cantango 0.8.9.5 → 0.9.3.2

data/spec/active_record/migrations/008_create_permissions.rb

@@ -0,0 +1,10 @@
+class CreatePermissions < ActiveRecord::Migration
+  def change
+    create_table :permissions do |t|
+      t.integer :user_id,    :thing_id
+      t.string  :thing_type, :action
+      t.timestamps
+    end
+  end
+end
+

data/spec/cantango/ability_executor/cached_only_spec.rb

@@ -0,0 +1,76 @@
+require 'rspec'
+require 'cantango'
+# require 'simple_roles'
+require 'fixtures/models'
+require 'cantango/rspec'
+
+def config_folder
+  File.dirname(__FILE__)+ "/../fixtures/config/"
+end
+
+CanTango.configure do |config|
+  config.clear!
+end
+# CanTango.debug!
+
+class User
+  tango_user
+  include_and_extend SimpleRoles
+end
+
+class AdminRolePermit < CanTango::RolePermit
+  def initialize ability
+    super
+  end
+
+  protected
+
+  def static_rules
+    can :read, Article
+  end
+
+  module Cached
+    def permit_rules
+      can :edit, Article
+      can :delete, Article
+    end
+  end
+end
+
+module CanTango
+  class CachedAbility
+    def permit_rules
+      can :read, Post
+    end
+  end
+end
+
+describe CanTango::AbilityExecutor do
+  context 'cached only' do
+    before do
+      CanTango.configure.ability.mode = :cache
+
+      @user = User.new 'admin', 'admin@mail.ru', :role => 'admin'
+      @abil = CanTango::AbilityExecutor.new @user
+    end
+
+    subject { CanTango::AbilityExecutor.new @user }
+
+    describe 'config cache' do
+      specify { CanTango.configure.ability.modes.should == [:cache] }
+    end
+
+    describe 'engines_on?' do
+      specify { subject.engines_on?.should be_true }
+    end
+
+    its(:cached_rules)      { should_not be_empty }
+    its(:non_cached_rules)  { should be_empty }
+
+    describe 'rules contain only non-cached rules' do
+      specify { subject.rules.size.should == @abil.cached_rules.size }
+      specify { subject.rules.size.should == 4 }
+    end
+  end
+end
+

data/spec/cantango/ability_executor_spec.rb

@@ -0,0 +1,75 @@
+require 'rspec'
+require 'cantango'
+# require 'simple_roles'
+require 'fixtures/models'
+require 'cantango/rspec'
+
+def config_folder
+  File.dirname(__FILE__)+ "/../fixtures/config/"
+end
+
+CanTango.configure do |config|
+  config.clear!
+end
+# CanTango.debug!
+
+class User
+  tango_user
+  include_and_extend SimpleRoles
+end
+
+class AdminRolePermit < CanTango::RolePermit
+  def initialize ability
+    super
+  end
+
+  protected
+
+  def static_rules
+    can :read, Article
+  end
+
+  module Cached
+    def permit_rules
+      can :edit, Article
+      can :delete, Article
+    end
+  end
+end
+
+module CanTango
+  class Ability
+    def permit_rules
+      can :read, Post
+    end
+  end
+end
+
+describe CanTango::AbilityExecutor do
+  context 'non-cached only' do
+    before do
+      CanTango.configure.ability.mode = :no_cache
+
+      @user = User.new 'admin', 'admin@mail.ru', :role => 'admin'
+      @abil = CanTango::AbilityExecutor.new @user
+    end
+
+    subject { CanTango::AbilityExecutor.new @user }
+
+    describe 'config no_cache' do
+      specify { CanTango.configure.ability.modes.should == [:no_cache] }
+    end
+
+    describe 'engines_on?' do
+      specify { subject.engines_on?.should be_true }
+    end
+
+    its(:cached_rules)      { should be_empty }
+    its(:non_cached_rules)  { should_not be_empty }
+
+    describe 'rules contain only non-cached rules' do
+      specify { subject.rules.size.should == @abil.non_cached_rules.size }
+      specify { subject.rules.size.should == 2 }
+    end
+  end
+end

data/spec/cantango/api/attributes_spec.rb

@@ -4,7 +4,8 @@ require 'fixtures/models'
 require 'cantango/api/current_users'
 require 'cantango/configuration/engines/store_engine_shared'
 
-CanTango.config.users.register :user, :admin
+CanTango.config.users.register :user, User
+CanTango.config.users.register :admin, Admin
 
 class Context
   include CanTango::Api::User::Ability

data/spec/cantango/api/current_user_accounts.rb

@@ -1,7 +1,11 @@
 require 'cantango/api/current_users'
 
 module CurrentUserAccounts
-  include CurrentUsers 
+  include ::CurrentUsers
+
+  def self.included(base)
+    base.extend ::CurrentUsers
+  end
 
   def current_user_account
     ::UserAccount.new(current_user, :roles => [:user])

data/spec/cantango/api/user/ability_api_spec.rb

@@ -1,16 +1,29 @@
 require 'rspec'
 require 'cantango'
+require 'simple_roles'
 require 'fixtures/models'
 require 'cantango/api/current_users'
-require 'cantango/configuration/engines/store_engine_shared'
+# require 'cantango/configuration/engines/store_engine_shared'
 
