double_auth_engine 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (94) hide show
  1. data/.gitignore +7 -0
  2. data/.rvmrc +1 -0
  3. data/Gemfile +9 -0
  4. data/Gemfile.lock +136 -0
  5. data/MIT-LICENSE +20 -0
  6. data/README.md +59 -0
  7. data/Rakefile +25 -0
  8. data/app/controllers/password_resets_controller.rb +3 -0
  9. data/app/controllers/user_sessions_controller.rb +3 -0
  10. data/app/controllers/users_controller.rb +3 -0
  11. data/app/mailers/notifier.rb +8 -0
  12. data/app/models/assignment.rb +3 -0
  13. data/app/models/role.rb +3 -0
  14. data/app/models/user.rb +3 -0
  15. data/app/models/user_session.rb +3 -0
  16. data/app/views/notifier/password_reset_instructions.text.erb +8 -0
  17. data/app/views/password_resets/edit.html.erb +5 -0
  18. data/app/views/password_resets/new.html.erb +5 -0
  19. data/app/views/user_sessions/new.html.erb +17 -0
  20. data/app/views/users/edit.html.erb +0 -0
  21. data/app/views/users/index.html.erb +0 -0
  22. data/app/views/users/new.html.erb +20 -0
  23. data/app/views/users/show.html.erb +2 -0
  24. data/config/routes.rb +11 -0
  25. data/double_auth_engine.gemspec +26 -0
  26. data/lib/double_auth_engine/controllers/application_controller_mixin.rb +42 -0
  27. data/lib/double_auth_engine/controllers/password_resets_controller_mixin.rb +49 -0
  28. data/lib/double_auth_engine/controllers/user_sessions_controller_mixin.rb +34 -0
  29. data/lib/double_auth_engine/controllers/users_controller_mixin.rb +63 -0
  30. data/lib/double_auth_engine/generators/double_auth_engine/install_generator.rb +48 -0
  31. data/lib/double_auth_engine/generators/double_auth_engine/templates/assignment_migration.rb +13 -0
  32. data/lib/double_auth_engine/generators/double_auth_engine/templates/authorization_rules.rb +19 -0
  33. data/lib/double_auth_engine/generators/double_auth_engine/templates/role_migration.rb +12 -0
  34. data/lib/double_auth_engine/generators/double_auth_engine/templates/setup_mail_initializer.rb +7 -0
  35. data/lib/double_auth_engine/generators/double_auth_engine/templates/user_migration.rb +28 -0
  36. data/lib/double_auth_engine/models/assignment_mixin.rb +10 -0
  37. data/lib/double_auth_engine/models/role_mixin.rb +10 -0
  38. data/lib/double_auth_engine/models/user_mixin.rb +38 -0
  39. data/lib/double_auth_engine/models/user_session_mixin.rb +15 -0
  40. data/lib/double_auth_engine/tasks/migrate_seed.rake +9 -0
  41. data/lib/double_auth_engine/version.rb +3 -0
  42. data/lib/double_auth_engine.rb +15 -0
  43. data/lib/engine.rb +23 -0
  44. data/spec/double_auth_engine_spec.rb +7 -0
  45. data/spec/dummy/Rakefile +7 -0
  46. data/spec/dummy/app/controllers/application_controller.rb +4 -0
  47. data/spec/dummy/app/controllers/dashboard_controller.rb +3 -0
  48. data/spec/dummy/app/helpers/application_helper.rb +2 -0
  49. data/spec/dummy/app/views/dashboard/index.html.erb +0 -0
  50. data/spec/dummy/app/views/layouts/application.html.erb +14 -0
  51. data/spec/dummy/config/application.rb +48 -0
  52. data/spec/dummy/config/authorization_rules.rb +20 -0
  53. data/spec/dummy/config/boot.rb +10 -0
  54. data/spec/dummy/config/database.yml +22 -0
  55. data/spec/dummy/config/environment.rb +5 -0
  56. data/spec/dummy/config/environments/development.rb +29 -0
  57. data/spec/dummy/config/environments/production.rb +52 -0
  58. data/spec/dummy/config/environments/test.rb +35 -0
