cbac 0.6.10 → 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (29) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +4 -0
  3. data/.rspec +1 -0
  4. data/Gemfile +0 -4
  5. data/README.rdoc +3 -2
  6. data/Rakefile +1 -1
  7. data/cbac.gemspec +21 -28
  8. data/lib/cbac.rb +14 -6
  9. data/lib/cbac/cbac_pristine/pristine_file.rb +2 -2
  10. data/lib/cbac/cbac_pristine/pristine_permission.rb +29 -13
  11. data/lib/cbac/cbac_pristine/pristine_role.rb +1 -1
  12. data/lib/cbac/generic_role.rb +0 -1
  13. data/lib/cbac/known_permission.rb +2 -2
  14. data/lib/cbac/privilege.rb +2 -1
  15. data/lib/cbac/privilege_set.rb +1 -1
  16. data/lib/cbac/version.rb +1 -1
  17. data/lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb +7 -2
  18. data/lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb +7 -7
  19. data/lib/generators/cbac/copy_files/tasks/cbac.rake +1 -1
  20. data/migrations/20110211105533_add_pristine_files_to_cbac_upgrade_path.rb +1 -1
  21. data/spec/cbac_authorization_check_spec.rb +7 -8
  22. data/spec/cbac_pristine_file_spec.rb +94 -92
  23. data/spec/cbac_pristine_permission_spec.rb +102 -100
  24. data/spec/cbac_pristine_role_spec.rb +23 -24
  25. data/spec/fixtures/controllers/dating/daughter_controller.rb +3 -2
  26. data/tasks/cbac.rake +1 -1
  27. data/test/test_helper.rb +1 -1
  28. metadata +57 -94
  29. data/Gemfile.lock +0 -121
data/spec/cbac_pristine_file_spec.rb CHANGED
@@ -8,272 +8,274 @@ describe "CbacPristineFile" do
8
8
  end
9
9
 
10
10
  describe "indicate if a line looks like a pristine line" do
11
- it "should indicate that a ruby style comment line is not a pristine line" do
11
+ it "indicates that a ruby style comment line is not a pristine line" do
12
12
  comment_line = "#this is a comment line in Ruby"
13
13
 
14
- @pristine_file.is_pristine_permission_line?(comment_line, 1).should be_false
14
+ expect(@pristine_file.is_pristine_permission_line?(comment_line, 1)).to be_falsy
15
15
  end
16
16
 
17
- it "should raise an error if the line does not look like a pristine line" do
17
+ it "raises an error if the line does not look like a pristine line" do
18
18
  line = "this is not pristine line. And it isn't a comment. 1"
19
19
 
20
- proc{
20
+ expect(proc{
21
21
  @pristine_file.is_pristine_permission_line?(line, 0)
22
- }.should raise_error(SyntaxError)
22
+ }).to raise_error(SyntaxError)
23
23
  end
24
24
 
25
- it "should return true in case of a valid pristine line" do
25
+ it "returns true in case of a valid pristine line" do
26
26
  line = "0:+:PrivilegeSet(login)ContextRole(everybody)"
27
27
 
28
- @pristine_file.is_pristine_permission_line?(line, 0).should be_true
28
+ expect(@pristine_file.is_pristine_permission_line?(line, 0)).to be_truthy
29
29
  end
30
30
 
31
- it "should fail if the id of the pristine line contains a character" do
31
+ it "fails if the id of the pristine line contains a character" do
32
32
  line = "0b:+:PrivilegeSet(login)ContextRole(everybody)"
33
33
 
34
- proc{
34
+ expect(proc{
35
35
  @pristine_file.is_pristine_permission_line?(line, 0)
36
- }.should raise_error(SyntaxError)
36
+ }).to raise_error(SyntaxError)
37
37
  end
38
38
 
39
- it "should succeed if the privilege set name is not provided" do
39
+ it "succeeds if the privilege set name is not provided" do
40
40
  line = "0:+:PrivilegeSet()Admin()"
41
41
 
42
- @pristine_file.is_pristine_permission_line?(line, 0).should be_true
42
+ expect(@pristine_file.is_pristine_permission_line?(line, 0)).to be_truthy
43
43
  end
44
44
 
45
- it "should succeed if the context role name is not provided" do
45
+ it "succeeds if the context role name is not provided" do
46
46
  line = "0:+:PrivilegeSet(login)ContextRole()"
47
47
 
48
- @pristine_file.is_pristine_permission_line?(line, 0).should be_true
48
+ expect(@pristine_file.is_pristine_permission_line?(line, 0)).to be_truthy
49
49
  end
50
50
 
51
51
  end
52
52
 
53
53
  describe "parse the privilege set name from a pristine line" do
54
- it "should fail if the privilege set name is not provided" do
54
+ it "fails if the privilege set name is not provided" do
55
55
  line = "0:+:PrivilegeSet()Admin()"
56
56
 
57
- proc{
57
+ expect(proc{
58
58
  @pristine_file.parse_privilege_set_name(line, 0)
59
- }.should raise_error(SyntaxError)
59
+ }).to raise_error(SyntaxError)
60
60
  end
61
61
 
62
- it "should return the name of the privilege set provided in the line" do
62
+ it "returns the name of the privilege set provided in the line" do
63
63
  privilege_set_name = "chat"
64
64
  line = "0:+:PrivilegeSet(#{privilege_set_name})Admin()"
65
65
 
66
- @pristine_file.parse_privilege_set_name(line, 0).should == privilege_set_name
66
+ expect(@pristine_file.parse_privilege_set_name(line, 0)).to eq(privilege_set_name)
67
67
  end
68
68
 
69
- it "should fail if an invalid line is provided" do
69
+ it "fails if an invalid line is provided" do
70
70
  line = "0:+:ContextRole(toeteraars)"
71
71
 
72
- proc{
72
+ expect(proc{
73
73
  @pristine_file.parse_privilege_set_name(line, 0)
74
- }.should raise_error(SyntaxError)
74
+ }).to raise_error(SyntaxError)
75
75
  end
76
76
  end
77
77
 
