authority 2.2.0 → 2.3.0

data/spec/authority/integration_spec.rb

@@ -1,13 +1,11 @@
 require 'spec_helper'
-require 'support/example_model'
-require 'support/user'
+require 'support/example_classes'
 
 describe "integration from user through model to authorizer" do
 
-  before :each do
-    @user          = User.new
-    @example_model = ExampleModel.new
-  end
+  let(:user)              { ExampleUser.new }
+  let(:resource_class)    { ExampleResource }
+  let(:resource_instance) { resource_class.new }
 
   describe "class methods" do
 
@@ -16,20 +14,24 @@ describe "integration from user through model to authorizer" do
       adjective        = Authority.abilities[verb]
       adjective_method = "#{adjective}_by?"
 
-      describe "if given an options hash" do
+      describe "#{adjective_method}" do
+
+        describe "if given an options hash" do
+
+          it "delegates `#{adjective_method}` to its authorizer class, passing the options" do
+            resource_class.authorizer.should_receive(adjective_method).with(user, :lacking => 'nothing')
+            user.send(verb_method, resource_class, :lacking => 'nothing')
+          end
 
-        it "should delegate `#{adjective_method}` to its authorizer class, passing the options" do
-          ExampleModel.authorizer.should_receive(adjective_method).with(@user, :lacking => 'nothing')
-          @user.send(verb_method, ExampleModel, :lacking => 'nothing')
         end
 
-      end
+        describe "if not given an options hash" do
 
-      describe "if not given an options hash" do
+          it "delegates `#{adjective_method}` to its authorizer class, passing no options" do
+            resource_class.authorizer.should_receive(adjective_method).with(user)
+            user.send(verb_method, resource_instance)
+          end
 
-        it "should delegate `#{adjective_method}` to its authorizer class, passing no options" do
-          ExampleModel.authorizer.should_receive(adjective_method).with(@user)
-          @user.send(verb_method, @example_model)
         end
 
       end
@@ -40,11 +42,10 @@ describe "integration from user through model to authorizer" do
 
   describe "instance methods" do
 
+    let!(:authorizer_instance) { resource_class.authorizer.new(resource_instance) }
+
     before :each do
-      @user          = User.new
-      @example_model = ExampleModel.new
-      @authorizer    = ExampleModel.authorizer.new(@example_model)
-      ExampleModel.authorizer.stub(:new).and_return(@authorizer)
+      resource_class.authorizer.stub(:new).and_return(authorizer_instance)
     end
 
     Authority.verbs.each do |verb|
@@ -52,20 +53,24 @@ describe "integration from user through model to authorizer" do
       adjective        = Authority.abilities[verb]
       adjective_method = "#{adjective}_by?"
 
-      describe "if given an options hash" do
+      describe "#{adjective_method}" do
+
+        describe "if given an options hash" do
+
+          it "delegates `#{adjective_method}` to a new authorizer instance, passing the options" do
+            authorizer_instance.should_receive(adjective_method).with(user, :consistency => 'mushy')
+            user.send(verb_method, resource_instance, :consistency => 'mushy')
+          end
 
-        it "should delegate `#{adjective_method}` to a new authorizer instance, passing the options" do
-          @authorizer.should_receive(adjective_method).with(@user, :consistency => 'mushy')
-          @user.send(verb_method, @example_model, :consistency => 'mushy')
         end
 
-      end
+        describe "if not given an options hash" do
+
+          it "delegates `#{adjective_method}` to a new authorizer instance, passing no options" do
+            authorizer_instance.should_receive(adjective_method).with(user)
+            user.send(verb_method, resource_instance)
+          end
 
-      describe "if not given an options hash" do
-        
-        it "should delegate `#{adjective_method}` to a new authorizer instance, passing no options" do
-          @authorizer.should_receive(adjective_method).with(@user)
-          @user.send(verb_method, @example_model)
         end
 
       end

data/spec/authority/user_abilities_spec.rb

@@ -1,39 +1,49 @@
 require 'spec_helper'
-require 'support/example_model'
-require 'support/user'
+require 'support/example_classes'
 
 describe Authority::UserAbilities do
 
-  before :each do
-    @example_model = ExampleModel.new
-    @user          = User.new
-  end
+  let(:resource_instance) { ExampleResource.new }
+  let(:user)              { ExampleUser.new }
 
-  Authority.verbs.each do |verb|
-    method_name = "can_#{verb}?"
+  describe "using `can_{verb}?` methods to check permissions on a resource" do
 
-    it "should define the `#{method_name}` method" do
-      @user.should respond_to(method_name)
-    end
+    Authority.verbs.each do |verb|
+      method_name = "can_#{verb}?"
+
+      it "defines the `#{method_name}` method" do
+        expect(user).to respond_to(method_name)
+      end
+
+      describe "if given options" do
 
