cancan 1.1.1 → 1.2.0

data/spec/cancan/active_record_additions_spec.rb

@@ -8,21 +8,21 @@ describe CanCan::ActiveRecordAdditions do
     @ability = Object.new
     @ability.extend(CanCan::Ability)
   end
-  
+
   it "should call where(:id => nil) when no ability is defined so no records are found" do
-    stub(@model_class).where(:id => nil) { :no_where }
+    stub(@model_class).where(:id => nil).stub!.joins(nil) { :no_where }
     @model_class.accessible_by(@ability, :read).should == :no_where
   end
-  
+
   it "should call where with matching ability conditions" do
-    @ability.can :read, @model_class, :foo => 1
-    stub(@model_class).where(:foo => 1) { :found_records }
+    @ability.can :read, @model_class, :foo => {:bar => 1}
+    stub(@model_class).where(:foos => { :bar => 1 }).stub!.joins([:foo]) { :found_records }
     @model_class.accessible_by(@ability, :read).should == :found_records
   end
-  
+
   it "should default to :read ability and use scoped when where isn't available" do
-    @ability.can :read, @model_class, :foo => 1
-    stub(@model_class).scoped(:conditions => {:foo => 1}) { :found_records }
+    @ability.can :read, @model_class, :foo => {:bar => 1}
+    stub(@model_class).scoped(:conditions => {:foos => {:bar => 1}}, :joins => [:foo]) { :found_records }
     @model_class.accessible_by(@ability).should == :found_records
   end
 end

data/spec/cancan/can_definition_spec.rb

@@ -0,0 +1,44 @@
+require "spec_helper"
+
+describe CanCan::CanDefinition do
+  before(:each) do
+    @conditions = {}
+    @can = CanCan::CanDefinition.new(true, :read, Integer, @conditions, nil)
+  end
+
+  it "should return no association joins if none exist" do
+    @can.association_joins.should be_nil
+  end
+
+  it "should return no association for joins if just attributes" do
+    @conditions[:foo] = :bar
+    @can.association_joins.should be_nil
+  end
+
+  it "should return single association for joins" do
+    @conditions[:foo] = {:bar => 1}
+    @can.association_joins.should == [:foo]
+  end
+
+  it "should return multiple associations for joins" do
+    @conditions[:foo] = {:bar => 1}
+    @conditions[:test] = {1 => 2}
+    @can.association_joins.map(&:to_s).sort.should == [:foo, :test].map(&:to_s).sort
+  end
+
+  it "should return nested associations for joins" do
+    @conditions[:foo] = {:bar => {1 => 2}}
+    @can.association_joins.should == [{:foo => [:bar]}]
+  end
+
+  it "should return table names in conditions for association joins" do
+    @conditions[:foo] = {:bar => 1}
+    @conditions[:test] = 1
+    @can.conditions(:tableize => true).should == { :foos => { :bar => 1}, :test => 1 }
+  end
+
+  it "should return no association joins if conditions is nil" do
+    can = CanCan::CanDefinition.new(true, :read, Integer, nil, nil)
+    can.association_joins.should be_nil
+  end
+end

