authoritah 0.1.0 → 0.1.1

data/README.rdoc

@@ -44,7 +44,7 @@ You also have the ability to expressly forbid access using the forbids directive
 
 In this scenario any logged in user can access the controller actions, but any user responding true to blacklisted? will be forbidden from running the :create or :destroy actions.
 
-The final feature so far is the ability to pass a Proc as the predicate:
+You can also pass a Proc as the predicate:
 
   class WidgetController < ApplicationController
 
@@ -53,4 +53,15 @@ The final feature so far is the ability to pass a Proc as the predicate:
 
 The Proc gets passed the result of the :current_user message to the controller for you to specify more complex rules.
 
-This is VERY early and probably has a legion of bugs, but there's a good spread of specs and I'll be improving it over the coming days. Thanks for watching.
+I've also now added the ability to customise how the user is using the :on_reject option. You can either pass it a symbol identifying a method to call, or a Proc:
+
+  class WidgetController < ApplicationController
+
+    permits :current_user => :logged_in?, :on_reject => :redirect_to_login
+    forbids :current_user => :blacklisted?, :from => [:create, :destroy], :on_reject => Proc.new { redirect_to '/blacklisted' }
+    
+    def redirect_to_login
+      flash[:notice] = "Please login to view widgets"
+      redirect_to root_url
+    end
+  end

data/lib/authoritah.rb

@@ -105,8 +105,6 @@ module Authoritah
           return true
         else
           if on_reject_action.is_a?(Proc)
-            # debugger
-            # on_reject_action.call(controller)
             controller.instance_eval(&on_reject_action)
           else
             controller.send(on_reject_action)
@@ -122,14 +120,14 @@ module Authoritah
       protected
         
         # Returns [true, nil] if the rule chain applied without a problem.
-        # Returns [false, :reject_to]
+        # Returns [false, :reject_to destination] otherwise
         def apply_rule_chain(rule_type, controller, action)
           select_permissions_for(action).each do |permission|
             begin
               response = if permission[:role_predicate].is_a? Symbol
                 controller.send(permission[:role_method]).send(permission[:role_predicate])
               elsif permission[:role_predicate].is_a? Proc
-                permission[:role_predicate].call(controller.send(permission[:role_method]))
+                controller.instance_exec(controller.send(permission[:role_method]), &permission[:role_predicate])
               elsif permission[:role_predicate] == nil
                 controller.send(permission[:role_method])
               end

data/spec/authoritah_spec.rb

@@ -234,10 +234,10 @@ describe TestAuthorizerController, :type => :controller do
     end
   end
   
-  describe "using a Proc" do
+  describe "using a lambda" do
     context "with a wildcard rule" do
       before(:each) do
-        TestAuthorizerController.permits(:current_user => Proc.new {|u| u.logged_in?})
+        TestAuthorizerController.permits(:current_user => lambda {|u| u.logged_in?})
       end
       context "a logged in user" do
         before(:each) do
@@ -246,6 +246,30 @@ describe TestAuthorizerController, :type => :controller do
         it "should render index" do get :index; response.should render_template('index') end
       end
     end
+    context "that accesses controller environment" do
+      before(:each) do
+        TestAuthorizerController.class_eval do
+          define_method(:user_is_allowed?) { |user| true }
+        end
+        @user = stub(:logged_in? => true)
+        controller.stubs(:current_user => @user)
+        TestAuthorizerController.permits(:current_user => lambda {|u| user_is_allowed?(u) })
+      end
+      context "an allowed_user" do
+        it "should render show" do
+          controller.expects(:user_is_allowed?).at_least_once.with(@user).returns(true)
+          get :show, :id => "100"
+          response.should render_template('show')
+        end
+      end
+      context "a logged in user with the wrong ID" do
+        it "should render show" do
+          controller.expects(:user_is_allowed?).at_least_once.with(@user).returns(false)
+          get :show, :id => "100"
+          response.status.should == "404 Not Found"
+        end
+      end
+    end
   end
   
   describe "specifying a different action to run on failure" do
@@ -255,7 +279,7 @@ describe TestAuthorizerController, :type => :controller do
         TestAuthorizerController.permits(:current_user => :logged_in?, :on_reject => :method)
       end.should_not raise_error
       lambda do
-        TestAuthorizerController.permits(:current_user => :logged_in?, :on_reject => Proc.new {})
+        TestAuthorizerController.permits(:current_user => :logged_in?, :on_reject => lambda {})
       end.should_not raise_error
       lambda do
         TestAuthorizerController.permits(:current_user => :logged_in?, :on_reject => 5)
@@ -282,9 +306,9 @@ describe TestAuthorizerController, :type => :controller do
       end
     end
     
-    context "when :on_reject => Proc" do
+    context "when :on_reject => lambda" do
       before(:each) do
-        TestAuthorizerController.permits(:current_user => :logged_in?, :on_reject => Proc.new { redirect_to root_url })
+        TestAuthorizerController.permits(:current_user => :logged_in?, :on_reject => lambda { redirect_to root_url })
       end
       context "an unauthenticated user" do
         it "should redirect to /" do

data/spec/spec_helper.rb

@@ -26,6 +26,8 @@ class TestAuthorizerController < ActionController::Base
   end
   
   def show
+    render
   end
+
 end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: authoritah
 version: !ruby/object:Gem::Version 
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors: 
 - Steven Mohapi-Banks
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-11-04 00:00:00 +00:00
+date: 2009-11-18 00:00:00 +00:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency