eaco 0.6.1 → 0.7.0

data/features/step_definitions/enterprise_steps.rb

@@ -0,0 +1,81 @@
+When(/I am "(.+?)"$/) do |user_name|
+  model = find_model('User')
+
+  @current_user = model.where(name: user_name).first!
+end
+
+Then(/I can (\w+) the Documents? "(.+?)" being a (\w+)$/) do |permission, document_names, role|
+  model = find_model('Document')
+  names = document_names.split(/,\s*/)
+  documents = model.where(name: names)
+
+  documents.each do |document|
+    expect(@current_user.can?(permission, document)).to eq(true)
+    expect(document.role_of(@current_user)).to eq(role.intern)
+  end
+end
+
+Then(/I can not (\w+) the Documents? "(.+?)" *(?:being a (\w+))?$/) do |permission, document_names, role|
+  model = find_model('Document')
+  names = document_names.split(/,\s*/)
+  documents = model.where(name: names)
+
+  documents.each do |document|
+    expect(@current_user.cannot?(permission, document)).to eq(true)
+    expect(document.role_of(@current_user)).to eq(role ? role.intern : nil)
+  end
+end
+
+When(/I ask for Documents I can access, I get/) do |table|
+  model = find_model('Document')
+  names = table.raw.flatten
+
+  expect(model.accessible_by(@current_user).map(&:name)).to match_array(names)
+end
+
+When(/I make a Designator with "(\w+)" and "(.+?)"/) do |type, value|
+  @designator = Eaco::Designator.make(type, value)
+end
+
+When(/I parse the Designator "(.+?)"/) do |text|
+  @designator = Eaco::Designator.parse(text)
+end
+
+Then(/it should describe itself as "(.+?)"/) do |description|
+  expect(@designator.describe).to eq(description)
+end
+
+Then(/it should have a label of "(.+?)"/) do |label|
+  expect(@designator.label).to eq(label)
+end
+
+Then(/it should resolve itself to/) do |table|
+  names = table.raw.flatten
+
+  expect(@designator.resolve.map(&:name)).to match_array(names)
+end
+
+When(/I have the following designators/) do |table|
+  @designators = table.raw.flatten
+end
+
+Then(/they should resolve to/) do |table|
+  resolved = Eaco::Designator.resolve(@designators)
+  names = table.raw.flatten
+
+  expect(resolved.map(&:name)).to match_array(names)
+end
+
+When(/I ask the Document the list of roles and labels/) do
+  model = find_model('Document')
+
+  @roles_labels = model.roles_with_labels
+end
+
+Then(/I should get the following roles and labels/) do |table|
+  expected = table.raw.map do |role, label|
+    [role.to_sym, label]
+  end
+
+  expect(@roles_labels.to_a).to match(expected)
+end

data/features/step_definitions/error_steps.rb

@@ -0,0 +1,49 @@
+When(/I have a wrong authorization definition (?:on model (.+?))? *such as/) do |model_name, definition|
+  @model_name = model_name
+  @definition = definition
+end
+
+Then(/I should receive a DSL error (.+?) saying/) do |error_class, error_contents|
+  error_class = error_class.constantize
+
+  model = find_model(@model_name) if @model_name
+
+  error_contents += '.+(feature)' unless error_contents.include?('\(feature\)')
+
+  expect { eval_dsl(@definition, model) }.to \
+    raise_error(error_class).
+    with_message(/#{error_contents}/m)
+end
+
+When(/I am using ActiveRecord (.+?)$/) do |version|
+  version = version.sub(/\D/, '') # FIXME
+
+  allow_any_instance_of(Eaco::Adapters::ActiveRecord::Compatibility).to \
+    receive(:active_record_version).and_return(version)
+end
+
+When(/I parse the invalid Designator "(.+?)"/) do |text|
+  @designator_text = text
+end
+
+Then(/I should receive a Designator error (.+?) saying/) do |error_class, error_contents|
+  error_class = error_class.constantize
+
+  expect { Eaco::Designator.parse(@designator_text) }.to \
+    raise_error(error_class).
+    with_message(/#{error_contents}/)
+end
+
+When(/I grant (\w+) access to (\w+) "(.+?)" as an invalid role (\w+) in quality of (\w+)/) do |actor_name, resource_model, resource_name, role_name, designator|
+  @actor = fetch_actor(actor_name)
+  @resource = fetch_resource(resource_model, resource_name)
+  @role_name, @designator = role_name, designator
+end
+
+Then(/I should receive a Resource error (.+?) saying/) do |error_class, error_contents|
+  error_class = error_class.constantize
+
+  expect { @resource.grant @role_name, @designator, @actor }.to \
+    raise_error(error_class).
+    with_message(/#{error_contents}/)
+end

data/features/step_definitions/fixture_steps.rb

@@ -0,0 +1,14 @@
+Given(/I have the following (\w+) records/) do |model_name, table|
+  model = find_model(model_name)
+
+  table.hashes.each do |attributes|
+    instance = model.new
+
+    if attributes.key?('acl')
+      attributes['acl'] = MultiJson.load(attributes['acl'])
+    end
+
+    instance.attributes = attributes
+    instance.save!
+  end
+end

data/features/step_definitions/resource_steps.rb

@@ -1,40 +1,32 @@
 When(/I have a (\w+) resource defined as/) do |model_name, resource_definition|
-  @resource_model = find_model(model_name)
-
-  eval_dsl resource_definition, @resource_model
+  authorize_model model_name, resource_definition
 end
 
