has_roles 0.0.2 → 0.3.0

data/test/unit/permission_test.rb

@@ -1,53 +1,118 @@
-require "#{File.dirname(__FILE__)}/../test_helper"
+require File.dirname(__FILE__) + '/../test_helper'
 
-class PermissionTest < Test::Unit::TestCase
-  fixtures :controllers, :permissions, :roles, :permissions_roles
+class PermissionByDefaultTest < ActiveRecord::TestCase
+  def setup
+    @permission = Permission.new
+  end
   
-  def test_should_be_valid
-    assert_valid permissions(:crud_application)
+  def test_should_not_have_a_controller
+    assert @permission.controller.blank?
   end
   
-  def test_should_require_controller_id
-    assert_invalid permissions(:crud_application), :controller_id, nil
+  def test_should_not_have_an_action
+    assert @permission.action.blank?
   end
   
-  def test_should_require_unique_action_per_controller
-    assert_invalid permissions(:read_application).clone, :action
+  def test_should_not_have_a_path
+    assert @permission.path.blank?
   end
   
-  def test_should_not_require_action
-    assert_valid permissions(:crud_application), :action, nil, 'show', 'update'
+  def test_should_use_controller_as_path_if_not_specified
+    permission = Permission.new(:controller => 'users')
+    permission.valid?
+    assert_equal 'users/', permission.path
   end
   
-  def test_should_require_specific_action_length_if_action_specified
-    assert_invalid permissions(:crud_application), :action, ''
+  def test_should_use_controller_and_action_as_path_if_not_specified
+    permission = Permission.new(:controller => 'users', :action => 'index')
+    permission.valid?
+    assert_equal 'users/index', permission.path
+  end
+end
+
+class PermissionTest < ActiveRecord::TestCase
+  def test_should_be_valid_with_a_valid_set_of_attributes
+    permission = new_permission
+    assert permission.valid?
   end
   
-  def test_should_have_controller_association
-    assert_equal controllers(:application), permissions(:crud_application).controller
+  def test_should_require_a_controller
+    permission = new_permission(:controller => nil)
+    assert !permission.valid?
+    assert permission.errors.invalid?(:controller)
   end
   
-  def test_should_have_roles_association
-    assert_equal [roles(:administrator)], permissions(:crud_application).roles
+  def test_should_not_require_an_action
+    permission = new_permission(:action => nil)
+    assert permission.valid?
   end
   
-  def test_should_restrict_path_if_permissioned_action_exists
-    assert Permission.restricts?('/users/index')
+  def test_should_require_at_least_1_character_if_action_is_specified
+    permission = new_permission(:action => '')
+    assert !permission.valid?
+    assert permission.errors.invalid?(:action)
   end
   
-  def test_should_restrict_path_if_permissioned_controller_exists
-    assert Permission.restricts?('/admin/users')
+  def test_should_require_a_unique_path
+    permission = create_permission(:controller => 'application')
+    
+    second_permission = new_permission(:controller => 'application')
+    assert !second_permission.valid?
+    assert second_permission.errors.invalid?(:path)
+  end
+end
+
+class PermissionAfterBeingCreatedTest < ActiveRecord::TestCase
+  def setup
+    @permission = create_permission(:controller => 'application')
   end
   
-  def test_should_not_restrict_path_if_permissioned_action_doesnt_exist
-    assert !Permission.restricts?(:controller => 'home', :action => 'index')
+  def test_should_have_a_path
+    assert_equal 'application/', @permission.path
   end
   
