cancancan 1.17.0 → 2.0.0.rc1

data/spec/cancan/model_adapters/default_adapter_spec.rb

@@ -1,7 +0,0 @@
-require 'spec_helper'
-
-describe CanCan::ModelAdapters::DefaultAdapter do
-  it 'is default for generic classes' do
-    expect(CanCan::ModelAdapters::AbstractAdapter.adapter_class(Object)).to eq(CanCan::ModelAdapters::DefaultAdapter)
-  end
-end

data/spec/cancan/model_adapters/mongoid_adapter_spec.rb

@@ -1,246 +0,0 @@
-require 'spec_helper'
-
-if defined? CanCan::ModelAdapters::MongoidAdapter
-
-  class MongoidCategory
-    include Mongoid::Document
-
-    references_many :mongoid_projects
-  end
-
-  class MongoidProject
-    include Mongoid::Document
-
-    referenced_in :mongoid_category
-    references_many :mongoid_sub_projects
-  end
-
-  class MongoidSubProject
-    include Mongoid::Document
-
-    referenced_in :mongoid_project
-  end
-
-  Mongoid.configure do |config|
-    config.master = Mongo::Connection.new('127.0.0.1', 27_017).db('cancan_mongoid_spec')
-  end
-
-  describe CanCan::ModelAdapters::MongoidAdapter do
-    context 'Mongoid defined' do
-      before(:each) do
-        (@ability = double).extend(CanCan::Ability)
-      end
-
-      after(:each) do
-        Mongoid.master.collections.select do |collection|
-          collection.name !~ /system/
-        end.each(&:drop)
-      end
-
-      it 'is for only Mongoid classes' do
-        expect(CanCan::ModelAdapters::MongoidAdapter).not_to be_for_class(Object)
-        expect(CanCan::ModelAdapters::MongoidAdapter).to be_for_class(MongoidProject)
-        expect(CanCan::ModelAdapters::AbstractAdapter.adapter_class(MongoidProject))
-          .to eq(CanCan::ModelAdapters::MongoidAdapter)
-      end
-
-      it 'finds record' do
-        project = MongoidProject.create
-        expect(CanCan::ModelAdapters::MongoidAdapter.find(MongoidProject, project.id)).to eq(project)
-      end
-
-      it 'compares properties on mongoid documents with the conditions hash' do
-        model = MongoidProject.new
-        @ability.can :read, MongoidProject, id: model.id
-        expect(@ability).to be_able_to(:read, model)
-      end
-
-      it 'is able to read hashes when field is array' do
-        one_to_three = MongoidProject.create(numbers: %w(one two three))
-        two_to_five  = MongoidProject.create(numbers: %w(two three four five))
-
-        @ability.can :foo, MongoidProject, numbers: 'one'
-        expect(@ability).to be_able_to(:foo, one_to_three)
-        expect(@ability).not_to be_able_to(:foo, two_to_five)
-      end
-
-      it 'returns [] when no ability is defined so no records are found' do
-        MongoidProject.create(title: 'Sir')
-        MongoidProject.create(title: 'Lord')
-        MongoidProject.create(title: 'Dude')
-
-        expect(MongoidProject.accessible_by(@ability, :read).entries).to eq([])
-      end
-
-      it 'returns the correct records based on the defined ability' do
-        @ability.can :read, MongoidProject, title: 'Sir'
-        sir = MongoidProject.create(title: 'Sir')
-        MongoidProject.create(title: 'Lord')
-        MongoidProject.create(title: 'Dude')
-
-        expect(MongoidProject.accessible_by(@ability, :read).entries).to eq([sir])
-      end
-
-      it 'returns the correct records when a mix of can and cannot rules in defined ability' do
-        @ability.can :manage, MongoidProject, title: 'Sir'
-        @ability.cannot :destroy, MongoidProject
-
-        sir = MongoidProject.create(title: 'Sir')
-        MongoidProject.create(title: 'Lord')
-        MongoidProject.create(title: 'Dude')
-
-        expect(MongoidProject.accessible_by(@ability, :destroy).entries).to eq([sir])
-      end
-
-      it 'is able to mix empty conditions and hashes' do
-        @ability.can :read, MongoidProject
-        @ability.can :read, MongoidProject, title: 'Sir'
-        MongoidProject.create(title: 'Sir')
-        MongoidProject.create(title: 'Lord')
-
-        expect(MongoidProject.accessible_by(@ability, :read).count).to eq(2)
-      end
-
-      it 'returns everything when the defined ability is access all' do
-        @ability.can :manage, :all
-        sir   = MongoidProject.create(title: 'Sir')
-        lord  = MongoidProject.create(title: 'Lord')
-        dude  = MongoidProject.create(title: 'Dude')
-
-        expect(MongoidProject.accessible_by(@ability, :read).entries).to eq([sir, lord, dude])
-      end
-
-      it 'allows a scope for conditions' do
-        @ability.can :read, MongoidProject, MongoidProject.where(title: 'Sir')
-        sir = MongoidProject.create(title: 'Sir')
-        MongoidProject.create(title: 'Lord')
-        MongoidProject.create(title: 'Dude')
-
-        expect(MongoidProject.accessible_by(@ability, :read).entries).to eq([sir])
-      end
-
-      describe 'Mongoid::Criteria where clause Symbol extensions using MongoDB expressions' do
-        it 'handles :field.in' do
-          obj = MongoidProject.create(title: 'Sir')
-          @ability.can :read, MongoidProject, :title.in => %w(Sir Madam)
-          expect(@ability.can?(:read, obj)).to eq(true)