data/spec/cancan/controller_additions_spec.rb

@@ -9,11 +9,11 @@ describe CanCan::ControllerAdditions do
     mock(@controller_class).helper_method(:can?, :cannot?)
     @controller_class.send(:include, CanCan::ControllerAdditions)
   end
-  
+
   it "should raise ImplementationRemoved when attempting to call 'unauthorized!' on a controller" do
     lambda { @controller.unauthorized! }.should raise_error(CanCan::ImplementationRemoved)
   end
-  
+
   it "should raise access denied exception if ability us unauthorized to perform a certain action" do
     begin
       @controller.authorize! :read, :foo, 1, 2, 3, :message => "Access denied!"
@@ -25,12 +25,12 @@ describe CanCan::ControllerAdditions do
       fail "Expected CanCan::AccessDenied exception to be raised"
     end
   end
-  
+
   it "should not raise access denied exception if ability is authorized to perform an action" do
     @controller.current_ability.can :read, :foo
     lambda { @controller.authorize!(:read, :foo) }.should_not raise_error
   end
-  
+
   it "should raise access denied exception with default message if not specified" do
     begin
       @controller.authorize! :read, :foo
@@ -41,29 +41,29 @@ describe CanCan::ControllerAdditions do
       fail "Expected CanCan::AccessDenied exception to be raised"
     end
   end
-  
+
   it "should have a current_ability method which generates an ability for the current user" do
     @controller.current_ability.should be_kind_of(Ability)
   end
-  
+
   it "should provide a can? and cannot? methods which go through the current ability" do
     @controller.current_ability.should be_kind_of(Ability)
     @controller.can?(:foo, :bar).should be_false
     @controller.cannot?(:foo, :bar).should be_true
   end
-  
+
   it "load_and_authorize_resource should setup a before filter which passes call to ResourceAuthorization" do
     stub(CanCan::ResourceAuthorization).new(@controller, @controller.params, :foo => :bar).mock!.load_and_authorize_resource
     mock(@controller_class).before_filter({}) { |options, block| block.call(@controller) }
     @controller_class.load_and_authorize_resource :foo => :bar
   end
-  
+
   it "authorize_resource should setup a before filter which passes call to ResourceAuthorization" do
     stub(CanCan::ResourceAuthorization).new(@controller, @controller.params, :foo => :bar).mock!.authorize_resource
     mock(@controller_class).before_filter(:except => :show) { |options, block| block.call(@controller) }
     @controller_class.authorize_resource :foo => :bar, :except => :show
   end
-  
+
   it "load_resource should setup a before filter which passes call to ResourceAuthorization" do
     stub(CanCan::ResourceAuthorization).new(@controller, @controller.params, :foo => :bar).mock!.load_resource
     mock(@controller_class).before_filter(:only => [:show, :index]) { |options, block| block.call(@controller) }

data/spec/cancan/controller_resource_spec.rb

@@ -4,53 +4,53 @@ describe CanCan::ControllerResource do
   before(:each) do
     @controller = Object.new
   end
-  
+
   it "should determine model class by constantizing give name" do
     CanCan::ControllerResource.new(@controller, :ability).model_class.should == Ability
   end
-  
+
   it "should fetch model through model class and assign it to the instance" do
     stub(Ability).find(123) { :some_ability }
     CanCan::ControllerResource.new(@controller, :ability).find(123)
     @controller.instance_variable_get(:@ability).should == :some_ability
   end
-  
+
   it "should fetch model through parent and assign it to the instance" do
     parent = Object.new
     stub(parent).model_instance.stub!.abilities.stub!.find(123) { :some_ability }
     CanCan::ControllerResource.new(@controller, :ability, parent).find(123)
     @controller.instance_variable_get(:@ability).should == :some_ability
   end
-  
+
   it "should build model through model class and assign it to the instance" do
     stub(Ability).new(123) { :some_ability }
     CanCan::ControllerResource.new(@controller, :ability).build(123)
     @controller.instance_variable_get(:@ability).should == :some_ability
   end
-  
+
   it "should build model through parent and assign it to the instance" do
     parent = Object.new
     stub(parent).model_instance.stub!.abilities.stub!.build(123) { :some_ability }
     CanCan::ControllerResource.new(@controller, :ability, parent).build(123)
     @controller.instance_variable_get(:@ability).should == :some_ability
   end
-  
+
   it "should not load resource if instance variable is already provided" do
     @controller.instance_variable_set(:@ability, :some_ability)
     CanCan::ControllerResource.new(@controller, :ability).find(123)
     @controller.instance_variable_get(:@ability).should == :some_ability
   end
-  
+
   it "should use the model class option if provided" do
     stub(Person).find(123) { :some_resource }
     CanCan::ControllerResource.new(@controller, :ability, nil, :resource => Person).find(123)
     @controller.instance_variable_get(:@ability).should == :some_resource
   end
-  
+
   it "should convert string to constant for resource" do
     CanCan::ControllerResource.new(@controller, :ability, nil, :resource => "Person").model_class.should == Person
   end
-  
+
   it "should raise an exception when specifying :class option since it is no longer used" do
     lambda {
       CanCan::ControllerResource.new(@controller, :ability, nil, :class => Person)