  59. data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
  60. data/spec/dummy/config/initializers/inflections.rb +10 -0
  61. data/spec/dummy/config/initializers/mime_types.rb +5 -0
  62. data/spec/dummy/config/initializers/secret_token.rb +7 -0
  63. data/spec/dummy/config/initializers/session_store.rb +8 -0
  64. data/spec/dummy/config/initializers/setup_mail.rb +9 -0
  65. data/spec/dummy/config/locales/en.yml +5 -0
  66. data/spec/dummy/config/routes.rb +3 -0
  67. data/spec/dummy/config.ru +4 -0
  68. data/spec/dummy/db/migrate/20110408030355_create_users.rb +28 -0
  69. data/spec/dummy/db/migrate/20110408030356_create_roles.rb +12 -0
  70. data/spec/dummy/db/migrate/20110408030357_create_assignments.rb +13 -0
  71. data/spec/dummy/db/schema.rb +51 -0
  72. data/spec/dummy/db/seeds.rb +3 -0
  73. data/spec/dummy/lib/development_mail_interceptor.rb +6 -0
  74. data/spec/dummy/public/404.html +26 -0
  75. data/spec/dummy/public/422.html +26 -0
  76. data/spec/dummy/public/500.html +26 -0
  77. data/spec/dummy/public/favicon.ico +0 -0
  78. data/spec/dummy/public/javascripts/application.js +2 -0
  79. data/spec/dummy/public/javascripts/controls.js +965 -0
  80. data/spec/dummy/public/javascripts/dragdrop.js +974 -0
  81. data/spec/dummy/public/javascripts/effects.js +1123 -0
  82. data/spec/dummy/public/javascripts/prototype.js +6001 -0
  83. data/spec/dummy/public/javascripts/rails.js +175 -0
  84. data/spec/dummy/public/stylesheets/.gitkeep +0 -0
  85. data/spec/dummy/script/rails +6 -0
  86. data/spec/dummy/spec/authorizations/user_spec.rb +104 -0
  87. data/spec/dummy/spec/controllers/user_sessions_controller_spec.rb +48 -0
  88. data/spec/dummy/spec/controllers/users_controller_spec.rb +125 -0
  89. data/spec/dummy/spec/models/user_spec.rb +65 -0
  90. data/spec/integration/navigation_spec.rb +9 -0
  91. data/spec/spec_helper.rb +42 -0
  92. data/spec/support/user_authentication.rb +14 -0
  93. data/spec/support/user_authorization.rb +17 -0
  94. metadata +218 -0
@@ -0,0 +1,175 @@
1
+ (function() {
2
+ // Technique from Juriy Zaytsev
3
+ // http://thinkweb2.com/projects/prototype/detecting-event-support-without-browser-sniffing/
4
+ function isEventSupported(eventName) {
5
+ var el = document.createElement('div');
6
+ eventName = 'on' + eventName;
7
+ var isSupported = (eventName in el);
8
+ if (!isSupported) {
9
+ el.setAttribute(eventName, 'return;');
10
+ isSupported = typeof el[eventName] == 'function';
11
+ }
12
+ el = null;
13
+ return isSupported;
14
+ }
15
+
16
+ function isForm(element) {
17
+ return Object.isElement(element) && element.nodeName.toUpperCase() == 'FORM'
18
+ }
19
+
20
+ function isInput(element) {
21
+ if (Object.isElement(element)) {
22
+ var name = element.nodeName.toUpperCase()
23
+ return name == 'INPUT' || name == 'SELECT' || name == 'TEXTAREA'
24
+ }
25
+ else return false
26
+ }
27
+
28
+ var submitBubbles = isEventSupported('submit'),
29
+ changeBubbles = isEventSupported('change')
30
+
31
+ if (!submitBubbles || !changeBubbles) {
32
+ // augment the Event.Handler class to observe custom events when needed
33
+ Event.Handler.prototype.initialize = Event.Handler.prototype.initialize.wrap(
34
+ function(init, element, eventName, selector, callback) {
35
+ init(element, eventName, selector, callback)
36
+ // is the handler being attached to an element that doesn't support this event?