-When(/I have a confidential \w+ named "([\w\s]+)"/) do |name|
-  @resources ||= {}
-  @resources[name] = @resource_model.new(name: name)
+When(/I have a confidential (\w+) named "([\w\s]+)"/) do |model_name, resource_name|
+  register_resource model_name, resource_name
 end
 
-Then(/I should be able to set an ACL on it/) do
-  instance = @resource_model.new
+Then(/I should be able to set an ACL on the (\w+)/) do |model_name|
+  resource_model = find_model(model_name)
+  instance = resource_model.new
 
   instance.acl = {"foo" => :bar}
   instance.save!
-  instance = @resource_model.find(instance.id)
 
-  unless instance.acl == {"foo" => :bar}
-    raise %[Expecting {"foo"=> :bar} as an ACL but found #{instance.acl.inspect}]
-  end
+  instance = resource_model.find(instance.id)
 
-  unless instance.acl.kind_of?(@resource_model.acl)
-    raise "Expecting #{instance.acl.class} to be a #{@resource_model.acl}"
-  end
+  expect(instance.acl).to eq({"foo" => :bar})
+  expect(instance.acl).to be_a(resource_model.acl)
 end
 
-Then(/(\w+) can see only "(.*?)" in the (\w+) authorized list/) do |actor_name, resource_names, model_name|
-  actor = @actors[actor_name]
+Then(/(\w+) can see (?:only)? *"(.*?)" in the (\w+) authorized list/) do |actor_name, resource_names, resource_model|
+  actor = fetch_actor(actor_name)
 
-  resource_names = resource_names.split(',')
-  resources = resource_names.map {|name| @resources.fetch(name)}
+  resource_names = resource_names.split(/,\s*/)
+  resources = resource_names.map {|name| fetch_resource(resource_model, name)}
 
-  model = find_model(model_name)
-  accessible = model.accessible_by(actor).to_a
+  resource_model = find_model(resource_model)
+  accessible = resource_model.accessible_by(actor)
 
-  unless (accessible & resources) == resources
-    raise "Expected to have access to #{resources} but found only #{accessible}"
-  end
+  expect(accessible).to match_array(resources)
 end

data/features/support/env.rb

@@ -1,12 +1,14 @@
 require 'bundler/setup'
 require 'byebug'
 
-require 'coveralls'
-Coveralls.wear!
+require 'eaco/coverage'
+Eaco::Coverage.start!
 
 require 'eaco'
 require 'eaco/cucumber'
 
+require 'cucumber/rspec/doubles'
+
 ##
 # Create a whole new world.
 # @see {World}

data/lib/eaco.rb

@@ -2,7 +2,9 @@ require 'eaco/error'
 require 'eaco/version'
 
 if defined? Rails
+  # :nocov:
   require 'eaco/railtie'
+  # :nocov:
 end
 
 require 'pathname'

data/lib/eaco/actor.rb

@@ -4,12 +4,13 @@ module Eaco
   # An Actor is an entity whose access to Resources is discretionary,
   # depending on the Role this actor has in the ACL.
   #
-  # The role of this +Actor+ is calculated from the +Designator+ that
-  # the actor instance has, and the +ACL+ instance attached to the
-  # +Resource+.
+  # The role of this +Actor+ is calculated from the {Designator} that
+  # the actor instance has, and the {ACL} instance attached to the
+  # {Resource}.
   #
   # @see ACL
   # @see Resource
+  # @see Resource.role_of
   # @see DSL::Actor
   #
   module Actor

data/lib/eaco/adapters/active_record.rb

@@ -38,7 +38,7 @@ module Eaco
         end
 
         unless column.type == :json || column.type == :jsonb
-          raise Malformed, "The `acl` column on #{base} must be of the json type."
+          raise Malformed, "The `acl` column on #{base} must be of the jsonb type."
         end
       end
 

data/lib/eaco/adapters/active_record/compatibility.rb

@@ -11,7 +11,11 @@ module Eaco
         autoload :V41, 'eaco/adapters/active_record/compatibility/v41.rb'
         autoload :V42, 'eaco/adapters/active_record/compatibility/v42.rb'
 
+        autoload :Scoped, 'eaco/adapters/active_record/compatibility/scoped.rb'
+
         ##
+        # Memoizes the given +model+ for later {#check!} calls.
+        #
         # @param model [ActiveRecord::Base] the model to check
         #
         def initialize(model)
@@ -19,21 +23,16 @@ module Eaco
         end
 
