authorizy 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (43) hide show
  1. checksums.yaml +7 -0
  2. data/CHANGELOG.md +5 -0
  3. data/LICENSE +21 -0
  4. data/README.md +190 -0
  5. data/lib/authorizy.rb +19 -0
  6. data/lib/authorizy/base_cop.rb +21 -0
  7. data/lib/authorizy/config.rb +15 -0
  8. data/lib/authorizy/core.rb +43 -0
  9. data/lib/authorizy/expander.rb +61 -0
  10. data/lib/authorizy/extension.rb +31 -0
  11. data/lib/authorizy/version.rb +5 -0
  12. data/lib/generators/authorizy/install_generator.rb +23 -0
  13. data/lib/generators/authorizy/templates/config/initializers/authorizy.rb +23 -0
  14. data/lib/generators/authorizy/templates/db/migrate/add_authorizy_on_users.rb +7 -0
  15. data/spec/authorizy/base_cop/access_question_spec.rb +9 -0
  16. data/spec/authorizy/config/aliases_spec.rb +13 -0
  17. data/spec/authorizy/config/cop_spec.rb +13 -0
  18. data/spec/authorizy/config/current_user_spec.rb +31 -0
  19. data/spec/authorizy/config/dependencies_spec.rb +13 -0
  20. data/spec/authorizy/config/initialize_spec.rb +7 -0
  21. data/spec/authorizy/config/redirect_url_spec.rb +31 -0
  22. data/spec/authorizy/cop/controller_spec.rb +42 -0
  23. data/spec/authorizy/cop/model_spec.rb +15 -0
  24. data/spec/authorizy/cop/namespaced_controller_spec.rb +42 -0
  25. data/spec/authorizy/core/access_spec.rb +137 -0
  26. data/spec/authorizy/expander/expand_spec.rb +144 -0
  27. data/spec/authorizy/extension/authorizy_question_spec.rb +46 -0
  28. data/spec/authorizy/extension/authorizy_spec.rb +56 -0
  29. data/spec/common_helper.rb +11 -0
  30. data/spec/spec_helper.rb +29 -0
  31. data/spec/support/application.rb +8 -0
  32. data/spec/support/common.rb +13 -0
  33. data/spec/support/controllers/admin/dummy_controller.rb +13 -0
  34. data/spec/support/controllers/dummy_controller.rb +11 -0
  35. data/spec/support/coverage.rb +14 -0
  36. data/spec/support/i18n.rb +3 -0
  37. data/spec/support/locales/en.yml +3 -0
  38. data/spec/support/models/authorizy_cop.rb +31 -0
  39. data/spec/support/models/empty_cop.rb +4 -0
  40. data/spec/support/models/user.rb +4 -0
  41. data/spec/support/routes.rb +6 -0
  42. data/spec/support/schema.rb +22 -0
  43. metadata +198 -0
data/spec/authorizy/extension/authorizy_question_spec.rb ADDED
@@ -0,0 +1,46 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'support/controllers/dummy_controller'
4
+
5
+ RSpec.describe DummyController, '#authorizy?', type: :controller do
6
+ context 'when config returns no current user' do
7
+ it 'returns false' do
8
+ config_mock(current_user: nil) do
9
+ expect(controller.helpers.authorizy?('controller', 'action')).to be(false)
10
+ end
11
+ end
12
+ end
13
+
14
+ context 'when config returns current user' do
15
+ let!(:current_user) { User.new }
16
+ let!(:parameters) { ActionController::Parameters.new }
17
+
18
+ context 'when authorizy returns false' do
19
+ let!(:authorizy) { instance_double('Authorizy::Core', access?: false) }
20
+
21
+ it 'returns false' do
22
+ allow(Authorizy::Core).to receive(:new)
23
+ .with(current_user, parameters, session, controller: 'controller', action: 'action')
24
+ .and_return(authorizy)
25
+
26
+ config_mock(current_user: current_user) do
27
+ expect(controller.helpers.authorizy?('controller', 'action')).to be(false)
28
+ end
29
+ end
30
+ end
31
+
32
+ context 'when authorizy returns true' do
33
+ let!(:authorizy) { instance_double('Authorizy::Core', access?: true) }
34
+
35
+ it 'returns true' do
36
+ allow(Authorizy::Core).to receive(:new)
37
+ .with(current_user, parameters, session, controller: 'controller', action: 'action')
38
+ .and_return(authorizy)
39
+
40
+ config_mock(current_user: current_user) do
41
+ expect(controller.helpers.authorizy?('controller', 'action')).to be(true)
42
+ end
43
+ end
44
+ end
45
+ end
46
+ end