37
+ if ( (!submitBubbles && this.eventName == 'submit' && !isForm(this.element)) ||
38
+ (!changeBubbles && this.eventName == 'change' && !isInput(this.element)) ) {
39
+ // "submit" => "emulated:submit"
40
+ this.eventName = 'emulated:' + this.eventName
41
+ }
42
+ }
43
+ )
44
+ }
45
+
46
+ if (!submitBubbles) {
47
+ // discover forms on the page by observing focus events which always bubble
48
+ document.on('focusin', 'form', function(focusEvent, form) {
49
+ // special handler for the real "submit" event (one-time operation)
50
+ if (!form.retrieve('emulated:submit')) {
51
+ form.on('submit', function(submitEvent) {
52
+ var emulated = form.fire('emulated:submit', submitEvent, true)
53
+ // if custom event received preventDefault, cancel the real one too
54
+ if (emulated.returnValue === false) submitEvent.preventDefault()
55
+ })
56
+ form.store('emulated:submit', true)
57
+ }
58
+ })
59
+ }
60
+
61
+ if (!changeBubbles) {
62
+ // discover form inputs on the page
63
+ document.on('focusin', 'input, select, texarea', function(focusEvent, input) {
64
+ // special handler for real "change" events
65
+ if (!input.retrieve('emulated:change')) {
66
+ input.on('change', function(changeEvent) {
67
+ input.fire('emulated:change', changeEvent, true)
68
+ })
69
+ input.store('emulated:change', true)
70
+ }
71
+ })
72
+ }
73
+
74
+ function handleRemote(element) {
75
+ var method, url, params;
76
+
77
+ var event = element.fire("ajax:before");
78
+ if (event.stopped) return false;
79
+
80
+ if (element.tagName.toLowerCase() === 'form') {
81
+ method = element.readAttribute('method') || 'post';
82
+ url = element.readAttribute('action');
83
+ params = element.serialize();
84
+ } else {
85
+ method = element.readAttribute('data-method') || 'get';
86
+ url = element.readAttribute('href');
87
+ params = {};
88
+ }
89
+
90
+ new Ajax.Request(url, {
91
+ method: method,
92
+ parameters: params,
93
+ evalScripts: true,
94
+
95
+ onComplete: function(request) { element.fire("ajax:complete", request); },
96
+ onSuccess: function(request) { element.fire("ajax:success", request); },
97
+ onFailure: function(request) { element.fire("ajax:failure", request); }
98
+ });
99
+
100
+ element.fire("ajax:after");
101
+ }
102
+
103
+ function handleMethod(element) {
104
+ var method = element.readAttribute('data-method'),
105
+ url = element.readAttribute('href'),
106
+ csrf_param = $$('meta[name=csrf-param]')[0],
107
+ csrf_token = $$('meta[name=csrf-token]')[0];
108
+
109
+ var form = new Element('form', { method: "POST", action: url, style: "display: none;" });
110
+ element.parentNode.insert(form);
111
+
112
+ if (method !== 'post') {
113
+ var field = new Element('input', { type: 'hidden', name: '_method', value: method });
114
+ form.insert(field);
115
+ }
116
+
117
+ if (csrf_param) {
118
+ var param = csrf_param.readAttribute('content'),
119
+ token = csrf_token.readAttribute('content'),
120
+ field = new Element('input', { type: 'hidden', name: param, value: token });
121
+ form.insert(field);
122
+ }
123
+
124
+ form.submit();
125
+ }
126
+
127
+
128
+ document.on("click", "*[data-confirm]", function(event, element) {
129
+ var message = element.readAttribute('data-confirm');
130
+ if (!confirm(message)) event.stop();
131
+ });
132
+
133
+ document.on("click", "a[data-remote]", function(event, element) {
134
+ if (event.stopped) return;
135
+ handleRemote(element);
136
+ event.stop();
137
+ });
138
+
139
+ document.on("click", "a[data-method]", function(event, element) {
140
+ if (event.stopped) return;
141
