authorizy 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (43) hide show
  1. checksums.yaml +7 -0
  2. data/CHANGELOG.md +5 -0
  3. data/LICENSE +21 -0
  4. data/README.md +190 -0
  5. data/lib/authorizy.rb +19 -0
  6. data/lib/authorizy/base_cop.rb +21 -0
  7. data/lib/authorizy/config.rb +15 -0
  8. data/lib/authorizy/core.rb +43 -0
  9. data/lib/authorizy/expander.rb +61 -0
  10. data/lib/authorizy/extension.rb +31 -0
  11. data/lib/authorizy/version.rb +5 -0
  12. data/lib/generators/authorizy/install_generator.rb +23 -0
  13. data/lib/generators/authorizy/templates/config/initializers/authorizy.rb +23 -0
  14. data/lib/generators/authorizy/templates/db/migrate/add_authorizy_on_users.rb +7 -0
  15. data/spec/authorizy/base_cop/access_question_spec.rb +9 -0
  16. data/spec/authorizy/config/aliases_spec.rb +13 -0
  17. data/spec/authorizy/config/cop_spec.rb +13 -0
  18. data/spec/authorizy/config/current_user_spec.rb +31 -0
  19. data/spec/authorizy/config/dependencies_spec.rb +13 -0
  20. data/spec/authorizy/config/initialize_spec.rb +7 -0
  21. data/spec/authorizy/config/redirect_url_spec.rb +31 -0
  22. data/spec/authorizy/cop/controller_spec.rb +42 -0
  23. data/spec/authorizy/cop/model_spec.rb +15 -0
  24. data/spec/authorizy/cop/namespaced_controller_spec.rb +42 -0
  25. data/spec/authorizy/core/access_spec.rb +137 -0
  26. data/spec/authorizy/expander/expand_spec.rb +144 -0
  27. data/spec/authorizy/extension/authorizy_question_spec.rb +46 -0
  28. data/spec/authorizy/extension/authorizy_spec.rb +56 -0
  29. data/spec/common_helper.rb +11 -0
  30. data/spec/spec_helper.rb +29 -0
  31. data/spec/support/application.rb +8 -0
  32. data/spec/support/common.rb +13 -0
  33. data/spec/support/controllers/admin/dummy_controller.rb +13 -0
  34. data/spec/support/controllers/dummy_controller.rb +11 -0
  35. data/spec/support/coverage.rb +14 -0
  36. data/spec/support/i18n.rb +3 -0
  37. data/spec/support/locales/en.yml +3 -0
  38. data/spec/support/models/authorizy_cop.rb +31 -0
  39. data/spec/support/models/empty_cop.rb +4 -0
  40. data/spec/support/models/user.rb +4 -0
  41. data/spec/support/routes.rb +6 -0
  42. data/spec/support/schema.rb +22 -0
  43. metadata +198 -0
data/spec/authorizy/extension/authorizy_question_spec.rb ADDED
@@ -0,0 +1,46 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'support/controllers/dummy_controller'
4
+
5
+ RSpec.describe DummyController, '#authorizy?', type: :controller do
6
+ context 'when config returns no current user' do
7
+ it 'returns false' do
8
+ config_mock(current_user: nil) do
9
+ expect(controller.helpers.authorizy?('controller', 'action')).to be(false)
10
+ end
11
+ end
12
+ end
13
+
14
+ context 'when config returns current user' do
15
+ let!(:current_user) { User.new }
16
+ let!(:parameters) { ActionController::Parameters.new }
17
+
18
+ context 'when authorizy returns false' do
19
+ let!(:authorizy) { instance_double('Authorizy::Core', access?: false) }
20
+
21
+ it 'returns false' do
22
+ allow(Authorizy::Core).to receive(:new)
23
+ .with(current_user, parameters, session, controller: 'controller', action: 'action')
24
+ .and_return(authorizy)
25
+
26
+ config_mock(current_user: current_user) do
27
+ expect(controller.helpers.authorizy?('controller', 'action')).to be(false)
28
+ end
29
+ end
30
+ end
31
+
32
+ context 'when authorizy returns true' do
33
+ let!(:authorizy) { instance_double('Authorizy::Core', access?: true) }
34
+
35
+ it 'returns true' do
36
+ allow(Authorizy::Core).to receive(:new)
37
+ .with(current_user, parameters, session, controller: 'controller', action: 'action')
38
+ .and_return(authorizy)
39
+
40
+ config_mock(current_user: current_user) do
41
+ expect(controller.helpers.authorizy?('controller', 'action')).to be(true)
42
+ end
43
+ end
44
+ end
45
+ end
46
+ end
