authorizy 0.1.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +41 -0
- data/README.md +119 -27
- data/lib/authorizy/base_cop.rb +3 -3
- data/lib/authorizy/config.rb +4 -3
- data/lib/authorizy/core.rb +34 -21
- data/lib/authorizy/expander.rb +15 -16
- data/lib/authorizy/extension.rb +11 -4
- data/lib/authorizy/rspec.rb +44 -0
- data/lib/authorizy/version.rb +1 -1
- data/spec/authorizy/base_cop/access_question_spec.rb +2 -1
- data/spec/authorizy/config/aliases_spec.rb +2 -2
- data/spec/authorizy/config/cop_spec.rb +2 -2
- data/spec/authorizy/config/current_user_spec.rb +4 -6
- data/spec/authorizy/config/dependencies_spec.rb +2 -2
- data/spec/authorizy/config/field_spec.rb +29 -0
- data/spec/authorizy/config/initialize_spec.rb +1 -1
- data/spec/authorizy/config/redirect_url_spec.rb +4 -4
- data/spec/authorizy/cop/controller_spec.rb +1 -2
- data/spec/authorizy/cop/model_spec.rb +7 -6
- data/spec/authorizy/cop/namespaced_controller_spec.rb +1 -2
- data/spec/authorizy/core/access_spec.rb +119 -75
- data/spec/authorizy/expander/expand_spec.rb +41 -46
- data/spec/authorizy/extension/authorizy_question_spec.rb +14 -10
- data/spec/authorizy/extension/authorizy_spec.rb +15 -3
- data/spec/authorizy/rspec_spec.rb +11 -0
- data/spec/common_helper.rb +2 -0
- data/spec/spec_helper.rb +3 -3
- data/spec/support/coverage.rb +5 -1
- data/spec/support/models/authorizy_cop.rb +5 -5
- data/spec/support/schema.rb +1 -1
- metadata +73 -26
@@ -15,19 +15,17 @@ RSpec.describe Authorizy::Expander, '#expand' do
|
|
15
15
|
context 'when data is symbol' do
|
16
16
|
let(:permissions) do
|
17
17
|
[
|
18
|
-
|
19
|
-
|
20
|
-
{ action: :new, controller: :controller },
|
21
|
-
{ action: :update, controller: :controller },
|
18
|
+
%i[controller create],
|
19
|
+
%i[controller update],
|
22
20
|
]
|
23
21
|
end
|
24
22
|
|
25
|
-
it '
|
23
|
+
it 'maps the default actions aliases' do
|
26
24
|
expect(expander.expand(permissions)).to match_array [
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
25
|
+
%w[controller create],
|
26
|
+
%w[controller edit],
|
27
|
+
%w[controller new],
|
28
|
+
%w[controller update],
|
31
29
|
]
|
32
30
|
end
|
33
31
|
end
|
@@ -35,19 +33,17 @@ RSpec.describe Authorizy::Expander, '#expand' do
|
|
35
33
|
context 'when data is string' do
|
36
34
|
let(:permissions) do
|
37
35
|
[
|
38
|
-
|
39
|
-
|
40
|
-
{ 'action' => 'new', 'controller' => 'controller' },
|
41
|
-
{ 'action' => 'update', 'controller' => 'controller' },
|
36
|
+
%w[controller create],
|
37
|
+
%w[controller update],
|
42
38
|
]
|
43
39
|
end
|
44
40
|
|
45
|
-
it '
|
41
|
+
it 'maps the default actions aliases' do
|
46
42
|
expect(expander.expand(permissions)).to match_array [
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
43
|
+
%w[controller create],
|
44
|
+
%w[controller edit],
|
45
|
+
%w[controller new],
|
46
|
+
%w[controller update],
|
51
47
|
]
|
52
48
|
end
|
53
49
|
end
|
@@ -55,87 +51,86 @@ RSpec.describe Authorizy::Expander, '#expand' do
|
|
55
51
|
|
56
52
|
context 'when a dependencies is given' do
|
57
53
|
context 'when keys and values are strings' do
|
58
|
-
let(:dependencies) { { 'controller' => { 'action' => [
|
59
|
-
let!(:permissions) { [
|
54
|
+
let(:dependencies) { { 'controller' => { 'action' => [%w[controller_2 action_2]] } } }
|
55
|
+
let!(:permissions) { [%w[controller action]] }
|
60
56
|
|
61
57
|
it 'addes the dependencies permissions' do
|
62
58
|
config_mock(dependencies: dependencies) do
|
63
59
|
expect(expander.expand(permissions)).to match_array [
|
64
|
-
|
65
|
-
|
60
|
+
%w[controller action],
|
61
|
+
%w[controller_2 action_2],
|
66
62
|
]
|
67
63
|
end
|
68
64
|
end
|
69
65
|
end
|
70
66
|
|
71
67
|
context 'when keys and values are symbol' do
|
72
|
-
let(:dependencies) { { controller: { action: [
|
73
|
-
