authorizable 0.9.0

data/spec/integration/model_spec.rb

@@ -0,0 +1,169 @@
+require 'rails_helper'
+
+describe Authorizable::Model, type: :model do
+
+  before(:each) do
+    @user = create(:user)
+    @user.class.send(:include, Authorizable::Model)
+  end
+
+  describe "process_permission" do
+    before(:each) do
+      @event = create(:event, user: @user)
+      @collaborator = create(:user)
+
+      @event.collaborators << @collaborator
+      @event.save
+    end
+
+    it 'allows a permission' do
+      result = @user.can_view_collaborators?(@event)
+      expect(result).to eq true
+    end
+
+    it 'allows permission short hand' do
+      result = @user.can_edit?(@event)
+      expect(result).to eq true
+    end
+
+    it 'calls super if method does not match permission pattern' do
+      expect{
+        @user.do_something
+      }.to raise_error(NoMethodError)
+    end
+
+    it 'disallows a permission' do
+      result = @collaborator.can_view_collaborators?(@event)
+      expect(result).to eq false
+    end
+
+    it 'sets cache' do
+      expect(@user).to receive(:set_permission_cache).and_call_original
+      @user.can_view_collaborators?(@event)
+      cache = @user.instance_variable_get("@permission_cache")
+      expect(cache[Authorizable::Model::IS_OWNER]).to have_key(:can_view_collaborators?)
+    end
+
+    it 'returns from cache' do
+      # call once - store cache
+      @user.can_view_collaborators?(@event)
+      cache = @user.instance_variable_get("@permission_cache")
+      expect(cache[Authorizable::Model::IS_OWNER]).to have_key(:can_view_collaborators?)
+
+      # call again, return from cache
+      expect(@user).to_not receive(:set_permission_cache)
+      @user.can_view_collaborators?(@event)
+
+    end
+  end
+
+  describe "can?" do
+
+    it 'gets the default value' do
+      result = @user.send(:can?, Authorizable.definitions.keys.first)
+      expect(result).to eq true
+    end
+
+    it 'gets the value from a pre-defined set' do
+      key = Authorizable.definitions.keys.first
+      result = @user.send(:can?, key, Authorizable::Model::IS_OWNER, { key => false } )
+      expect(result).to eq false
+    end
+  end
+
+  describe "get_role_of" do
+    before(:each) do
+      @collaborator = create(:user)
+      @unrelated = create(:user)
+    end
+
+    context 'event' do
+      before(:each) do
+        @event = create(:event, user: @user)
+      end
+
+      it 'is owner' do
+        result = @user.send(:get_role_of, @event)
+        expect(result).to eq Authorizable::Model::IS_OWNER
+      end
+
+      it 'is collaborator' do
+        @event.collaborators << @collaborator
+        @event.save
+        result = @collaborator.send(:get_role_of, @event)
+        expect(result).to eq Authorizable::Model::IS_UNRELATED
+      end
+
+      it 'is unrelated' do
+        result = @unrelated.send(:get_role_of, @event)
+        expect(result).to eq Authorizable::Model::IS_UNRELATED
+      end
+    end
+  end
+
+  describe "has_role_with" do
+
+    it 'is the owner' do
+      @event = create(:event, user: @user)
+      result = @user.send(:has_role_with, @event)
+      expect(result).to eq Authorizable::Model::IS_OWNER
+    end
+
+    it 'is not the owner' do
+      user = create(:user)
+      @event = create(:event, user: @user)
+      result = user.send(:has_role_with, @event)
+      expect(result).to eq Authorizable::Model::IS_UNRELATED
+    end
+
+    it 'object does not respond to user_id' do
+      result = @user.send(:has_role_with, 3)
+      expect(result).to eq Authorizable::Model::IS_UNRELATED
+    end
+
+  end
+
+  context 'cache' do
+
+    before(:each) do
+      @user = create(:user)
+    end
+
+    describe "value_from_permission_cache" do
+      before(:each) do
+        @user.instance_variable_set(
+          '@permission_cache',
+          {
+            1 => { "role" => true },
+            "roleless" => true
+          }
+        )
+      end
+
+      it 'gets a value for a non-role-based permission' do
+        expect(@user.send(:value_from_permission_cache, "roleless")).to eq true
+      end
+
+      it 'gets a value for a role-based permission' do
+        expect(@user.send(:value_from_permission_cache, "role", 1)).to eq true
+      end
+    end
+
+    describe "set_permission_cache" do
+      it 'sets a role-based permission' do
+        @user.send(:set_permission_cache, name: "permission_name", role: 1, value: true)
+        cache = @user.instance_variable_get('@permission_cache')
+
+        expect(cache[1]).to be_present
+        expect(cache[1]["permission_name"]).to eq true
+      end
+
+      it 'sets a non-role-based permission' do
+        @user.send(:set_permission_cache, name: "permission_name", value: true)
+        cache = @user.instance_variable_get('@permission_cache')
+
+        expect(cache["permission_name"]).to eq true
+      end
+    end
+  end
+end