-    describe "if given options" do
+        it "delegates the authorization check to the resource, passing the options" do
+          resource_instance.should_receive("#{Authority.abilities[verb]}_by?").with(user, :size => 'wee')
+          user.send(method_name, resource_instance, :size => 'wee')
+        end
 
-      it "should delegate the authorization check to the resource, passing the options" do
-        @example_model.should_receive("#{Authority.abilities[verb]}_by?").with(@user, :size => 'wee')
-        @user.send(method_name, @example_model, :size => 'wee')
       end
 
-    end
+      describe "if not given options" do
 
-    describe "if not given options" do
+        it "delegates the authorization check to the resource, passing no options" do
+          resource_instance.should_receive("#{Authority.abilities[verb]}_by?").with(user)
+          user.send(method_name, resource_instance)
+        end
 
-      it "should delegate the authorization check to the resource, passing no options" do
-        @example_model.should_receive("#{Authority.abilities[verb]}_by?").with(@user)
-        @user.send(method_name, @example_model)
       end
 
     end
 
   end
 
+  describe "using `can?` for non-resource-specific checks" do
+
+    it "checks with ApplicationAuthorizer" do
+      ApplicationAuthorizer.should_receive(:can_mimic_lemurs?).with(user)
+      user.can?(:mimic_lemurs)
+    end
+
+  end
+
 end

data/spec/authority_spec.rb

@@ -1,38 +1,37 @@
 require 'spec_helper'
-require 'support/example_model'
-require 'support/user'
+require 'support/example_classes'
 
 describe Authority do
 
-  it "should have a default list of abilities" do
-    Authority.abilities.should be_a(Hash)
+  it "has a default list of abilities" do
+    expect(Authority.abilities).to be_a(Hash)
   end
 
-  it "should not allow modification of the Authority.abilities hash directly" do
+  it "does not allow modification of the Authority.abilities hash directly" do
     expect { Authority.abilities[:exchange] = 'fungible' }.to raise_error(
       StandardError, /modify frozen/
     ) # can't modify frozen hash - exact error type and message depends on Ruby version
   end
 
-  it "should have a convenience accessor for the ability verbs" do
-    Authority.verbs.map(&:to_s).sort.should eq(['create', 'delete', 'read', 'update'])
+  it "has a convenience accessor for the ability verbs" do
+    expect(Authority.verbs.map(&:to_s).sort).to eq(%w[create delete read update])
   end
 
-  it "should have a convenience accessor for the ability adjectives" do
-    Authority.adjectives.sort.should eq(%w[creatable deletable readable updatable])
+  it "has a convenience accessor for the ability adjectives" do
+    expect(Authority.adjectives.sort).to eq(%w[creatable deletable readable updatable])
   end
 
   describe "configuring Authority" do
 
-    it "should have a configuration accessor" do
-      Authority.should respond_to(:configuration)
+    it "has a configuration accessor" do
+      expect(Authority).to respond_to(:configuration)
     end
 
-    it "should have a `configure` method" do
-      Authority.should respond_to(:configure)
+    it "has a `configure` method" do
+      expect(Authority).to respond_to(:configure)
     end
 
-    it "should require the remainder of library internals after configuration" do
+    it "requires the remainder of library internals after configuration" do
       Authority.should_receive(:require_authority_internals!)
       Authority.configure
     end
@@ -40,62 +39,59 @@ describe Authority do
 
   describe "enforcement" do
 
-    before :each do
-      @user = User.new
-    end
+    let(:user)           { ExampleUser.new }
+    let(:resource_class) { ExampleResource }
 
     describe "if given options" do
 
-      it "should check the user's authorization, passing along the options" do
+      it "checks the user's authorization, passing along the options" do
         options = { :for => 'context' }
-        @user.should_receive(:can_delete?).with(ExampleModel, options).and_return(true)
-        Authority.enforce(:delete, ExampleModel, @user, options)
+        user.should_receive(:can_delete?).with(resource_class, options).and_return(true)
+        Authority.enforce(:delete, resource_class, user, options)
       end
 
     end
 
     describe "if not given options" do
 
-      it "should check the user's authorization, passing no options" do
-        @user.should_receive(:can_delete?).with(ExampleModel).and_return(true)
-        Authority.enforce(:delete, ExampleModel, @user)
+      it "checks the user's authorization, passing no options" do
+        user.should_receive(:can_delete?).with(resource_class).and_return(true)
+        Authority.enforce(:delete, resource_class, user)
       end
 
     end
 
-    it "should raise a SecurityViolation if the action is unauthorized" do
-      expect { Authority.enforce(:update, ExampleModel, @user) }.to raise_error(Authority::SecurityViolation)
+    it "raises a SecurityViolation if the action is unauthorized" do
+      expect { Authority.enforce(:update, resource_class, user) }.to raise_error(Authority::SecurityViolation)
     end
 