-          expect(MongoidProject.accessible_by(@ability, :read)).to eq([obj])
-
-          obj2 = MongoidProject.create(title: 'Lord')
-          expect(@ability.can?(:read, obj2)).to be(false)
-        end
-
-        describe 'activates only when there are Criteria in the hash' do
-          it 'Calls where on the model class when there are criteria' do
-            obj = MongoidProject.create(title: 'Bird')
-            @conditions = { :title.nin => %w(Fork Spoon) }
-
-            @ability.can :read, MongoidProject, @conditions
-            expect(@ability).to be_able_to(:read, obj)
-          end
-          it 'Calls the base version if there are no mongoid criteria' do
-            obj = MongoidProject.new(title: 'Bird')
-            @conditions = { id: obj.id }
-            @ability.can :read, MongoidProject, @conditions
-            expect(@ability).to be_able_to(:read, obj)
-          end
-        end
-
-        it 'handles :field.nin' do
-          obj = MongoidProject.create(title: 'Sir')
-          @ability.can :read, MongoidProject, :title.nin => %w(Lord Madam)
-          expect(@ability.can?(:read, obj)).to eq(true)
-          expect(MongoidProject.accessible_by(@ability, :read)).to eq([obj])
-
-          obj2 = MongoidProject.create(title: 'Lord')
-          expect(@ability.can?(:read, obj2)).to be(false)
-        end
-
-        it 'handles :field.size' do
-          obj = MongoidProject.create(titles: %w(Palatin Margrave))
-          @ability.can :read, MongoidProject, :titles.size => 2
-          expect(@ability.can?(:read, obj)).to eq(true)
-          expect(MongoidProject.accessible_by(@ability, :read)).to eq([obj])
-
-          obj2 = MongoidProject.create(titles: %w(Palatin Margrave Marquis))
-          expect(@ability.can?(:read, obj2)).to be(false)
-        end
-
-        it 'handles :field.exists' do
-          obj = MongoidProject.create(titles: %w(Palatin Margrave))
-          @ability.can :read, MongoidProject, :titles.exists => true
-          expect(@ability.can?(:read, obj)).to eq(true)
-          expect(MongoidProject.accessible_by(@ability, :read)).to eq([obj])
-
-          obj2 = MongoidProject.create
-          expect(@ability.can?(:read, obj2)).to be(false)
-        end
-
-        it 'handles :field.gt' do
-          obj = MongoidProject.create(age: 50)
-          @ability.can :read, MongoidProject, :age.gt => 45
-          expect(@ability.can?(:read, obj)).to eq(true)
-          expect(MongoidProject.accessible_by(@ability, :read)).to eq([obj])
-
-          obj2 = MongoidProject.create(age: 40)
-          expect(@ability.can?(:read, obj2)).to be(false)
-        end
-
-        it 'handles instance not saved to database' do
-          obj = MongoidProject.new(title: 'Sir')
-          @ability.can :read, MongoidProject, :title.in => %w(Sir Madam)
-          expect(@ability.can?(:read, obj)).to eq(true)
-
-          # accessible_by only returns saved records
-          expect(MongoidProject.accessible_by(@ability, :read).entries).to eq([])
-
-          obj2 = MongoidProject.new(title: 'Lord')
-          expect(@ability.can?(:read, obj2)).to be(false)
-        end
-      end
-
-      it 'calls where with matching ability conditions' do
-        obj = MongoidProject.create(foo: { bar: 1 })
-        @ability.can :read, MongoidProject, foo: { bar: 1 }
-        expect(MongoidProject.accessible_by(@ability, :read).entries.first).to eq(obj)
-      end
-
-      it 'excludes from the result if set to cannot' do
-        obj = MongoidProject.create(bar: 1)
-        MongoidProject.create(bar: 2)
-        @ability.can :read, MongoidProject
-        @ability.cannot :read, MongoidProject, bar: 2
-        expect(MongoidProject.accessible_by(@ability, :read).entries).to eq([obj])
-      end
-
-      it 'combines the rules' do
-        obj = MongoidProject.create(bar: 1)
-        obj2 = MongoidProject.create(bar: 2)
-        MongoidProject.create(bar: 3)
-        @ability.can :read, MongoidProject, bar: 1
-        @ability.can :read, MongoidProject, bar: 2
-        expect(MongoidProject.accessible_by(@ability, :read).entries).to match_array([obj, obj2])
-      end
-
-      it 'does not allow to fetch records when ability with just block present' do
-        @ability.can :read, MongoidProject do
-          false
-        end
-        expect do
-          MongoidProject.accessible_by(@ability)
-        end.to raise_error(CanCan::Error)
-      end
-
-      it 'can handle nested queries for accessible_by' do
-        @ability.can :read, MongoidSubProject, mongoid_project: { mongoid_category: { name: 'Authorization' } }
-        cat1 = MongoidCategory.create name: 'Authentication'
-        cat2 = MongoidCategory.create name: 'Authorization'
-        proj1 = cat1.mongoid_projects.create name: 'Proj1'
-        proj2 = cat2.mongoid_projects.create name: 'Proj2'
-        sub1 = proj1.mongoid_sub_projects.create name: 'Sub1'
-        proj2.mongoid_sub_projects.create name: 'Sub2'
-        expect(MongoidSubProject.accessible_by(@ability)).to match_array([sub1])
-      end
-    end
-  end
-end

