ddr-models 1.2.0 → 1.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +16 -2
- data/db/migrate/20141103192146_create_workflow_state.rb +14 -8
- data/db/migrate/20141107124012_add_columns_to_user.rb +46 -0
- data/lib/ddr/auth/ability.rb +1 -26
- data/lib/ddr/models.rb +0 -1
- data/lib/ddr/models/error.rb +2 -5
- data/lib/ddr/models/version.rb +1 -1
- data/spec/dummy/db/development.sqlite3 +0 -0
- data/spec/dummy/db/schema.rb +1 -1
- data/spec/dummy/db/test.sqlite3 +0 -0
- data/spec/dummy/log/development.log +1715 -1626
- data/spec/dummy/log/test.log +35454 -42999
- metadata +3 -23
- data/config/initializers/devise.rb~ +0 -245
- data/db/migrate/20141104181418_create_users.rb~ +0 -6
- data/lib/ddr/auth.rb~ +0 -47
- data/lib/ddr/auth/ability.rb~ +0 -204
- data/lib/ddr/auth/group_service.rb~ +0 -53
- data/lib/ddr/auth/grouper_service.rb~ +0 -77
- data/lib/ddr/auth/remote_group_service.rb~ +0 -35
- data/lib/ddr/auth/superuser.rb~ +0 -9
- data/lib/ddr/auth/user.rb~ +0 -65
- data/spec/factories/user_factories.rb~ +0 -7
- data/spec/features/grouper_integration_spec.rb~ +0 -21
- data/spec/models/ability_spec.rb~ +0 -245
- data/spec/models/superuser_spec.rb~ +0 -13
- data/spec/models/user_spec.rb~ +0 -56
- data/spec/services/group_service_spec.rb~ +0 -71
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
require 'spec_helper'
|
|
2
|
-
require 'cancan/matchers'
|
|
3
|
-
|
|
4
|
-
module Ddr
|
|
5
|
-
module Auth
|
|
6
|
-
describe Superuser, type: :model, abilities: true do
|
|
7
|
-
subject { described_class.new }
|
|
8
|
-
it "should be able to manage all" do
|
|
9
|
-
expect(subject).to be_able_to(:manage, :all)
|
|
10
|
-
end
|
|
11
|
-
end
|
|
12
|
-
end
|
|
13
|
-
end
|
data/spec/models/user_spec.rb~
DELETED
|
@@ -1,56 +0,0 @@
|
|
|
1
|
-
require 'spec_helper'
|
|
2
|
-
|
|
3
|
-
describe User, :type => :model do
|
|
4
|
-
|
|
5
|
-
subject { FactoryGirl.build(:user) }
|
|
6
|
-
|
|
7
|
-
describe "#member_of?" do
|
|
8
|
-
it "should return true if the user is a member of the group" do
|
|
9
|
-
allow(subject).to receive(:groups).and_return(["foo", "bar"])
|
|
10
|
-
expect(subject).to be_member_of("foo")
|
|
11
|
-
end
|
|
12
|
-
it "should return false if the user is not a member of the group" do
|
|
13
|
-
allow(subject).to receive(:groups).and_return(["foo", "bar"])
|
|
14
|
-
expect(subject).not_to be_member_of("baz")
|
|
15
|
-
end
|
|
16
|
-
end
|
|
17
|
-
|
|
18
|
-
describe "#authorized_to_act_as_superuser?" do
|
|
19
|
-
it "should return false if the superuser group is not defined (nil)" do
|
|
20
|
-
DulHydra.superuser_group = nil
|
|
21
|
-
expect(subject).not_to be_authorized_to_act_as_superuser
|
|
22
|
-
end
|
|
23
|
-
it "should return false if the user is not a member of the superuser group" do
|
|
24
|
-
DulHydra.superuser_group = "superusers"
|
|
25
|
-
allow(subject).to receive(:groups).and_return(["normal"])
|
|
26
|
-
expect(subject).not_to be_authorized_to_act_as_superuser
|
|
27
|
-
end
|
|
28
|
-
it "should return true if the user is a member of the superuser group" do
|
|
29
|
-
DulHydra.superuser_group = "superusers"
|
|
30
|
-
allow(subject).to receive(:groups).and_return(["superusers"])
|
|
31
|
-
expect(subject).to be_authorized_to_act_as_superuser
|
|
32
|
-
end
|
|
33
|
-
end
|
|
34
|
-
|
|
35
|
-
describe "#principal_name" do
|
|
36
|
-
it "should return the principal name for the user" do
|
|
37
|
-
expect(subject.principal_name).to eq subject.user_key
|
|
38
|
-
end
|
|
39
|
-
end
|
|
40
|
-
|
|
41
|
-
describe "#principals" do
|
|
42
|
-
it "should be a list of the user's groups + the user's principal_name" do
|
|
43
|
-
allow(subject).to receive(:groups) { ["foo", "bar"] }
|
|
44
|
-
expect(subject.principals).to match_array ["foo", "bar", subject.principal_name]
