authorizy 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +23 -0
- data/README.md +92 -10
- data/lib/authorizy/base_cop.rb +3 -3
- data/lib/authorizy/config.rb +2 -2
- data/lib/authorizy/core.rb +34 -21
- data/lib/authorizy/expander.rb +15 -16
- data/lib/authorizy/extension.rb +20 -5
- data/lib/authorizy/rspec.rb +44 -0
- data/lib/authorizy/version.rb +1 -1
- data/spec/authorizy/base_cop/access_question_spec.rb +2 -1
- data/spec/authorizy/config/aliases_spec.rb +2 -2
- data/spec/authorizy/config/cop_spec.rb +2 -2
- data/spec/authorizy/config/current_user_spec.rb +4 -4
- data/spec/authorizy/config/dependencies_spec.rb +2 -2
- data/spec/authorizy/config/initialize_spec.rb +1 -1
- data/spec/authorizy/config/redirect_url_spec.rb +4 -4
- data/spec/authorizy/cop/controller_spec.rb +1 -2
- data/spec/authorizy/cop/model_spec.rb +7 -6
- data/spec/authorizy/cop/namespaced_controller_spec.rb +1 -2
- data/spec/authorizy/core/access_spec.rb +57 -83
- data/spec/authorizy/expander/expand_spec.rb +41 -46
- data/spec/authorizy/extension/authorizy_question_spec.rb +14 -10
- data/spec/authorizy/extension/authorizy_spec.rb +14 -2
- data/spec/common_helper.rb +2 -0
- data/spec/spec_helper.rb +3 -3
- data/spec/support/coverage.rb +5 -1
- data/spec/support/models/authorizy_cop.rb +5 -5
- data/spec/support/schema.rb +1 -1
- metadata +69 -26
data/lib/authorizy/version.rb
CHANGED
@@ -1,7 +1,8 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
RSpec.describe Authorizy::BaseCop, '#access?' do
|
4
|
-
|
4
|
+
let!(:params) { { 'controller' => 'controller', 'action' => 'action' } }
|
5
|
+
let(:cop) { described_class.new('current_user', params, 'session') }
|
5
6
|
|
6
7
|
it 'returns false as default' do
|
7
8
|
expect(cop.access?).to be(false)
|
@@ -1,10 +1,10 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
RSpec.describe Authorizy::Config, '#aliases' do
|
4
|
-
|
4
|
+
let!(:config) { described_class.new }
|
5
5
|
|
6
6
|
it 'has default value and can receive a new one' do
|
7
|
-
expect(
|
7
|
+
expect(config.aliases).to eq({})
|
8
8
|
|
9
9
|
config.aliases = 'value'
|
10
10
|
|
@@ -1,10 +1,10 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
RSpec.describe Authorizy::Config, '#cop' do
|
4
|
-
|
4
|
+
let!(:config) { described_class.new }
|
5
5
|
|
6
6
|
it 'has default value and can receive a new one' do
|
7
|
-
expect(
|
7
|
+
expect(config.cop).to eq(Authorizy::BaseCop)
|
8
8
|
|
9
9
|
config.cop = 'value'
|
10
10
|
|
@@ -1,14 +1,14 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
RSpec.describe Authorizy::Config, '#current_user' do
|
4
|
-
|
4
|
+
let!(:config) { described_class.new }
|
5
5
|
|
6
6
|
context 'when uses default value' do
|
7
7
|
context 'when context responds to current_user' do
|
8
8
|
let!(:context) { OpenStruct.new(current_user: 'user') }
|
9
9
|
|
10
10
|
it 'is called' do
|
11
|
-
expect(
|
11
|
+
expect(config.current_user.call(context)).to eq('user')
|
12
12
|
end
|
13
13
|
end
|
14
14
|
|
@@ -16,14 +16,14 @@ RSpec.describe Authorizy::Config, '#current_user' do
|
|
16
16
|
let!(:context) { 'context' }
|
17
17
|
|
18
18
|
it 'returns nil' do
|
19
|
-
expect(
|
19
|
+
expect(config.current_user.call(context)).to be(nil)
|
20
20
|
end
|
21
21
|
end
|
22
22
|
end
|
23
23
|
|
24
24
|
context 'when uses custom value' do
|
25
25
|
it 'executes what you want' do
|
26
|
-
config.current_user = ->
|
26
|
+
config.current_user = ->(context) { context[:value] }
|
27
27
|
|
28
28
|
expect(config.current_user.call({ value: 'value' })).to eq('value')
|
29
29
|
end
|
@@ -1,10 +1,10 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
RSpec.describe Authorizy::Config, '#dependencies' do
|
4
|
-
|
4
|
+
let!(:config) { described_class.new }
|
5
5
|
|
6
6
|
it 'has default value and can receive a new one' do
|
7
|
-
expect(
|
7
|
+
expect(config.dependencies).to eq({})
|
8
8
|
|
9
9
|
config.dependencies = 'value'
|
10
10
|
|
@@ -1,14 +1,14 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
RSpec.describe Authorizy::Config, '#redirect_url' do
|
4
|
-
|
4
|
+
let!(:config) { described_class.new }
|
5
5
|
|
6
6
|
context 'when uses default value' do
|
7
7
|
context 'when context responds to root_url' do
|
8
8
|
let!(:context) { OpenStruct.new(root_url: '/root') }
|
9
9
|
|
10
10
|
it 'is called' do
|
11
|
-
expect(
|
11
|
+
expect(config.redirect_url.call(context)).to eq('/root')
|
12
12
|
end
|
13
13
|
end
|
14
14
|
|
@@ -16,14 +16,14 @@ RSpec.describe Authorizy::Config, '#redirect_url' do
|
|
16
16
|
let!(:context) { 'context' }
|
17
17
|
|
18
18
|
it 'returns just a slash' do
|
19
|
-
expect(
|
19
|
+
expect(config.redirect_url.call(context)).to eq('/')
|
20
20
|
end
|
21
21
|
end
|
22
22
|
end
|
23
23
|
|
24
24
|
context 'when uses custom value' do
|
25
25
|
it 'executes what you want' do
|
26
|
-
config.redirect_url = ->
|
26
|
+
config.redirect_url = ->(context) { context[:value] }
|
27
27
|
|
28
28
|
expect(config.redirect_url.call({ value: 'value' })).to eq('value')
|
29
29
|
end
|
@@ -5,7 +5,6 @@ require 'support/models/empty_cop'
|
|
5
5
|
require 'support/controllers/dummy_controller'
|
6
6
|
|
7
7
|
RSpec.describe DummyController, '#authorizy', type: :controller do
|
8
|
-
let!(:parameters) { ActionController::Parameters.new(key: 'value', controller: 'dummy', action: 'action') }
|
9
8
|
let!(:user) { User.new }
|
10
9
|
|
11
10
|
context 'when cop responds to the controller name' do
|
@@ -30,7 +29,7 @@ RSpec.describe DummyController, '#authorizy', type: :controller do
|
|
30
29
|
end
|
31
30
|
end
|
32
31
|
|
33
|
-
context 'when cop
|
32
|
+
context 'when cop does not respond to the controller name' do
|
34
33
|
it 'denies the access' do
|
35
34
|
config_mock(cop: EmptyCop, current_user: user) do
|
36
35
|
get :action
|
@@ -3,13 +3,14 @@
|
|
3
3
|
require 'support/models/authorizy_cop'
|
4
4
|
|
5
5
|
RSpec.describe AuthorizyCop do
|
6
|
-
|
6
|
+
let!(:params) { { controller: 'controller', action: 'action' } }
|
7
|
+
let(:cop) { described_class.new('current_user', params, 'session') }
|
7
8
|
|
8
9
|
it 'adds private attributes readers' do
|
9
|
-
expect(cop.
|
10
|
-
expect(cop.
|
11
|
-
expect(cop.
|
12
|
-
expect(cop.
|
13
|
-
expect(cop.
|
10
|
+
expect(cop.fetch_action).to eq('action')
|
11
|
+
expect(cop.fetch_controller).to eq('controller')
|
12
|
+
expect(cop.fetch_current_user).to eq('current_user')
|
13
|
+
expect(cop.fetch_params).to eq(controller: 'controller', action: 'action')
|
14
|
+
expect(cop.fetch_session).to eq('session')
|
14
15
|
end
|
15
16
|
end
|
@@ -5,7 +5,6 @@ require 'support/models/empty_cop'
|
|
5
5
|
require 'support/controllers/admin/dummy_controller'
|
6
6
|
|
7
7
|
RSpec.describe Admin::DummyController, '#authorizy', type: :controller do
|
8
|
-
let!(:parameters) { ActionController::Parameters.new(key: 'value', controller: 'admin/users', action: 'action') }
|
9
8
|
let!(:user) { User.new }
|
10
9
|
|
11
10
|
context 'when cop responds to the controller name' do
|
@@ -30,7 +29,7 @@ RSpec.describe Admin::DummyController, '#authorizy', type: :controller do
|
|
30
29
|
end
|
31
30
|
end
|
32
31
|
|
33
|
-
context 'when cop
|
32
|
+
context 'when cop does not respond to the controller name' do
|
34
33
|
it 'denies the access' do
|
35
34
|
config_mock(cop: EmptyCop, current_user: user) do
|
36
35
|
get :action
|
@@ -1,137 +1,111 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
RSpec.describe Authorizy::Core, '#access?' do
|
4
|
-
context 'when
|
4
|
+
context 'when cop#access? returns true' do
|
5
|
+
let!(:cop) { OpenStruct.new(access?: true) }
|
5
6
|
let!(:current_user) { User.new }
|
6
|
-
let!(:params) { {
|
7
|
-
let!(:session) { {
|
7
|
+
let!(:params) { { action: 'any', controller: 'any' } }
|
8
|
+
let!(:session) { {} }
|
8
9
|
|
9
|
-
it '
|
10
|
-
expect(described_class.new(current_user, params, session).access?).to be(true)
|
10
|
+
it 'is authorized based in the cop response' do
|
11
|
+
expect(described_class.new(current_user, params, session, cop: cop).access?).to be(true)
|
11
12
|
end
|
12
13
|
end
|
13
14
|
|
14
|
-
context 'when permissions is
|
15
|
-
|
16
|
-
|
17
|
-
let!(:
|
18
|
-
let!(:params) { { 'action' => 'create', 'controller' => 'match' } }
|
15
|
+
context 'when permissions is in the current user' do
|
16
|
+
let!(:cop) { OpenStruct.new(access?: false) }
|
17
|
+
let!(:current_user) { User.new(authorizy: { permissions: [%w[controller create]] }) }
|
18
|
+
let!(:params) { { controller: 'controller', action: 'create' } }
|
19
19
|
let!(:session) { {} }
|
20
20
|
|
21
|
-
it '
|
22
|
-
expect(
|
21
|
+
it 'is authorized based on the user permissions' do
|
22
|
+
expect(described_class.new(current_user, params, session, cop: cop).access?).to be(true)
|
23
23
|
end
|
24
24
|
end
|
25
25
|
|
26
26
|
context 'when session has no permission nor the user' do
|
27
|
-
|
28
|
-
|
27
|
+
let!(:cop) { OpenStruct.new(access?: false) }
|
29
28
|
let!(:current_user) { User.new }
|
30
|
-
let!(:params) { {
|
29
|
+
let!(:params) { { controller: 'match', action: 'create' } }
|
31
30
|
let!(:session) { {} }
|
32
31
|
|
33
|
-
it
|
32
|
+
it 'does not authorize' do
|
33
|
+
expect(described_class.new(current_user, params, session, cop: cop).access?).to be(false)
|
34
|
+
end
|
34
35
|
end
|
35
36
|
|
36
37
|
context 'when cop does not respond to controller' do
|
37
|
-
|
38
|
-
|
39
|
-
let!(:cop) { instance_double('Authorizy.config.cop') }
|
38
|
+
let!(:cop) { instance_double('Authorizy::BaseCop', access?: false) }
|
40
39
|
let!(:current_user) { User.new }
|
41
|
-
let!(:params) { {
|
40
|
+
let!(:params) { { action: 'create', controller: 'missing' } }
|
42
41
|
let!(:session) { {} }
|
43
42
|
|
44
|
-
before do
|
45
|
-
allow(Authorizy.config.cop).to receive(:new)
|
46
|
-
.with(current_user, params, session, 'missing', 'create')
|
47
|
-
.and_return(cop)
|
48
|
-
|
49
|
-
allow(cop).to receive(:respond_to?).with('missing').and_return(false)
|
50
|
-
end
|
51
|
-
|
52
43
|
it 'does not authorize via cop' do
|
53
|
-
expect(
|
44
|
+
expect(described_class.new(current_user, params, session, cop: cop).access?).to be(false)
|
54
45
|
end
|
55
46
|
end
|
56
47
|
|
57
48
|
context 'when cop responds to controller' do
|
58
|
-
subject(:authorizy) { described_class.new(current_user, params, session) }
|
59
|
-
|
60
|
-
let!(:cop) { instance_double('Authorizy.config.cop') }
|
61
49
|
let!(:current_user) { User.new }
|
62
|
-
let!(:params) { {
|
50
|
+
let!(:params) { { controller: 'admin/controller', action: 'create' } }
|
63
51
|
let!(:session) { {} }
|
64
52
|
|
65
|
-
before do
|
66
|
-
allow(Authorizy.config.cop).to receive(:new)
|
67
|
-
.with(current_user, params, session, 'match', 'create')
|
68
|
-
.and_return(cop)
|
69
|
-
|
70
|
-
allow(cop).to receive(:respond_to?).with('match').and_return(true)
|
71
|
-
end
|
72
|
-
|
73
53
|
context 'when cop does not release the access' do
|
74
|
-
|
75
|
-
|
54
|
+
let!(:cop) do
|
55
|
+
Class.new(Authorizy::BaseCop) do
|
56
|
+
def access?
|
57
|
+
false
|
58
|
+
end
|
59
|
+
|
60
|
+
def admin__controller
|
61
|
+
false
|
62
|
+
end
|
63
|
+
end.new(current_user, params, session)
|
64
|
+
end
|
76
65
|
|
77
|
-
|
66
|
+
it 'is not authorized by cop' do
|
67
|
+
expect(described_class.new(current_user, params, session, cop: cop).access?).to be(false)
|
78
68
|
end
|
79
69
|
end
|
80
70
|
|
81
71
|
context 'when cop releases the access' do
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
72
|
+
let!(:cop) do
|
73
|
+
Class.new(Authorizy::BaseCop) do
|
74
|
+
def access?
|
75
|
+
false
|
76
|
+
end
|
77
|
+
|
78
|
+
def admin__controller
|
79
|
+
true
|
80
|
+
end
|
81
|
+
end.new(current_user, params, session)
|
86
82
|
end
|
87
|
-
end
|
88
|
-
end
|
89
|
-
|
90
|
-
context 'when controller is given' do
|
91
|
-
subject(:authorizy) { described_class.new(current_user, params, session, controller: 'controller') }
|
92
|
-
|
93
|
-
let!(:current_user) { User.new }
|
94
|
-
let!(:params) { { 'action' => 'action', 'controller' => 'ignored' } }
|
95
|
-
let!(:session) { { 'permissions' => [{ 'action' => 'action', 'controller' => 'controller' }] } }
|
96
|
-
|
97
|
-
it 'uses the given controller over the one on params' do
|
98
|
-
expect(authorizy.access?).to be(true)
|
99
|
-
end
|
100
|
-
end
|
101
|
-
|
102
|
-
context 'when action is given' do
|
103
|
-
subject(:authorizy) { described_class.new(current_user, params, session, action: 'action') }
|
104
|
-
|
105
|
-
let!(:current_user) { User.new }
|
106
|
-
let!(:params) { { 'action' => 'ignored', 'controller' => 'controller' } }
|
107
|
-
let!(:session) { { 'permissions' => [{ 'action' => 'action', 'controller' => 'controller' }] } }
|
108
83
|
|
109
|
-
|
110
|
-
|
84
|
+
it 'is authorized by the cop' do
|
85
|
+
