be9-acl9 0.9.1

data/spec/models.rb

@@ -0,0 +1,27 @@
+class Role < ActiveRecord::Base
+  acts_as_authorization_role
+end
+
+class User < ActiveRecord::Base
+  acts_as_authorization_subject
+end
+
+class Foo < ActiveRecord::Base
+  acts_as_authorization_object
+end
+
+class Bar < ActiveRecord::Base
+  acts_as_authorization_object
+end
+
+class AnotherSubject < ActiveRecord::Base
+  acts_as_authorization_subject :role_class_name => 'AnotherRole'
+end
+
+class AnotherRole < ActiveRecord::Base
+  acts_as_authorization_role :subject_class_name => "AnotherSubject"
+end
+
+class FooBar < ActiveRecord::Base
+  acts_as_authorization_object :role_class_name => 'AnotherRole', :subject_class_name => "AnotherSubject"
+end

data/spec/roles_spec.rb

@@ -0,0 +1,259 @@
+require File.join(File.dirname(__FILE__), 'spec_helper')
+require File.join(File.dirname(__FILE__), 'models')
+
+#Logger = ActiveRecord::Base.logger
+
+describe "Roles" do
+  before do
+    Role.destroy_all
+    [User, Foo, Bar].each { |model| model.delete_all }
+
+    @user = User.create!
+    @user2 = User.create!
+    @foo = Foo.create!
+    @bar = Bar.create!
+  end
+
+  it "should not have any roles by default" do
+    %w(user manager admin owner).each do |role|
+      @user.has_role?(role).should be_false
+    end
+  end
+
+  it "#has_role! without object (global role)" do
+    lambda do 
+      @user.has_role!('admin')
+    end.should change(Role, :count).from(0).to(1)
+
+    @user.has_role?('admin').should be_true
+    @user2.has_role?('admin').should be_false
+  end
+
+  it "should not count global role as object role" do
+    @user.has_role!('admin')
+
+    [@foo, @bar, Foo, Bar, @user].each do |obj|
+      @user.has_role?('admin', obj).should be_false
+      @user.has_roles_for?(obj).should be_false
+      @user.roles_for(obj).should == []
+    end
+
+    [@foo, @bar].each do |obj|
+      obj.accepts_role?('admin', @user).should be_false
+    end
+  end
+
+  it "#has_role! with object (object role)" do
+    @user.has_role!('manager', @foo)
+
+    @user.has_role?('manager', @foo).should be_true
+    @user.has_roles_for?(@foo).should be_true
+    @user.has_role_for?(@foo).should be_true
+    
+    roles = @user.roles_for(@foo)
+    roles.should == @foo.accepted_roles_by(@user)
+    roles.size.should == 1
+    roles.first.name.should == "manager"
+    
+    @user.has_role?('manager', @bar).should be_false
+    @user2.has_role?('manager', @foo).should be_false
+
+    @foo.accepts_role?('manager', @user).should be_true
+    @foo.accepts_role_by?(@user).should be_true
+    @foo.accepts_roles_by?(@user).should be_true
+  end
+
+  it "shoud count object role also as global role" do
+    @user.has_role!('manager', @foo)
+    
+    @user.has_role?('manager').should be_true
+  end
+
+  it "should not count object role as object class role" do
+    @user.has_role!('manager', @foo)
+    @user.has_role?('manager', Foo).should be_false
+  end
+
+  it "#has_role! with class" do
+    @user.has_role!('user', Bar)
+
+    @user.has_role?('user', Bar).should be_true
+    @user.has_roles_for?(Bar).should be_true
+    @user.has_role_for?(Bar).should be_true
+    
+    roles = @user.roles_for(Bar)
+    roles.size.should == 1
+    roles.first.name.should == "user"
+    
+    @user.has_role?('user', Foo).should be_false
+    @user2.has_role?('user', Bar).should be_false
+  end
+
+  it "should not count class role as object role" do
+    @user.has_role!('manager', Foo)
+    @user.has_role?('manager', @foo).should be_false
+  end
+
+  it "should be able to have several roles on the same object" do
+    @user.has_role!('manager', @foo)
+    @user.has_role!('user',    @foo)
+    @user.has_role!('admin',   @foo)
+    
+    @user.has_role!('owner',   @bar)
+
+    @user.roles_for(@foo)        .map(&:name).sort.should == %w(admin manager user)
+    @foo.accepted_roles_by(@user).map(&:name).sort.should == %w(admin manager user)
+  end
+
+  it "should reuse existing roles" do
+    @user.has_role!('owner', @bar)
+    @user2.has_role!('owner', @bar)
+
+    @user.roles.should == @user2.roles
+  end
+
+  it "#has_no_role! should unassign a global role from user" do
+    set_some_roles
+
+    lambda do
+      @user.has_no_role!('3133t')
+    end.should change(@user.roles, :count).by(-1)
+
+    @user.has_role?('3133t').should be_false
+  end
+  
+  it "#has_no_role! should unassign an object role from user" do
+    set_some_roles
+
+    lambda do
+      @user.has_no_role!('manager', @foo)
