can-has-permission 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +1 -0
- data/README.rdoc +10 -0
- data/Rakefile +23 -0
- data/VERSION +1 -0
- data/can-has-permission.gemspec +60 -0
- data/lib/can-has-permission.rb +56 -0
- data/lib/can-has-permission/has_permission.rb +24 -0
- data/lib/can-has-permission/has_role.rb +22 -0
- data/lib/can-has-permission/permission.rb +4 -0
- data/lib/can-has-permission/role.rb +5 -0
- data/spec/spec_helper.rb +41 -0
- data/spec/tests/can_has_permission_spec.rb +279 -0
- data/spec/tests/has_permission_spec.rb +74 -0
- data/spec/tests/has_role_spec.rb +74 -0
- data/spec/tests/permission_spec.rb +20 -0
- data/spec/tests/role_spec.rb +20 -0
- metadata +87 -0
data/.gitignore
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
pkg
|
data/README.rdoc
ADDED
data/Rakefile
ADDED
@@ -0,0 +1,23 @@
|
|
1
|
+
require 'rubygems'
|
2
|
+
require 'rake'
|
3
|
+
|
4
|
+
Dir["#{File.dirname(__FILE__)}/tasks/*.rake"].each{|task| load task}
|
5
|
+
|
6
|
+
task :test do
|
7
|
+
system("spec spec/tests/*_spec.rb")
|
8
|
+
end
|
9
|
+
|
10
|
+
begin
|
11
|
+
require 'jeweler'
|
12
|
+
Jeweler::Tasks.new do |gemspec|
|
13
|
+
gemspec.name = "can-has-permission"
|
14
|
+
gemspec.summary = "simple permissions based authorisation"
|
15
|
+
gemspec.description = "simple permissions based authorisation with roles"
|
16
|
+
gemspec.email = "cirode@gmail.com"
|
17
|
+
gemspec.homepage = "http://github.com/cirode/can_has_permission"
|
18
|
+
gemspec.authors = ["Chris Rode"]
|
19
|
+
end
|
20
|
+
Jeweler::GemcutterTasks.new
|
21
|
+
rescue LoadError
|
22
|
+
puts "Jeweler not available. Install it with: gem install jeweler"
|
23
|
+
end
|
data/VERSION
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
0.0.1
|
@@ -0,0 +1,60 @@
|
|
1
|
+
# Generated by jeweler
|
2
|
+
# DO NOT EDIT THIS FILE DIRECTLY
|
3
|
+
# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
|
4
|
+
# -*- encoding: utf-8 -*-
|
5
|
+
|
6
|
+
Gem::Specification.new do |s|
|
7
|
+
s.name = %q{can-has-permission}
|
8
|
+
s.version = "0.0.1"
|
9
|
+
|
10
|
+
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
|
+
s.authors = ["Chris Rode"]
|
12
|
+
s.date = %q{2010-08-10}
|
13
|
+
s.description = %q{simple permissions based authorisation with roles}
|
14
|
+
s.email = %q{cirode@gmail.com}
|
15
|
+
s.extra_rdoc_files = [
|
16
|
+
"README.rdoc"
|
17
|
+
]
|
18
|
+
s.files = [
|
19
|
+
".gitignore",
|
20
|
+
"README.rdoc",
|
21
|
+
"Rakefile",
|
22
|
+
"VERSION",
|
23
|
+
"can-has-permission.gemspec",
|
24
|
+
"lib/can-has-permission.rb",
|
25
|
+
"lib/can-has-permission/has_permission.rb",
|
26
|
+
"lib/can-has-permission/has_role.rb",
|
27
|
+
"lib/can-has-permission/permission.rb",
|
28
|
+
"lib/can-has-permission/role.rb",
|
29
|
+
"spec/spec_helper.rb",
|
30
|
+
"spec/tests/can_has_permission_spec.rb",
|
31
|
+
"spec/tests/has_permission_spec.rb",
|
32
|
+
"spec/tests/has_role_spec.rb",
|
33
|
+
"spec/tests/permission_spec.rb",
|
34
|
+
"spec/tests/role_spec.rb"
|
35
|
+
]
|
36
|
+
s.homepage = %q{http://github.com/cirode/can_has_permission}
|
37
|
+
s.rdoc_options = ["--charset=UTF-8"]
|
38
|
+
s.require_paths = ["lib"]
|
39
|
+
s.rubygems_version = %q{1.3.7}
|
40
|
+
s.summary = %q{simple permissions based authorisation}
|
41
|
+
s.test_files = [
|
42
|
+
"spec/spec_helper.rb",
|
43
|
+
"spec/tests/can_has_permission_spec.rb",
|
44
|
+
"spec/tests/has_permission_spec.rb",
|
45
|
+
"spec/tests/has_role_spec.rb",
|
46
|
+
"spec/tests/permission_spec.rb",
|
47
|
+
"spec/tests/role_spec.rb"
|
48
|
+
]
|
49
|
+
|
50
|
+
if s.respond_to? :specification_version then
|
51
|
+
current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
|
52
|
+
s.specification_version = 3
|
53
|
+
|
54
|
+
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
|
55
|
+
else
|
56
|
+
end
|
57
|
+
else
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
@@ -0,0 +1,56 @@
|
|
1
|
+
module CanHasPermission
|
2
|
+
def can
|
3
|
+
CanHasPermission::HasPermission.find(:all, :conditions => { :model => self.class.to_s, :model_id => self.id}).collect{|has_perm| has_perm.permission}