78
78
  describe "parse the role from a pristine line" do
79
- it "should return the admin role if the role is Admin()" do
79
+ it "returns the admin role if the role is Admin()" do
80
80
  admin_role = PristineRole.new(:role_id => 0, :role_type => PristineRole.ROLE_TYPES[:admin], :name => 'administrator')
81
- PristineRole.stub!(:admin_role).and_return(admin_role)
81
+ allow(PristineRole).to receive(:admin_role).and_return(admin_role)
82
82
  line = "0:+:PrivilegeSet(chat)Admin()"
83
83
 
84
- @pristine_file.parse_role(line, 0).should == admin_role
84
+ expect(@pristine_file.parse_role(line, 0)).to eq(admin_role)
85
85
  end
86
86
 
87
- it "should return a context role if the role specified as ContextRole" do
87
+ it "returns a context role if the role specified as ContextRole" do
88
88
  line = "0:+:PrivilegeSet(chat)ContextRole(logged_in_user)"
89
89
 
90
- @pristine_file.parse_role(line, 0).role_type.should == PristineRole.ROLE_TYPES[:context]
90
+ expect(@pristine_file.parse_role(line, 0).role_type).to eq(PristineRole.ROLE_TYPES[:context])
91
91
  end
92
92
 
93
- it "should return a context role with specified name if the role specified as ContextRole" do
93
+ it "returns a context role with specified name if the role specified as ContextRole" do
94
94
  context_role_name = "logged_in_user"
95
95
  line = "0:+:PrivilegeSet(chat)ContextRole(#{context_role_name})"
96
96
 
97
- @pristine_file.parse_role(line, 0).name.should == context_role_name
97
+ expect(@pristine_file.parse_role(line, 0).name).to eq(context_role_name)
98
98
  end
99
99
 
100
- it "should return an existing context role with specified name if possible" do
100
+ it "returns an existing context role with specified name if possible" do
101
101
  context_role_name = "logged_in_user"
102
102
  line = "0:+:PrivilegeSet(chat)ContextRole(#{context_role_name})"
103
103
  existing_context_role = PristineRole.create(:name => context_role_name, :role_id => 0, :role_type => PristineRole.ROLE_TYPES[:context])
104
104
 
105
- @pristine_file.parse_role(line, 0).should == existing_context_role
105
+ expect(@pristine_file.parse_role(line, 0)).to eq(existing_context_role)
106
106
  end
107
107
 
108
- it "should not return an existing context role with specified name if db should not be used" do
108
+ it "does not return an existing context role with specified name if db should not be used" do
109
109
  context_role_name = "logged_in_user"
110
110
  line = "0:+:PrivilegeSet(chat)ContextRole(#{context_role_name})"
111
111
  existing_context_role = PristineRole.create(:name => context_role_name, :role_id => 0, :role_type => PristineRole.ROLE_TYPES[:context])
112
112
 
113
- @pristine_file.parse_role(line, 0, false).should_not == existing_context_role
113
+ expect(@pristine_file.parse_role(line, 0, false)).not_to eq(existing_context_role)
114
114
  end
115
115
 
116
- it "should return a context role with id of 0 if the role specified as ContextRole" do
116
+ it "returns a context role with id of 0 if the role specified as ContextRole" do
117
117
  line = "0:+:PrivilegeSet(chat)ContextRole(logged_in_user)"
118
118
 
119
- @pristine_file.parse_role(line, 0).role_id.should == 0
119
+ expect(@pristine_file.parse_role(line, 0).role_id).to eq(0)
120
120
  end
121
121
 
122
- it "should fail if an invalid line is provided" do
122
+ it "fails if an invalid line is provided" do
123
123
  line = "0:+:PrivilegeSet(toeteraars)"
124
124
 
125
- proc{
125
+ expect(proc{
126
126
  @pristine_file.parse_role(line, 0)
127
- }.should raise_error(SyntaxError)
127
+ }).to raise_error(SyntaxError)
128
128
  end
129
129
 
130
- it "should fail if a generic role is provided for the normal (non-generic) pristine file" do
130
+ it "fails if a generic role is provided for the normal (non-generic) pristine file" do
131
131
  line = "0:+:PrivilegeSet(chat)GenericRole(group_admins)"
132
132
 
133
- proc{
133
+ expect(proc{
134
134
  @pristine_file.parse_role(line, 0)
135
- }.should raise_error(SyntaxError)
135
+ }).to raise_error(SyntaxError)
136
136
  end
137
137
 
138
-
139
- it "should return a generic role if a generic pristine file is used" do
138
+ it "returns a generic role if a generic pristine file is used" do
140
139
  @pristine_file = GenericPristineFile.new(:file_name =>"cbac.pristine")
141
140
  line = "0:+:PrivilegeSet(chat)GenericRole(group_admins)"
142
141
 
143
- @pristine_file.parse_role(line, 0).role_type.should == PristineRole.ROLE_TYPES[:generic]
142
+ expect(@pristine_file.parse_role(line, 0).role_type).to eq(PristineRole.ROLE_TYPES[:generic])
144
143
  end
145
144
 
146
- it "should return an existing generic role if use_db is not specified" do
145
+ it "returns an existing generic role if use_db is not specified" do
147
146
  generic_role_name = 'group_admins'
148
147
  @pristine_file = GenericPristineFile.new(:file_name =>"cbac.pristine")
149
148
  line = "0:+:PrivilegeSet(chat)GenericRole(#{generic_role_name})"
150
149
  existing_role = PristineRole.create(:role_id => 1, :role_type => PristineRole.ROLE_TYPES[:generic], :name => generic_role_name)
151
150
 
152
- @pristine_file.parse_role(line, 0).should == existing_role
151
+ expect(@pristine_file.parse_role(line, 0)).to eq(existing_role)
153
152
  end
154
153
 