+    end.should change(@user.roles, :count).by(-1)
+
+    @user.has_role?('manager', @foo).should be_false
+    @user.has_role?('user', @foo).should be_true      # another role on the same object
+  end
+
+  it "#has_no_role! should unassign a class role from user" do
+    set_some_roles
+
+    lambda do
+      @user.has_no_role!('admin', Foo)
+    end.should change(@user.roles, :count).by(-1)
+
+    @user.has_role?('admin', Foo).should be_false
+    @user.has_role?('admin').should be_true           # global role
+  end
+
+  it "#has_no_roles_for! should unassign global and class roles with nil object" do
+    set_some_roles
+
+    lambda do
+      @user.has_no_roles_for!
+    end.should change(@user.roles, :count).by(-4)
+
+    @user.has_role?('admin').should be_false
+    @user.has_role?('3133t').should be_false
+    @user.has_role?('admin', Foo).should be_false
+    @user.has_role?('manager', Foo).should be_false
+  end
+
+  it "#has_no_roles_for! should unassign object roles" do
+    set_some_roles
+
+    lambda do
+      @user.has_no_roles_for! @foo
+    end.should change(@user.roles, :count).by(-2)
+
+    @user.has_role?('user', @foo).should be_false
+    @user.has_role?('manager', @foo).should be_false
+  end
+  
+  it "#has_no_roles_for! should unassign both class roles and object roles for objects of that class" do
+    set_some_roles
+
+    lambda do
+      @user.has_no_roles_for! Foo
+    end.should change(@user.roles, :count).by(-4)
+
+    @user.has_role?('admin', Foo).should be_false
+    @user.has_role?('manager', Foo).should be_false
+    @user.has_role?('user', @foo).should be_false
+    @user.has_role?('manager', @foo).should be_false
+  end
+
+  it "#has_no_roles! should unassign all roles" do
+    set_some_roles
+
+    @user.has_no_roles!
+    @user.roles.count.should == 0
+  end
+
+  it "should delete unused roles from table" do
+    @user.has_role!('owner', @bar)
+    @user2.has_role!('owner', @bar)
+
+    Role.count.should == 1
+
+    @bar.accepts_no_role!('owner', @user2)
+    Role.count.should == 1
+
+    @bar.accepts_no_role!('owner', @user)
+    
+    Role.count.should == 0
+  end
+
+  it "should accept :symbols as role names" do
+    @user.has_role! :admin
+    @user.has_role! :_3133t
+
+    @user.has_role! :admin, Foo
+    @user.has_role! :manager, Foo
+    @user.has_role! :user, @foo
+    @foo.accepts_role! :manager, @user
+    @bar.accepts_role! :owner,   @user
+
+    @user.has_role?(:admin).should be_true
+    @user.has_role?(:_3133t).should be_true
+    @user.has_role?(:admin, Foo).should be_true
+    @user.has_role?(:manager, @foo).should be_true
+
+
+  end
+
+  private
+
+  def set_some_roles
+    @user.has_role!('admin')
+    @user.has_role!('3133t')
+
+    @user.has_role!('admin', Foo)
+    @user.has_role!('manager', Foo)
+    @user.has_role!('user', @foo)
+    @foo.accepts_role!('manager', @user)
+    @bar.accepts_role!('owner',   @user)
+  end
+end
+
+describe "Roles with custom class names" do
+  before do
+    AnotherRole.destroy_all
+    [AnotherSubject, FooBar].each { |model| model.delete_all }
+
+    @subj = AnotherSubject.create!
+    @subj2 = AnotherSubject.create!
+    @foobar = FooBar.create!
+  end
+
+  it "should basically work" do
+    lambda do 
+      @subj.has_role!('admin')
+      @subj.has_role!('user', @foobar)
+    end.should change(AnotherRole, :count).from(0).to(2)
+
+    @subj.has_role?('admin').should be_true
+    @subj2.has_role?('admin').should be_false
+
+    @subj.has_role?(:user, @foobar).should be_true
+    @subj2.has_role?(:user, @foobar).should be_false
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,34 @@
+require 'rubygems'
+require 'spec'
+require 'activerecord'
+require 'action_controller'
+
+require 'action_controller/test_process'
+require 'action_controller/integration'
+
+require 'active_record/fixtures'
+
+class ApplicationController < ActionController::Base
+end
+
+require 'rails/version'
+
+require 'spec/rails/matchers'
+require 'spec/rails/mocks'
+require 'spec/rails/example'
+require 'spec/rails/extensions'
+#require 'spec/rails/interop/testcase'
+
+this_dir = File.dirname(__FILE__)
+
+RAILS_ROOT = File.join(this_dir,  "..")
+
+ActiveRecord::Base.logger = Logger.new(this_dir + "/debug.log")
+
+ActiveRecord::Base.establish_connection(:adapter => "sqlite3", :database => "#{this_dir}/db/test.sqlite3")
+
+load(File.join(this_dir, "db", "schema.rb"))
+
+ActionController::Routing::Routes.draw do |map|
+  map.connect ":controller/:action/:id"
+end