data/spec/rails_helper.rb

@@ -0,0 +1,14 @@
+require 'spec_helper'
+require 'factory_girl_rails'
+require 'rspec/rails'
+
+ActiveRecord::Migration.maintain_test_schema!
+
+require 'support/rails_app/config/environment'
+
+# set up db
+# be sure to update the schema if required by doing
+# - cd spec/rails_app
+# - rake db:migrate
+ActiveRecord::Schema.verbose = false
+load "support/rails_app/db/schema.rb" # use db agnostic schema by default

data/spec/spec_helper.rb

@@ -0,0 +1,48 @@
+require "rubygems"
+require "bundler/setup"
+
+require "pry-byebug" # binding.pry to debug!
+
+# Coverage
+require "codeclimate-test-reporter"
+ENV['CODECLIMATE_REPO_TOKEN'] = "68f28e1d037ca7b58d24f943b59d82cd649e1f9b9f79437d4a5d864140dd4eb0"
+CodeClimate::TestReporter.start
+
+require 'rspec/autorun'
+require 'factory_girl'
+
+# This Gem
+require "authorizable"
+
+Dir[File.dirname(__FILE__) + '/support/**/*.rb'].each {|file|
+  # skip the dummy app
+  next if file.include?('support/rails_app')
+  require file
+}
+
+# This file was generated by the `rspec --init` command. Conventionally, all
+# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
+# Require this file using `require "spec_helper"` to ensure that it is only
+# loaded once.
+#
+# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
+RSpec.configure do |config|
+  config.treat_symbols_as_metadata_keys_with_true_values = true
+  config.run_all_when_everything_filtered = true
+  config.filter_run :focus
+
+  # Run specs in random order to surface order dependencies. If you find an
+  # order dependency and want to debug it, you can fix the order by providing
+  # the seed, which is printed after each run.
+  #     --seed 1234
+  config.order = 'random'
+
+  config.before(:each) do |x|
+    $example_definitions.call
+  end
+
+  config.after(:each) do |x|
+    # reset class variable
+    Authorizable::Permissions.definitions = {}
+  end
+end

data/spec/support/definitions.rb

@@ -0,0 +1,16 @@
+$example_definitions = ->{
+  Authorizable::Permissions.set(
+    edit_organization:   [Authorizable::OBJECT, [true, false]],
+    delete_organization: [Authorizable::OBJECT, [true, false], nil, ->(e, user){ e.user == user }, ->(e, user){ e.owner == user }],
+    create_organization: [Authorizable::ACCESS, true, nil, nil],
+
+    view_collaborators: [Authorizable::ACCESS, [true, false]]
+  )
+
+
+  Authorizable::Permissions.class_eval do
+    can :edit_event
+    can :delete_event
+    can :not_do_this, false
+  end
+}

data/spec/support/factories.rb

@@ -0,0 +1,17 @@
+FactoryGirl.define do
+
+  factory :user do
+
+  end
+
+  factory :event do
+    name "Test Event"
+    association :user, factory: :user
+  end
+
+  factory :discount do
+    name "Some Discount"
+    event
+  end
+
+end

data/spec/support/factory_girl.rb

@@ -0,0 +1,7 @@
+RSpec.configure do |config|
+  config.include FactoryGirl::Syntax::Methods
+
+  config.before(:suite) do
+    FactoryGirl.lint
+  end
+end

data/spec/support/rails_app/Rakefile

@@ -0,0 +1,6 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+
+Rails.application.load_tasks

data/spec/support/rails_app/app/assets/javascripts/application.js

@@ -0,0 +1,16 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or any plugin's vendor/assets/javascripts directory can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// compiled file.
+//
+// Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
+// about supported directives.
+//
+//= require jquery
+//= require jquery_ujs
+//= require turbolinks
+//= require_tree .