data/spec/authorizy/extension/authorizy_spec.rb ADDED
@@ -0,0 +1,56 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'support/controllers/dummy_controller'
4
+
5
+ RSpec.describe DummyController, '#authorizy', type: :controller do
6
+ let!(:parameters) { ActionController::Parameters.new(key: 'value', controller: 'dummy', action: 'action') }
7
+
8
+ context 'when user has access' do
9
+ let!(:authorizy_core) { instance_double('Authorizy::Core', access?: true) }
10
+
11
+ before { allow(Authorizy::Core).to receive(:new).with(nil, parameters, session).and_return(authorizy_core) }
12
+
13
+ context 'when is a xhr request' do
14
+ it 'receives the default values and do not denied the access' do
15
+ get :action, xhr: true, params: { key: 'value' }
16
+
17
+ expect(response.body).to eq('{"message":"authorized"}')
18
+ expect(response.status).to be(200)
19
+ end
20
+ end
21
+
22
+ context 'when is a html request' do
23
+ it 'receives the default values and do not denied the access' do
24
+ get :action, params: { key: 'value' }
25
+
26
+ expect(response.body).to eq('{"message":"authorized"}')
27
+ expect(response.status).to be(200)
28
+ end
29
+ end
30
+ end
31
+
32
+ context 'when user has no access' do
33
+ let!(:authorizy_core) { instance_double('Authorizy::Core', access?: false) }
34
+
35
+ before { allow(Authorizy::Core).to receive(:new).with(nil, parameters, session).and_return(authorizy_core) }
36
+
37
+ context 'when is a xhr request' do
38
+ it 'receives the default values and denied the access' do
39
+ get :action, xhr: true, params: { key: 'value' }
40
+
41
+ expect(response.body).to eq('{"message":"Action denied for dummy#action"}')
42
+ expect(response.status).to be(422)
43
+ end
44
+ end
45
+
46
+ context 'when is a html request' do
47
+ it 'receives the default values and do not denied the access' do
48
+ get :action, params: { key: 'value' }
49
+
50
+ expect(response).to redirect_to '/'
51
+
52
+ # expect(flash[:info]).to eq('Action denied for dummy#action') # TODO: get flash message
53
+ end
54
+ end
55
+ end
56
+ end
data/spec/common_helper.rb ADDED
@@ -0,0 +1,11 @@
1
+ # frozen_string_literal: true
2
+
3
+ ENV['RAILS_ENV'] ||= 'test'
4
+
5
+ require 'support/application'
6
+ require 'support/common'
7
+ require 'support/i18n'
8
+ require 'support/routes'
9
+ require 'support/schema'
10
+ require 'authorizy'
11
+ require 'pry-byebug'
data/spec/spec_helper.rb ADDED
@@ -0,0 +1,29 @@
1
+ # frozen_string_literal: true
2
+
3
+ def config_mock(aliases: nil, cop: nil, current_user: nil, dependencies: nil, redirect_url: nil)
4
+ backup = {
5
+ aliases: Authorizy.config.aliases,
6
+ cop: Authorizy.config.cop,
7
+ current_user: Authorizy.config.current_user,
8
+ dependencies: Authorizy.config.dependencies,
9
+ redirect_url: Authorizy.config.redirect_url,
10
+ }
11
+
12
+ Authorizy.configure do |config|
13
+ config.aliases = aliases if aliases
14
+ config.cop = cop if cop
15
+ config.current_user = -> (_context) { current_user } if current_user
16
+ config.dependencies = dependencies if dependencies
17
+ config.redirect_url = -> (_context) { redirect_url } if redirect_url
18
+ end
19
+
20
+ yield
21
+ ensure
22
+ Authorizy.configure do |config|
23
+ config.aliases = backup[:aliases]
24
+ config.cop = backup[:cop]
25
+ config.current_user = backup[:current_user]
26
+ config.dependencies = backup[:dependencies]
27
+ config.redirect_url = backup[:redirect_url]
28
+ end
29
+ end
data/spec/support/application.rb ADDED
@@ -0,0 +1,8 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'active_record/railtie'
4
+
5
+ module Authorizy
6
+ class Application < Rails::Application
7
+ end
8
+ end
data/spec/support/common.rb ADDED
@@ -0,0 +1,13 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'rspec/rails'
4
+
5
+ RSpec.configure do |config|
6
+ config.disable_monkey_patching!