155
- it "should not use an existing role if use_db is set to false" do
154
+ it "does not use an existing role if use_db is set to false" do
156
155
  generic_role_name = 'group_admins'
157
156
  @pristine_file = GenericPristineFile.new(:file_name =>"cbac.pristine")
158
157
  line = "0:+:PrivilegeSet(chat)GenericRole(#{generic_role_name})"
159
158
  existing_role = PristineRole.create(:role_id => 1, :role_type => PristineRole.ROLE_TYPES[:generic], :name => generic_role_name)
160
159
 
161
- @pristine_file.parse_role(line, 0, false).should_not == existing_role
160
+ expect(@pristine_file.parse_role(line, 0, false)).not_to eq(existing_role)
162
161
  end
163
162
 
164
- it "should fail if an Admin role is used in a generic pristine file" do
163
+ it "fails if an Admin role is used in a generic pristine file" do
165
164
  @pristine_file = GenericPristineFile.new(:file_name =>"cbac.pristine")
166
165
  line = "0:+:PrivilegeSet(chat)Admin()"
167
166
 
168
- proc{
167
+ expect(proc{
169
168
  @pristine_file.parse_role(line, 0)
170
- }.should raise_error(SyntaxError)
169
+ }).to raise_error(SyntaxError)
171
170
  end
172
171
 
173
- it "should fail if an context role is used in a generic pristine file" do
172
+ it "fails if an context role is used in a generic pristine file" do
174
173
  @pristine_file = GenericPristineFile.new(:file_name =>"cbac.pristine")
175
174
  line = "0:+:PrivilegeSet(chat)ContextRole(logged_in_user)"
176
175
 
177
- proc{
176
+ expect(proc{
178
177
  @pristine_file.parse_role(line, 0)
179
- }.should raise_error(SyntaxError)
178
+ }).to raise_error(SyntaxError)
180
179
  end
181
180
 
182
- it "should fail if an invalid line is provided in a generic pristine file" do
181
+ it "fails if an invalid line is provided in a generic pristine file" do
183
182
  @pristine_file = GenericPristineFile.new(:file_name =>"cbac.pristine")
184
183
  line = "0:+:PrivilegeSet(toeteraars)"
185
184
 
186
- proc{
185
+ expect(proc{
187
186
  @pristine_file.parse_role(line, 0)
188
- }.should raise_error(SyntaxError)
187
+ }).to raise_error(SyntaxError)
189
188
  end
190
189
  end
191
190
 
192
191
  describe "parsing a cbac_pristine file" do
193
- it "should fail if a row number is used twice" do
192
+ it "fails if a row number is used twice" do
194
193
  pristine_file_lines = ["0:+:PrivilegeSet(chat)ContextRole(logged_in_user)"]
195
194
  pristine_file_lines.push("0:+:PrivilegeSet(log_in)ContextRole(everybody)")
196
195
 
197
- File.stub!(:open).and_return(pristine_file_lines)
196
+ allow(File).to receive(:open).and_return(pristine_file_lines)
198
197
 
199
198
  pristine_file = PristineFile.new(:file_name =>"cbac.pristine")
200
199
 
201
- proc{
200
+ expect(proc{
202
201
  pristine_file.parse
203
- }.should raise_error(SyntaxError)
202
+ }).to raise_error(SyntaxError)
204
203
  end
205
204
 
206
- it "should fill the lines array with an object for each file line" do
205
+ it "fills the lines array with an object for each file line" do
207
206
  pristine_file_lines = ["0:+:PrivilegeSet(chat)ContextRole(logged_in_user)"]
208
207
  pristine_file_lines.push("1:+:PrivilegeSet(log_in)ContextRole(everybody)")
209
208
  pristine_file_lines.push("2:+:PrivilegeSet(log_out)ContextRole(logged_in_user)")
210
209
 
211
- File.stub!(:open).and_return(pristine_file_lines)
210
+ allow(File).to receive(:open).and_return(pristine_file_lines)
212
211
 
213
212
  pristine_file = PristineFile.new(:file_name =>"cbac.pristine")
214
213
  pristine_file.parse
215
214
 
216
- pristine_file.permissions.length.should == pristine_file_lines.length
215
+ expect(pristine_file.permissions.length).to eq(pristine_file_lines.length)
217
216
  end
218
217
 
219
- it "should not create an object for a comment line" do
218
+ it "does not create an object for a comment line" do
220
219
  pristine_file_lines = ["0:+:PrivilegeSet(chat)ContextRole(logged_in_user)"]
221
220
  pristine_file_lines.push("1:+:PrivilegeSet(log_in)ContextRole(everybody)")
222
221
  pristine_file_lines.push("#this is a Ruby comment line")
223
222
 
224
- File.stub!(:open).and_return(pristine_file_lines)
223
+ allow(File).to receive(:open).and_return(pristine_file_lines)
225
224
 
226
225
  pristine_file = PristineFile.new(:file_name =>"cbac.pristine")
227
226
  pristine_file.parse
228
227
 
229
- pristine_file.permissions.length.should == 2
228
+ expect(pristine_file.permissions.length).to eq(2)
230
229
  end
231
230
 
232
- it "should also add a permission object if permission is revoked (operand - is used)" do
231
+ it "also adds a permission object if permission is revoked (operand - is used)" do
233
232
  pristine_file_lines = ["0:+:PrivilegeSet(chat)ContextRole(logged_in_user)"]
234
233
  pristine_file_lines.push("1:+:PrivilegeSet(log_in)ContextRole(everybody)")
235
234
  pristine_file_lines.push("2:-:PrivilegeSet(chat)ContextRole(logged_in_user)")
236
235
 
237
- File.stub!(:open).and_return(pristine_file_lines)
236
+ allow(File).to receive(:open).and_return(pristine_file_lines)
238
237
 
239
238
  pristine_file = PristineFile.new(:file_name =>"cbac.pristine")
240
239
  pristine_file.parse
241
240
 
242
- pristine_file.permissions.length.should == 3
243
- pristine_file.permissions[2].operation.should == '-'
241
+ expect(pristine_file.permissions.length).to eq(3)
242
+ expect(pristine_file.permissions[2].operation).to eq('-')
244
243
  end
245
244
 