metadata

@@ -0,0 +1,102 @@
+--- !ruby/object:Gem::Specification 
+name: be9-acl9
+version: !ruby/object:Gem::Version 
+  version: 0.9.1
+platform: ruby
+authors: 
+- Oleg Dashevskii
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-01-03 00:00:00 -08:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: rspec
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 1.1.11
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: rspec-rails
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 1.1.11
+    version: 
+description: Yet another role-based authorization system for Rails with a nice DSL for access control lists.
+email: olegdashevskii@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- lib/acl9/config.rb
+- lib/acl9/model_extensions/subject.rb
+- lib/acl9/model_extensions/object.rb
+- lib/acl9/controller_extensions.rb
+- lib/acl9/controller_extensions/filter_producer.rb
+- lib/acl9/version.rb
+- lib/acl9/model_extensions.rb
+- lib/acl9.rb
+- README.textile
+files: 
+- lib/acl9/config.rb
+- lib/acl9/model_extensions/subject.rb
+- lib/acl9/model_extensions/object.rb
+- lib/acl9/controller_extensions.rb
+- lib/acl9/controller_extensions/filter_producer.rb
+- lib/acl9/version.rb
+- lib/acl9/model_extensions.rb
+- lib/acl9.rb
+- spec/db/schema.rb
+- spec/filter_producer_spec.rb
+- spec/spec_helper.rb
+- spec/models.rb
+- spec/access_control_spec.rb
+- spec/roles_spec.rb
+- Manifest
+- MIT-LICENSE
+- Rakefile
+- README.textile
+- init.rb
+- acl9.gemspec
+has_rdoc: true
+homepage: http://github.com/be9/acl9
+post_install_message: 
+rdoc_options: 
+- --line-numbers
+- --inline-source
+- --title
+- Acl9
+- --main
+- README.textile
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "1.2"
+  version: 
+requirements: []
+
+rubyforge_project: acl9
+rubygems_version: 1.2.0
+signing_key: 
+specification_version: 2
+summary: Yet another role-based authorization system for Rails with a nice DSL for access control lists.
+test_files: []
+