+ handleMethod(element);
142
+ event.stop();
143
+ });
144
+
145
+ document.on("submit", function(event) {
146
+ var element = event.findElement(),
147
+ message = element.readAttribute('data-confirm');
148
+ if (message && !confirm(message)) {
149
+ event.stop();
150
+ return false;
151
+ }
152
+
153
+ var inputs = element.select("input[type=submit][data-disable-with]");
154
+ inputs.each(function(input) {
155
+ input.disabled = true;
156
+ input.writeAttribute('data-original-value', input.value);
157
+ input.value = input.readAttribute('data-disable-with');
158
+ });
159
+
160
+ var element = event.findElement("form[data-remote]");
161
+ if (element) {
162
+ handleRemote(element);
163
+ event.stop();
164
+ }
165
+ });
166
+
167
+ document.on("ajax:after", "form", function(event, element) {
168
+ var inputs = element.select("input[type=submit][disabled=true][data-disable-with]");
169
+ inputs.each(function(input) {
170
+ input.value = input.readAttribute('data-original-value');
171
+ input.removeAttribute('data-original-value');
172
+ input.disabled = false;
173
+ });
174
+ });
175
+ })();
File without changes
@@ -0,0 +1,6 @@
1
+ #!/usr/bin/env ruby
2
+ # This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
3
+
4
+ APP_PATH = File.expand_path('../../config/application', __FILE__)
5
+ require File.expand_path('../../config/boot', __FILE__)
6
+ require 'rails/commands'
@@ -0,0 +1,104 @@
1
+ require 'spec_helper'
2
+
3
+ describe "User Authorizations" do
4
+ describe "a 'guest' role" do
5
+ before do
6
+ @user = User.create(:name => Faker::Name.name,
7
+ :password => 'testing',
8
+ :password_confirmation => "testing",
9
+ :email => Faker::Internet.email)
10
+ Authorization.current_user = @user
11
+ end
12
+
13
+ describe "should be allowed" do
14
+ it "to access the 'index' action" do
15
+ should_be_allowed_to(:index, :users)
16
+ end
17
+
18
+ it "to access the 'show' action" do
19
+ should_be_allowed_to(:show, :users)
20
+ end
21
+
22
+ it "to access the 'new' action" do
23
+ should_be_allowed_to(:new, :users)
24
+ end
25
+
26
+ it "to access the 'create' action" do
27
+ should_be_allowed_to(:create, :users)
28
+ end
29
+
30
+ it "to access the 'edit' action" do
31
+ should_be_allowed_to(:edit, @user)
32
+ end
33
+
34
+ it "to access the 'update' action" do
35
+ should_be_allowed_to(:update, @user)
36
+ end
37
+
38
+ it "to access the 'destroy' action" do
39
+ should_be_allowed_to(:destroy, @user)
40
+ end
41
+ end
42
+
43
+ describe "should not be allowed" do
44
+ before do
45
+ @alt_user = User.create(:name => Faker::Name.name,
46
+ :password => 'testing',
47
+ :password_confirmation => "testing",
48
+ :email => Faker::Internet.email)
49
+ end
50
+ it "to access the 'edit' action for another user" do
51
+ should_not_be_allowed_to(:edit, @alt_user)
52
+ end
53
+
54
+ it "to access the 'update' action for another user" do
55
+ should_not_be_allowed_to(:update, @alt_user)
56
+ end
57
+
58
+ it "to access the 'destroy' action for another user" do
59
+ should_not_be_allowed_to(:update, @alt_user)
60
+ end
61
+ end
62
+ end
63
+
64
+ describe "an 'admin' role" do
65
+ before do
66
+ @user = User.create(:name => Faker::Name.name,
67
+ :password => 'testing',
68
+ :password_confirmation => "testing",
69
+ :email => Faker::Internet.email)
70
+ @user.roles << Role.create(:name => 'admin')
71
+ Authorization.current_user = @user
72
+ end
73
+
74
+ describe "should be allowed" do
75
+ it "to access the 'index' action" do
76
+ should_be_allowed_to(:index, :users)
77
+ end
78
+
79
+ it "to access the 'show' action" do