expect(described_class.new(current_user, params, session, cop: cop).access?).to be(true)
|
86
|
+
end
|
111
87
|
end
|
112
88
|
end
|
113
89
|
|
114
90
|
context 'when user has the controller permission but not action' do
|
115
|
-
|
116
|
-
|
91
|
+
let!(:cop) { instance_double('Authorizy::BaseCop', access?: false) }
|
117
92
|
let!(:current_user) { User.new }
|
118
|
-
let!(:params) { {
|
119
|
-
let!(:session) { {
|
93
|
+
let!(:params) { { controller: 'controller', action: 'action' } }
|
94
|
+
let!(:session) { { permissions: [%w[controller miss]] } }
|
120
95
|
|
121
|
-
it '
|
122
|
-
expect(
|
96
|
+
it 'is not authorized' do
|
97
|
+
expect(described_class.new(current_user, params, session, cop: cop).access?).to be(false)
|
123
98
|
end
|
124
99
|
end
|
125
100
|
|
126
101
|
context 'when user has the action permission but not controller' do
|
127
|
-
|
128
|
-
|
102
|
+
let!(:cop) { instance_double('Authorizy::BaseCop', access?: false) }
|
129
103
|
let!(:current_user) { User.new }
|
130
|
-
let!(:params) { {
|
131
|
-
let!(:session) { {
|
104
|
+
let!(:params) { { controller: 'controller', action: 'action' } }
|
105
|
+
let!(:session) { { permissions: [%w[miss action]] } }
|
132
106
|
|
133
|
-
it '
|
134
|
-
expect(
|
107
|
+
it 'is not authorized' do
|
108
|
+
expect(described_class.new(current_user, params, session, cop: cop).access?).to be(false)
|
135
109
|
end
|
136
110
|
end
|
137
111
|
end
|
@@ -15,19 +15,17 @@ RSpec.describe Authorizy::Expander, '#expand' do
|
|
15
15
|
context 'when data is symbol' do
|
16
16
|
let(:permissions) do
|
17
17
|
[
|
18
|
-
|
19
|
-
|
20
|
-
{ action: :new, controller: :controller },
|
21
|
-
{ action: :update, controller: :controller },
|
18
|
+
%i[controller create],
|
19
|
+
%i[controller update],
|
22
20
|
]
|
23
21
|
end
|
24
22
|
|
25
|
-
it '
|
23
|
+
it 'maps the default actions aliases' do
|
26
24
|
expect(expander.expand(permissions)).to match_array [
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
25
|
+
%w[controller create],
|
26
|
+
%w[controller edit],
|
27
|
+
%w[controller new],
|
28
|
+
%w[controller update],
|
31
29
|
]
|
32
30
|
end
|
33
31
|
end
|
@@ -35,19 +33,17 @@ RSpec.describe Authorizy::Expander, '#expand' do
|
|
35
33
|
context 'when data is string' do
|
36
34
|
let(:permissions) do
|
37
35
|
[
|
38
|
-
|
39
|
-
|
40
|
-
{ 'action' => 'new', 'controller' => 'controller' },
|
41
|
-
{ 'action' => 'update', 'controller' => 'controller' },
|
36
|
+
%w[controller create],
|
37
|
+
%w[controller update],
|
42
38
|
]
|
43
39
|
end
|
44
40
|
|
45
|
-
it '
|
41
|
+
it 'maps the default actions aliases' do
|
46
42
|
expect(expander.expand(permissions)).to match_array [
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
43
|
+
%w[controller create],
|
44
|
+
%w[controller edit],
|
45
|
+
%w[controller new],
|
46
|
+
%w[controller update],
|
51
47
|
]
|
52
48
|
end
|
53
49
|
end
|
@@ -55,87 +51,86 @@ RSpec.describe Authorizy::Expander, '#expand' do
|
|
55
51
|
|
56
52
|
context 'when a dependencies is given' do
|
57
53
|
context 'when keys and values are strings' do
|
58
|
-
let(:dependencies) { { 'controller' => { 'action' => [
|
59
|
-
let!(:permissions) { [
|
54
|
+
let(:dependencies) { { 'controller' => { 'action' => [%w[controller_2 action_2]] } } }
|
55
|
+