-CanTango.config.users.register :user, :admin
+class User
+  include_and_extend SimpleRoles
+end
+
+class Admin < User
+end
+
+CanTango.configure do |config|
+  config.users.register :user, User
+  config.users.register :admin, Admin
+
+  config.cache_engine.set :off
+  config.permit_engine.set :on
+end
 
 class Context
   include CanTango::Api::User::Ability
 
-  include CurrentUsers
-  extend ::CurrentUsers
+  include_and_extend ::CurrentUsers
 end
 
 describe CanTango::Api::User::Ability do

data/spec/cantango/api/user/can_api_spec.rb

@@ -7,16 +7,21 @@ require 'cantango/api/current_users'
 
 class User
   include CanTango::Users::Masquerade
-
   include_and_extend SimpleRoles
 end
 
+class Admin < User
+end
+
 CanTango.configure do |config|
-  config.users.register :user, :admin
+  config.users.register :user, User
+  config.users.register :admin, Admin
+
   config.cache_engine.set :off
   config.permit_engine.set :on
 end
 
+# puts "#{CanTango.config.users.registered_classes} : #{CanTango.config.users.registered}"
 
 class UserRolePermit < CanTango::RolePermit
   def initialize ability
@@ -43,8 +48,7 @@ end
 class Context
   include CanTango::Api::User::Can
 
-  include ::CurrentUsers
-  extend ::CurrentUsers
+  include_and_extend ::CurrentUsers
 end
 
 describe CanTango::Api::User::Can do
@@ -94,7 +98,7 @@ describe CanTango::Api::User::Can do
 
   describe 'admin masquerades as user' do
     before do
-      Context.current_admin.masquerade_as Context.current_user
+      Context.new.current_admin.masquerade_as Context.new.current_user
     end
 
     # admin masquerading as user can do same as user

data/spec/cantango/api/user/scope_api_spec.rb

@@ -1,22 +1,30 @@
 require 'rspec'
 require 'cantango'
+require 'simple_roles'
 require 'fixtures/models'
 require 'cantango/api/current_users'
+# require 'cantango/configuration/engines/store_engine_shared'
 
-require 'cantango/configuration/engines/store_engine_shared'
+CanTango.configure do |config|
+  config.users.register :user, User
+  config.users.register :admin, Admin
 
-CanTango.config.users.register :user, :admin
+  config.cache_engine.set :off
+  config.permit_engine.set :on
+end
+
+# puts "#{CanTango.config.users.registered_classes} : #{CanTango.config.users.registered}"
 
 class User
   include CanTango::Users::Masquerade
+  include_and_extend ::SimpleRoles
 end
 
 class Context
   include CanTango::Api::User::Ability
   include CanTango::Api::User::Scope
 
-  include ::CurrentUsers
-  extend ::CurrentUsers
+  include_and_extend ::CurrentUsers
 end
 
 describe CanTango::Api::User::Scope do
@@ -24,7 +32,7 @@ describe CanTango::Api::User::Scope do
 
   describe 'scope_user' do
     before do
-      Context.current_admin.masquerade_as Context.current_user
+      subject.current_admin.masquerade_as subject.current_user
     end
 
     specify do
@@ -43,8 +51,8 @@ describe CanTango::Api::User::Scope do
 
   describe 'real_user' do
     before do
-      Context.current_user.masquerade_as Context.current_admin
-    end
+      subject.current_user.masquerade_as subject.current_admin
+   end
 
     specify do
       subject.real_user(:user) do |user|

data/spec/cantango/api/user_account/ability_api_spec.rb

@@ -2,16 +2,23 @@ require 'rspec'
 require 'cantango'
 require 'fixtures/models'
 require 'cantango/api/current_user_accounts'
-require 'cantango/configuration/engines/store_engine_shared'
+# require 'cantango/configuration/engines/store_engine_shared'
 
-CanTango.config.users.register :user, :admin
-CanTango.config.user_accounts.register :user, :admin
+CanTango.configure do |config|
+  config.users.register     :user, User
+  config.users.register     :admin, Admin
+
+  config.user_accounts.register  :user, UserAccount
+  config.user_accounts.register  :admin, AdminAccount
+
+  config.cache_engine.set :off
+  config.permit_engine.set :on
+end
 
 class Context
   include CanTango::Api::UserAccount::Ability
 
-  include CurrentUserAccounts
-  extend CurrentUserAccounts
+  include_and_extend ::CurrentUserAccounts
 end
 
 describe CanTango::Api::UserAccount::Ability do

data/spec/cantango/api/user_account/can_api_spec.rb

@@ -7,9 +7,14 @@ require 'cantango/api/current_user_accounts'
 class User
   include_and_extend SimpleRoles
 end
+
 CanTango.configure do |config|
-  config.users.register     :user, :admin
-  config.user_accounts.register  :user, :admin
+  config.users.register     :user, User
+  config.users.register     :admin, Admin
+
+  config.user_accounts.register  :user, UserAccount
+  config.user_accounts.register  :admin, AdminAccount
+
   config.cache_engine.set :off
   config.permit_engine.set :on
 end
@@ -35,8 +40,7 @@ end
 class Context
   include CanTango::Api::UserAccount::Can
 