7
+
8
+ config.mock_with(:rspec) do |mocks|
9
+ mocks.verify_partial_doubles = true
10
+ end
11
+
12
+ config.order = :random
13
+ end
data/spec/support/controllers/admin/dummy_controller.rb ADDED
@@ -0,0 +1,13 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Admin
4
+ class DummyController < ActionController::Base
5
+ include Authorizy::Extension
6
+
7
+ before_action :authorizy
8
+
9
+ def action
10
+ render json: { message: 'authorized' }
11
+ end
12
+ end
13
+ end
data/spec/support/controllers/dummy_controller.rb ADDED
@@ -0,0 +1,11 @@
1
+ # frozen_string_literal: true
2
+
3
+ class DummyController < ActionController::Base
4
+ include Authorizy::Extension
5
+
6
+ before_action :authorizy
7
+
8
+ def action
9
+ render json: { message: 'authorized' }
10
+ end
11
+ end
data/spec/support/coverage.rb ADDED
@@ -0,0 +1,14 @@
1
+ # frozen_string_literal: true
2
+
3
+ if ENV['COVERAGE'] == 'true'
4
+ require 'simplecov'
5
+ require 'codecov'
6
+
7
+ SimpleCov.formatter = SimpleCov::Formatter::Codecov
8
+
9
+ SimpleCov.minimum_coverage(ENV.fetch('MINIMUM_COVERAGE', 80).to_i)
10
+
11
+ SimpleCov.start('rails') do
12
+ add_filter('vendor')
13
+ end
14
+ end
data/spec/support/i18n.rb ADDED
@@ -0,0 +1,3 @@
1
+ # frozen_string_literal: true
2
+
3
+ I18n.load_path << Rails.root.join('spec/support/locales/en.yml')
data/spec/support/locales/en.yml ADDED
@@ -0,0 +1,3 @@
1
+ en:
2
+ authorizy:
3
+ denied: "Action denied for %{controller}#%{action}"
data/spec/support/models/authorizy_cop.rb ADDED
@@ -0,0 +1,31 @@
1
+ # frozen_string_literal: true
2
+
3
+ class AuthorizyCop < Authorizy::BaseCop
4
+ def admin__dummy
5
+ params[:admin] == 'true'
6
+ end
7
+
8
+ def dummy
9
+ params[:access] == 'true'
10
+ end
11
+
12
+ def get_action
13
+ action
14
+ end
15
+
16
+ def get_controller
17
+ controller
18
+ end
19
+
20
+ def get_current_user
21
+ current_user
22
+ end
23
+
24
+ def get_params
25
+ params
26
+ end
27
+
28
+ def get_session
29
+ session
30
+ end
31
+ end
data/spec/support/models/empty_cop.rb ADDED
@@ -0,0 +1,4 @@
1
+ # frozen_string_literal: true
2
+
3
+ class EmptyCop < Authorizy::BaseCop
4
+ end
data/spec/support/models/user.rb ADDED
@@ -0,0 +1,4 @@
1
+ # frozen_string_literal: true
2
+
3
+ class User < ActiveRecord::Base
4
+ end
data/spec/support/routes.rb ADDED
@@ -0,0 +1,6 @@
1
+ # frozen_string_literal: true
2
+
3
+ Rails.application.routes.draw do
4
+ get :action, to: 'admin/dummy#action'
5
+ get :action, to: 'dummy#action'
6
+ end
data/spec/support/schema.rb ADDED
@@ -0,0 +1,22 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'active_record'
4
+ require 'support/models/user'
5
+
6
+ ActiveRecord::Base.establish_connection(
7
+ adapter: 'postgresql',
8
+ host: 'localhost',
9
+ username: 'postgres',
10
+ )
11
+
12
+ ActiveRecord::Base.connection.execute('DROP DATABASE IF EXISTS authorizy_test;')
13
+ ActiveRecord::Base.connection.execute('CREATE DATABASE authorizy_test;')
14
+ ActiveRecord::Base.connection.execute('DROP TABLE IF EXISTS users;')
15
+
16
+ ActiveRecord::Schema.define(version: 1) do
17
+ enable_extension 'plpgsql'
18
+
19
+ create_table :users do |t|
20
+ t.jsonb 'authorizy', default: {}
21
+ end
22
+ end
metadata ADDED
@@ -0,0 +1,198 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: authorizy
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Washington Botelho
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2020-11-10 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: activerecord
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: pg
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ">="
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: pry-byebug
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: '0'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: rake
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ">="
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ">="
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: rspec-rails
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - ">="
74
+ - !ruby/object:Gem::Version
75
+ version: '0'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ">="
81
+ - !ruby/object:Gem::Version
82
+ version: '0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: rubocop-rspec
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - ">="
88
+ - !ruby/object:Gem::Version
89
+ version: '0'
90
+ type: :development
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - ">="
95
+ - !ruby/object:Gem::Version
96
+ version: '0'
97
+ description: A JSON based Authorization.
