cantango-roles 0.1.0

data/spec/cantango/configuration/shared/registry_ex.rb

@@ -0,0 +1,40 @@
+shared_examples_for 'Registry' do
+  describe 'default settings' do
+    
+    #its(:registered)  { should be_empty }
+
+    it 'should register groups' do
+      subject.register(:a, :b)
+      subject.registered.should include(:a, :b)
+    end
+
+    it 'should set defaults' do
+      subject.default = :a, :b
+      subject.default.should include(:a, :b)
+    end
+  end
+
+  describe 'register' do
+    before do
+      subject.register :abc, :def
+    end
+    its(:registered) { should include(:abc, :def) }
+  end
+
+  describe 'append <<' do
+    before do
+      subject.clean!
+      subject.register :abc, :def
+      subject << :xyz
+    end
+    its(:registered) { should include(:abc, :def, :xyz) }
+  end
+
+  describe 'get index []' do
+    before do
+      subject.clean!
+      subject.register :abc, :def
+    end
+    specify {subject[0].should == :abc }
+  end
+end

data/spec/cantango/configuration/shared/role_registry_ex.rb

@@ -0,0 +1,15 @@
+# Fix: from cantango-config
+require 'cantango/configuration/shared/registry_ex'
+
+shared_examples_for 'Role Registry' do
+  it_should_behave_like "Registry"
+
+  describe "exclude" do
+    before do
+      subject.exclude :admin
+    end
+
+    its(:excluded) { should include(:admin) }
+  end
+end
+

data/spec/cantango/configuration/shared/system_ex.rb

@@ -0,0 +1,39 @@
+require 'cantango/configuration/shared/role_registry_ex'
+
+shared_examples_for 'System' do  
+  it_should_behave_like "Role Registry"
+  
+  describe 'default system - simple_roles' do
+    its(:system) { should == :simple_roles }    
+  end
+  
+  describe 'system=' do
+    before do
+      subject.system = :my_sys
+    end
+    its(:system) { should == :my_sys }
+  end  
+  
+  describe 'system_apis=' do
+    let(:my_own_sys) do 
+      {:my_own_sys => {:list => :listing } }
+    end
+
+    before do
+      subject.system_apis = my_own_sys
+      subject.system = :my_own_sys
+    end
+
+    specify { subject.system_api[:list].should == :listing }
+    specify { subject.system_apis.size.should == 1 }
+  end
+  
+  describe 'add_systems' do
+    before do
+      subject.add_system :my_other_sys => {:list => :listing }
+      subject.system = :my_other_sys
+    end
+    specify { subject.system_api[:list].should == :listing }
+    specify { subject.system_apis.size.should > 1 }
+  end
+end

data/spec/cantango/configuration/system_spec.rb

@@ -0,0 +1,9 @@
+require 'spec_helper'
+require 'cantango/configuration/shared/system_ex'
+
+describe CanTango::Configuration::System do
+  subject { CanTango.config.roles }
+
+  it_should_behave_like "System" do
+  end
+end

data/spec/cantango/engine/permits_spec.rb

@@ -0,0 +1,7 @@
+require 'spec_helper'
+require 'cantngo/ability/helper/shared/role_ex'
+
+describe CanTango::Engine::Permits do  
+  # use shared Role helper example
+  pending
+end