|
|
45
|
-
end
|
|
46
|
-
end
|
|
47
|
-
|
|
48
|
-
describe "#has_role?" do
|
|
49
|
-
let(:obj) { double }
|
|
50
|
-
it "should send :principal_has_role? to the object with the user's principals" do
|
|
51
|
-
expect(obj).to receive(:principal_has_role?).with(subject.principals, :administrator)
|
|
52
|
-
subject.has_role?(obj, :administrator)
|
|
53
|
-
end
|
|
54
|
-
end
|
|
55
|
-
|
|
56
|
-
end
|
|
@@ -1,71 +0,0 @@
|
|
|
1
|
-
require 'spec_helper'
|
|
2
|
-
|
|
3
|
-
describe DulHydra::Services::GroupService do
|
|
4
|
-
subject { described_class.new }
|
|
5
|
-
|
|
6
|
-
describe "#groups" do
|
|
7
|
-
describe "at minimum" do
|
|
8
|
-
it "should include the 'public' and 'registered' groups" do
|
|
9
|
-
expect(subject.groups).to include("public", "registered")
|
|
10
|
-
end
|
|
11
|
-
end
|
|
12
|
-
describe "using #append_groups hook" do
|
|
13
|
-
before { allow(subject).to receive(:append_groups).and_return(["spam:eggs", "fish:water"]) }
|
|
14
|
-
it "should add the groups to the list" do
|
|
15
|
-
expect(subject.groups).to include("spam:eggs", "fish:water")
|
|
16
|
-
end
|
|
17
|
-
end
|
|
18
|
-
describe "when RoleMapper config file is present and not empty" do
|
|
19
|
-
before do
|
|
20
|
-
allow(described_class).to receive(:include_role_mapper_groups).and_return(true)
|
|
21
|
-
allow(RoleMapper).to receive(:role_names).and_return(["foo", "bar"])
|
|
22
|
-
end
|
|
23
|
-
it "should include the role mapper groups" do
|
|
24
|
-
expect(subject.groups).to include("foo", "bar")
|
|
25
|
-
end
|
|
26
|
-
end
|
|
27
|
-
describe "when RoleMapper config file is missing or empty" do
|
|
28
|
-
before { allow(described_class).to receive(:include_role_mapper_groups).and_return(false) }
|
|
29
|
-
it "should only include the default minimum groups" do
|
|
30
|
-
expect(subject.groups).to match_array(["public", "registered"])
|
|
31
|
-
end
|
|
32
|
-
end
|
|
33
|
-
end
|
|
34
|
-
|
|
35
|
-
describe "#user_groups(user)" do
|
|
36
|
-
describe "when user is not persisted" do
|
|
37
|
-
let(:user) { FactoryGirl.build(:user) }
|
|
38
|
-
it "should return only 'public' group" do
|
|
39
|
-
expect(subject.user_groups(user)).to eq(["public"])
|
|
40
|
-
end
|
|
41
|
-
end
|
|
42
|
-
describe "when the user is persisted" do
|
|
43
|
-
let(:user) { FactoryGirl.create(:user) }
|
|
44
|
-
it "should include the 'public' and 'registered' groups" do
|
|
45
|
-
expect(subject.user_groups(user)).to include("public", "registered")
|
|
46
|
-
end
|
|
47
|
-
describe "using #append_user_groups(user) hook" do
|
|
48
|
-
before { allow(subject).to receive(:append_user_groups).with(user).and_return(["spam:eggs", "fish:water"]) }
|
|
49
|
-
it "should add the groups to the list" do
|
|
50
|
-
expect(subject.user_groups(user)).to include("spam:eggs", "fish:water")
|
|
51
|
-
end
|
|
52
|
-
end
|
|
53
|
-
describe "when the RoleMapper config file is present and not empty" do
|
|
54
|
-
before do
|
|
55
|
-
allow(described_class).to receive(:include_role_mapper_groups).and_return(true)
|
|
56
|
-
allow(RoleMapper).to receive(:roles).with(user).and_return(["foo", "bar"])
|
|
57
|
-
end
|
|
58
|
-
it "should add the user's roles to the list" do
|
|
59
|
-
expect(subject.user_groups(user)).to include("foo", "bar")
|
|
60
|
-
end
|
|
61
|
-
end
|
|
62
|
-
describe "when RoleMapper config file is missing or empty" do
|
|
63
|
-
before { allow(described_class).to receive(:include_role_mapper_groups).and_return(false) }
|
|
64
|
-
it "should only include the default minimum groups" do
|
|
65
|
-
expect(subject.groups).to match_array(["public", "registered"])
|
|
66
|
-
end
|
|
67
|
-
end
|
|
68
|
-
end
|
|
69
|
-
end
|
|
70
|
-
end
|
|
71
|
-
|