data/spec/cancan/model_adapters/sequel_adapter_spec.rb

@@ -1,129 +0,0 @@
-require 'spec_helper'
-
-if defined? CanCan::ModelAdapters::SequelAdapter
-  describe CanCan::ModelAdapters::SequelAdapter do
-    DB = if RUBY_PLATFORM == 'java'
-           Sequel.connect('jdbc:sqlite:db.sqlite3')
-         else
-           Sequel.sqlite
-         end
-
-    DB.create_table :users do
-      primary_key :id
-      String :name
-    end
-
-    class User < Sequel::Model
-      one_to_many :articles
-    end
-
-    DB.create_table :articles do
-      primary_key :id
-      String :name
-      TrueClass :published
-      TrueClass :secret
-      Integer :priority
-      foreign_key :user_id, :users
-    end
-
-    class Article < Sequel::Model
-      many_to_one :user
-      one_to_many :comments
-    end
-
-    DB.create_table :comments do
-      primary_key :id
-      TrueClass :spam
-      foreign_key :article_id, :articles
-    end
-
-    class Comment < Sequel::Model
-      many_to_one :article
-    end
-
-    before(:each) do
-      Comment.dataset.delete
-      Article.dataset.delete
-      User.dataset.delete
-      (@ability = double).extend(CanCan::Ability)
-    end
-
-    it 'should be for only sequel model classes' do
-      expect(CanCan::ModelAdapters::SequelAdapter).to_not be_for_class(Object)
-      expect(CanCan::ModelAdapters::SequelAdapter).to be_for_class(Article)
-      expect(CanCan::ModelAdapters::AbstractAdapter.adapter_class(Article)).to eq CanCan::ModelAdapters::SequelAdapter
-    end
-
-    it 'should find record' do
-      article = Article.create
-      expect(CanCan::ModelAdapters::SequelAdapter.find(Article, article.id)).to eq article
-    end
-
-    it 'should not fetch any records when no abilities are defined' do
-      Article.create
-      expect(Article.accessible_by(@ability).all).to be_empty
-    end
-
-    it 'should fetch all articles when one can read all' do
-      @ability.can :read, Article
-      article = Article.create
-      expect(Article.accessible_by(@ability).all).to eq [article]
-    end
-
-    it 'should fetch only the articles that are published' do
-      @ability.can :read, Article, published: true
-      article1 = Article.create(published: true)
-      Article.create(published: false)
-      expect(Article.accessible_by(@ability).all).to eq [article1]
-    end
-
-    it 'should fetch any articles which are published or secret' do
-      @ability.can :read, Article, published: true
-      @ability.can :read, Article, secret: true
-      article1 = Article.create(published: true, secret: false)
-      article2 = Article.create(published: true, secret: true)
-      article3 = Article.create(published: false, secret: true)
-      Article.create(published: false, secret: false)
-      expect(Article.accessible_by(@ability).all).to eq([article1, article2, article3])
-    end
-
-    it 'should fetch only the articles that are published and not secret' do
-      @ability.can :read, Article, published: true
-      @ability.cannot :read, Article, secret: true
-      article1 = Article.create(published: true, secret: false)
-      Article.create(published: true, secret: true)
-      Article.create(published: false, secret: true)
-      Article.create(published: false, secret: false)
-      expect(Article.accessible_by(@ability).all).to eq [article1]
-    end
-
-    it 'should only read comments for articles which are published' do
-      @ability.can :read, Comment, article: { published: true }
-      comment1 = Comment.create(article: Article.create(published: true))
-      Comment.create(article: Article.create(published: false))
-      expect(Comment.accessible_by(@ability).all).to eq [comment1]
-    end
-
-    it "should only read comments for articles which are published and user is 'me'" do
-      @ability.can :read, Comment, article: { user: { name: 'me' }, published: true }
-      user1 = User.create(name: 'me')
-      comment1 = Comment.create(article: Article.create(published: true, user: user1))
-      Comment.create(article: Article.create(published: true))
-      Comment.create(article: Article.create(published: false, user: user1))
-      expect(Comment.accessible_by(@ability).all).to eq [comment1]
-    end
-
-    it 'should allow conditions in SQL and merge with hash conditions' do
-      @ability.can :read, Article, published: true
-      @ability.can :read, Article, ['secret=?', true], &:secret
-      @ability.cannot :read, Article, 'priority > 1' do |article|
-        article.priority > 1
-      end
-      article1 = Article.create(published: true, secret: false, priority: 1)
-      article2 = Article.create(published: true, secret: true, priority: 1)
-      Article.create(published: true, secret: true, priority: 2)
-      Article.create(published: false, secret: false, priority: 2)
-      expect(Article.accessible_by(@ability).all).to eq [article1, article2]
-    end
-  end
-end