246
- it "should fail if a permission is revoked which wasn't added before" do
245
+ it "fails if a permission is revoked which wasn't added before" do
247
246
  pristine_file_lines = ["0:+:PrivilegeSet(chat)ContextRole(logged_in_user)"]
248
247
  pristine_file_lines.push("1:+:PrivilegeSet(log_in)ContextRole(everybody)")
249
248
  pristine_file_lines.push("2:-:PrivilegeSet(chat)ContextRole(everybody)")
250
249
 
251
- File.stub!(:open).and_return(pristine_file_lines)
250
+ allow(File).to receive(:open).and_return(pristine_file_lines)
252
251
 
253
252
  pristine_file = PristineFile.new(:file_name =>"cbac.pristine")
254
- proc{
253
+
254
+ expect(proc{
255
255
  pristine_file.parse
256
- }.should raise_error(SyntaxError)
256
+ }).to raise_error(SyntaxError)
257
257
  end
258
258
 
259
- it "should fail if an x is used as an operand" do
259
+ it "fails if an x is used as an operand" do
260
260
  pristine_file_lines = ["0:x:PrivilegeSet(chat)ContextRole(logged_in_user)"]
261
- File.stub!(:open).and_return(pristine_file_lines)
261
+ allow(File).to receive(:open).and_return(pristine_file_lines)
262
262
 
263
263
  pristine_file = PristineFile.new(:file_name =>"cbac.pristine")
264
- proc{
264
+
265
+ expect(proc{
265
266
  pristine_file.parse
266
- }.should raise_error(NotImplementedError)
267
+ }).to raise_error(NotImplementedError)
267
268
  end
268
269
 
269
- it "should fail if an => is used as an operand" do
270
+ it "fails if an => is used as an operand" do
270
271
  pristine_file_lines = ["0:=>:PrivilegeSet(chat)ContextRole(logged_in_user)"]
271
- File.stub!(:open).and_return(pristine_file_lines)
272
+ allow(File).to receive(:open).and_return(pristine_file_lines)
272
273
 
273
274
  pristine_file = PristineFile.new(:file_name =>"cbac.pristine")
274
- proc{
275
+
276
+ expect(proc{
275
277
  pristine_file.parse
276
- }.should raise_error(NotImplementedError)
278
+ }).to raise_error(NotImplementedError)
277
279
  end
278
280
  end
279
281
 
@@ -284,40 +286,40 @@ describe "CbacPristineFile" do
284
286
  @pristine_file = PristineFile.new(:file_name =>"cbac.pristine")
285
287
  end
286
288
 
287
- it "should filter out the permissions which were revoked" do
289
+ it "filters out the permissions which were revoked" do
288
290
  permission_to_revoke = PristinePermission.new(:privilege_set_name => "chat", :pristine_role => @context_role, :operation => '+')
289
291
  @pristine_file.permissions.push(permission_to_revoke)
290
292
  @pristine_file.permissions.push(PristinePermission.new(:privilege_set_name => permission_to_revoke.privilege_set_name, :pristine_role => permission_to_revoke.pristine_role, :operation => '-'))
291
293
 
292
- @pristine_file.permission_set.should_not include(permission_to_revoke)
294
+ expect(@pristine_file.permission_set).not_to include(permission_to_revoke)
293
295
  end
294
296
 
295
- it "should not include the revoke permission itself" do
297
+ it "does not include the revoke permission itself" do
296
298
  revoke_permission = PristinePermission.new(:privilege_set_name => "chat", :pristine_role => @context_role, :operation => '-')
297
299
  @pristine_file.permissions.push(PristinePermission.new(:privilege_set_name => revoke_permission.privilege_set_name, :pristine_role => revoke_permission.pristine_role, :operation => '+'))
298
300
  @pristine_file.permissions.push(revoke_permission)
299
301
 
300
- @pristine_file.permission_set.should_not include(revoke_permission)
302
+ expect(@pristine_file.permission_set).not_to include(revoke_permission)
301
303
  end
302
304
 
303
- it "should contain the permission if it is re-applied" do
305
+ it "contains the permission if it is re-applied" do
304
306
  re_applied_permission = PristinePermission.new(:privilege_set_name => "chat", :pristine_role => @context_role, :operation => '+')
305
307
  @pristine_file.permissions.push(PristinePermission.new(:privilege_set_name => re_applied_permission.privilege_set_name, :pristine_role => re_applied_permission.pristine_role, :operation => '+'))
306
308
  @pristine_file.permissions.push(PristinePermission.new(:privilege_set_name => re_applied_permission.privilege_set_name, :pristine_role => re_applied_permission.pristine_role, :operation => '-'))
307
309
  @pristine_file.permissions.push(re_applied_permission)
308
310
 
309
- @pristine_file.permission_set.should include(re_applied_permission)
311
+ expect(@pristine_file.permission_set).to include(re_applied_permission)
310
312
  end
311
313
 
312
- it "should raise an error if a permission is revoked which wasn't created before" do
314
+ it "raises an error if a permission is revoked which wasn't created before" do
313
315
  @pristine_file.permissions.push(PristinePermission.new(:privilege_set_name => "chat", :pristine_role => @context_role, :operation => '+'))
314
316
  @pristine_file.permissions.push(PristinePermission.new(:privilege_set_name => "login", :pristine_role => @context_role, :operation => '+'))
315
317
  @pristine_file.permissions.push(PristinePermission.new(:privilege_set_name => "blog_read", :pristine_role => @context_role, :operation => '-'))
316
318
  @pristine_file.permissions.push(PristinePermission.new(:privilege_set_name => "update_blog", :pristine_role => @context_role, :operation => '+'))
317
319
 
318
- proc {
320
+ expect(proc {
319
321
  @pristine_file.permission_set
320
- }.should raise_error(ArgumentError)
322
+ }).to raise_error(ArgumentError)
321
323
  end
322
324
  end
323
325
  end
data/spec/cbac_pristine_permission_spec.rb CHANGED
@@ -9,60 +9,62 @@ describe "CbacPristinePermission" do
9
9
  @context_role = PristineRole.new(:role_id => 0, :role_type => PristineRole.ROLE_TYPES[:context], :name => "chat_starter")
10
10
  end
11
11
 