data/spec/cancan/exceptions_spec.rb

@@ -5,29 +5,29 @@ describe CanCan::AccessDenied do
     before(:each) do
       @exception = CanCan::AccessDenied.new(nil, :some_action, :some_subject)
     end
-    
+
     it "should have action and subject accessors" do
       @exception.action.should == :some_action
       @exception.subject.should == :some_subject
     end
-    
+
     it "should have a changable default message" do
       @exception.message.should == "You are not authorized to access this page."
       @exception.default_message = "Unauthorized!"
       @exception.message.should == "Unauthorized!"
     end
   end
-  
+
   describe "with only a message" do
     before(:each) do
       @exception = CanCan::AccessDenied.new("Access denied!")
     end
-    
+
     it "should have nil action and subject" do
       @exception.action.should be_nil
       @exception.subject.should be_nil
     end
-    
+
     it "should have passed message" do
       @exception.message.should == "Access denied!"
     end

data/spec/cancan/resource_authorization_spec.rb

@@ -4,101 +4,112 @@ describe CanCan::ResourceAuthorization do
   before(:each) do
     @controller = Object.new # simple stub for now
   end
-  
+
   it "should load the resource into an instance variable if params[:id] is specified" do
     stub(Ability).find(123) { :some_resource }
     authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "show", :id => 123)
     authorization.load_resource
     @controller.instance_variable_get(:@ability).should == :some_resource
   end
-  
+
   it "should properly load resource for namespaced controller" do
     stub(Ability).find(123) { :some_resource }
     authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "admin/abilities", :action => "show", :id => 123)
     authorization.load_resource
     @controller.instance_variable_get(:@ability).should == :some_resource
   end
-  
+
   it "should properly load resource for namespaced controller when using '::' for namespace" do
     stub(Ability).find(123) { :some_resource }
     authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "Admin::AbilitiesController", :action => "show", :id => 123)
     authorization.load_resource
     @controller.instance_variable_get(:@ability).should == :some_resource
   end
-  
+
   it "should build a new resource with hash if params[:id] is not specified" do
     stub(Ability).new(:foo => "bar") { :some_resource }
     authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "create", :ability => {:foo => "bar"})
     authorization.load_resource
     @controller.instance_variable_get(:@ability).should == :some_resource
   end
-  
+
   it "should build a new resource even if attribute hash isn't specified" do
     stub(Ability).new(nil) { :some_resource }
     authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "new")
     authorization.load_resource
     @controller.instance_variable_get(:@ability).should == :some_resource
   end
-  
+
   it "should not build a resource when on index action" do
     authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "index")
     authorization.load_resource
     @controller.instance_variable_get(:@ability).should be_nil
   end
-  
+
   it "should perform authorization using controller action and loaded model" do
     @controller.instance_variable_set(:@ability, :some_resource)
     stub(@controller).authorize!(:show, :some_resource) { raise CanCan::AccessDenied }
     authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "show")
     lambda { authorization.authorize_resource }.should raise_error(CanCan::AccessDenied)
   end
-  
+
   it "should perform authorization using controller action and non loaded model" do
     stub(@controller).authorize!(:show, Ability) { raise CanCan::AccessDenied }
     authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "show")
     lambda { authorization.authorize_resource }.should raise_error(CanCan::AccessDenied)
   end
-  
+
   it "should call load_resource and authorize_resource for load_and_authorize_resource" do
     authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "show")
     mock(authorization).load_resource
     mock(authorization).authorize_resource
     authorization.load_and_authorize_resource
   end
-  
+
   it "should not build a resource when on custom collection action" do
     authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "sort"}, {:collection => [:sort, :list]})
     authorization.load_resource
     @controller.instance_variable_get(:@ability).should be_nil
   end
-  
+
   it "should build a resource when on custom new action even when params[:id] exists" do
     stub(Ability).new(nil) { :some_resource }
     authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "build", :id => 123}, {:new => :build})
     authorization.load_resource
     @controller.instance_variable_get(:@ability).should == :some_resource
   end
-  
+
   it "should not try to load resource for other action if params[:id] is undefined" do
     authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "list")
     authorization.load_resource
     @controller.instance_variable_get(:@ability).should be_nil
   end
-  
+
   it "should load nested resource and fetch other resource through the association" do
-    stub(Person).find(456).stub!.abilities.stub!.find(123) { :some_ability }
+    person = Object.new
+    stub(Person).find(456) { person }
+    stub(person).abilities.stub!.find(123) { :some_ability }
     authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "show", :id => 123, :person_id => 456}, {:nested => :person})
     authorization.load_resource
+    @controller.instance_variable_get(:@person).should == person
     @controller.instance_variable_get(:@ability).should == :some_ability
   end
-  
+
+  it "should load nested resource for collection action" do
+    person = Object.new
+    stub(Person).find(456) { person }
+    authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "index", :person_id => 456}, {:nested => :person})
+    authorization.load_resource
+    @controller.instance_variable_get(:@person).should == person
+  end
+
   it "should load nested resource and build resource through a deep association" do
     stub(Person).find(456).stub!.behaviors.stub!.find(789).stub!.abilities.stub!.build(nil) { :some_ability }
     authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "new", :person_id => 456, :behavior_id => 789}, {:nested => [:person, :behavior]})
     authorization.load_resource
     @controller.instance_variable_get(:@ability).should == :some_ability
   end
-  
+
   it "should not load nested resource and build through this if *_id param isn't specified" do
     stub(Person).find(456) { :some_person }
     stub(Ability).new(nil) { :some_ability }
@@ -107,11 +118,18 @@ describe CanCan::ResourceAuthorization do
     @controller.instance_variable_get(:@person).should == :some_person
     @controller.instance_variable_get(:@ability).should == :some_ability
   end
-  
+
   it "should load the model using a custom class" do
     stub(Person).find(123) { :some_resource }
     authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "show", :id => 123}, {:resource => Person})
     authorization.load_resource
     @controller.instance_variable_get(:@ability).should == :some_resource
   end
+
+  it "should use :name option to determine resource name" do
+    stub(Ability).find(123) { :some_resource }
+    authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "foo", :action => "show", :id => 123}, {:name => :ability})
+    authorization.load_resource
+    @controller.instance_variable_get(:@ability).should == :some_resource
+  end
 end

