memory_database?
 end

data/spec/support/in_memory_database.rb

@@ -0,0 +1,11 @@
+def in_memory_database?
+  Rails.configuration.database_configuration[ENV["RAILS_ENV"]] and
+  Rails.configuration.database_configuration[ENV["RAILS_ENV"]]['adapter']  == 'sqlite3' and
+  Rails.configuration.database_configuration[ENV["RAILS_ENV"]]['database'] == ':memory:'
+end
+
+def initialize_in_memory_database
+  puts "Creating SQLite in memory database"
+  ActiveRecord::Schema.verbose = false
+  ActiveRecord::Migrator.up(Rails.root.join('db', 'migrate'))
+end

metadata

@@ -1,33 +1,57 @@
---- !ruby/object:Gem::Specification 
+--- !ruby/object:Gem::Specification
 name: attribute_ext
-version: !ruby/object:Gem::Version 
-  hash: 27
+version: !ruby/object:Gem::Version
+  version: 1.4.0
   prerelease: 
-  segments: 
-  - 1
-  - 3
-  - 0
-  version: 1.3.0
 platform: ruby
-authors: 
+authors:
 - Jan Graichen
 autorequire: 
 bindir: bin
 cert_chain: []
-
-date: 2011-10-02 00:00:00 Z
-dependencies: []
-
+date: 2012-03-07 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: &5913160 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.2.2
+  type: :development
+  prerelease: false
+  version_requirements: *5913160
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: &5912600 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *5912600
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: &5912020 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *5912020
 description: AttributeExt provides additional access control for rails model attributes.
-email: 
+email:
 - jan.graichen@altimos.de
 executables: []
-
 extensions: []
-
 extra_rdoc_files: []
-
-files: 
+files:
+- .gitignore
 - Gemfile
 - LICENSE
 - README.md
@@ -39,43 +63,65 @@ files:
 - lib/attribute_ext/railtie.rb
 - lib/attribute_ext/rspec.rb
 - lib/attribute_ext/safe_attributes.rb
+- spec/dummy/Rakefile
+- spec/dummy/app/assets/javascripts/application.js
+- spec/dummy/app/assets/stylesheets/application.css
+- spec/dummy/app/controllers/application_controller.rb
+- spec/dummy/app/helpers/application_helper.rb
+- spec/dummy/app/mailers/.gitkeep
+- spec/dummy/app/models/user.rb
+- spec/dummy/app/views/layouts/application.html.erb
+- spec/dummy/config.ru
+- spec/dummy/config/application.rb
+- spec/dummy/config/boot.rb
+- spec/dummy/config/database.yml
+- spec/dummy/config/environment.rb
+- spec/dummy/config/environments/development.rb
+- spec/dummy/config/environments/production.rb
+- spec/dummy/config/environments/test.rb
+- spec/dummy/config/initializers/backtrace_silencers.rb
+- spec/dummy/config/initializers/inflections.rb
+- spec/dummy/config/initializers/mime_types.rb
+- spec/dummy/config/initializers/secret_token.rb
+- spec/dummy/config/initializers/session_store.rb
+- spec/dummy/config/initializers/wrap_parameters.rb
+- spec/dummy/config/locales/en.yml
+- spec/dummy/config/routes.rb
+- spec/dummy/db/migrate/20120306121700_create_users.rb
+- spec/dummy/lib/assets/.gitkeep
+- spec/dummy/log/.gitkeep
+- spec/dummy/log/development.log
+- spec/dummy/public/404.html
+- spec/dummy/public/422.html
+- spec/dummy/public/500.html
+- spec/dummy/public/favicon.ico
+- spec/dummy/script/rails
 - spec/hidden_attributes_spec.rb
 - spec/safe_attributes_spec.rb
 - spec/spec_helper.rb
-- spec/support/fake_environment.rb
-- spec/support/stub.rb
+- spec/support/in_memory_database.rb
 homepage: https://github.com/jgraichen/attribute_ext
 licenses: []
-
 post_install_message: 
 rdoc_options: []
-
-require_paths: 
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement 
+required_ruby_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
-      - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
-      - 0
-      version: "0"
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
-
 rubyforge_project: attribute_ext
-rubygems_version: 1.8.6
+rubygems_version: 1.8.15
 signing_key: 
 specification_version: 3
 summary: AttributeExt provides additional access control for rails model attributes.
 test_files: []
-