data/spec/support/rails_app/app/assets/javascripts/some_resources.js

@@ -0,0 +1,2 @@
+// Place all the behaviors and hooks related to the matching controller here.
+// All this logic will automatically be available in application.js.

data/spec/support/rails_app/app/assets/javascripts/users.js

@@ -0,0 +1,2 @@
+// Place all the behaviors and hooks related to the matching controller here.
+// All this logic will automatically be available in application.js.

data/spec/support/rails_app/app/assets/stylesheets/application.css

@@ -0,0 +1,15 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or any plugin's vendor/assets/stylesheets directory can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the bottom of the
+ * compiled file so the styles you add here take precedence over styles defined in any styles
+ * defined in the other CSS/SCSS files in this directory. It is generally better to create a new
+ * file per style scope.
+ *
+ *= require_tree .
+ *= require_self
+ */

data/spec/support/rails_app/app/assets/stylesheets/scaffold.css

@@ -0,0 +1,56 @@
+body { background-color: #fff; color: #333; }
+
+body, p, ol, ul, td {
+  font-family: verdana, arial, helvetica, sans-serif;
+  font-size:   13px;
+  line-height: 18px;
+}
+
+pre {
+  background-color: #eee;
+  padding: 10px;
+  font-size: 11px;
+}
+
+a { color: #000; }
+a:visited { color: #666; }
+a:hover { color: #fff; background-color:#000; }
+
+div.field, div.actions {
+  margin-bottom: 10px;
+}
+
+#notice {
+  color: green;
+}
+
+.field_with_errors {
+  padding: 2px;
+  background-color: red;
+  display: table;
+}
+
+#error_explanation {
+  width: 450px;
+  border: 2px solid red;
+  padding: 7px;
+  padding-bottom: 0;
+  margin-bottom: 20px;
+  background-color: #f0f0f0;
+}
+
+#error_explanation h2 {
+  text-align: left;
+  font-weight: bold;
+  padding: 5px 5px 5px 15px;
+  font-size: 12px;
+  margin: -7px;
+  margin-bottom: 0px;
+  background-color: #c00;
+  color: #fff;
+}
+
+#error_explanation ul li {
+  font-size: 12px;
+  list-style: square;
+}

data/spec/support/rails_app/app/assets/stylesheets/some_resources.css

@@ -0,0 +1,4 @@
+/*
+  Place all the styles related to the matching controller here.
+  They will automatically be included in application.css.
+*/

data/spec/support/rails_app/app/assets/stylesheets/users.css

@@ -0,0 +1,4 @@
+/*
+  Place all the styles related to the matching controller here.
+  They will automatically be included in application.css.
+*/

data/spec/support/rails_app/app/controllers/application_controller.rb

@@ -0,0 +1,14 @@
+class ApplicationController < ActionController::Base
+  # Prevent CSRF attacks by raising an exception.
+  # For APIs, you may want to use :null_session instead.
+  protect_from_forgery with: :exception
+
+  # some fake helpers here
+  def current_user=(user = User.last)
+    @current_user = user
+  end
+
+  def current_user
+    @current_user
+  end
+end

data/spec/support/rails_app/app/controllers/events_controller.rb

@@ -0,0 +1,58 @@
+class EventsController < ApplicationController
+  before_action :set_event, only: [:show, :edit, :update, :destroy]
+
+  # GET /events
+  def index
+    @events = Event.all
+  end
+
+  # GET /events/1
+  def show
+  end
+
+  # GET /events/new
+  def new
+    @event = Event.new
+  end
+
+  # GET /events/1/edit
+  def edit
+  end
+
+  # POST /events
+  def create
+    @event = Event.new(event_params)
+
+    if @event.save
+      redirect_to @event, notice: 'Event was successfully created.'
+    else
+      render :new
+    end
+  end
+
+  # PATCH/PUT /events/1
+  def update
+    if @event.update(event_params)
+      redirect_to @event, notice: 'Event was successfully updated.'
+    else
+      render :edit
+    end
+  end
+
+  # DELETE /events/1
+  def destroy
+    @event.destroy
+    redirect_to events_url, notice: 'Event was successfully destroyed.'
+  end
+
+  private
+    # Use callbacks to share common setup or constraints between actions.
+    def set_event
+      @event = Event.find(params[:id])
+    end
+
+    # Only allow a trusted parameter "white list" through.
+    def event_params
+      params[:event]
+    end
+end