data/spec/spec_helper.rb

@@ -13,7 +13,7 @@ end
 
 class Ability
   include CanCan::Ability
-  
+
   def initialize(user)
   end
 end

metadata

@@ -4,9 +4,9 @@ version: !ruby/object:Gem::Version
   prerelease: false
   segments: 
   - 1
-  - 1
-  - 1
-  version: 1.1.1
+  - 2
+  - 0
+  version: 1.2.0
 platform: ruby
 authors: 
 - Ryan Bates
@@ -14,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-04-17 00:00:00 -07:00
+date: 2010-07-16 00:00:00 -07:00
 default_executable: 
 dependencies: []
 
@@ -29,6 +29,7 @@ extra_rdoc_files: []
 files: 
 - lib/cancan/ability.rb
 - lib/cancan/active_record_additions.rb
+- lib/cancan/can_definition.rb
 - lib/cancan/controller_additions.rb
 - lib/cancan/controller_resource.rb
 - lib/cancan/exceptions.rb
@@ -37,6 +38,7 @@ files:
 - lib/cancan.rb
 - spec/cancan/ability_spec.rb
 - spec/cancan/active_record_additions_spec.rb
+- spec/cancan/can_definition_spec.rb
 - spec/cancan/controller_additions_spec.rb
 - spec/cancan/controller_resource_spec.rb
 - spec/cancan/exceptions_spec.rb