         ##
-        # Checks whether this model is compatible.
-        #
-        # Looks up the {#support_module} and, if found, includes it in the
-        # target model.
+        # Checks whether the target model is compatible.
+        # Looks up the {#support_module} and includes it.
         #
         # @see #support_module
         #
-        # @return [nil]
+        # @return [void]
         #
         def check!
-          mod = support_module
-          return unless mod
-          base.instance_eval { include mod }
-
-          nil
+          layer = support_module
+          target.instance_eval { include layer }
         end
 
         private
@@ -41,7 +40,7 @@ module Eaco
         ##
         # @return [ActiveRecord::Base] associated with the model
         #
-        def base
+        def target
           @model.base_class.superclass
         end
 
@@ -51,7 +50,7 @@ module Eaco
         # Example: "42" for 4.2
         #
         def active_record_version
-          ver = base.parent::VERSION
+          ver = target.parent.const_get(:VERSION)
           [ver.const_get(:MAJOR), ver.const_get(:MINOR)].join
         end
 
@@ -59,12 +58,18 @@ module Eaco
         # Tries to look up the support module for the {#active_record_version}
         # in the {Compatibility} namespace.
         #
-        # @return [Module] the support module or nil if not required.
+        # @return [Module] the support module
+        #
+        # @raise [Eaco::Error] if not found.
         #
         # @see check!
         #
         def support_module
-          return unless self.class.const_defined?(support_module_name)
+          unless self.class.const_defined?(support_module_name)
+            raise Eaco::Error, <<-EOF
+              Unsupported Active Record version: #{active_record_version}
+            EOF
+          end
 
           self.class.const_get support_module_name
         end

data/lib/eaco/adapters/active_record/compatibility/scoped.rb

@@ -0,0 +1,25 @@
+module Eaco
+  module Adapters
+    module ActiveRecord
+      class Compatibility
+
+        ##
+        # Aliases `scoped` as `all` for ActiveRecord >= 4.1.
+        #
+        # TODO maybe is against Rails' practices to revive a
+        # dead API? It may be, comments accepted.
+        #
+        module Scoped
+
+          ##
+          # Just returns +ActiveRecord::Base.all+.
+          #
+          def scoped
+            all
+          end
+        end
+
+      end
+    end
+  end
+end

data/lib/eaco/adapters/active_record/compatibility/v40.rb

@@ -13,6 +13,9 @@ module Eaco
           # and makes jsonb mimick itself as a json - for the rest of the AR
           # machinery to work intact.
           #
+          # @param base [Class] the +ActiveRecord+ model to mangle
+          # @return [void]
+          #
           def self.included(base)
             adapter = base.connection
 
@@ -31,17 +34,22 @@ module Eaco
           #
           module Column
             ##
-            # Makes +sql_type+ return +json+ for +jsonb+ columns
+            # Makes +sql_type+ return +json+ for +jsonb+ columns. This is
+            # an hack to let the casting machinery in AR 4.0 keep working
+            # with the unsupported +jsonb+ type.
+            #
+            # @return [String] the SQL type.
             #
             def sql_type
               orig_type = super
-              orig_type == 'jsonb' ? 'json' : type
+              orig_type == 'jsonb' ? 'json' : orig_type
             end
 
             ##
             # Makes +simplified_type+ return +json+ for +jsonb+ columns
             #
-            # @return [Symbol]
+            # @param field_type [String] the database field type
+            # @return [Symbol] the simplified type
             #
             def simplified_type(field_type)
               if field_type == 'jsonb'

data/lib/eaco/adapters/active_record/compatibility/v41.rb

@@ -4,11 +4,22 @@ module Eaco
       class Compatibility
 
         ##
-        # Rails 4.1 JSONB support module.
+        # Rails 4.1 support module.
         #
-        # Magically, the 4.0 hacks work on 4.1. YAY!
+        # Magically, the 4.0 hacks work on 4.1. But on 4.1 we need the
+        # +.scoped+ API so we revive it through the {Scoped} module.
         #
-        V41 = V40
+        # @see V40
+        # @see Scoped
+        #
+        module V41
+          extend ActiveSupport::Concern
+
+          included do
+            include V40
+            extend Scoped
+          end
+        end
 
       end
     end

data/lib/eaco/adapters/active_record/compatibility/v42.rb

@@ -4,11 +4,19 @@ module Eaco
       class Compatibility
 
         ##
-        # Rails 4.2 JSONB support module.
+        # Rails 4.2 support module.
         #
-        # Magically, this module is empty. YAY!
+        # JSONB works correctly, but we need +.scoped+ so we revive it through
+        # the {Scoped} support module.
+        #
+        # @see Scoped
         #
         module V42
+          extend ActiveSupport::Concern
+
+          included do
+            extend Scoped
+          end
         end
 
       end