be9-acl9 0.10.0 → 0.11.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -23,7 +23,7 @@ class RolesTest < Test::Unit::TestCase
23
23
  end
24
24
 
25
25
  it "#has_role! without object (global role)" do
26
- lambda do
26
+ lambda do
27
27
  @user.has_role!('admin')
28
28
  end.should change { Role.count }.from(0).to(1)
29
29
 
@@ -51,12 +51,12 @@ class RolesTest < Test::Unit::TestCase
51
51
  @user.has_role?('manager', @foo).should be_true
52
52
  @user.has_roles_for?(@foo).should be_true
53
53
  @user.has_role_for?(@foo).should be_true
54
-
54
+
55
55
  roles = @user.roles_for(@foo)
56
56
  roles.should == @foo.accepted_roles_by(@user)
57
57
  roles.size.should == 1
58
58
  roles.first.name.should == "manager"
59
-
59
+
60
60
  @user.has_role?('manager', @bar).should be_false
61
61
  @user2.has_role?('manager', @foo).should be_false
62
62
 
@@ -65,9 +65,9 @@ class RolesTest < Test::Unit::TestCase
65
65
  @foo.accepts_roles_by?(@user).should be_true
66
66
  end
67
67
 
68
- it "shoud count object role also as global role" do
68
+ it "should count object role also as global role" do
69
69
  @user.has_role!('manager', @foo)
70
-
70
+
71
71
  @user.has_role?('manager').should be_true
72
72
  end
73
73
 
@@ -76,17 +76,34 @@ class RolesTest < Test::Unit::TestCase
76
76
  @user.has_role?('manager', Foo).should be_false
77
77
  end
78
78
 
79
+ context "protect_global_roles is true" do
80
+ before do
81
+ @saved_option = Acl9.config[:protect_global_roles]
82
+ Acl9.config[:protect_global_roles] = true
83
+ end
84
+
85
+ it "should not count object role also as global role" do
86
+ @user.has_role!('manager', @foo)
87
+
88
+ @user.has_role?('manager').should be_false
89
+ end
90
+
91
+ after do
92
+ Acl9.config[:protect_global_roles] = @saved_option
93
+ end
94
+ end
95
+
79
96
  it "#has_role! with class" do
80
97
  @user.has_role!('user', Bar)
81
98
 
82
99
  @user.has_role?('user', Bar).should be_true
83
100
  @user.has_roles_for?(Bar).should be_true
84
101
  @user.has_role_for?(Bar).should be_true
85
-
102
+
86
103
  roles = @user.roles_for(Bar)
87
104
  roles.size.should == 1
88
105
  roles.first.name.should == "user"
89
-
106
+
90
107
  @user.has_role?('user', Foo).should be_false
91
108
  @user2.has_role?('user', Bar).should be_false
92
109
  end
@@ -100,7 +117,7 @@ class RolesTest < Test::Unit::TestCase
100
117
  @user.has_role!('manager', @foo)
101
118
  @user.has_role!('user', @foo)
102
119
  @user.has_role!('admin', @foo)
103
-
120
+
104
121
  @user.has_role!('owner', @bar)
105
122
 
106
123
  @user.roles_for(@foo) .map(&:name).sort.should == %w(admin manager user)
@@ -111,7 +128,7 @@ class RolesTest < Test::Unit::TestCase
111
128
  @user.has_role!('owner', @bar)
112
129
  @user2.has_role!('owner', @bar)
113
130
 
114
- @user.roles.should == @user2.roles
131
+ @user.role_objects.should == @user2.role_objects
115
132
  end
116
133
 
117
134
  it "#has_no_role! should unassign a global role from user" do
@@ -119,17 +136,17 @@ class RolesTest < Test::Unit::TestCase
119
136
 
120
137
  lambda do
121
138
  @user.has_no_role!('3133t')
122
- end.should change { @user.roles.count }.by(-1)
139
+ end.should change { @user.role_objects.count }.by(-1)
123
140
 