-  include ::CurrentUserAccounts
-  extend ::CurrentUserAccounts
+  include_and_extend ::CurrentUserAccounts
 end
 
 describe CanTango::Api::UserAccount::Can do

data/spec/cantango/model/filter_spec.rb

@@ -0,0 +1,168 @@
+require 'rspec'
+require 'cantango'
+require 'simple_roles'
+require 'fixtures/models'
+require 'cantango/api/current_users'
+require 'cantango/api/current_user_accounts'
+
+class User
+  include_and_extend SimpleRoles
+end
+
+class Admin < User
+end
+
+class UserAccount
+  tango_account # register
+  include_and_extend SimpleRoles
+end
+
+
+class AdminAccount
+  tango_account
+  include_and_extend SimpleRoles
+end
+
+
+CanTango.configure do |config|
+  config.users.register :user, User
+  config.users.register :admin, Admin
+
+  config.cache_engine.set :off
+  config.permit_engine.set :on
+end
+
+class Context
+  include CanTango::Api::User::Ability
+
+  include_and_extend ::CurrentUsers
+  include_and_extend ::CurrentUserAccounts
+end
+
+class UserRolePermit < CanTango::RolePermit
+  def initialize ability
+    super
+  end
+
+  def permit_rules
+    can :edit, Project
+    cannot :publish, Project
+  end
+end
+
+class AdminRolePermit < CanTango::RolePermit
+  def initialize ability
+    super
+  end
+
+  def permit_rules
+    can :create, Project
+    can :show, Project
+
+    can :has_role?, Project
+    can :is_done?, Project
+    can :destroy!, Project
+
+    can :done!, Project
+    can :edit, Project
+    can :publish, Project
+    can :assign_to, Project
+  end
+end
+
+class Project
+  include CanTango::Model::Filter
+
+  tango_filter :publish, :edit, :DELETE, :is_done?, :done!
+  tango_filter :assign_to => [:user], :create => :OPTS, :show => [:ARGS], :has_role? => :role
+
+  def create options = {}
+    options
+  end
+
+  def show *args
+    args.flatten.compact
+  end
+
+  def is_done?
+    false
+  end
+
+  def has_role? role
+    true
+  end
+
+  def done!
+    "done"
+  end
+
+  def publish
+    "publish"
+  end
+
+  def destroy!
+    "destroy!"
+  end
+
+  def edit
+    "edit"
+  end
+
+  def assign_to user
+    user
+  end
+end
+
+describe CanTango::Model::Filter do
+  let(:context) { Context.new }
+
+  subject { Project.new }
+
+  describe '#tango_filter' do
+
+    describe 'block access to model method due to permission rule' do
+      specify { subject.publish_by(context.current_user).should be_nil }
+    end
+
+    describe 'allow access to model method due to permission rule' do
+      specify { subject.publish_by(context.current_admin).should == "publish" }
+    end
+
+    describe 'handle method with args' do
+      specify { subject.assign_to_by(context.current_admin, context.current_user).should == context.current_user }
+      specify { subject.assign_to_by(context.current_user, context.current_admin).should be_nil }
+    end
+
+    describe 'handle method with *args' do
+      specify { subject.show_by(context.current_admin, 'love', nil, 'hate').should == ['love', 'hate'] }
+    end
+
+    describe 'handle method with options' do
+      specify { subject.create_by(context.current_admin, :love => 5, :hate => 2).should == {:love => 5, :hate => 2} }
+    end
+
+    describe 'handle method with ? postfix' do
+      specify { subject.has_role_by?(context.current_admin, 'editor').should be_true }
+      specify { subject.is_done_by?(context.current_admin).should be_false }
+    end
+
+    describe 'handle method with ! postfix' do
+      specify { subject.done_by!(context.current_admin).should == 'done' }
+    end
+
+    describe 'handle special REST method - DELETE' do
+      specify { subject.destroy_by!(context.current_admin).should == 'destroy!' }
+    end
+  end
+
+  describe '#tango_account_filter' do
+    describe 'block access to model method due to permission rule' do
+      specify { subject.publish_by(context.current_user_account).should be_nil }
+    end
+
+    describe 'allow access to model method due to permission rule' do
+      specify { subject.publish_by(context.current_admin_account).should == "publish" }
+    end
+  end
+end
+