data/spec/authorizy/extension/authorizy_spec.rb ADDED
@@ -0,0 +1,56 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'support/controllers/dummy_controller'
4
+
5
+ RSpec.describe DummyController, '#authorizy', type: :controller do
6
+ let!(:parameters) { ActionController::Parameters.new(key: 'value', controller: 'dummy', action: 'action') }
7
+
8
+ context 'when user has access' do
9
+ let!(:authorizy_core) { instance_double('Authorizy::Core', access?: true) }
10
+
11
+ before { allow(Authorizy::Core).to receive(:new).with(nil, parameters, session).and_return(authorizy_core) }
12
+
13
+ context 'when is a xhr request' do
14
+ it 'receives the default values and do not denied the access' do
15
+ get :action, xhr: true, params: { key: 'value' }
16
+
17
+ expect(response.body).to eq('{"message":"authorized"}')
18
+ expect(response.status).to be(200)
19
+ end
20
+ end
21
+
22
+ context 'when is a html request' do
23
+ it 'receives the default values and do not denied the access' do
24
+ get :action, params: { key: 'value' }
25
+
26
+ expect(response.body).to eq('{"message":"authorized"}')
27
+ expect(response.status).to be(200)
28
+ end
29
+ end
30
+ end
31
+
32
+ context 'when user has no access' do
33
+ let!(:authorizy_core) { instance_double('Authorizy::Core', access?: false) }
34
+
35
+ before { allow(Authorizy::Core).to receive(:new).with(nil, parameters, session).and_return(authorizy_core) }
36
+
37
+ context 'when is a xhr request' do
38
+ it 'receives the default values and denied the access' do
39
+ get :action, xhr: true, params: { key: 'value' }
40
+
41
+ expect(response.body).to eq('{"message":"Action denied for dummy#action"}')
42
+ expect(response.status).to be(422)
43
+ end
44
+ end
45
+
46
+ context 'when is a html request' do
47
+ it 'receives the default values and do not denied the access' do
48
+ get :action, params: { key: 'value' }
49
+
50
+ expect(response).to redirect_to '/'
51
+
52
+ # expect(flash[:info]).to eq('Action denied for dummy#action') # TODO: get flash message
53
+ end
54
+ end
55
+ end
56
+ end
data/spec/common_helper.rb ADDED
@@ -0,0 +1,11 @@
1
+ # frozen_string_literal: true
2
+
3
+ ENV['RAILS_ENV'] ||= 'test'
4
+
5
+ require 'support/application'
6
+ require 'support/common'
7
+ require 'support/i18n'
8
+ require 'support/routes'
9
+ require 'support/schema'
10
+ require 'authorizy'
11
+ require 'pry-byebug'
data/spec/spec_helper.rb ADDED
@@ -0,0 +1,29 @@
1
+ # frozen_string_literal: true
2
+
3
+ def config_mock(aliases: nil, cop: nil, current_user: nil, dependencies: nil, redirect_url: nil)
4
+ backup = {
5
+ aliases: Authorizy.config.aliases,
6
+ cop: Authorizy.config.cop,
7
+ current_user: Authorizy.config.current_user,
8
+ dependencies: Authorizy.config.dependencies,
9
+ redirect_url: Authorizy.config.redirect_url,
10
+ }
11
+
12
+ Authorizy.configure do |config|
13
+ config.aliases = aliases if aliases
14
+ config.cop = cop if cop
15
+ config.current_user = -> (_context) { current_user } if current_user
16
+ config.dependencies = dependencies if dependencies
17
+ config.redirect_url = -> (_context) { redirect_url } if redirect_url
18
+ end
19
+
20
+ yield
21
+ ensure
22
+ Authorizy.configure do |config|
23
+ config.aliases = backup[:aliases]
24
+ config.cop = backup[:cop]
25
+ config.current_user = backup[:current_user]
26
+ config.dependencies = backup[:dependencies]
27
+ config.redirect_url = backup[:redirect_url]
28
+ end
29
+ end
data/spec/support/application.rb ADDED
@@ -0,0 +1,8 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'active_record/railtie'
4
+
5
+ module Authorizy
6
+ class Application < Rails::Application
7
+ end
8
+ end
data/spec/support/common.rb ADDED
@@ -0,0 +1,13 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'rspec/rails'
4
+
5
+ RSpec.configure do |config|
6
+ config.disable_monkey_patching!