|
4
|
+
end
|
5
|
+
|
6
|
+
def can?(permission)
|
7
|
+
role_ids = []
|
8
|
+
CanHasPermission::HasRole.find(:all, :conditions => { :model => self.class.to_s, :model_id => self.id}).each do |role|
|
9
|
+
role_ids << role.id
|
10
|
+
end
|
11
|
+
CanHasPermission::HasPermission.find(:first,:include=>[:permission_class], :conditions => ['((model =? and model_id =? ) or (model=? and model_id in (?) ))and permissions.name=?',self.class.to_s, self.id,CanHasPermission::Role.to_s,role_ids, permission.to_s]) != nil
|
12
|
+
end
|
13
|
+
|
14
|
+
def can=(permission_list)
|
15
|
+
permission_list = [permission_list] unless permission_list.respond_to?(:each)
|
16
|
+
permission_list.each do |permission|
|
17
|
+
#if database is down then catestrophic error
|
18
|
+
CanHasPermission::HasPermission.create!(:permission =>permission.to_s, :model => self.class.to_s, :model_id => self.id) unless self.can?(permission)
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
def can_not(permission_list)
|
23
|
+
permission_list = [permission_list] unless permission_list.respond_to?(:each)
|
24
|
+
CanHasPermission::HasPermission.find(:all,:include=>[:permission_class], :conditions => ['model =? and model_id =? and permissions.name in (?)',self.class.to_s, self.id, permission_list.collect{|p| p.to_s}]).each do |has_permission|
|
25
|
+
has_permission.destroy
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
29
|
+
def has_role?(role)
|
30
|
+
CanHasPermission::HasRole.find(:first,:include=>[:role_class], :conditions => ['model =? and model_id =? and roles.name=?',self.class.to_s, self.id, role.to_s]) != nil
|
31
|
+
end
|
32
|
+
|
33
|
+
def roles
|
34
|
+
CanHasPermission::HasRole.find(:all, :conditions => { :model => self.class.to_s, :model_id => self.id}).collect{|has_role| has_role.role}
|
35
|
+
end
|
36
|
+
|
37
|
+
def add_roles(role_list)
|
38
|
+
role_list = [role_list] unless role_list.respond_to?(:each)
|
39
|
+
role_list.each do |role|
|
40
|
+
#if database is down then catestrophic error
|
41
|
+
CanHasPermission::HasRole.create!(:role =>role.to_s, :model => self.class.to_s, :model_id => self.id) unless self.has_role?(role)
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
def remove_roles(role_list)
|
46
|
+
role_list = [role_list] unless role_list.respond_to?(:each)
|
47
|
+
CanHasPermission::HasRole.find(:all,:include=>[:role_class], :conditions => ['model =? and model_id =? and roles.name in (?)',self.class.to_s, self.id, role_list.collect{|p| p.to_s}]).each do |has_role|
|
48
|
+
has_role.destroy
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
53
|
+
require File.join(File.dirname(__FILE__), 'can-has-permission', 'has_permission')
|
54
|
+
require File.join(File.dirname(__FILE__), 'can-has-permission', 'permission')
|
55
|
+
require File.join(File.dirname(__FILE__), 'can-has-permission', 'role')
|
56
|
+
require File.join(File.dirname(__FILE__), 'can-has-permission', 'has_role')
|
@@ -0,0 +1,24 @@
|
|
1
|
+
class CanHasPermission::HasPermission < ActiveRecord::Base
|
2
|
+
validates_presence_of :permission_id, :if => lambda{|instance| instance.permission.blank?}
|
3
|
+
validates_presence_of :model_id
|
4
|
+
validates_presence_of :model
|
5
|
+
validates_uniqueness_of :model, :model_id, :scope => :permission_id
|
6
|
+
before_save :create_permission, :unless => lambda{|instance| instance.permission.blank?}
|
7
|
+
|
8
|
+
belongs_to :permission_class, :class_name => 'CanHasPermission::Permission', :foreign_key => 'permission_id'
|
9
|
+
|
10
|
+
def permission=(permission)
|
11
|
+
@permission = permission.to_s
|
12
|
+
end
|
13
|
+
|
14
|
+
#test this
|
15
|
+
def permission
|
16
|
+
permission_class.try(:name).try(:to_sym) || @permission
|
17
|
+
end
|
18
|
+
|
19
|
+
protected
|
20
|
+
|
21
|
+
def create_permission
|
22
|
+
self.permission_id = CanHasPermission::Permission.find_or_create_by_name(:name => self.permission).id
|
23
|
+
end
|
24
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
class CanHasPermission::HasRole < ActiveRecord::Base
|
2
|
+
