credentials 2.2.0 → 2.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/VERSION +1 -1
- data/credentials.gemspec +1 -1
- data/spec/controllers/test_controller_spec.rb +75 -73
- metadata +1 -1
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
2.2.
|
1
|
+
2.2.1
|
data/credentials.gemspec
CHANGED
@@ -1,99 +1,101 @@
|
|
1
1
|
require File.dirname(__FILE__) + '/../spec_helper'
|
2
2
|
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
3
|
+
if defined?(ActionController)
|
4
|
+
class TestController < ActionController::Base
|
5
|
+
self.current_user_method = :logged_in_user
|
6
|
+
requires_permission_to :view, :stuff, :except => [ :public ]
|
7
|
+
requires_permission_to :break, :stuff, :only => [ :dangerous ]
|
7
8
|
|
8
|
-
|
9
|
-
|
10
|
-
|
9
|
+
def index; end
|
10
|
+
def public; end
|
11
|
+
def dangerous; end
|
11
12
|
|
12
|
-
|
13
|
-
|
13
|
+
def rescue_action(e)
|
14
|
+
raise e
|
15
|
+
end
|
14
16
|
end
|
15
|
-
end
|
16
17
|
|
17
|
-
class TestUser
|
18
|
-
|
19
|
-
|
20
|
-
|
18
|
+
class TestUser
|
19
|
+
credentials do |user|
|
20
|
+
user.can :view, :stuff
|
21
|
+
user.can :break, :stuff, :if => :special?
|
22
|
+
end
|
21
23
|
end
|
22
|
-
end
|
23
24
|
|
24
|
-
describe TestController do
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
it "should use the right method to look up the current user" do
|
30
|
-
controller.class.current_user_method.should == :logged_in_user
|
31
|
-
end
|
32
|
-
|
33
|
-
it "should check credentials on each request" do
|
34
|
-
controller.should_receive(:check_credentials)
|
35
|
-
get :index
|
36
|
-
end
|
25
|
+
describe TestController do
|
26
|
+
it "should know how to specify access credentials" do
|
27
|
+
controller.class.should respond_to(:requires_permission_to)
|
28
|
+
end
|
37
29
|
|
38
|
-
|
39
|
-
|
40
|
-
@user = TestUser.new
|
41
|
-
controller.should_receive(:logged_in_user).and_return(@user)
|
30
|
+
it "should use the right method to look up the current user" do
|
31
|
+
controller.class.current_user_method.should == :logged_in_user
|
42
32
|
end
|
43
|
-
|
44
|
-
it "should
|
45
|
-
|
46
|
-
|
47
|
-
response.should be_success
|
48
|
-
}.should_not raise_error(Credentials::Errors::NotLoggedInError)
|
33
|
+
|
34
|
+
it "should check credentials on each request" do
|
35
|
+
controller.should_receive(:check_credentials)
|
36
|
+
get :index
|
49
37
|
end
|
50
|
-
|
51
|
-
describe "
|
52
|
-
before
|
53
|
-
@user.
|
54
|
-
|
55
|
-
@user.should be_able_to(:break, :stuff)
|
38
|
+
|
39
|
+
describe "when logged in" do
|
40
|
+
before :each do
|
41
|
+
@user = TestUser.new
|
42
|
+
controller.should_receive(:logged_in_user).and_return(@user)
|
56
43
|
end
|
57
|
-
|
58
|
-
it "should
|
44
|
+
|
45
|
+
it "should display stuff" do
|
59
46
|
lambda {
|
60
|
-
get :
|
47
|
+
get :index
|
61
48
|
response.should be_success
|
62
|
-
}.should_not raise_error(Credentials::Errors::
|
49
|
+
}.should_not raise_error(Credentials::Errors::NotLoggedInError)
|
63
50
|
end
|
64
|
-
end
|
65
51
|
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
52
|
+
describe "as someone with permission to break stuff" do
|
53
|
+
before(:each) do
|
54
|
+
@user.stub!(:special?).and_return(true)
|
55
|
+
@user.should be_able_to(:view, :stuff)
|
56
|
+
@user.should be_able_to(:break, :stuff)
|
57
|
+
end
|
58
|
+
|
59
|
+
it "should have access to dangerous actions" do
|
60
|
+
lambda {
|
61
|
+
get :dangerous
|
62
|
+
response.should be_success
|
63
|
+
}.should_not raise_error(Credentials::Errors::AccessDeniedError)
|
64
|
+
end
|
70
65
|
end
|
66
|
+
|
67
|
+
describe "as someone without permission to break stuff" do
|
68
|
+
before(:each) do
|
69
|
+
@user.stub!(:special?).and_return(false)
|
70
|
+
@user.should_not be_able_to(:break, :stuff)
|
71
|
+
end
|
71
72
|
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
73
|
+
it "should not have access to dangerous actions" do
|
74
|
+
lambda {
|
75
|
+
get :dangerous
|
76
|
+
response.should_not be_success
|
77
|
+
}.should raise_error(Credentials::Errors::AccessDeniedError)
|
78
|
+
end
|
77
79
|
end
|
78
80
|
end
|
79
|
-
end
|
80
81
|
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
82
|
+
describe "when not logged in" do
|
83
|
+
before :each do
|
84
|
+
controller.should_receive(:logged_in_user).and_return(nil)
|
85
|
+
end
|
85
86
|
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
87
|
+
it "should not have access to stuff" do
|
88
|
+
lambda {
|
89
|
+
get :index
|
90
|
+
}.should raise_error(Credentials::Errors::NotLoggedInError)
|
91
|
+
end
|
91
92
|
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
93
|
+
it "should have access to public stuff" do
|
94
|
+
lambda {
|
95
|
+
get :public
|
96
|
+
response.should be_success
|
97
|
+
}.should_not raise_error(Credentials::Errors::AccessDeniedError)
|
98
|
+
end
|
97
99
|
end
|
98
100
|
end
|
99
101
|
end
|