7
+
8
+ config.mock_with(:rspec) do |mocks|
9
+ mocks.verify_partial_doubles = true
10
+ end
11
+
12
+ config.order = :random
13
+ end
data/spec/support/controllers/admin/dummy_controller.rb ADDED
@@ -0,0 +1,13 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Admin
4
+ class DummyController < ActionController::Base
5
+ include Authorizy::Extension
6
+
7
+ before_action :authorizy
8
+
9
+ def action
10
+ render json: { message: 'authorized' }
11
+ end
12
+ end
13
+ end
data/spec/support/controllers/dummy_controller.rb ADDED
@@ -0,0 +1,11 @@
1
+ # frozen_string_literal: true
2
+
3
+ class DummyController < ActionController::Base
4
+ include Authorizy::Extension
5
+
6
+ before_action :authorizy
7
+
8
+ def action
9
+ render json: { message: 'authorized' }
10
+ end
11
+ end
data/spec/support/coverage.rb ADDED
@@ -0,0 +1,14 @@
1
+ # frozen_string_literal: true
2
+
3
+ if ENV['COVERAGE'] == 'true'
4
+ require 'simplecov'
5
+ require 'codecov'
6
+
7
+ SimpleCov.formatter = SimpleCov::Formatter::Codecov
8
+
9
+ SimpleCov.minimum_coverage(ENV.fetch('MINIMUM_COVERAGE', 80).to_i)
10
+
11
+ SimpleCov.start('rails') do
12
+ add_filter('vendor')
13
+ end
14
+ end
data/spec/support/i18n.rb ADDED
@@ -0,0 +1,3 @@
1
+ # frozen_string_literal: true
2
+
3
+ I18n.load_path << Rails.root.join('spec/support/locales/en.yml')
data/spec/support/locales/en.yml ADDED
@@ -0,0 +1,3 @@
1
+ en:
2
+ authorizy:
3
+ denied: "Action denied for %{controller}#%{action}"
data/spec/support/models/authorizy_cop.rb ADDED
@@ -0,0 +1,31 @@
1
+ # frozen_string_literal: true
2
+
3
+ class AuthorizyCop < Authorizy::BaseCop
4
+ def admin__dummy
5
+ params[:admin] == 'true'
6
+ end
7
+
8
+ def dummy
9
+ params[:access] == 'true'
10
+ end
11
+
12
+ def get_action
13
+ action
14
+ end
15
+
16
+ def get_controller
17
+ controller
18
+ end
19
+
20
+ def get_current_user
21
+ current_user
22
+ end
23
+
24
+ def get_params
25
+ params
26
+ end
27
+
28
+ def get_session
29
+ session
30
+ end
31
+ end
data/spec/support/models/empty_cop.rb ADDED
@@ -0,0 +1,4 @@
1
+ # frozen_string_literal: true
2
+
3
+ class EmptyCop < Authorizy::BaseCop
4
+ end
data/spec/support/models/user.rb ADDED
@@ -0,0 +1,4 @@
1
+ # frozen_string_literal: true
2
+
3
+ class User < ActiveRecord::Base
4
+ end
data/spec/support/routes.rb ADDED
@@ -0,0 +1,6 @@
1
+ # frozen_string_literal: true
2
+
3
+ Rails.application.routes.draw do
4
+ get :action, to: 'admin/dummy#action'
5
+ get :action, to: 'dummy#action'
6
+ end
data/spec/support/schema.rb ADDED
@@ -0,0 +1,22 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'active_record'
4
+ require 'support/models/user'
5
+
6
+ ActiveRecord::Base.establish_connection(
7
+ adapter: 'postgresql',
8
+ host: 'localhost',
9
+ username: 'postgres',
10
+ )
11
+
12
+ ActiveRecord::Base.connection.execute('DROP DATABASE IF EXISTS authorizy_test;')
13
+ ActiveRecord::Base.connection.execute('CREATE DATABASE authorizy_test;')
14
+ ActiveRecord::Base.connection.execute('DROP TABLE IF EXISTS users;')
15
+
16
+ ActiveRecord::Schema.define(version: 1) do
17
+ enable_extension 'plpgsql'
18
+
19
+ create_table :users do |t|
20
+ t.jsonb 'authorizy', default: {}
21
+ end
22
+ end
metadata ADDED
@@ -0,0 +1,198 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: authorizy
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Washington Botelho
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2020-11-10 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: activerecord
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: pg
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ">="
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: pry-byebug
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: '0'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: rake
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ">="
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ">="
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: rspec-rails
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - ">="
74
+ - !ruby/object:Gem::Version
75
+ version: '0'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ">="
81
+ - !ruby/object:Gem::Version
82
+ version: '0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: rubocop-rspec
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - ">="
88
+ - !ruby/object:Gem::Version
89
+ version: '0'
90
+ type: :development
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - ">="
95
+ - !ruby/object:Gem::Version
96
+ version: '0'
97
+ description: A JSON based Authorization.