validates_presence_of :role_id, :if => lambda{|instance| instance.role.blank?}
|
3
|
+
validates_presence_of :model_id
|
4
|
+
validates_presence_of :model
|
5
|
+
validates_uniqueness_of :model, :model_id, :scope => :role_id
|
6
|
+
before_save :create_role, :unless => lambda{|instance| instance.role.blank?}
|
7
|
+
|
8
|
+
belongs_to :role_class, :class_name => 'CanHasPermission::Role', :foreign_key => 'role_id'
|
9
|
+
|
10
|
+
#write and test a callback that changes the role on save if changed
|
11
|
+
def role=(role)
|
12
|
+
@role = role.to_s
|
13
|
+
end
|
14
|
+
#test this
|
15
|
+
def role
|
16
|
+
role_class.try(:name).try(:to_sym) || @role
|
17
|
+
end
|
18
|
+
protected
|
19
|
+
def create_role
|
20
|
+
self.role_id = CanHasPermission::Role.find_or_create_by_name(:name => self.role).id
|
21
|
+
end
|
22
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,41 @@
|
|
1
|
+
$LOAD_PATH << File.join(File.dirname(__FILE__), '..', 'lib')
|
2
|
+
require 'active_record'
|
3
|
+
require 'can-has-permission'
|
4
|
+
require 'rubygems'
|
5
|
+
require 'ruby-debug'
|
6
|
+
|
7
|
+
ActiveRecord::Base.establish_connection(:adapter => "sqlite3", :database => ":memory:")
|
8
|
+
|
9
|
+
def reset_database
|
10
|
+
ActiveRecord::Base.establish_connection(:adapter => "sqlite3", :database => ":memory:")
|
11
|
+
ActiveRecord::Schema.define(:version => 1) do
|
12
|
+
create_table :roles do |t|
|
13
|
+
t.string :name, :null => false
|
14
|
+
t.timestamps
|
15
|
+
end
|
16
|
+
|
17
|
+
create_table :permissions do |t|
|
18
|
+
t.string :name, :null => false
|
19
|
+
t.timestamps
|
20
|
+
end
|
21
|
+
|
22
|
+
create_table :has_roles do |t|
|
23
|
+
t.string :model, :null => false
|
24
|
+
t.integer :model_id, :null => false
|
25
|
+
t.integer :role_id, :null => false
|
26
|
+
t.timestamps
|
27
|
+
end
|
28
|
+
create_table :has_permissions do |t|
|
29
|
+
t.string :model, :null => false
|
30
|
+
t.integer :model_id, :null => false
|
31
|
+
t.integer :permission_id, :null => false
|
32
|
+
t.timestamps
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
Spec::Runner.configure do |config|
|
38
|
+
config.before(:each) do
|
39
|
+
reset_database
|
40
|
+
end
|
41
|
+
end
|
@@ -0,0 +1,279 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), '..', 'spec_helper')
|
2
|
+
|
3
|
+
|
4
|
+
class TestingClass
|
5
|
+
include CanHasPermission
|
6
|
+
attr_accessor :id
|
7
|
+
def initialize(id=nil)
|
8
|
+
@@id ||=0
|
9
|
+
self.id = id || (@@id +=1)
|
10
|
+
end
|
11
|
+
|
12
|
+
def self.find(id)
|
13
|
+
self.class.new(id)
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
describe CanHasPermission, "after including in TestingClass object" do
|
18
|
+
before(:each) do
|
19
|
+
@testing_object = TestingClass.new
|
20
|
+
end
|
21
|
+
describe ", TestingClass object " do
|
22
|
+
it "should have #has_role?" do
|
23
|
+
@testing_object.respond_to?(:has_role?).should be_true
|
24
|
+
end
|
25
|
+
it "should have #roles" do
|
26
|
+
@testing_object.respond_to?(:roles).should be_true
|
27
|
+
end
|
28
|
+
it "should have #add_roles" do
|
29
|
+
@testing_object.respond_to?(:add_roles).should be_true
|
30
|
+
end
|
31
|
+
it "should have #remove_roles" do
|
32
|
+
@testing_object.respond_to?(:remove_roles).should be_true
|
33
|
+
end
|
34
|
+
it "should have #can?" do
|
35
|
+
@testing_object.respond_to?(:can?).should be_true
|
36
|
+
end
|
37
|
+
it "should have #can" do
|
38
|
+
@testing_object.respond_to?(:can).should be_true
|
39
|
+
end
|
40
|
+
it "should have #can=" do
|
41
|
+
@testing_object.respond_to?(:can=).should be_true
|
42
|
+
end
|
43
|
+
it "should have #can_not" do
|
44
|
+
@testing_object.respond_to?(:can_not).should be_true
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
48
|
+
describe "with no permissions" do
|
49
|
+
it "#can should return an empty list" do
|
50
|
+
@testing_object.can.should be_empty
|
51
|
+
end
|
52
|
+
|
53
|
+
describe "#can?" do
|
54
|
+
it "should return false with a symbol" do
|
55
|
+
@testing_object.can?(:do_something).should be_false
|
56
|
+
end
|
57
|
+
it "should return false with a string" do
|