let!(:permissions) { [
|
68
|
+
let(:dependencies) { { controller: { action: [%i[controller_2 action_2]] } } }
|
69
|
+
let!(:permissions) { [%w[controller action]] }
|
74
70
|
|
75
71
|
it 'addes the dependencies permissions' do
|
76
72
|
config_mock(dependencies: dependencies) do
|
77
73
|
expect(expander.expand(permissions)).to match_array [
|
78
|
-
|
79
|
-
|
74
|
+
%w[controller action],
|
75
|
+
%w[controller_2 action_2],
|
80
76
|
]
|
81
77
|
end
|
82
78
|
end
|
83
79
|
end
|
84
80
|
end
|
85
81
|
|
86
|
-
|
87
82
|
context 'when aliases is given' do
|
88
|
-
let!(:permissions) { [
|
83
|
+
let!(:permissions) { [%w[controller action]] }
|
89
84
|
|
90
85
|
context 'when key and values are strings' do
|
91
|
-
let(:aliases) { { 'action' => '
|
86
|
+
let(:aliases) { { 'action' => 'action_2' } }
|
92
87
|
|
93
|
-
it '
|
88
|
+
it 'maps the action with the current controller' do
|
94
89
|
config_mock(aliases: aliases) do
|
95
90
|
expect(expander.expand(permissions)).to match_array [
|
96
|
-
|
97
|
-
|
91
|
+
%w[controller action],
|
92
|
+
%w[controller action_2],
|
98
93
|
]
|
99
94
|
end
|
100
95
|
end
|
101
96
|
end
|
102
97
|
|
103
98
|
context 'when key and values are symbols' do
|
104
|
-
let(:aliases) { { action: :
|
99
|
+
let(:aliases) { { action: :action_2 } }
|
105
100
|
|
106
|
-
it '
|
101
|
+
it 'maps the action with the current controller' do
|
107
102
|
config_mock(aliases: aliases) do
|
108
103
|
expect(expander.expand(permissions)).to match_array [
|
109
|
-
|
110
|
-
|
104
|
+
%w[controller action],
|
105
|
+
%w[controller action_2],
|
111
106
|
]
|
112
107
|
end
|
113
108
|
end
|
114
109
|
end
|
115
110
|
|
116
111
|
context 'when key and values are array of strings' do
|
117
|
-
let(:aliases) { { action: %w[
|
112
|
+
let(:aliases) { { action: %w[action_2 action_3] } }
|
118
113
|
|
119
|
-
it '
|
114
|
+
it 'maps the actions with the current controller' do
|
120
115
|
config_mock(aliases: aliases) do
|
121
116
|
expect(expander.expand(permissions)).to match_array [
|
122
|
-
|
123
|
-
|
124
|
-
|
117
|
+
%w[controller action],
|
118
|
+
%w[controller action_2],
|
119
|
+
%w[controller action_3],
|
125
120
|
]
|
126
121
|
end
|
127
122
|
end
|
128
123
|
end
|
129
124
|
|
130
125
|
context 'when key and values are array of symbols' do
|
131
|
-
let(:aliases) { { action: %i[
|
126
|
+
let(:aliases) { { action: %i[action_2 action_3] } }
|
132
127
|
|
133
|
-
it '
|
128
|
+
it 'maps the actions with the current controller' do
|
134
129
|
config_mock(aliases: aliases) do
|
135
130
|
expect(expander.expand(permissions)).to match_array [
|
136
|
-
|
137
|
-
|
138
|
-
|
131
|
+
%w[controller action],
|
132
|
+
%w[controller action_2],
|
133
|
+
%w[controller action_3],
|
139
134
|
]
|
140
135
|
end
|
141
136
|
end
|
@@ -12,32 +12,36 @@ RSpec.describe DummyController, '#authorizy?', type: :controller do
|
|
12
12
|
end
|
13
13
|
|
14
14
|
context 'when config returns current user' do
|
15
|
-
let!(:
|
16
|
-
let!(:
|
15
|
+
let!(:config) { Authorizy.config }
|
16
|
+
let!(:user) { User.new }
|
17
|
+
|
18
|
+
before { allow(Authorizy).to receive(:config).and_return(config) }
|
17
19
|
|
18
20
|
context 'when authorizy returns false' do
|
19
|
-
let!(:
|
21
|
+
let!(:core) { instance_double('Authorizy::Core', access?: false) }
|
22
|
+
let!(:parameters) { ActionController::Parameters.new(controller: 'controller', action: 'action') }
|
20
23
|
|
21
24
|
it 'returns false' do
|
22
25
|
allow(Authorizy::Core).to receive(:new)
|
23
|
-
.with(
|
24
|
-
.and_return(
|
26
|
+
.with(user, parameters, session, cop: config.cop)
|
27
|
+
.and_return(core)
|
25
28
|
|
26
|
-
config_mock(current_user:
|
29
|
+
config_mock(current_user: user) do
|
27
30
|
expect(controller.helpers.authorizy?('controller', 'action')).to be(false)
|
28