-    it "should not raise a SecurityViolation if the action is authorized" do
-      expect { Authority.enforce(:read, ExampleModel, @user) }.not_to raise_error(Authority::SecurityViolation)
+    it "doesn't raise a SecurityViolation if the action is authorized" do
+      expect { Authority.enforce(:read, resource_class, user) }.not_to raise_error(Authority::SecurityViolation)
     end
 
   end
 
   describe Authority::SecurityViolation do
 
-    before :each do
-      @user               = "I am a user"
-      @action             = :keelhaul
-      @resource           = "I am a resource"
-      @security_violation = Authority::SecurityViolation.new(@user, @action, @resource)
-    end
+    let(:user)               { :"Cap'n Ned" }
+    let(:action)             { :keelhaul }
+    let(:resource)           { :houseplant }
+    let(:security_violation) { Authority::SecurityViolation.new(user, action, resource) }
 
-    it "should have a reader for the user" do
-      @security_violation.user.should eq(@user)
+    it "has a reader for the user" do
+      expect(security_violation.user).to eq(user)
     end
 
-    it "should have a reader for the action" do
-      @security_violation.action.should eq(@action)
+    it "has a reader for the action" do
+      expect(security_violation.action).to eq(action)
     end
 
-    it "should have a reader for the resource" do
-      @security_violation.resource.should eq(@resource)
+    it "has a reader for the resource" do
+      expect(security_violation.resource).to eq(resource)
     end
 
-    it "should use them all in its message" do
-      @security_violation.message.should eq("#{@user} is not authorized to #{@action} this resource: #{@resource}")
+    it "uses them all in its message" do
+      expect(security_violation.message).to eq("#{user} is not authorized to #{action} this resource: #{resource}")
     end
 
   end

data/spec/spec_helper.rb

@@ -6,4 +6,5 @@ Authority.configure
 
 RSpec.configure do |config|
   config.mock_with :rspec
+  config.order = :random
 end

data/spec/support/{example_model.rb → example_classes.rb}

@@ -1,4 +1,8 @@
-class ExampleModel
+class ExampleUser
+  include Authority::UserAbilities
+end
+
+class ExampleResource
   include Authority::Abilities
 end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: authority
 version: !ruby/object:Gem::Version
-  version: 2.2.0
+  version: 2.3.0
   prerelease: 
 platform: ruby
 authors:
@@ -10,11 +10,11 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-10-06 00:00:00.000000000 Z
+date: 2012-12-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
-  requirement: &81456900 !ruby/object:Gem::Requirement
+  requirement: &69990830 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -22,7 +22,7 @@ dependencies:
         version: 3.0.0
   type: :runtime
   prerelease: false
-  version_requirements: *81456900
+  version_requirements: *69990830
 description: Authority helps you authorize actions in your Rails app. It's ORM-neutral
   and has very little fancy syntax; just group your models under one or more Authorizer
   classes and write plain Ruby methods on them.
@@ -53,6 +53,7 @@ files:
 - lib/authority/configuration.rb
 - lib/authority/controller.rb
 - lib/authority/railtie.rb
+- lib/authority/security_violation.rb
 - lib/authority/user_abilities.rb
 - lib/authority/version.rb
 - lib/generators/authority/install_generator.rb
@@ -67,10 +68,8 @@ files:
 - spec/authority/user_abilities_spec.rb
 - spec/authority_spec.rb
 - spec/spec_helper.rb
-- spec/support/example_controllers.rb
-- spec/support/example_model.rb
+- spec/support/example_classes.rb
 - spec/support/mock_rails.rb
-- spec/support/user.rb
 homepage: https://github.com/nathanl/authority
 licenses: []
 post_install_message: 

data/spec/support/example_controllers.rb

@@ -1,22 +0,0 @@
-module MockController
-  def rescue_from(*args) ; end
-  def before_filter(*args) ; end
-end
-
-# this controller will have `authority_actions_for` called on it
-class ExampleController
-  extend MockController
-  include Authority::Controller
-end
-
-class DummyController < ExampleController
-end
-
-class InstanceController < ExampleController
-end
-
-# this controller will not have `authority_actions_for` called on it but will
-# have `authority_action_for` called on it
-class SampleController
-  extend MockController
-end

data/spec/support/user.rb

@@ -1,3 +0,0 @@
-class User
-  include Authority::UserAbilities
-end