124
141
  @user.has_role?('3133t').should be_false
125
142
  end
126
-
143
+
127
144
  it "#has_no_role! should unassign an object role from user" do
128
145
  set_some_roles
129
146
 
130
147
  lambda do
131
148
  @user.has_no_role!('manager', @foo)
132
- end.should change { @user.roles.count }.by(-1)
149
+ end.should change { @user.role_objects.count }.by(-1)
133
150
 
134
151
  @user.has_role?('manager', @foo).should be_false
135
152
  @user.has_role?('user', @foo).should be_true # another role on the same object
@@ -140,7 +157,7 @@ class RolesTest < Test::Unit::TestCase
140
157
 
141
158
  lambda do
142
159
  @user.has_no_role!('admin', Foo)
143
- end.should change { @user.roles.count }.by(-1)
160
+ end.should change { @user.role_objects.count }.by(-1)
144
161
 
145
162
  @user.has_role?('admin', Foo).should be_false
146
163
  @user.has_role?('admin').should be_true # global role
@@ -151,7 +168,7 @@ class RolesTest < Test::Unit::TestCase
151
168
 
152
169
  lambda do
153
170
  @user.has_no_roles_for!
154
- end.should change { @user.roles.count }.by(-4)
171
+ end.should change { @user.role_objects.count }.by(-4)
155
172
 
156
173
  @user.has_role?('admin').should be_false
157
174
  @user.has_role?('3133t').should be_false
@@ -164,18 +181,18 @@ class RolesTest < Test::Unit::TestCase
164
181
 
165
182
  lambda do
166
183
  @user.has_no_roles_for! @foo
167
- end.should change { @user.roles.count }.by(-2)
184
+ end.should change { @user.role_objects.count }.by(-2)
168
185
 
169
186
  @user.has_role?('user', @foo).should be_false
170
187
  @user.has_role?('manager', @foo).should be_false
171
188
  end
172
-
189
+
173
190
  it "#has_no_roles_for! should unassign both class roles and object roles for objects of that class" do
174
191
  set_some_roles
175
192
 
176
193
  lambda do
177
194
  @user.has_no_roles_for! Foo
178
- end.should change { @user.roles.count }.by(-4)
195
+ end.should change { @user.role_objects.count }.by(-4)
179
196
 
180
197
  @user.has_role?('admin', Foo).should be_false
181
198
  @user.has_role?('manager', Foo).should be_false
@@ -187,7 +204,7 @@ class RolesTest < Test::Unit::TestCase
187
204
  set_some_roles
188
205
 
189
206
  @user.has_no_roles!
190
- @user.roles.count.should == 0
207
+ @user.role_objects.count.should == 0
191
208
  end
192
209
 
193
210
  it "should delete unused roles from table" do
@@ -200,7 +217,7 @@ class RolesTest < Test::Unit::TestCase
200
217
  Role.count.should == 1
201
218
 
202
219
  @bar.accepts_no_role!('owner', @user)
203
-
220
+
204
221
  Role.count.should == 0
205
222
  end
206
223
 
@@ -218,8 +235,6 @@ class RolesTest < Test::Unit::TestCase
218
235
  @user.has_role?(:_3133t).should be_true
219
236
  @user.has_role?(:admin, Foo).should be_true
220
237
  @user.has_role?(:manager, @foo).should be_true
221
-
222
-
223
238
  end
224
239
 
225
240
  private
@@ -247,7 +262,7 @@ class RolesWithCustomClassNamesTest < Test::Unit::TestCase
247
262
  end
248
263
 
249
264
  it "should basically work" do
250
- lambda do
265
+ lambda do
251
266
  @subj.has_role!('admin')
252
267
  @subj.has_role!('user', @foobar)
253
268
  end.should change { AnotherRole.count }.from(0).to(2)
@@ -263,3 +278,33 @@ class RolesWithCustomClassNamesTest < Test::Unit::TestCase
263
278
  end
264
279
  end
265
280
 