31
|
end
|
29
32
|
end
|
30
33
|
end
|
31
34
|
|
32
35
|
context 'when authorizy returns true' do
|
33
|
-
let!(:
|
36
|
+
let!(:core) { instance_double('Authorizy::Core', access?: true) }
|
37
|
+
let!(:parameters) { ActionController::Parameters.new(controller: 'controller', action: 'action') }
|
34
38
|
|
35
39
|
it 'returns true' do
|
36
40
|
allow(Authorizy::Core).to receive(:new)
|
37
|
-
.with(
|
38
|
-
.and_return(
|
41
|
+
.with(user, parameters, session, cop: config.cop)
|
42
|
+
.and_return(core)
|
39
43
|
|
40
|
-
config_mock(current_user:
|
44
|
+
config_mock(current_user: user) do
|
41
45
|
expect(controller.helpers.authorizy?('controller', 'action')).to be(true)
|
42
46
|
end
|
43
47
|
end
|
@@ -3,12 +3,20 @@
|
|
3
3
|
require 'support/controllers/dummy_controller'
|
4
4
|
|
5
5
|
RSpec.describe DummyController, '#authorizy', type: :controller do
|
6
|
+
let!(:config) { Authorizy.config }
|
6
7
|
let!(:parameters) { ActionController::Parameters.new(key: 'value', controller: 'dummy', action: 'action') }
|
8
|
+
let!(:user) { nil }
|
9
|
+
|
10
|
+
before { allow(Authorizy).to receive(:config).and_return(config) }
|
7
11
|
|
8
12
|
context 'when user has access' do
|
9
13
|
let!(:authorizy_core) { instance_double('Authorizy::Core', access?: true) }
|
10
14
|
|
11
|
-
before
|
15
|
+
before do
|
16
|
+
allow(Authorizy::Core).to receive(:new)
|
17
|
+
.with(user, parameters, session, cop: config.cop)
|
18
|
+
.and_return(authorizy_core)
|
19
|
+
end
|
12
20
|
|
13
21
|
context 'when is a xhr request' do
|
14
22
|
it 'receives the default values and do not denied the access' do
|
@@ -32,14 +40,18 @@ RSpec.describe DummyController, '#authorizy', type: :controller do
|
|
32
40
|
context 'when user has no access' do
|
33
41
|
let!(:authorizy_core) { instance_double('Authorizy::Core', access?: false) }
|
34
42
|
|
35
|
-
before
|
43
|
+
before do
|
44
|
+
allow(Authorizy::Core).to receive(:new)
|
45
|
+
.with(user, parameters, session, cop: config.cop)
|
46
|
+
.and_return(authorizy_core)
|
47
|
+
end
|
36
48
|
|
37
49
|
context 'when is a xhr request' do
|
38
50
|
it 'receives the default values and denied the access' do
|
39
51
|
get :action, xhr: true, params: { key: 'value' }
|
40
52
|
|
41
53
|
expect(response.body).to eq('{"message":"Action denied for dummy#action"}')
|
42
|
-
expect(response.status).to be(
|
54
|
+
expect(response.status).to be(401)
|
43
55
|
end
|
44
56
|
end
|
45
57
|
|
@@ -0,0 +1,11 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
RSpec.describe RSpec::Matchers, '#be_authorized' do
|
4
|
+
it 'pending' do
|
5
|
+
matcher = be_authorized('controller', 'action', params: { params: true }, session: { session: true })
|
6
|
+
|
7
|
+
expect(matcher.description).to eq %(
|
8
|
+
be authorized "controller", "action", and {:params=>{:params=>true}, :session=>{:session=>true}}
|
9
|
+
).squish
|
10
|
+
end
|
11
|
+
end
|
data/spec/common_helper.rb
CHANGED
data/spec/spec_helper.rb
CHANGED
@@ -12,9 +12,9 @@ def config_mock(aliases: nil, cop: nil, current_user: nil, dependencies: nil, re
|
|
12
12
|
Authorizy.configure do |config|
|
13
13
|
config.aliases = aliases if aliases
|
14
14
|
config.cop = cop if cop
|
15
|
-
config.current_user = ->
|
16
|
-
config.dependencies = dependencies
|
17
|
-
config.redirect_url = ->
|
15
|
+
config.current_user = ->(_context) { current_user } if current_user
|
16
|
+
config.dependencies = dependencies if dependencies
|
17
|
+
config.redirect_url = ->(_context) { redirect_url } if redirect_url
|
18
18
|
end
|
19
19
|
|
20
20
|
yield
|
data/spec/support/coverage.rb
CHANGED
@@ -9,6 +9,10 @@ if ENV['COVERAGE'] == 'true'
|
|
9
9
|
SimpleCov.minimum_coverage(ENV.fetch('MINIMUM_COVERAGE', 80).to_i)
|
10
10
|
|
11
11
|
SimpleCov.start('rails') do
|
12
|
-
add_filter
|
12
|
+
add_filter [