data/spec/cantango/filter/role_group_spec.rb

@@ -0,0 +1,96 @@
+require 'spec_helper'
+require 'fixtures/models'
+
+CanTango.configure do |config|
+  config.permission_engine.set :off
+  config.permit_engine.set :on
+  config.categories.register :blog_items => [Article, Post]
+end
+
+class AdminsRoleGroupPermit < CanTango::Permit::RoleGroup
+  def initialize ability
+    super
+  end
+
+  protected
+
+  def calc_rules
+    can :publish, Post
+    can :write, Article
+    can :write, category(:blog_items)
+  end
+end
+
+class EditorsRoleGroupPermit < CanTango::Permit::RoleGroup
+  def initialize ability
+    super
+  end
+
+  protected
+
+  def calc_rules
+    can :publish, category(:blog_items)
+  end
+end
+
+
+describe CanTango::Filter::RoleGroup do
+  describe 'role groups filter - exclude :admins' do
+    let (:user) do
+      User.new 'stan', 'stan@gmail.com'
+    end
+
+    let (:user_account) do
+      ua = UserAccount.new user, :roles => [:user, :admin], :role_groups => [:admins]
+      user.account = ua
+    end
+
+    before do
+      CanTango.config.role_groups.exclude :admins
+      CanTango.config.categories.register :blog_items => [Article, Post]
+
+      @ability = CanTango::Ability.new user_account
+    end
+
+    after do
+      CanTango.config.clear!
+    end
+
+    subject { @ability }
+      specify { @ability.should be_allowed_to(:read, Post)}
+
+      specify { @ability.should_not be_allowed_to(:read, Comment)}
+      specify { @ability.should_not be_allowed_to(:write, Article)}
+  end
+end
+
+describe CanTango::Filter::RoleGroup do
+  describe 'role groups filter- only :admins' do
+    let (:user) do
+      User.new 'stan', 'stan@gmail.com'
+    end
+
+    let (:user_account) do
+      ua = UserAccount.new user, :roles => [:user, :admin], :role_groups => [:admins, :editors]
+      user.account = ua
+    end
+
+    before do
+      CanTango.config.categories.register :blog_items => [Article, Post]
+      CanTango.config.role_groups.only :admins
+      @ability = CanTango::Ability.new user_account
+    end
+
+    after do
+      CanTango.config.clear!
+    end
+
+    subject { @ability }
+      specify { @ability.should be_allowed_to(:read, Comment)}
+      specify { @ability.should be_allowed_to(:write, Article)}
+
+      specify { @ability.should be_allowed_to(:publish, Post)}
+
+      specify { @ability.should_not be_allowed_to(:publish, Article)}
+   end
+end

data/spec/cantango/filter/role_spec.rb

@@ -0,0 +1,96 @@
+require 'spec_helper'
+require 'fixtures/models'
+require 'cantango/rspec'
+
+CanTango.configure do |config|
+  config.permission_engine.set :off
+  config.permit_engine.set :on
+  config.categories.register :blog_items => [Article, Post]
+end
+
+
+class UserRolePermit < CanTango::Permit::Role
+  def initialize ability
+    super
+  end
+
+  protected
+
+  def calculate_rules
+    can :read, Comment
+  end
+end
+
+class AdminRolePermit < CanTango::Permit::Role
+  def initialize ability
+    super
+  end
+
+  protected
+
+  def calculate_rules
+    can :read, Post
+  end
+end
+
+
+describe CanTango::Filter::Role do
+  describe 'roles filter - exclude :user' do
+    let (:user) do
+      User.new 'stan', 'stan@gmail.com'
+    end
+
+    let (:user_account) do
+      ua = UserAccount.new user, :roles => [:user, :admin], :role_groups => [:admins]
+      user.account = ua
+    end
+
+    before do
+      CanTango.config.roles.exclude :user
+      CanTango.config.categories.register :blog_items => [Article, Post]
+
+      @ability = CanTango::Ability.new user_account
+    end
+
+    after do
+      CanTango.config.clear!
+    end
+
+    subject { @ability }
+      specify { @ability.should be_allowed_to(:read, Post)}
+
+      specify { @ability.should_not be_allowed_to(:read, Comment)}
+      specify { @ability.should_not be_allowed_to(:write, Article)}
+  end
+end
+
+describe CanTango::Filter::Role do
+  describe 'roles filter - only :user' do
+    let (:user) do
+      User.new 'stan', 'stan@gmail.com'
+    end
+
+    let (:user_account) do
+      ua = UserAccount.new user, :roles => [:user, :admin], :role_groups => [:admins, :editors]
+      user.account = ua
+    end
+
+    before do
+      CanTango.config.categories.register :blog_items => [Article, Post]
+      CanTango.config.roles.only :user
+      @ability = CanTango::Ability.new user_account
+    end
+
+    after do
+      CanTango.config.clear!
+    end
+
+    subject { @ability }
+      specify { @ability.should be_allowed_to(:read, Comment)}
+      specify { @ability.should be_allowed_to(:write, Article)}
+
+      specify { @ability.should be_allowed_to(:publish, Post)}
+
+      specify { @ability.should_not be_allowed_to(:publish, Article)}
+   end
+end