58
|
+
@testing_object.can?('do_something').should be_false
|
59
|
+
end
|
60
|
+
end
|
61
|
+
|
62
|
+
describe "#can=" do
|
63
|
+
it "should accept an empty list" do
|
64
|
+
@testing_object.can=([])
|
65
|
+
@testing_object.can.should be_empty
|
66
|
+
end
|
67
|
+
it "should accept being given a list with items and treat them as strings" do
|
68
|
+
@testing_object.can=[true]
|
69
|
+
@testing_object.can.size.should == 1
|
70
|
+
@testing_object.can.first.should == true.to_s.to_sym
|
71
|
+
end
|
72
|
+
it "should treat any object as its string representation" do
|
73
|
+
@testing_object.can=true
|
74
|
+
@testing_object.can.size.should == 1
|
75
|
+
@testing_object.can.first.should == true.to_s.to_sym
|
76
|
+
end
|
77
|
+
end
|
78
|
+
end
|
79
|
+
|
80
|
+
describe "with permissions" do
|
81
|
+
before(:each) do
|
82
|
+
@testing_object.can=(:role1)
|
83
|
+
end
|
84
|
+
|
85
|
+
it "#can should return a filled list" do
|
86
|
+
@testing_object.can.should_not be_empty
|
87
|
+
end
|
88
|
+
|
89
|
+
describe "#can?" do
|
90
|
+
describe "when the permission isnt in the list" do
|
91
|
+
it "should return false with a symbol" do
|
92
|
+
@testing_object.can?(:do_something).should be_false
|
93
|
+
end
|
94
|
+
it "should return false with a string" do
|
95
|
+
@testing_object.can?('do_something').should be_false
|
96
|
+
end
|
97
|
+
end
|
98
|
+
describe "when the permission is in the list" do
|
99
|
+
it "should return true with a symbol" do
|
100
|
+
@testing_object.can?(:role1).should be_true
|
101
|
+
end
|
102
|
+
it "should return true with a string" do
|
103
|
+
@testing_object.can?('role1').should be_true
|
104
|
+
end
|
105
|
+
end
|
106
|
+
end
|
107
|
+
|
108
|
+
describe "#can=" do
|
109
|
+
it "should accept an empty list" do
|
110
|
+
@testing_object.can=([])
|
111
|
+
@testing_object.can.should_not be_empty
|
112
|
+
end
|
113
|
+
it "should accept being given a list with items and treat them as strings" do
|
114
|
+
@testing_object.can=[true]
|
115
|
+
@testing_object.can.size.should == 2
|
116
|
+
@testing_object.can.should include(true.to_s.to_sym)
|
117
|
+
end
|
118
|
+
it "should treat any object as its string representation" do
|
119
|
+
@testing_object.can=true
|
120
|
+
@testing_object.can.size.should == 2
|
121
|
+
@testing_object.can.should include(true.to_s.to_sym)
|
122
|
+
end
|
123
|
+
it "should accept an already added permission and change nothing" do
|
124
|
+
@testing_object.can=(:role1)
|
125
|
+
@testing_object.can.size.should == 1
|
126
|
+
@testing_object.can.should include(:role1.to_s.to_sym)
|
127
|
+
end
|
128
|
+
end
|
129
|
+
|
130
|
+
describe "#can_not" do
|
131
|
+
it "should accept an empty list" do
|
132
|
+
@testing_object.can_not([])
|
133
|
+
@testing_object.can.should_not be_empty
|
134
|
+
end
|
135
|
+
it "should accept being given a list with items and treat them as strings" do
|
136
|
+
@testing_object.can_not([:role1])
|
137
|
+
@testing_object.can.should be_empty
|
138
|
+
@testing_object.can.should_not include(:role1)
|
139
|
+
end
|
140
|
+
it "should treat any object as its string representation" do
|
141
|
+
old_size = @testing_object.can.size
|
142
|
+
@testing_object.can=(true)
|
143
|
+
@testing_object.can_not(true)
|
144
|
+
@testing_object.can.size.should == old_size
|
145
|
+
@testing_object.can.should_not include(true.to_s.to_sym)
|
146
|
+
end
|
147
|
+
it "should accept a role not added and change nothing" do
|
148
|
+
@testing_object.can_not(true)
|
149
|
+
@testing_object.can.should_not be_empty
|
150
|
+
@testing_object.can.should include(:role1)
|
151
|
+
end
|
152
|
+
end
|
153
|
+
end
|
154
|
+
|
155
|
+
describe "with no roles" do
|
156
|
+
it "#roles should return an empty list" do
|
157
|
+
@testing_object.roles.should be_empty
|
158
|
+
end
|
159
|
+
|
160
|
+
describe "#has_role?" do
|
161
|
+
it "should return false with a symbol" do
|
162
|
+
@testing_object.has_role?(:do_something).should be_false
|
163
|
+
end
|
164
|
+
it "should return false with a string" do
|
165
|
+
@testing_object.has_role?('do_something').should be_false