|
13
|
+
'/lib/generators',
|
14
|
+
'/vendor',
|
15
|
+
'/lib/authorizy/version.rb',
|
16
|
+
]
|
13
17
|
end
|
14
18
|
end
|
@@ -9,23 +9,23 @@ class AuthorizyCop < Authorizy::BaseCop
|
|
9
9
|
params[:access] == 'true'
|
10
10
|
end
|
11
11
|
|
12
|
-
def
|
12
|
+
def fetch_action
|
13
13
|
action
|
14
14
|
end
|
15
15
|
|
16
|
-
def
|
16
|
+
def fetch_controller
|
17
17
|
controller
|
18
18
|
end
|
19
19
|
|
20
|
-
def
|
20
|
+
def fetch_current_user
|
21
21
|
current_user
|
22
22
|
end
|
23
23
|
|
24
|
-
def
|
24
|
+
def fetch_params
|
25
25
|
params
|
26
26
|
end
|
27
27
|
|
28
|
-
def
|
28
|
+
def fetch_session
|
29
29
|
session
|
30
30
|
end
|
31
31
|
end
|
data/spec/support/schema.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: authorizy
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Washington Botelho
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-09-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activerecord
|
@@ -24,6 +24,20 @@ dependencies:
|
|
24
24
|
- - ">="
|
25
25
|
- !ruby/object:Gem::Version
|
26
26
|
version: '0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: codecov
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ">="
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ">="
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
27
41
|
- !ruby/object:Gem::Dependency
|
28
42
|
name: pg
|
29
43
|
requirement: !ruby/object:Gem::Requirement
|
@@ -80,6 +94,34 @@ dependencies:
|
|
80
94
|
- - ">="
|
81
95
|
- !ruby/object:Gem::Version
|
82
96
|
version: '0'
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: rubocop-performance
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - ">="
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '0'
|
104
|
+
type: :development
|
105
|
+
prerelease: false
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - ">="
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '0'
|
111
|
+
- !ruby/object:Gem::Dependency
|
112
|
+
name: rubocop-rails
|
113
|
+
requirement: !ruby/object:Gem::Requirement
|
114
|
+
requirements:
|
115
|
+
- - ">="
|
116
|
+
- !ruby/object:Gem::Version
|
117
|
+
version: '0'
|
118
|
+
type: :development
|
119
|
+
prerelease: false
|
120
|
+
version_requirements: !ruby/object:Gem::Requirement
|
121
|
+
requirements:
|
122
|
+
- - ">="
|
123
|
+
- !ruby/object:Gem::Version
|
124
|
+
version: '0'
|
83
125
|
- !ruby/object:Gem::Dependency
|
84
126
|
name: rubocop-rspec
|
85
127
|
requirement: !ruby/object:Gem::Requirement
|
@@ -112,6 +154,7 @@ files:
|
|
112
154
|
- lib/authorizy/core.rb
|
113
155
|
- lib/authorizy/expander.rb
|
114
156
|
- lib/authorizy/extension.rb
|
157
|
+
- lib/authorizy/rspec.rb
|
115
158
|
- lib/authorizy/version.rb
|
116
159
|
- lib/generators/authorizy/install_generator.rb
|
117
160
|
- lib/generators/authorizy/templates/config/initializers/authorizy.rb
|
@@ -121,6 +164,7 @@ files:
|
|
121
164
|
- spec/authorizy/config/cop_spec.rb
|
122
165
|
- spec/authorizy/config/current_user_spec.rb
|
123
166
|
- spec/authorizy/config/dependencies_spec.rb
|
167
|
+
- spec/authorizy/config/field_spec.rb
|
124
168
|
- spec/authorizy/config/initialize_spec.rb
|
125
169
|
- spec/authorizy/config/redirect_url_spec.rb
|
126
170
|
- spec/authorizy/cop/controller_spec.rb
|
@@ -130,6 +174,7 @@ files:
|
|
130
174
|
- spec/authorizy/expander/expand_spec.rb
|
131
175
|
- spec/authorizy/extension/authorizy_question_spec.rb
|
132
176
|
- spec/authorizy/extension/authorizy_spec.rb
|
177
|
+
- spec/authorizy/rspec_spec.rb
|
133
178
|
- spec/common_helper.rb
|
134
179
|
- spec/spec_helper.rb
|
135
180
|
- spec/support/application.rb
|
@@ -163,36 +208,38 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
163
208
|
- !ruby/object:Gem::Version
|
164
209
|
version: '0'
|
165
210
|
requirements: []
|
166
|
-
rubygems_version: 3.