80
+ should_be_allowed_to(:show, :users)
81
+ end
82
+
83
+ it "to access the 'new' action" do
84
+ should_be_allowed_to(:new, :users)
85
+ end
86
+
87
+ it "to access the 'create' action" do
88
+ should_be_allowed_to(:create, :users)
89
+ end
90
+
91
+ it "to access the 'edit' action" do
92
+ should_be_allowed_to(:edit, :users)
93
+ end
94
+
95
+ it "to access the 'update' action" do
96
+ should_be_allowed_to(:update, :users)
97
+ end
98
+
99
+ it "to access the 'destroy' action" do
100
+ should_be_allowed_to(:destroy, :users)
101
+ end
102
+ end
103
+ end
104
+ end
@@ -0,0 +1,48 @@
1
+ require 'spec_helper'
2
+
3
+ describe UserSessionsController do
4
+ def mock_user_session(stubs={})
5
+ @mock_user_session ||= mock(UserSession, stubs.update(:login_field => 'email')).as_null_object
6
+ end
7
+
8
+ describe "GET new" do
9
+ it "assigns a new user_session as @user_session" do
10
+ UserSession.stub(:new) { mock_user_session }
11
+ get :new
12
+ assigns(:user_session).should be(mock_user_session)
13
+ end
14
+ end
15
+
16
+ describe "POST create" do
17
+ describe "with valid params" do
18
+ it "redirects to the dashboard page" do
19
+ UserSession.stub(:new) { mock_user_session(:save => true) }
20
+ post :create, :user_session => {}
21
+ response.should redirect_to(root_url)
22
+ end
23
+ end
24
+
25
+ describe "with invalid params" do
26
+ it "re-renders the 'new' template" do
27
+ UserSession.stub(:new) { mock_user_session(:save => false) }
28
+ post :create, :user_session => {}
29
+ response.should render_template "user_sessions/new"
30
+ end
31
+ end
32
+ end
33
+
34
+ #Special case for session control to use GET /logout and not DELETE /logout
35
+ describe "GET destroy" do
36
+ it "destroys the requested user_session" do
37
+ UserSession.stub(:find) { mock_user_session }
38
+ mock_user_session.should_receive(:destroy)
39
+ get :destroy
40
+ end
41
+
42
+ it "redirects to the user_sessions list" do
43
+ UserSession.stub(:find) { mock_user_session }
44
+ get :destroy, :id => "1"
45
+ response.should redirect_to(root_url)
46
+ end
47
+ end
48
+ end
@@ -0,0 +1,125 @@
1
+ require 'spec_helper'
2
+
3
+ describe UsersController do
4
+ before do
5
+ login
6
+ controller.stub!(:filter_access_to).and_return(true)
7
+ end
8
+
9
+ describe "GET 'show'" do
10
+ before do
11
+ User.stub(:find).and_return(@user = stub_model(User))
12
+ get :show, :id => @user.id
13
+ end
14
+
15
+ it "should render the 'show' template" do
16
+ response.should render_template("show")
17
+ end
18
+
19
+ it "exposes the requested User as @user" do
20
+ assigns[:user].should == @user
21
+ end
22
+
23
+ it '@user object should not be a new record' do
24
+ assigns[:user].should_not be_new_record
25
+ end
26
+ end
27
+
28
+ describe "GET 'new'" do
29
+ it "should render the 'new' template" do
30
+ get :new
31
+ response.should render_template("new")
32
+ end
33
+ end
34
+
35
+ describe "POST 'create'" do
36
+ before :each do
37
+ @user = stub_model(User)
38
+ User.should_receive(:new).and_return(@user)
39
+ end
40
+
41
+ it 'should set a @user instance' do
42
+ @user.should_receive(:save).and_return(true)
43
+ post :create, :user => { }
44
+ assigns(:user).should_not be_nil
45
+ end
46
+
47
+ it 'should set flash on successful create' do
48
+ @user.should_receive(:save).and_return(true)
49
+ post :create, :user => { }
50
+ flash[:notice].should eq("User successfully created")
51
+ end
52
+
53
+ it "should render 'show' template on successful create" do
54
+ @user.should_receive(:save).and_return(true)
55
+ post :create, :user => { }