|
166
|
+
end
|
167
|
+
end
|
168
|
+
|
169
|
+
describe "#add_roles" do
|
170
|
+
it "should accept an empty list" do
|
171
|
+
@testing_object.add_roles([])
|
172
|
+
@testing_object.roles.should be_empty
|
173
|
+
end
|
174
|
+
it "should accept being given a list with items and treat them as strings" do
|
175
|
+
@testing_object.add_roles([true])
|
176
|
+
@testing_object.roles.size.should == 1
|
177
|
+
@testing_object.roles.first.should == true.to_s.to_sym
|
178
|
+
end
|
179
|
+
it "should treat any object as its string representation" do
|
180
|
+
@testing_object.add_roles(true)
|
181
|
+
@testing_object.roles.size.should == 1
|
182
|
+
@testing_object.roles.first.should == true.to_s.to_sym
|
183
|
+
end
|
184
|
+
end
|
185
|
+
end
|
186
|
+
|
187
|
+
describe "with roles" do
|
188
|
+
before(:each) do
|
189
|
+
@testing_object.add_roles(:role1)
|
190
|
+
end
|
191
|
+
|
192
|
+
it "#roles should return a filled list" do
|
193
|
+
@testing_object.roles.size.should == 1
|
194
|
+
end
|
195
|
+
|
196
|
+
describe "#has_role?" do
|
197
|
+
describe "when the role isnt in the list" do
|
198
|
+
it "should return false with a symbol" do
|
199
|
+
@testing_object.has_role?(:do_something).should be_false
|
200
|
+
end
|
201
|
+
it "should return false with a string" do
|
202
|
+
@testing_object.has_role?('do_something').should be_false
|
203
|
+
end
|
204
|
+
end
|
205
|
+
describe "when the role is in the list" do
|
206
|
+
it "should return true with a symbol" do
|
207
|
+
@testing_object.has_role?(:role1).should be_true
|
208
|
+
end
|
209
|
+
it "should return true with a string" do
|
210
|
+
@testing_object.has_role?('role1').should be_true
|
211
|
+
end
|
212
|
+
end
|
213
|
+
end
|
214
|
+
|
215
|
+
describe "#add_roles" do
|
216
|
+
it "should accept an empty list" do
|
217
|
+
@testing_object.add_roles([])
|
218
|
+
@testing_object.roles.should_not be_empty
|
219
|
+
end
|
220
|
+
it "should accept being given a list with items and treat them as strings" do
|
221
|
+
@testing_object.add_roles([true])
|
222
|
+
@testing_object.roles.size.should == 2
|
223
|
+
@testing_object.roles.should include(true.to_s.to_sym)
|
224
|
+
end
|
225
|
+
it "should treat any object as its string representation" do
|
226
|
+
@testing_object.add_roles(true)
|
227
|
+
@testing_object.roles.size.should == 2
|
228
|
+
@testing_object.roles.should include(true.to_s.to_sym)
|
229
|
+
end
|
230
|
+
it "should accept an already added role and change nothing" do
|
231
|
+
@testing_object.add_roles(:role1)
|
232
|
+
@testing_object.roles.size.should == 1
|
233
|
+
@testing_object.roles.should include(:role1.to_s.to_sym)
|
234
|
+
end
|
235
|
+
end
|
236
|
+
|
237
|
+
describe "#remove_roles" do
|
238
|
+
it "should accept an empty list" do
|
239
|
+
@testing_object.remove_roles([])
|
240
|
+
@testing_object.roles.should_not be_empty
|
241
|
+
end
|
242
|
+
it "should accept being given a list with items and treat them as strings" do
|
243
|
+
@testing_object.remove_roles([:role1])
|
244
|
+
@testing_object.roles.should be_empty
|
245
|
+
@testing_object.roles.should_not include(:role1)
|
246
|
+
end
|
247
|
+
it "should treat any object as its string representation" do
|
248
|
+
old_size = @testing_object.roles.size
|
249
|
+
@testing_object.add_roles(true)
|
250
|
+
@testing_object.remove_roles(true)
|
251
|
+
@testing_object.roles.size.should == old_size
|
252
|
+
@testing_object.roles.should_not include(true.to_s.to_sym)
|
253
|
+
end
|
254
|
+
it "should accept a role not added and change nothing" do
|
255
|
+
@testing_object.remove_roles(true)
|
256
|
+
@testing_object.roles.should_not be_empty
|
257
|
+
@testing_object.roles.should include(:role1)
|
258
|
+
end
|
259
|
+
end
|
260
|
+
|
261
|
+
describe "#can?" do
|
262
|
+
it "should return false" do
|
263
|
+
@testing_object.can?(:do_stuff).should be_false
|
264
|
+
end
|
265
|
+
end
|
266
|
+
|
267
|
+
describe "that have permissions" do
|
268
|
+
before(:each) do
|
269
|
+
role = CanHasPermission::Role.find(:first)
|
270
|
+
role.can=(:do_stuff)
|
271
|
+
end
|
272
|
+