98
+ email: wbotelhos@gmail.com
99
+ executables: []
100
+ extensions: []
101
+ extra_rdoc_files:
102
+ - CHANGELOG.md
103
+ - LICENSE
104
+ - README.md
105
+ files:
106
+ - CHANGELOG.md
107
+ - LICENSE
108
+ - README.md
109
+ - lib/authorizy.rb
110
+ - lib/authorizy/base_cop.rb
111
+ - lib/authorizy/config.rb
112
+ - lib/authorizy/core.rb
113
+ - lib/authorizy/expander.rb
114
+ - lib/authorizy/extension.rb
115
+ - lib/authorizy/version.rb
116
+ - lib/generators/authorizy/install_generator.rb
117
+ - lib/generators/authorizy/templates/config/initializers/authorizy.rb
118
+ - lib/generators/authorizy/templates/db/migrate/add_authorizy_on_users.rb
119
+ - spec/authorizy/base_cop/access_question_spec.rb
120
+ - spec/authorizy/config/aliases_spec.rb
121
+ - spec/authorizy/config/cop_spec.rb
122
+ - spec/authorizy/config/current_user_spec.rb
123
+ - spec/authorizy/config/dependencies_spec.rb
124
+ - spec/authorizy/config/initialize_spec.rb
125
+ - spec/authorizy/config/redirect_url_spec.rb
126
+ - spec/authorizy/cop/controller_spec.rb
127
+ - spec/authorizy/cop/model_spec.rb
128
+ - spec/authorizy/cop/namespaced_controller_spec.rb
129
+ - spec/authorizy/core/access_spec.rb
130
+ - spec/authorizy/expander/expand_spec.rb
131
+ - spec/authorizy/extension/authorizy_question_spec.rb
132
+ - spec/authorizy/extension/authorizy_spec.rb
133
+ - spec/common_helper.rb
134
+ - spec/spec_helper.rb
135
+ - spec/support/application.rb
136
+ - spec/support/common.rb
137
+ - spec/support/controllers/admin/dummy_controller.rb
138
+ - spec/support/controllers/dummy_controller.rb
139
+ - spec/support/coverage.rb
140
+ - spec/support/i18n.rb
141
+ - spec/support/locales/en.yml
142
+ - spec/support/models/authorizy_cop.rb
143
+ - spec/support/models/empty_cop.rb
144
+ - spec/support/models/user.rb
145
+ - spec/support/routes.rb
146
+ - spec/support/schema.rb
147
+ homepage: https://github.com/wbotelhos/authorizy
148
+ licenses:
149
+ - MIT
150
+ metadata: {}
151
+ post_install_message:
152
+ rdoc_options: []
153
+ require_paths:
154
+ - lib
155
+ required_ruby_version: !ruby/object:Gem::Requirement
156
+ requirements:
157
+ - - ">="
158
+ - !ruby/object:Gem::Version
159
+ version: '0'
160
+ required_rubygems_version: !ruby/object:Gem::Requirement
161
+ requirements:
162
+ - - ">="
163
+ - !ruby/object:Gem::Version
164
+ version: '0'
165
+ requirements: []
166
+ rubygems_version: 3.1.4
167
+ signing_key:
168
+ specification_version: 4
169
+ summary: A JSON based Authorization.
170
+ test_files:
171
+ - spec/spec_helper.rb
172
+ - spec/common_helper.rb
173
+ - spec/support/schema.rb
174
+ - spec/support/routes.rb
175
+ - spec/support/locales/en.yml
176
+ - spec/support/i18n.rb
177
+ - spec/support/application.rb
178
+ - spec/support/models/authorizy_cop.rb
179
+ - spec/support/models/empty_cop.rb
180
+ - spec/support/models/user.rb
181
+ - spec/support/common.rb
182
+ - spec/support/coverage.rb
183
+ - spec/support/controllers/dummy_controller.rb
184
+ - spec/support/controllers/admin/dummy_controller.rb
185
+ - spec/authorizy/core/access_spec.rb
186
+ - spec/authorizy/extension/authorizy_spec.rb
187
+ - spec/authorizy/extension/authorizy_question_spec.rb
188
+ - spec/authorizy/config/dependencies_spec.rb
189
+ - spec/authorizy/config/initialize_spec.rb
190
+ - spec/authorizy/config/redirect_url_spec.rb
191
+ - spec/authorizy/config/current_user_spec.rb
192
+ - spec/authorizy/config/cop_spec.rb
193
+ - spec/authorizy/config/aliases_spec.rb
194
+ - spec/authorizy/expander/expand_spec.rb
195
+ - spec/authorizy/base_cop/access_question_spec.rb
196
+ - spec/authorizy/cop/namespaced_controller_spec.rb
197
+ - spec/authorizy/cop/controller_spec.rb
198
+ - spec/authorizy/cop/model_spec.rb