12
- it "should raise an error if the pristine line has no role" do
12
+ it "raises an error if the pristine line has no role" do
13
13
  pristine_permission = PristinePermission.new(:line_number => 1, :privilege_set_name => 'log_in', :pristine_role => nil)
14
- lambda {
14
+
15
+ expect(lambda {
15
16
  pristine_permission.to_yml_fixture
16
- }.should raise_error(ArgumentError)
17
+ }).to raise_error(ArgumentError)
17
18
  end
18
19
 
19
- it "should raise an error if the pristine line has no privilege_set_name" do
20
+ it "raises an error if the pristine line has no privilege_set_name" do
20
21
  pristine_permission = PristinePermission.new(:line_number => 1, :privilege_set_name => "", :pristine_role => @context_role)
21
- lambda {
22
+
23
+ expect(lambda {
22
24
  pristine_permission.to_yml_fixture
23
- }.should raise_error(ArgumentError)
25
+ }).to raise_error(ArgumentError)
24
26
  end
25
27
 
26
- it "should return a yml string starting with cbac_permission_ " do
28
+ it "returns a yml string starting with cbac_permission_ " do
27
29
  pristine_permission = PristinePermission.new(:line_number => 1, :privilege_set_name => "chat", :pristine_role => @context_role)
28
30
 
29
- pristine_permission.to_yml_fixture.should match(/\Acbac_permission_/)
31
+ expect(pristine_permission.to_yml_fixture).to match(/\Acbac_permission_/)
30
32
  end
31
33
 
32
- it "should return a yml string containing the line number of the pristine line" do
34
+ it "returns a yml string containing the line number of the pristine line" do
33
35
  line_number= 100
34
36
  pristine_permission = PristinePermission.new(:line_number => line_number, :privilege_set_name => "chat", :pristine_role => @context_role)
35
37
 
36
- pristine_permission.to_yml_fixture.should match(/id: #{line_number}/)
38
+ expect(pristine_permission.to_yml_fixture).to match(/id: #{line_number}/)
37
39
  end
38
40
 
39
- it "should return a yml string containing a generic role id of 0 if a context_role is used" do
41
+ it "returns a yml string containing a generic role id of 0 if a context_role is used" do
40
42
  pristine_permission = PristinePermission.new(:line_number => 150, :privilege_set_name => "chat", :pristine_role => @context_role)
41
43
 
42
- pristine_permission.to_yml_fixture.should match(/generic_role_id: 0/)
44
+ expect(pristine_permission.to_yml_fixture).to match(/generic_role_id: 0/)
43
45
  end
44
46
 
45
- it "should return a yml string containing the name of the context role if a context_role is used" do
47
+ it "returns a yml string containing the name of the context role if a context_role is used" do
46
48
  pristine_permission = PristinePermission.new(:line_number => 150, :privilege_set_name => "chat", :pristine_role => @context_role)
47
49
 
48
- pristine_permission.to_yml_fixture.should match(/context_role: #{@context_role.name}/)
50
+ expect(pristine_permission.to_yml_fixture).to match(/context_role: #{@context_role.name}/)
49
51
  end
50
52
 
51
- it "should return a yml string containing the id of the generic role if a generic role is used" do
53
+ it "returns a yml string containing the id of the generic role if a generic role is used" do
52
54
  pristine_permission = PristinePermission.new(:line_number => 150, :privilege_set_name => "chat", :pristine_role => @admin_role)
53
55
 
54
- pristine_permission.to_yml_fixture.should match(/generic_role_id: #{@admin_role.id.to_s}/)
56
+ expect(pristine_permission.to_yml_fixture).to match(/generic_role_id: #{@admin_role.id.to_s}/)
55
57
  end
56
58
 
57
- it "should return a yml string containing ruby code to find the privilege set by name" do
59
+ it "returns a yml string containing ruby code to find the privilege set by name" do
58
60
  pristine_permission = PristinePermission.new(:line_number => 150, :privilege_set_name => "chat", :pristine_role => @context_role)
59
61
 
60
- pristine_permission.to_yml_fixture.should match(/privilege_set_id: \<%= Cbac::PrivilegeSetRecord.find\(:first, :conditions => \{:name => '#{pristine_permission.privilege_set_name}'\}\)\.id %>/)
62
+ expect(pristine_permission.to_yml_fixture).to match(/privilege_set_id: \<%= Cbac::PrivilegeSetRecord.where\(name: '#{pristine_permission.privilege_set_name}'\)\.first\.id %>/)
61
63
  end
62
64
 
63
- it "should return a yml string containing created_at and updated_at" do
65
+ it "returns a yml string containing created_at and updated_at" do
64
66
  pristine_permission = PristinePermission.new(:line_number => 1, :privilege_set_name => "chat", :pristine_role => @context_role)
65
- pristine_permission.to_yml_fixture.should match(/created_at:.+updated_at:/m)
67
+ expect(pristine_permission.to_yml_fixture).to match(/created_at:.+updated_at:/m)
66
68
  end
67
69
  end
68
70
 
@@ -75,49 +77,49 @@ describe "CbacPristinePermission" do
75
77
  @pristine_admin_role = PristineRole.new(:role_id => 1, :role_type => PristineRole.ROLE_TYPES[:admin], :name => @admin_role.name)
76
78
  end
77
79
 
78
- it "should return true if the pristine permission exists as generic cbac permission in the database" do
80
+ it "returns true if the pristine permission exists as generic cbac permission in the database" do
79
81
  Cbac::Permission.create(:privilege_set_id => @privilege_set.id, :generic_role_id => @admin_role.id)
80
82
 
81
83
  pristine_permission = PristinePermission.new(:privilege_set_name => @privilege_set.name, :pristine_role => @pristine_admin_role)
82
84
 