data/spec/cantango/helpers/role_group_spec.rb

@@ -0,0 +1,26 @@
+require 'spec_helper'
+require 'cantango/configuration/role_registry_ex'
+
+class Subject
+end
+
+describe CanTango::Helpers::RoleGroup do
+  before do
+    CanTango.config.roles.system = :troles
+  end
+  
+  subject do
+    Subject.new
+  end
+
+  specify do
+    subject.role_method(:has).should == :in_role_group?
+  end
+  
+  specify do
+    subject.role_method(:list).should == :role_group_list
+  end  
+end
+
+
+

data/spec/cantango/helpers/role_spec.rb

@@ -0,0 +1,26 @@
+require 'spec_helper'
+require 'cantango/configuration/role_registry_ex'
+
+class Subject
+end
+
+describe CanTango::Helpers::Role do
+  before do
+    CanTango.config.roles.system = :troles
+  end
+  
+  subject do
+    Subject.new
+  end
+
+  specify do
+    subject.role_method(:has).should == :has_role?
+  end
+  
+  specify do
+    subject.role_method(:list).should == :role_list
+  end  
+end
+
+
+

data/spec/fixtures/models.rb

@@ -0,0 +1,2 @@
+require 'require_all'
+require_all File.dirname(__FILE__) + '/models'

data/spec/fixtures/models/admin.rb

@@ -0,0 +1,2 @@
+class Admin < User
+end

data/spec/fixtures/models/admin_account.rb

@@ -0,0 +1,22 @@
+class AdminAccount
+  attr_accessor :user, :roles, :role_groups
+
+  def initialize user, options = {}
+    @user = user
+    @roles = options[:roles]
+    @role_groups = options[:role_groups]
+  end
+
+  def has_role? name
+    true
+  end
+
+  def roles_list
+    roles
+  end
+
+  def role_groups_list
+    role_groups
+  end
+end
+

data/spec/fixtures/models/items.rb

@@ -0,0 +1,8 @@
+class Post
+end
+
+class Article
+end
+
+class Comment
+end

data/spec/fixtures/models/permission.rb

@@ -0,0 +1,12 @@
+class Permission
+  attr_accessor :thing, :thing_type, :action, :user
+
+  def initialize user, action, thing
+    @user, @action, @thing = [user, action, thing]
+    @thing_type = @thing.class.to_s
+  end
+
+  def thing_id
+    thing.id
+  end
+end

data/spec/fixtures/models/project.rb

@@ -0,0 +1,2 @@
+class Project #< ActiveRecord::Base
+end

data/spec/fixtures/models/simple_roles.rb

@@ -0,0 +1,48 @@
+module SimpleRoles
+  def self.included(base)
+    base.send :include, InstanceMethods
+    base.extend ClassMethods
+  end
+
+  module ClassMethods
+    def is_role_in_group?(role, group)
+      raise "No group #{group} defined in User model" if !role_groups.has_key?(group)
+      role_groups[group].include?(role)
+    end
+
+    def role_groups
+      {:bloggers => [:editor]}
+    end
+
+    def roles
+      [:guest, :user, :admin, :editor]
+    end
+  end
+
+  module InstanceMethods
+    attr_accessor :role_groups_list
+
+    def has_role? role
+      roles_list.include? role
+    end
+
+    def has_any_role? roles
+      roles.include?(role.to_sym)
+    end
+
+    def roles_list
+      roles.map{|r| r.to_sym}
+    end
+
+    def is_in_group? group
+      role_groups_list.include? group
+    end
+    alias_method :in_role_group?, :is_in_group?
+
+    def role_groups_list
+      return role_groups.map(&:to_sym) if respond_to?(:role_groups) && !role_groups.nil?
+      @role_groups_list || [] #[:bloggers]
+    end
+  end
+end
+