98
+ email: wbotelhos@gmail.com
99
+ executables: []
100
+ extensions: []
101
+ extra_rdoc_files:
102
+ - CHANGELOG.md
103
+ - LICENSE
104
+ - README.md
105
+ files:
106
+ - CHANGELOG.md
107
+ - LICENSE
108
+ - README.md
109
+ - lib/authorizy.rb
110
+ - lib/authorizy/base_cop.rb
111
+ - lib/authorizy/config.rb
112
+ - lib/authorizy/core.rb
113
+ - lib/authorizy/expander.rb
114
+ - lib/authorizy/extension.rb
115
+ - lib/authorizy/version.rb
116
+ - lib/generators/authorizy/install_generator.rb
117
+ - lib/generators/authorizy/templates/config/initializers/authorizy.rb
118
+ - lib/generators/authorizy/templates/db/migrate/add_authorizy_on_users.rb
119
+ - spec/authorizy/base_cop/access_question_spec.rb
120
+ - spec/authorizy/config/aliases_spec.rb
121
+ - spec/authorizy/config/cop_spec.rb
122
+ - spec/authorizy/config/current_user_spec.rb
123
+ - spec/authorizy/config/dependencies_spec.rb
124
+ - spec/authorizy/config/initialize_spec.rb
125
+ - spec/authorizy/config/redirect_url_spec.rb
126
+ - spec/authorizy/cop/controller_spec.rb
127
+ - spec/authorizy/cop/model_spec.rb
128
+ - spec/authorizy/cop/namespaced_controller_spec.rb
129
+ - spec/authorizy/core/access_spec.rb
130
+ - spec/authorizy/expander/expand_spec.rb
131
+ - spec/authorizy/extension/authorizy_question_spec.rb
132
+ - spec/authorizy/extension/authorizy_spec.rb
133
+ - spec/common_helper.rb
134
+ - spec/spec_helper.rb
135
+ - spec/support/application.rb
136
+ - spec/support/common.rb
137
+ - spec/support/controllers/admin/dummy_controller.rb
138
+ - spec/support/controllers/dummy_controller.rb
139
+ - spec/support/coverage.rb
140
+ - spec/support/i18n.rb
141
+ - spec/support/locales/en.yml
142
+ - spec/support/models/authorizy_cop.rb
143
+ - spec/support/models/empty_cop.rb
144
+ - spec/support/models/user.rb
145
+ - spec/support/routes.rb
146
+ - spec/support/schema.rb
147
+ homepage: https://github.com/wbotelhos/authorizy
148
+ licenses:
149
+ - MIT
150
+ metadata: {}
151
+ post_install_message:
152
+ rdoc_options: []
153
+ require_paths:
154
+ - lib
155
+ required_ruby_version: !ruby/object:Gem::Requirement
156
+ requirements:
157
+ - - ">="
158
+ - !ruby/object:Gem::Version
159
+ version: '0'
160
+ required_rubygems_version: !ruby/object:Gem::Requirement
161
+ requirements:
162
+ - - ">="
163
+ - !ruby/object:Gem::Version
164
+ version: '0'
165
+ requirements: []
166
+ rubygems_version: 3.1.4
167
+ signing_key:
168
+ specification_version: 4
169
+ summary: A JSON based Authorization.
170
+ test_files:
171
+ - spec/spec_helper.rb
172
+ - spec/common_helper.rb
173
+ - spec/support/schema.rb
174
+ - spec/support/routes.rb
175
+ - spec/support/locales/en.yml
176
+ - spec/support/i18n.rb
177
+ - spec/support/application.rb
178
+ - spec/support/models/authorizy_cop.rb
179
+ - spec/support/models/empty_cop.rb
180
+ - spec/support/models/user.rb
181
+ - spec/support/common.rb
182
+ - spec/support/coverage.rb
183
+ - spec/support/controllers/dummy_controller.rb
184
+ - spec/support/controllers/admin/dummy_controller.rb
185
+ - spec/authorizy/core/access_spec.rb
186
+ - spec/authorizy/extension/authorizy_spec.rb
187
+ - spec/authorizy/extension/authorizy_question_spec.rb
188
+ - spec/authorizy/config/dependencies_spec.rb
189
+ - spec/authorizy/config/initialize_spec.rb
190
+ - spec/authorizy/config/redirect_url_spec.rb
191
+ - spec/authorizy/config/current_user_spec.rb
192
+ - spec/authorizy/config/cop_spec.rb
193
+ - spec/authorizy/config/aliases_spec.rb
194
+ - spec/authorizy/expander/expand_spec.rb
195
+ - spec/authorizy/base_cop/access_question_spec.rb
196
+ - spec/authorizy/cop/namespaced_controller_spec.rb
197
+ - spec/authorizy/cop/controller_spec.rb
198
+ - spec/authorizy/cop/model_spec.rb