83
- pristine_permission.cbac_permission_exists?.should be_true
85
+ expect(pristine_permission.cbac_permission_exists?).to be_truthy
84
86
  end
85
87
 
86
- it "should return true if the pristine permission exists as context cbac permission in the database" do
88
+ it "returns true if the pristine permission exists as context cbac permission in the database" do
87
89
  Cbac::Permission.create(:privilege_set_id => @privilege_set.id, :generic_role_id => 0, :context_role => @pristine_context_role.name)
88
90
 
89
91
  pristine_permission = PristinePermission.new(:privilege_set_name => @privilege_set.name, :pristine_role => @pristine_context_role)
90
92
 
91
- pristine_permission.cbac_permission_exists?.should be_true
93
+ expect(pristine_permission.cbac_permission_exists?).to be_truthy
92
94
  end
93
95
 
94
- it "should return false if the pristine permission does not exist as context cbac permission in the database" do
96
+ it "returns false if the pristine permission does not exist as context cbac permission in the database" do
95
97
  pristine_permission = PristinePermission.new(:privilege_set_name => @privilege_set.name, :pristine_role => @pristine_context_role)
96
98
 
97
- pristine_permission.cbac_permission_exists?.should be_false
99
+ expect(pristine_permission.cbac_permission_exists?).to be_falsey
98
100
  end
99
101
 
100
- it "should return false if the pristine permission does not exist as a generic cbac permission in the database" do
102
+ it "returns false if the pristine permission does not exist as a generic cbac permission in the database" do
101
103
  pristine_permission = PristinePermission.new(:privilege_set_name => @privilege_set.name, :pristine_role => @pristine_admin_role)
102
104
 
103
- pristine_permission.cbac_permission_exists?.should be_false
105
+ expect(pristine_permission.cbac_permission_exists?).to be_falsey
104
106
  end
105
107
 
106
- it "should return false if a similar pristine permission exist as a generic cbac permission in the database, but for another generic role" do
108
+ it "returns false if a similar pristine permission exist as a generic cbac permission in the database, but for another generic role" do
107
109
  group_admin = Cbac::GenericRole.create(:name => "group_administrator")
108
110
  Cbac::Permission.create(:privilege_set_id => @privilege_set.id, :generic_role_id => group_admin.id)
109
111
 
110
112
  pristine_permission = PristinePermission.new(:privilege_set_name => @privilege_set.name, :pristine_role => @pristine_admin_role)
111
113
 
112
- pristine_permission.cbac_permission_exists?.should be_false
114
+ expect(pristine_permission.cbac_permission_exists?).to be_falsey
113
115
  end
114
116
 
115
- it "should return false if a similar pristine permission exist as a context cbac permission in the database, but for another context role" do
117
+ it "returns false if a similar pristine permission exist as a context cbac permission in the database, but for another context role" do
116
118
  Cbac::Permission.create(:privilege_set_id => @privilege_set.id, :generic_role_id => 0, :context_role => "group_owner")
117
119
 
118
120
  pristine_permission = PristinePermission.new(:privilege_set_name => @privilege_set.name, :pristine_role => @pristine_context_role)
119
121
 
120
- pristine_permission.cbac_permission_exists?.should be_false
122
+ expect(pristine_permission.cbac_permission_exists?).to be_falsey
121
123
  end
122
124
  end
123
125
 
@@ -127,12 +129,12 @@ describe "CbacPristinePermission" do
127
129
  @pristine_admin_role = PristineRole.new(:role_id => 1, :role_type => PristineRole.ROLE_TYPES[:admin], :name => "administrator")
128
130
  end
129
131
 
130
- it "should return true if the pristine permission exists as a known permission in the database" do
132
+ it "returns true if the pristine permission exists as a known permission in the database" do
131
133
  pristine_permission = PristinePermission.new(:pristine_role => @pristine_admin_role, :line_number => 4, :privilege_set_name => "not relevant")
132
134
 
133
135
  Cbac::KnownPermission.create(:permission_number => pristine_permission.line_number, :permission_type => Cbac::KnownPermission.PERMISSION_TYPES[:context])
134
136
 
135
- pristine_permission.known_permission_exists?.should be_true
137
+ expect(pristine_permission.known_permission_exists?).to be_truthy
136
138
  end
137
139
  end
138
140
 
@@ -147,30 +149,30 @@ describe "CbacPristinePermission" do
147
149
  @pristine_permission.operation = '+'
148
150
  @pristine_permission.line_number = rand
149
151
 
150
- @pristine_file = mock('pristine_file', :permissions => [ @pristine_permission ])
151
- @pristine_permission.stub(:pristine_file).and_return @pristine_file
152
+ @pristine_file = double('pristine_file', :permissions => [ @pristine_permission ])
153
+ allow(@pristine_permission).to receive(:pristine_file).and_return @pristine_file
152
154
  end
153
155
 
154
- it "should create a known permission to record a change" do
155
- proc {
156
+ it "creates a known permission to record a change" do
157
+ expect(proc {
156
158
  @pristine_permission.accept
157
- }.should change(Cbac::KnownPermission, :count).by(1)
159
+ }).to change(Cbac::KnownPermission, :count).by(1)
158
160
  end
159
161
 
160
- it "should create a known permission with specified permission identifier" do
162
+ it "creates a known permission with specified permission identifier" do
161
163
  @pristine_permission.accept
162
164
 
163
165
  known_permission = Cbac::KnownPermission.last
164
166
 
165
- known_permission.permission_number.should == @pristine_permission.line_number
167
+ expect(known_permission.permission_number).to eq(@pristine_permission.line_number)
166
168
  end
167
169
 
168
- it "should create a known permission with specified role type" do
170
+ it "creates a known permission with specified role type" do
169
171
  @pristine_permission.accept
170
172
 
171
173
  known_permission = Cbac::KnownPermission.last
172
174
 
173
- known_permission.permission_type.should == Cbac::KnownPermission.PERMISSION_TYPES[:context]
175
+ expect(known_permission.permission_type).to eq(Cbac::KnownPermission.PERMISSION_TYPES[:context])
174
176
  end
175
177
 