56
+ response.should redirect_to(user_url(@user))
57
+ end
58
+
59
+ it "should render 'new' action on unsuccessful update" do
60
+ @user.should_receive(:save).and_return(false)
61
+ post :create, :user => { }
62
+ response.should render_template("new")
63
+ end
64
+ end
65
+
66
+ describe "GET edit" do
67
+ before do
68
+ User.stub(:find).and_return(@user = stub_model(User))
69
+ get :edit, :id => @user.id
70
+ end
71
+
72
+ it "exposes the requested User as @user" do
73
+ assigns[:user].should == @user
74
+ end
75
+
76
+ it "renders the 'edit' template" do
77
+ response.should render_template("edit")
78
+ end
79
+
80
+ it '@user object should not be a new record' do
81
+ assigns[:user].should_not be_new_record
82
+ end
83
+ end
84
+
85
+ describe "POST update" do
86
+ before do
87
+ User.stub(:find).and_return(@user = stub_model(User))
88
+ end
89
+
90
+ it "should render 'show'" do
91
+ @user.stub!(:update_attributes).and_return(true)
92
+ put :update, :id => @user.id, :user => { }
93
+ response.should redirect_to(user_path(@user))
94
+ end
95
+
96
+ it "re-renders the 'edit' template" do
97
+ @user.stub!(:update_attributes).and_return(false)
98
+ put :update, :id => @user.id, :user => { }
99
+ response.should render_template("edit")
100
+ end
101
+
102
+ it "should set flash message on successful update" do
103
+ @user.stub!(:update_attributes).and_return(true)
104
+ put :update, :id => @user.id, :user => { }
105
+ flash[:notice].should eq("User successfully updated")
106
+ end
107
+ end
108
+
109
+ describe "GET 'index'" do
110
+ it "should render 'index' template" do
111
+ get :index
112
+ response.should render_template("index")
113
+ end
114
+
115
+ it "should return with a 200 status code" do
116
+ get :index
117
+ response.status.should == 200
118
+ end
119
+
120
+ it 'should assign @users' do
121
+ get :index
122
+ assigns[:users].should_not be_nil
123
+ end
124
+ end
125
+ end
@@ -0,0 +1,65 @@
1
+ require 'spec_helper'
2
+
3
+ describe User do
4
+ before do
5
+ @valid_attributes = { :name => Faker::Name.name,
6
+ :password => 'testing',
7
+ :password_confirmation => "testing",
8
+ :email => Faker::Internet.email }
9
+ end
10
+
11
+ context "validations" do
12
+ it "should not create a new object with without an email" do
13
+ user = User.new(@valid_attributes.update(:email => ""))
14
+ user.valid?.should be_false
15
+ user.errors[:email].include?("can't be blank").should be_true
16
+ end
17
+
18
+ it "should not create a new object with an email less than 6 characters" do
19
+ user = User.new(@valid_attributes.update(:email => "t@m.m"))
20
+ user.valid?.should be_false
21
+ user.errors[:email].include?("is too short (minimum is 6 characters)").should be_true
22
+ end
23
+
24
+ it "should not create a new object with an email that does not look like an email" do
25
+ user = User.new(@valid_attributes.update(:email => "testing"))
26
+ user.valid?.should be_false
27
+ user.errors[:email].include?("should look like an email address.").should be_true
28
+ end
29
+
30
+ it "should not create a new object without name" do
31
+ user = User.new(@valid_attributes.update(:name => ""))
32
+ user.valid?.should be_false
33
+ user.errors[:name].include?("can't be blank").should be_true
34
+ end
35
+
36
+ # it "should not create a new object without role" do
37
+ # user = User.new(@valid_attributes.update(:role => nil))
38
+ # user.valid?.should be_false
39
+ # user.errors[:role_id].include?("can't be blank").should be_true
40
+ # end
41
+
42
+ it "should not create a new object with a non-unique email address" do