281
+ class UsersRolesAndSubjectsWithNamespacedClassNamesTest < Test::Unit::TestCase
282
+ before do
283
+ Other::Role.destroy_all
284
+ [Other::User, Other::FooBar].each { |model| model.delete_all }
285
+
286
+ @user = Other::User.create!
287
+ @user2 = Other::User.create!
288
+ @foobar = Other::FooBar.create!
289
+
290
+ end
291
+
292
+ it "should basically work" do
293
+ lambda do
294
+ @user.has_role!('admin')
295
+ @user.has_role!('user', @foobar)
296
+ end.should change { Other::Role.count }.from(0).to(2)
297
+
298
+ @user.has_role?('admin').should be_true
299
+ @user2.has_role?('admin').should be_false
300
+
301
+ @user.has_role?(:user, @foobar).should be_true
302
+ @user2.has_role?(:user, @foobar).should be_false
303
+
304
+ @foobar.accepted_roles.count.should == 1
305
+
306
+ @user.has_no_roles!
307
+ @user2.has_no_roles!
308
+ end
309
+ end
310
+
@@ -55,7 +55,7 @@ class ACLArguments < EmptyController
55
55
  access_control :except => [:index, :show] do
56
56
  allow :admin, :if => :true_meth, :unless => :false_meth
57
57
  end
58
-
58
+
59
59
  include TrueFalse
60
60
  end
61
61
 
@@ -129,12 +129,33 @@ class ACLObjectsHash < ApplicationController
129
129
  @foo = nil
130
130
  render :text => (allowed?(:foo => MyDearFoo.instance) ? 'OK' : 'AccessDenied')
131
131
  end
132
-
132
+
133
+ def current_user
134
+ params[:user]
135
+ end
136
+ end
137
+
138
+ class ACLActionOverride < ApplicationController
139
+ access_control :allowed?, :filter => false do
140
+ allow all, :to => :index
141
+ deny all, :to => :show
142
+ allow :owner, :of => :foo, :to => :edit
143
+ end
144
+
145
+ def check_allow
146
+ render :text => (allowed?(params[:_action]) ? 'OK' : 'AccessDenied')
147
+ end
148
+
149
+ def check_allow_with_foo
150
+ render :text => (allowed?(params[:_action], :foo => MyDearFoo.instance) ? 'OK' : 'AccessDenied')
151
+ end
152
+
133
153
  def current_user
134
154
  params[:user]
135
155
  end
136
156
  end
137
157
 
158
+
138
159
  class ACLHelperMethod < ApplicationController
139
160
  access_control :helper => :foo? do
140
161
  allow :owner, :of => :foo
@@ -145,9 +166,42 @@ class ACLHelperMethod < ApplicationController
145
166
 
146
167
  render :inline => "<%= foo? ? 'OK' : 'AccessDenied' %>"
147
168
  end
148
-
169
+
149
170
  def current_user
150
171
  params[:user]
151
172
  end
152
173
  end
153
174
 