data/spec/cancan/rule_spec.rb

@@ -1,52 +0,0 @@
-require 'spec_helper'
-require 'ostruct' # for OpenStruct below
-
-# Most of Rule functionality is tested in Ability specs
-describe CanCan::Rule do
-  before(:each) do
-    @conditions = {}
-    @rule = CanCan::Rule.new(true, :read, Integer, @conditions, nil)
-  end
-
-  it 'returns no association joins if none exist' do
-    expect(@rule.associations_hash).to eq({})
-  end
-
-  it 'returns no association for joins if just attributes' do
-    @conditions[:foo] = :bar
-    expect(@rule.associations_hash).to eq({})
-  end
-
-  it 'returns single association for joins' do
-    @conditions[:foo] = { bar: 1 }
-    expect(@rule.associations_hash).to eq(foo: {})
-  end
-
-  it 'returns multiple associations for joins' do
-    @conditions[:foo] = { bar: 1 }
-    @conditions[:test] = { 1 => 2 }
-    expect(@rule.associations_hash).to eq(foo: {}, test: {})
-  end
-
-  it 'returns nested associations for joins' do
-    @conditions[:foo] = { bar: { 1 => 2 } }
-    expect(@rule.associations_hash).to eq(foo: { bar: {} })
-  end
-
-  it 'returns no association joins if conditions is nil' do
-    rule = CanCan::Rule.new(true, :read, Integer, nil, nil)
-    expect(rule.associations_hash).to eq({})
-  end
-
-  it 'is not mergeable if conditions are not simple hashes' do
-    meta_where = OpenStruct.new(name: 'metawhere', column: 'test')
-    @conditions[meta_where] = :bar
-
-    expect(@rule).to be_unmergeable
-  end
-
-  it 'is not mergeable if conditions is an empty hash' do
-    @conditions = {}
-    expect(@rule).to_not be_unmergeable
-  end
-end

data/spec/matchers.rb

@@ -1,13 +0,0 @@
-RSpec::Matchers.define :orderlessly_match do |original_string|
-  match do |given_string|
-    original_string.split('').sort == given_string.split('').sort
-  end
-
-  failure_message do |given_string|
-    "expected \"#{given_string}\" to have the same characters as \"#{original_string}\""
-  end
-
-  failure_message_when_negated do |given_string|
-    "expected \"#{given_string}\" not to have the same characters as \"#{original_string}\""
-  end
-end