let!(:permissions) { [%w[controller action]] }
|
60
56
|
|
61
57
|
it 'addes the dependencies permissions' do
|
62
58
|
config_mock(dependencies: dependencies) do
|
63
59
|
expect(expander.expand(permissions)).to match_array [
|
64
|
-
|
65
|
-
|
60
|
+
%w[controller action],
|
61
|
+
%w[controller_2 action_2],
|
66
62
|
]
|
67
63
|
end
|
68
64
|
end
|
69
65
|
end
|
70
66
|
|
71
67
|
context 'when keys and values are symbol' do
|
72
|
-
let(:dependencies) { { controller: { action: [
|
73
|
-
let!(:permissions) { [
|
68
|
+
let(:dependencies) { { controller: { action: [%i[controller_2 action_2]] } } }
|
69
|
+
let!(:permissions) { [%w[controller action]] }
|
74
70
|
|
75
71
|
it 'addes the dependencies permissions' do
|
76
72
|
config_mock(dependencies: dependencies) do
|
77
73
|
expect(expander.expand(permissions)).to match_array [
|
78
|
-
|
79
|
-
|
74
|
+
%w[controller action],
|
75
|
+
%w[controller_2 action_2],
|
80
76
|
]
|
81
77
|
end
|
82
78
|
end
|
83
79
|
end
|
84
80
|
end
|
85
81
|
|
86
|
-
|
87
82
|
context 'when aliases is given' do
|
88
|
-
let!(:permissions) { [
|
83
|
+
let!(:permissions) { [%w[controller action]] }
|
89
84
|
|
90
85
|
context 'when key and values are strings' do
|
91
|
-
let(:aliases) { { 'action' => '
|
86
|
+
let(:aliases) { { 'action' => 'action_2' } }
|
92
87
|
|
93
|
-
it '
|
88
|
+
it 'maps the action with the current controller' do
|
94
89
|
config_mock(aliases: aliases) do
|
95
90
|
expect(expander.expand(permissions)).to match_array [
|
96
|
-
|
97
|
-
|
91
|
+
%w[controller action],
|
92
|
+
%w[controller action_2],
|
98
93
|
]
|
99
94
|
end
|
100
95
|
end
|
101
96
|
end
|
102
97
|
|
103
98
|
context 'when key and values are symbols' do
|
104
|
-
let(:aliases) { { action: :
|
99
|
+
let(:aliases) { { action: :action_2 } }
|
105
100
|
|
106
|
-
it '
|
101
|
+
it 'maps the action with the current controller' do
|
107
102
|
config_mock(aliases: aliases) do
|
108
103
|
expect(expander.expand(permissions)).to match_array [
|
109
|
-
|
110
|
-
|
104
|
+
%w[controller action],
|
105
|
+
%w[controller action_2],
|
111
106
|
]
|
112
107
|
end
|
113
108
|
end
|
114
109
|
end
|
115
110
|
|
116
111
|
context 'when key and values are array of strings' do
|
117
|
-
let(:aliases) { { action: %w[
|
112
|
+
let(:aliases) { { action: %w[action_2 action_3] } }
|
118
113
|
|
119
|
-
it '
|
114
|
+
it 'maps the actions with the current controller' do
|
120
115
|
config_mock(aliases: aliases) do
|
121
116
|
expect(expander.expand(permissions)).to match_array [
|
122
|
-
|
123
|
-
|
124
|
-
|
117
|
+
%w[controller action],
|
118
|
+
%w[controller action_2],
|
119
|
+
%w[controller action_3],
|
125
120
|
]
|
126
121
|
end
|
127
122
|
end
|
128
123
|
end
|
129
124
|
|
130
125
|
context 'when key and values are array of symbols' do
|
131
|
-
let(:aliases) { { action: %i[
|
126
|
+
let(:aliases) { { action: %i[action_2 action_3] } }
|
132
127
|
|
133
|
-
it '
|
128
|
+
it 'maps the actions with the current controller' do
|
134
129
|
config_mock(aliases: aliases) do
|
135
130
|
expect(expander.expand(permissions)).to match_array [
|
136
|
-
|
137
|
-
|
138
|
-
|
131
|
+
%w[controller action],
|
132
|
+
%w[controller action_2],
|
133
|
+
%w[controller action_3],
|
139
134
|
]
|
140
135
|
end
|
141
136
|
end
|