175
+ class ACLQueryMethod < ApplicationController
176
+ attr_accessor :current_user
177
+
178
+ access_control :acl, :query_method => true do
179
+ allow :editor, :to => [:edit, :update, :destroy]
180
+ allow :viewer, :to => [:index, :show]
181
+ allow :owner, :of => :foo, :to => :fooize
182
+ end
183
+ end
184
+
185
+ class ACLQueryMethodWithLambda < ApplicationController
186
+ attr_accessor :current_user
187
+
188
+ access_control :query_method => :acl? do
189
+ allow :editor, :to => [:edit, :update, :destroy]
190
+ allow :viewer, :to => [:index, :show]
191
+ allow :owner, :of => :foo, :to => :fooize
192
+ end
193
+ end
194
+
195
+ class ACLNamedQueryMethod < ApplicationController
196
+ attr_accessor :current_user
197
+
198
+ access_control :acl, :query_method => 'allow_ay' do
199
+ allow :editor, :to => [:edit, :update, :destroy]
200
+ allow :viewer, :to => [:index, :show]
201
+ allow :owner, :of => :foo, :to => :fooize
202
+ end
203
+
204
+ def acl?(*args)
205
+ allow_ay(*args)
206
+ end
207
+ end
@@ -25,3 +25,23 @@ end
25
25
  class FooBar < ActiveRecord::Base
26
26
  acts_as_authorization_object :role_class_name => 'AnotherRole', :subject_class_name => "AnotherSubject"
27
27
  end
28
+
29
+
30
+ module Other
31
+
32
+ class Other::User < ActiveRecord::Base
33
+ set_table_name "other_users"
34
+ acts_as_authorization_subject :join_table_name => "other_roles_other_users", :role_class_name => "Other::Role"
35
+ end
36
+
37
+ class Other::Role < ActiveRecord::Base
38
+ set_table_name "other_roles"
39
+ acts_as_authorization_role :join_table_name => "other_roles_other_users", :subject_class_name => "Other::User"
40
+ end
41
+
42
+ class Other::FooBar < ActiveRecord::Base
43
+ set_table_name "other_foo_bars"
44
+ acts_as_authorization_object :role_class_name => 'Other::Role', :subject_class_name => "Other::User"
45
+ end
46
+
47
+ end
@@ -44,4 +44,26 @@ ActiveRecord::Schema.define(:version => 0) do
44
44
  t.datetime "created_at"
45
45
  t.datetime "updated_at"
46
46
  end
47
+
48
+ # namespaced
49
+
50
+ create_table "other_roles", :force => true do |t|
51
+ t.string "name", :limit => 40
52
+ t.string "authorizable_type", :limit => 40
53
+ t.integer "authorizable_id"
54
+ t.datetime "created_at"
55
+ t.datetime "updated_at"
56
+ end
57
+ create_table "other_users", :force => true do |t| end
58
+ create_table "other_roles_other_users", :id => false, :force => true do |t|
59
+ t.integer "user_id"
60
+ t.integer "role_id"
61
+ t.datetime "created_at"
62
+ t.datetime "updated_at"
63
+ end
64
+ create_table "other_foo_bars", :force => true do |t|
65
+ t.datetime "created_at"
66
+ t.datetime "updated_at"
67
+ end
68
+
47
69
  end
@@ -1,4 +1,8 @@
1
1
  require 'rubygems'
2
+
3
+ gem 'jnunemaker-matchy', '>= 0.4.0'
4
+ gem 'jeremymcanally-context', '>= 0.5.5'
5
+
2
6
  require 'test/unit'
3
7
  require 'context'
4
8
  require 'matchy'
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: be9-acl9
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.10.0
4
+ version: 0.11.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - oleg dashevskii
@@ -9,7 +9,7 @@ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2009-05-03 00:00:00 -07:00
12
+ date: 2009-09-16 00:00:00 -07:00
13
13
  default_executable:
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
@@ -64,8 +64,9 @@ files:
64
64
  - test/support/models.rb
65
65
  - test/support/schema.rb
66
66
  - test/test_helper.rb
67
- has_rdoc: true
67
+ has_rdoc: false
68
68
  homepage: http://github.com/be9/acl9
69
+ licenses:
69
70
  post_install_message:
70
71
  rdoc_options:
71
72
  - --charset=UTF-8
@@ -86,16 +87,16 @@ required_rubygems_version: !ruby/object:Gem::Requirement
86
87
  requirements: []
87
88
 
88
89
  rubyforge_project:
89
- rubygems_version: 1.2.0
90
+ rubygems_version: 1.3.5
90
91
  signing_key:
91
92
  specification_version: 3
92
93
  summary: Yet another role-based authorization system for Rails
93
94
  test_files:
94
- - test/helpers_test.rb
95
+ - test/dsl_base_test.rb
96
+ - test/test_helper.rb
97
+ - test/access_control_test.rb
95
98
  - test/support/schema.rb
96
99
  - test/support/models.rb
97
100
  - test/support/controllers.rb
98
- - test/dsl_base_test.rb
99
- - test/access_control_test.rb
100
- - test/test_helper.rb
101
+ - test/helpers_test.rb
101
102
  - test/roles_test.rb