43
+ User.create(@valid_attributes)
44
+ user = User.new(@valid_attributes)
45
+ user.valid?.should be_false
46
+ user.errors[:email].include?("has already been taken").should be_true
47
+ end
48
+ end
49
+
50
+ context "methods" do
51
+ describe "email=(value)" do
52
+ it "should downcase the email attribute" do
53
+ user = User.create(@valid_attributes.update(:email => "AdMiN@EXAMPLE.com"))
54
+ user.email.should == "admin@example.com"
55
+ end
56
+ end
57
+
58
+ # describe "role_symbols" do
59
+ # it "should return administrator for an administrator" do
60
+ # user = User.make(:administrator)
61
+ # user.role_symbols.should == [:administrator]
62
+ # end
63
+ # end
64
+ end
65
+ end
@@ -0,0 +1,9 @@
1
+ require 'spec_helper'
2
+
3
+ describe "Navigation" do
4
+ include Capybara
5
+
6
+ it "should be a valid app" do
7
+ ::Rails.application.should be_a(Dummy::Application)
8
+ end
9
+ end
@@ -0,0 +1,42 @@
1
+ # Configure Rails Environment
2
+ ENV["RAILS_ENV"] = "test"
3
+
4
+ # Declarative Authorization
5
+ AUTH_DSL_FILES = File.expand_path("../dummy/config/authorization_rules.rb", __FILE__)
6
+
7
+ require File.expand_path("../dummy/config/environment.rb", __FILE__)
8
+ require "rails/test_help"
9
+ require "rspec/rails"
10
+ require 'ffaker'
11
+
12
+ # Authlogic
13
+ require 'authlogic/test_case'
14
+ include Authlogic::TestCase
15
+
16
+
17
+ ActionMailer::Base.delivery_method = :test
18
+ ActionMailer::Base.perform_deliveries = true
19
+ ActionMailer::Base.default_url_options[:host] = "test.com"
20
+
21
+ Rails.backtrace_cleaner.remove_silencers!
22
+
23
+ # Configure capybara for integration testing
24
+ require "capybara/rails"
25
+ Capybara.default_driver = :rack_test
26
+ Capybara.default_selector = :css
27
+
28
+ # Run any available migration
29
+ ActiveRecord::Migrator.migrate File.expand_path("../dummy/db/migrate/", __FILE__)
30
+
31
+ # Load support files
32
+ Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
33
+
34
+ RSpec.configure do |config|
35
+ # Remove this line if you don't want RSpec's should and should_not
36
+ # methods or matchers
37
+ require 'rspec/expectations'
38
+ config.include RSpec::Matchers
39
+
40
+ # == Mock Framework
41
+ config.mock_with :rspec
42
+ end
@@ -0,0 +1,14 @@
1
+ def login
2
+ activate_authlogic
3
+ @current_user = User.create({ :name => Faker::Name.name,
4
+ :email => Faker::Internet.email,
5
+ :password => 'testing',
6
+ :password_confirmation => "testing" })
7
+ @current_user
8
+ @current_user.roles << Role.create(:name => 'admin')
9
+
10
+ UserSession.create!(@current_user)
11
+ controller.stub!(:current_user).and_return(@current_user)
12
+ ApplicationController.send(:public, :current_user)
13
+ view.stub!(:current_user).and_return(@current_user) if respond_to?(:view)
14
+ end
@@ -0,0 +1,17 @@
1
+ def should_be_allowed_to(privilege, object_or_context, object=nil)
2
+ options = {}
3
+ options[object_or_context.is_a?(Symbol) ? :context : :object] = object_or_context
4
+ options[:object] = object unless object.blank?
5
+ lambda {
6
+ Authorization::Engine.instance.permit! privilege, options
7
+ }.should_not raise_error
8
+ end
9
+
10
+ def should_not_be_allowed_to(privilege, object_or_context, object=nil)
11
+ options = {}
12
+ options[object_or_context.is_a?(Symbol) ? :context : :object] = object_or_context
13
+ options[:object] = object unless object.blank?
14
+ lambda { Authorization::Engine.instance.permit! privilege, options }.should raise_error() do |e|
15
+ Authorization::NotAuthorized.ancestors.include?(e)
16
+ end
17
+ end