describe "#can?" do
|
273
|
+
it "should return true when given a permission the role has" do
|
274
|
+
@testing_object.can?(:do_stuff).should be_true
|
275
|
+
end
|
276
|
+
end
|
277
|
+
end
|
278
|
+
end
|
279
|
+
end
|
@@ -0,0 +1,74 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), '..', 'spec_helper')
|
2
|
+
|
3
|
+
describe CanHasPermission::HasPermission do
|
4
|
+
it "should be valid with a permission_id, type and model_id" do
|
5
|
+
has_permission = CanHasPermission::HasPermission.new(:permission_id => 1, :model => 'Bingo', :model_id => 1)
|
6
|
+
has_permission.should be_valid
|
7
|
+
end
|
8
|
+
it "should not be valid without a permission_id" do
|
9
|
+
has_permission = CanHasPermission::HasPermission.new(:model => 'Bingo', :model_id => 1)
|
10
|
+
has_permission.should_not be_valid
|
11
|
+
end
|
12
|
+
it "should not be valid without a type" do
|
13
|
+
has_permission = CanHasPermission::HasPermission.new(:permission_id => 1, :model_id => 1)
|
14
|
+
has_permission.should_not be_valid
|
15
|
+
end
|
16
|
+
it "should not be valid without a model_id" do
|
17
|
+
has_permission = CanHasPermission::HasPermission.new(:permission_id => 1, :model => 'Type')
|
18
|
+
has_permission.should_not be_valid
|
19
|
+
end
|
20
|
+
it "should not be valid when it has a permission_id, model_id and type that already exist" do
|
21
|
+
name = 'the same'
|
22
|
+
has_permission1 = CanHasPermission::HasPermission.create!(:permission_id => 1, :model => 'Bingo', :model_id => 1)
|
23
|
+
has_permission2 = CanHasPermission::HasPermission.new(:permission_id => 1, :model => 'Bingo', :model_id => 1)
|
24
|
+
has_permission1.should be_valid
|
25
|
+
has_permission1.id.should_not be_nil
|
26
|
+
has_permission2.should_not be_valid
|
27
|
+
end
|
28
|
+
describe "when a permission exists" do
|
29
|
+
before(:each) do
|
30
|
+
CanHasPermission::Permission.create!(:name => 'this_exists')
|
31
|
+
@permission_count = CanHasPermission::Permission.count
|
32
|
+
end
|
33
|
+
it "should be valid without a permission_id but with the permission name" do
|
34
|
+
has_permission = CanHasPermission::HasPermission.new(:model => 'Bingo', :permission => 'this_exists', :model_id => 1)
|
35
|
+
has_permission.should be_valid
|
36
|
+
end
|
37
|
+
it "should be valid without a permission_id but with the permission name as a symbol" do
|
38
|
+
has_permission = CanHasPermission::HasPermission.new(:model => 'Bingo', :permission => :this_exists, :model_id => 1)
|
39
|
+
has_permission.should be_valid
|
40
|
+
end
|
41
|
+
it "should not create another permission" do
|
42
|
+
CanHasPermission::HasPermission.create!(:model => 'Bingo', :permission => 'this_exists', :model_id => 1)
|
43
|
+
CanHasPermission::Permission.count.should == @permission_count
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
describe "when a permission does not exist" do
|
48
|
+
before(:each) do
|
49
|
+
CanHasPermission::Permission.count.should ==0
|
50
|
+
end
|
51
|
+
it "should be valid without a permission_id but with the permission name" do
|
52
|
+
has_permission = CanHasPermission::HasPermission.new(:model => 'Bingo', :permission => 'this_exists', :model_id => 1)
|
53
|
+
has_permission.should be_valid
|
54
|
+
end
|
55
|
+
it "should be valid without a permission_id but with the permission name as a symbol" do
|
56
|
+
has_permission = CanHasPermission::HasPermission.new(:model => 'Bingo', :permission => :this_exists, :model_id => 1)
|
57
|
+
has_permission.should be_valid
|
58
|
+
end
|
59
|
+
it "should create the permission" do
|
60
|
+
has_permission = CanHasPermission::HasPermission.create!(:model => 'Bingo2', :permission => 'this_exists', :model_id => 1)
|
61
|
+
CanHasPermission::Permission.count.should == 1
|
62
|
+
CanHasPermission::Permission.find_by_name('this_exists').should_not be_nil
|
63
|
+
end
|
64
|
+
it "should create the permission with symbol" do
|
65
|
+
has_permission = CanHasPermission::HasPermission.create!(:model => 'Bingo2', :permission => :this_exists, :model_id => 1)
|
66
|
+
CanHasPermission::Permission.count.should == 1
|
67