176
178
  context "if the operation is '-'" do
@@ -180,10 +182,10 @@ describe "CbacPristinePermission" do
180
182
  @pristine_permission.operation = '-'
181
183
  end
182
184
 
183
- it "should still create a known permission" do
184
- proc {
185
+ it "still creates a known permission" do
186
+ expect(proc {
185
187
  @pristine_permission.accept
186
- }.should change(Cbac::KnownPermission, :count).by(1)
188
+ }).to change(Cbac::KnownPermission, :count).by(1)
187
189
  end
188
190
  end
189
191
  end
@@ -197,7 +199,7 @@ describe "CbacPristinePermission" do
197
199
  @pristine_admin_role = PristineRole.new(:role_id => 1, :role_type => PristineRole.ROLE_TYPES[:admin], :name => @admin_role.name)
198
200
 
199
201
  @pristine_permission = PristinePermission.new(:privilege_set_name => @privilege_set.name)
200
- @pristine_permission.stub(:register_change)
202
+ allow(@pristine_permission).to receive(:register_change)
201
203
  end
202
204
 
203
205
  context "if operation '+' is used" do
@@ -211,22 +213,22 @@ describe "CbacPristinePermission" do
211
213
  @pristine_permission.save!
212
214
  end
213
215
 
214
- it "should delete the pristine permission since it was accepted" do
215
- proc {
216
+ it "deletes the pristine permission since it was accepted" do
217
+ expect(proc {
216
218
  @pristine_permission.accept
217
- }.should change(PristinePermission, :count).by(-1)
219
+ }).to change(PristinePermission, :count).by(-1)
218
220
  end
219
221
 
220
- it "should register the change" do
221
- @pristine_permission.should_receive(:register_change)
222
+ it "registers the change" do
223
+ expect(@pristine_permission).to receive(:register_change)
222
224
 
223
225
  @pristine_permission.accept
224
226
  end
225
227
 
226
- it "should add the context permission to the database" do
227
- proc {
228
+ it "adds the context permission to the database" do
229
+ expect(proc {
228
230
  @pristine_permission.accept
229
- }.should change(Cbac::Permission, :count).by(1)
231
+ }).to change(Cbac::Permission, :count).by(1)
230
232
  end
231
233
  end
232
234
 
@@ -236,31 +238,31 @@ describe "CbacPristinePermission" do
236
238
  @pristine_permission.save!
237
239
  end
238
240
 
239
- it "should delete the pristine permission since it was accepted" do
240
- proc {
241
+ it "deletes the pristine permission since it was accepted" do
242
+ expect(proc {
241
243
  @pristine_permission.accept
242
- }.should change(PristinePermission, :count).by(-1)
244
+ }).to change(PristinePermission, :count).by(-1)
243
245
  end
244
246
 
245
- it "should register the change" do
246
- @pristine_permission.should_receive(:register_change)
247
+ it "registers the change" do
248
+ expect(@pristine_permission).to receive(:register_change)
247
249
 
248
250
  @pristine_permission.accept
249
251
  end
250
252
 
251
- it "should create a generic permission" do
252
- proc {
253
+ it "creates a generic permission" do
254
+ expect(proc {
253
255
  @pristine_permission.accept
254
- }.should change(Cbac::Permission, :count).by(1)
256
+ }).to change(Cbac::Permission, :count).by(1)
255
257
  end
256
258
 
257
259
  context "and the given role already exists" do
258
- it "should use the existing role" do
260
+ it "uses the existing role" do
259
261
  @pristine_permission.pristine_role = @pristine_admin_role
260
262
 
261
263
  @pristine_permission.accept
262
264
 
263
- Cbac::Permission.last.generic_role.should == @admin_role
265
+ expect(Cbac::Permission.last.generic_role).to eq(@admin_role)
264
266
  end
265
267
  end
266
268
 
@@ -269,10 +271,10 @@ describe "CbacPristinePermission" do
269
271
  Cbac::GenericRole.delete_all
270
272
  end
271
273
 
272
- it "should create a generic role if it doesn't exist in yet" do
273
- proc {
274
+ it "creates a generic role if it doesn't exist yet" do
275
+ expect(proc {
274
276
  @pristine_permission.accept
275
- }.should change(Cbac::GenericRole, :count).by(1)
277
+ }).to change(Cbac::GenericRole, :count).by(1)
276
278
  end
277
279
  end
278
280
  end
@@ -284,12 +286,12 @@ describe "CbacPristinePermission" do
284
286
  @pristine_permission.pristine_role = @pristine_context_role
285
287
  end
286
288
 
287
- it "should remove an existing permission" do
289
+ it "removes an existing permission" do
288
290
  Cbac::Permission.create(:privilege_set_id => @privilege_set.id, :generic_role_id => 0, :context_role => @pristine_context_role.name)
289
291
 
290
- proc {
292
+ expect(proc {
291
293
  @pristine_permission.accept
292
- }.should change(Cbac::Permission, :count).by(-1)
294
+ }).to change(Cbac::Permission, :count).by(-1)
293
295
  end
294
296
 
295
297
  context "if the permission specified does not exist" do
@@ -297,10 +299,10 @@ describe "CbacPristinePermission" do
297
299
  Cbac::Permission.delete_all
298
300
  end
299
301
 
300
- it "should raise an error" do
301
- proc {
302
+ it "raises an error" do
303
+ expect(proc {
302
304
  @pristine_permission.accept
303
- }.should raise_error(ArgumentError)
305
+ }).to raise_error(ArgumentError)
304
306
  end
305
307
  end
306
308
  end
@@ -312,82 +314,82 @@ describe "CbacPristinePermission" do
312
314
  @pristine_admin_role = PristineRole.new(:role_id => 1, :role_type => PristineRole.ROLE_TYPES[:admin], :name => "administrator")
313
315
  end
314
316
 
315
- it "should persist the pristine permission to the database" do
317
+ it "persists the pristine permission to the database" do
316
318
  pristine_permission = PristinePermission.new(:privilege_set_name => "login", :pristine_role => @pristine_context_role, :operation => '+')
317
319
 