|
211
|
+
rubygems_version: 3.2.22
|
167
212
|
signing_key:
|
168
213
|
specification_version: 4
|
169
214
|
summary: A JSON based Authorization.
|
170
215
|
test_files:
|
171
|
-
- spec/
|
172
|
-
- spec/
|
173
|
-
- spec/
|
174
|
-
- spec/
|
175
|
-
- spec/support/locales/en.yml
|
176
|
-
- spec/support/i18n.rb
|
177
|
-
- spec/support/application.rb
|
178
|
-
- spec/support/models/authorizy_cop.rb
|
179
|
-
- spec/support/models/empty_cop.rb
|
180
|
-
- spec/support/models/user.rb
|
181
|
-
- spec/support/common.rb
|
182
|
-
- spec/support/coverage.rb
|
183
|
-
- spec/support/controllers/dummy_controller.rb
|
184
|
-
- spec/support/controllers/admin/dummy_controller.rb
|
185
|
-
- spec/authorizy/core/access_spec.rb
|
186
|
-
- spec/authorizy/extension/authorizy_spec.rb
|
187
|
-
- spec/authorizy/extension/authorizy_question_spec.rb
|
216
|
+
- spec/authorizy/base_cop/access_question_spec.rb
|
217
|
+
- spec/authorizy/config/aliases_spec.rb
|
218
|
+
- spec/authorizy/config/cop_spec.rb
|
219
|
+
- spec/authorizy/config/current_user_spec.rb
|
188
220
|
- spec/authorizy/config/dependencies_spec.rb
|
221
|
+
- spec/authorizy/config/field_spec.rb
|
189
222
|
- spec/authorizy/config/initialize_spec.rb
|
190
223
|
- spec/authorizy/config/redirect_url_spec.rb
|
191
|
-
- spec/authorizy/config/current_user_spec.rb
|
192
|
-
- spec/authorizy/config/cop_spec.rb
|
193
|
-
- spec/authorizy/config/aliases_spec.rb
|
194
|
-
- spec/authorizy/expander/expand_spec.rb
|
195
|
-
- spec/authorizy/base_cop/access_question_spec.rb
|
196
|
-
- spec/authorizy/cop/namespaced_controller_spec.rb
|
197
224
|
- spec/authorizy/cop/controller_spec.rb
|
198
225
|
- spec/authorizy/cop/model_spec.rb
|
226
|
+
- spec/authorizy/cop/namespaced_controller_spec.rb
|
227
|
+
- spec/authorizy/core/access_spec.rb
|
228
|
+
- spec/authorizy/expander/expand_spec.rb
|
229
|
+
- spec/authorizy/extension/authorizy_question_spec.rb
|
230
|
+
- spec/authorizy/extension/authorizy_spec.rb
|
231
|
+
- spec/authorizy/rspec_spec.rb
|
232
|
+
- spec/common_helper.rb
|
233
|
+
- spec/spec_helper.rb
|
234
|
+
- spec/support/application.rb
|
235
|
+
- spec/support/common.rb
|
236
|
+
- spec/support/controllers/admin/dummy_controller.rb
|
237
|
+
- spec/support/controllers/dummy_controller.rb
|
238
|
+
- spec/support/coverage.rb
|
239
|
+
- spec/support/i18n.rb
|
240
|
+
- spec/support/locales/en.yml
|
241
|
+
- spec/support/models/authorizy_cop.rb
|
242
|
+
- spec/support/models/empty_cop.rb
|
243
|
+
- spec/support/models/user.rb
|
244
|
+
- spec/support/routes.rb
|
245
|
+
- spec/support/schema.rb
|