|
+
CanHasPermission::Permission.find_by_name('this_exists').should_not be_nil
|
68
|
+
end
|
69
|
+
it "should be invalid with a blank permission" do
|
70
|
+
has_permission = CanHasPermission::HasPermission.new(:model => 'Bingo', :permission => '', :model_id => 1)
|
71
|
+
has_permission.should be_invalid
|
72
|
+
end
|
73
|
+
end
|
74
|
+
end
|
@@ -0,0 +1,74 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), '..', 'spec_helper')
|
2
|
+
|
3
|
+
describe CanHasPermission::HasRole do
|
4
|
+
it "should be valid with a role_id, type and model_id" do
|
5
|
+
has_role = CanHasPermission::HasRole.new(:role_id => 1, :model => 'Bingo', :model_id => 1)
|
6
|
+
has_role.should be_valid
|
7
|
+
end
|
8
|
+
it "should not be valid without a role_id" do
|
9
|
+
has_role = CanHasPermission::HasRole.new(:model => 'Bingo', :model_id => 1)
|
10
|
+
has_role.should_not be_valid
|
11
|
+
end
|
12
|
+
it "should not be valid without a type" do
|
13
|
+
has_role = CanHasPermission::HasRole.new(:role_id => 1, :model_id => 1)
|
14
|
+
has_role.should_not be_valid
|
15
|
+
end
|
16
|
+
it "should not be valid without a model_id" do
|
17
|
+
has_role = CanHasPermission::HasRole.new(:role_id => 1, :model => 'Type')
|
18
|
+
has_role.should_not be_valid
|
19
|
+
end
|
20
|
+
it "should not be valid when it has a role_id, model_id and type that already exist" do
|
21
|
+
name = 'the same'
|
22
|
+
has_role1 = CanHasPermission::HasRole.create!(:role_id => 1, :model => 'Bingo', :model_id => 1)
|
23
|
+
has_role2 = CanHasPermission::HasRole.new(:role_id => 1, :model => 'Bingo', :model_id => 1)
|
24
|
+
has_role1.should be_valid
|
25
|
+
has_role1.id.should_not be_nil
|
26
|
+
has_role2.should_not be_valid
|
27
|
+
end
|
28
|
+
describe "when a role exists" do
|
29
|
+
before(:each) do
|
30
|
+
CanHasPermission::Role.create!(:name => 'this_exists')
|
31
|
+
@role_count = CanHasPermission::Role.count
|
32
|
+
end
|
33
|
+
it "should be valid without a role_id but with the role name" do
|
34
|
+
has_role = CanHasPermission::HasRole.new(:model => 'Bingo', :role => 'this_exists', :model_id => 1)
|
35
|
+
has_role.should be_valid
|
36
|
+
end
|
37
|
+
it "should be valid without a role_id but with the role name as a symbol" do
|
38
|
+
has_role = CanHasPermission::HasRole.new(:model => 'Bingo', :role => :this_exists, :model_id => 1)
|
39
|
+
has_role.should be_valid
|
40
|
+
end
|
41
|
+
it "should not create another role" do
|
42
|
+
CanHasPermission::HasRole.create!(:model => 'Bingo', :role => 'this_exists', :model_id => 1)
|
43
|
+
CanHasPermission::Role.count.should == @role_count
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
describe "when a role does not exist" do
|
48
|
+
before(:each) do
|
49
|
+
CanHasPermission::Role.count.should ==0
|
50
|
+
end
|
51
|
+
it "should be valid without a role_id but with the role name" do
|
52
|
+
has_role = CanHasPermission::HasRole.new(:model => 'Bingo', :role => 'this_exists', :model_id => 1)
|
53
|
+
has_role.should be_valid
|
54
|
+
end
|
55
|
+
it "should be valid without a role_id but with the role name as a symbol" do
|
56
|
+
has_role = CanHasPermission::HasRole.new(:model => 'Bingo', :role => :this_exists, :model_id => 1)
|
57
|
+
has_role.should be_valid
|
58
|
+
end
|
59
|
+
it "should create the role" do
|
60
|
+
has_role = CanHasPermission::HasRole.create!(:model => 'Bingo2', :role => 'this_exists', :model_id => 1)
|
61
|
+
CanHasPermission::Role.count.should == 1
|
62
|
+
CanHasPermission::Role.find_by_name('this_exists').should_not be_nil
|
63
|
+
end
|
64
|
+
it "should create the role with symbol" do
|
65
|
+
has_role = CanHasPermission::HasRole.create!(:model => 'Bingo2', :role => :this_exists, :model_id => 1)
|
66
|
+
CanHasPermission::Role.count.should == 1
|
67
|
+
CanHasPermission::Role.find_by_name('this_exists').should_not be_nil
|
68
|
+
end
|
69
|
+
it "should be invalid with a blank role" do
|
70
|
+
has_role = CanHasPermission::HasRole.new(:model => 'Bingo', :role => '', :model_id => 1)
|
71
|
+
has_role.should be_invalid
|
72
|
+
end
|
73
|
+
end
|
74
|
+