318
- proc {
320
+ expect(proc {
319
321
  pristine_permission.stage
320
- }.should change(Cbac::CbacPristine::PristinePermission, :count).by(1)
321
-
322
+ }).to change(Cbac::CbacPristine::PristinePermission, :count).by(1)
322
323
  end
323
324
 
324
- it "should persist the associated role if it doesn't exist yet" do
325
+ it "persists the associated role if it doesn't exist yet" do
325
326
  pristine_permission = PristinePermission.new(:privilege_set_name => "login", :pristine_role => @pristine_context_role, :operation => '+')
326
327
 
327
- proc {
328
+ expect(proc {
328
329
  pristine_permission.stage
329
- }.should change(Cbac::CbacPristine::PristineRole, :count).by(1)
330
+ }).to change(Cbac::CbacPristine::PristineRole, :count).by(1)
330
331
  end
331
332
 
332
- it "should not create a new pristine permission if the cbac permission exists and the pristine permission wants to add" do
333
+ it "does not create a new pristine permission if the cbac permission exists and the pristine permission wants to add" do
333
334
  privilege_set = Cbac::PrivilegeSetRecord.create(:name => "login")
334
335
  Cbac::Permission.create(:privilege_set_id => privilege_set.id, :generic_role_id => 0, :context_role => @pristine_context_role.name)
335
336
 
336
337
  pristine_permission = PristinePermission.new(:operation => '+', :privilege_set_name => privilege_set.name, :pristine_role => @pristine_context_role)
337
- proc {
338
+
339
+ expect(proc {
338
340
  pristine_permission.stage
339
- }.should_not change(Cbac::CbacPristine::PristinePermission, :count)
341
+ }).not_to change(Cbac::CbacPristine::PristinePermission, :count)
340
342
  end
341
343
 
342
- it "should create a new pristine permission if the cbac permission exists and the pristine permission wants to revoke" do
344
+ it "creates a new pristine permission if the cbac permission exists and the pristine permission wants to revoke" do
343
345
  privilege_set = Cbac::PrivilegeSetRecord.create(:name => "login")
344
346
  Cbac::Permission.create(:privilege_set_id => privilege_set.id, :generic_role_id => 0, :context_role => @pristine_context_role.name)
345
347
 
346
348
  pristine_permission = PristinePermission.new(:operation => '-', :privilege_set_name => privilege_set.name, :pristine_role => @pristine_context_role)
347
- proc {
349
+
350
+ expect(proc {
348
351
  pristine_permission.stage
349
- }.should change(Cbac::CbacPristine::PristinePermission, :count).by(1)
352
+ }).to change(Cbac::CbacPristine::PristinePermission, :count).by(1)
350
353
  end
351
354
 
352
- it "should not create a new pristine permission if a staged add permission exists and this pristine permission wants to revoke" do
355
+ it "does not create a new pristine permission if a staged add permission exists and this pristine permission wants to revoke" do
353
356
  privilege_set_name = "chat"
354
357
  PristinePermission.new(:operation => '+', :privilege_set_name => privilege_set_name, :pristine_role => @pristine_context_role)
355
358
  pristine_revoke_permission = PristinePermission.new(:operation => '-', :privilege_set_name => privilege_set_name, :pristine_role => @pristine_context_role)
356
359
 
357
- proc {
360
+ expect(proc {
358
361
  pristine_revoke_permission.stage
359
- }.should_not change(Cbac::CbacPristine::PristinePermission, :count).by(1)
362
+ }).not_to change(Cbac::CbacPristine::PristinePermission, :count)
360
363
  end
361
364
 
362
- it "should delete a staged add permission if the pristine permission wants to revoke the same permission" do
365
+ it "deletes a staged add permission if the pristine permission wants to revoke the same permission" do
363
366
  privilege_set_name = "chat"
364
367
  PristinePermission.create(:operation => '+', :privilege_set_name => privilege_set_name, :pristine_role => @pristine_context_role)
365
368
  pristine_revoke_permission = PristinePermission.new(:operation => '-', :privilege_set_name => privilege_set_name, :pristine_role => @pristine_context_role)
366
369
 
367
- proc {
370
+ expect(proc {
368
371
  pristine_revoke_permission.stage
369
- }.should change(Cbac::CbacPristine::PristinePermission, :count).by(-1)
372
+ }).to change(Cbac::CbacPristine::PristinePermission, :count).by(-1)
370
373
  end
371
374
 
372
- it "should not create a new pristine permission if a cbac known permission exists" do
375
+ it "does not create a new pristine permission if a cbac known permission exists" do
373
376
  known_number = 1
374
377
  pristine_permission = PristinePermission.new(:line_number => known_number, :privilege_set_name => "name not relevant", :pristine_role => @pristine_context_role)
375
378
  Cbac::KnownPermission.create(:permission_number => known_number, :permission_type => Cbac::KnownPermission.PERMISSION_TYPES[:context])
376
379
 
377
- proc {
380
+ expect(proc {
378
381
  pristine_permission.stage
379
- }.should_not change(Cbac::CbacPristine::PristinePermission, :count)
380
-
382
+ }).not_to change(Cbac::CbacPristine::PristinePermission, :count)
381
383
  end
382
384
 
383
- it "should raise an error if the same pristine permission is staged twice" do
385
+ it "raises an error if the same pristine permission is staged twice" do
384
386
  privilege_set_name = "chat"
385
387
  PristinePermission.create(:operation => '+', :privilege_set_name => privilege_set_name, :pristine_role => @pristine_context_role, :line_number => 2)
386
388
  pristine_permission = PristinePermission.new(:operation => '+', :privilege_set_name => privilege_set_name, :pristine_role => @pristine_context_role, :line_number => 3)
387
389
 
388
- proc {
390
+ expect(proc {
389
391
  pristine_permission.stage
390
- }.should raise_error(ArgumentError)
392
+ }).to raise_error(ArgumentError)
391
393
  end
392
394
  end
393
395
  end