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), '..', 'spec_helper')
|
2
|
+
|
3
|
+
describe CanHasPermission::Permission do
|
4
|
+
it "should be valid with a name" do
|
5
|
+
role = CanHasPermission::Permission.new(:name => 'Bingo')
|
6
|
+
role.should be_valid
|
7
|
+
end
|
8
|
+
it "should not be valid without a name" do
|
9
|
+
role = CanHasPermission::Permission.new()
|
10
|
+
role.should_not be_valid
|
11
|
+
end
|
12
|
+
it "should not be valid when it has a name that already exists" do
|
13
|
+
name = 'the same'
|
14
|
+
role1 = CanHasPermission::Permission.create!(:name => 'the same')
|
15
|
+
role2 = CanHasPermission::Permission.new(:name => 'the same')
|
16
|
+
role1.should be_valid
|
17
|
+
role1.id.should_not be_nil
|
18
|
+
role2.should_not be_valid
|
19
|
+
end
|
20
|
+
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), '..', 'spec_helper')
|
2
|
+
|
3
|
+
describe CanHasPermission::Role do
|
4
|
+
it "should be valid with a name" do
|
5
|
+
role = CanHasPermission::Role.new(:name => 'Bingo')
|
6
|
+
role.should be_valid
|
7
|
+
end
|
8
|
+
it "should not be valid without a name" do
|
9
|
+
role = CanHasPermission::Role.new()
|
10
|
+
role.should_not be_valid
|
11
|
+
end
|
12
|
+
it "should not be valid when it has a name that already exists" do
|
13
|
+
name = 'the same'
|
14
|
+
role1 = CanHasPermission::Role.create!(:name => 'the same')
|
15
|
+
role2 = CanHasPermission::Role.new(:name => 'the same')
|
16
|
+
role1.should be_valid
|
17
|
+
role1.id.should_not be_nil
|
18
|
+
role2.should_not be_valid
|
19
|
+
end
|
20
|
+
end
|
metadata
ADDED
@@ -0,0 +1,87 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: can-has-permission
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
hash: 29
|
5
|
+
prerelease: false
|
6
|
+
segments:
|
7
|
+
- 0
|
8
|
+
- 0
|
9
|
+
- 1
|
10
|
+
version: 0.0.1
|
11
|
+
platform: ruby
|
12
|
+
authors:
|
13
|
+
- Chris Rode
|
14
|
+
autorequire:
|
15
|
+
bindir: bin
|
16
|
+
cert_chain: []
|
17
|
+
|
18
|
+
date: 2010-08-10 00:00:00 +01:00
|
19
|
+
default_executable:
|
20
|
+
dependencies: []
|
21
|
+
|
22
|
+
description: simple permissions based authorisation with roles
|
23
|
+
email: cirode@gmail.com
|
24
|
+
executables: []
|
25
|
+
|
26
|
+
extensions: []
|
27
|
+
|
28
|
+
extra_rdoc_files:
|
29
|
+
- README.rdoc
|
30
|
+
files:
|
31
|
+
- .gitignore
|
32
|
+
- README.rdoc
|
33
|
+
- Rakefile
|
34
|
+
- VERSION
|
35
|
+
- can-has-permission.gemspec
|
36
|
+
- lib/can-has-permission.rb
|
37
|
+
- lib/can-has-permission/has_permission.rb
|
38
|
+
- lib/can-has-permission/has_role.rb
|
39
|
+
- lib/can-has-permission/permission.rb
|
40
|
+
- lib/can-has-permission/role.rb
|
41
|
+
- spec/spec_helper.rb
|
42
|
+
- spec/tests/can_has_permission_spec.rb
|
43
|
+
- spec/tests/has_permission_spec.rb
|
44
|
+
- spec/tests/has_role_spec.rb
|
45
|
+
- spec/tests/permission_spec.rb
|
46
|
+
- spec/tests/role_spec.rb
|
47
|
+
has_rdoc: true
|
48
|
+
homepage: http://github.com/cirode/can_has_permission
|
49
|
+
licenses: []
|
50
|
+
|
51
|
+
post_install_message:
|
52
|
+
rdoc_options:
|
53
|
+
- --charset=UTF-8
|
54
|
+
require_paths:
|
55
|
+
- lib
|
56
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
57
|
+
none: false
|
58
|
+
requirements:
|
59
|
+
- - ">="
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
hash: 3
|
62
|
+
segments:
|
63
|
+
- 0
|
64
|
+
version: "0"
|
65
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
66
|
+
none: false
|
67
|
+
requirements:
|
68
|
+
- - ">="
|
69
|
+
- !ruby/object:Gem::Version
|
70
|
+
hash: 3
|
71
|
+
segments:
|
72
|
+
- 0
|
73
|
+
version: "0"
|
74
|
+
requirements: []
|
75
|
+
|
76
|
+
rubyforge_project:
|
77
|
+
rubygems_version: 1.3.7
|
78
|
+
signing_key:
|
79
|
+
specification_version: 3
|
80
|
+
summary: simple permissions based authorisation
|
81
|
+
test_files:
|
82
|
+
- spec/spec_helper.rb
|
83
|
+
- spec/tests/can_has_permission_spec.rb
|
84
|
+
- spec/tests/has_permission_spec.rb
|
85
|
+
- spec/tests/has_role_spec.rb
|
86
|
+
- spec/tests/permission_spec.rb
|
87
|
+
- spec/tests/role_spec.rb
|