-  def test_should_not_restrict_path_if_permissioned_controller_doesnt_exist
-    assert !Permission.restricts?(:controller => 'home')
+  def test_should_have_no_assigned_roles
+    assert @permission.assigned_roles.empty?
+  end
+  
+  def test_should_have_no_roles
+    assert @permission.roles.empty?
+  end
+end
+
+class PermissionPathRecognitionTest < ActiveRecord::TestCase
+  def test_should_recognize_by_relative_url
+    assert_equal ['users', 'index'], Permission.recognize_path('/users')
+  end
+  
+  def test_should_recognize_by_relative_url_with_namespace
+    assert_equal ['admin/users', 'update'], Permission.recognize_path('/admin/users/update')
+  end
+  
+  def test_should_recognize_by_absolute_url
+    assert_equal ['users', 'index'], Permission.recognize_path('http://localhost:3000/users')
+  end
+  
+  def test_should_recognize_by_hash
+    assert_equal ['users', 'index'], Permission.recognize_path(:controller => 'users', :action => 'index')
+  end
+  
+  def test_should_recognize_by_hash_with_namespace
+    assert_equal ['admin/users', 'update'], Permission.recognize_path(:controller => 'admin/users', :action => 'update', :id => 1)
+  end
+  
+  def test_should_recognize_if_action_not_specified
+    assert_equal ['users', 'index'], Permission.recognize_path(:controller => 'users')
+  end
+end
+
+class PermissionRestrictionTest < ActiveRecord::TestCase
+  def test_should_restrict_if_permission_exists_for_path
+    create_permission(:controller => 'application')
+    assert Permission.restricts?(:controller => 'application')
   end
   
-  def test_should_find_all_permissions_authorized_for_path
-    assert_equal [permissions(:crud_application), permissions(:read_application), permissions(:read_users)], Permission.find_all_authorized_for('/users/index')
+  def test_should_not_restrict_if_no_permission_exists_for_path
+    assert !Permission.restricts?('/users')
   end
 end

data/test/unit/role_assignment_test.rb

@@ -1,29 +1,60 @@
-require "#{File.dirname(__FILE__)}/../test_helper"
+require File.dirname(__FILE__) + '/../test_helper'
 
-class RoleAssignmentTest < Test::Unit::TestCase
-  fixtures :roles, :users, :role_assignments
+class RoleAssignmentByDefaultTest < ActiveRecord::TestCase
+  def setup
+    @role_assignment = RoleAssignment.new
+  end
+  
+  def test_should_not_have_a_role
+    assert_nil @role_assignment.role_id
+  end
   
-  def test_should_be_valid
-    assert_valid role_assignments(:administrator)
+  def test_should_not_have_an_assignee
+    assert_nil @role_assignment.assignee_id
   end
   
-  def test_should_require_role_id
-    assert_invalid role_assignments(:administrator), :role_id, nil
+  def test_should_not_have_an_assignee_type
+    assert @role_assignment.assignee_type.blank?
+  end
+end
+
+class RoleAssignmentTest < ActiveRecord::TestCase
+  def test_should_be_valid_with_a_valid_set_of_attributes
+    role_assignment = new_role_assignment
+    assert role_assignment.valid?
   end
   
-  def test_should_require_assignee_id
-    assert_invalid role_assignments(:administrator), :assignee_id, nil
+  def test_should_require_a_role
+    role_assignment = new_role_assignment(:role => nil)
+    assert !role_assignment.valid?
+    assert role_assignment.errors.invalid?(:role_id)
   end
   
-  def test_should_require_assignee_type
-    assert_invalid role_assignments(:administrator), :assignee_type, nil
+  def test_should_require_an_assignee_id
+    role_assignment = new_role_assignment(:assignee => nil)
+    assert !role_assignment.valid?
+    assert role_assignment.errors.invalid?(:assignee_id)
   end
   
-  def test_should_have_role_association
-    assert_equal roles(:administrator), role_assignments(:administrator).role
+  def test_should_require_an_assignee_type
+    role_assignment = new_role_assignment(:assignee => nil)
+    assert !role_assignment.valid?
+    assert role_assignment.errors.invalid?(:assignee_type)
   end
   
-  def test_should_have_assignee_association
-    assert_equal users(:administrator), role_assignments(:administrator).assignee
+  def test_should_protect_attributes_from_mass_assignment
+    create_role(:name => 'admin')
+    
+    role_assignment = RoleAssignment.new(
+      :id => 123,
+      :assignee_id => 1,
+      :assignee_type => 'User',
+      :role => 'admin'
+    )
+    
+    assert_nil role_assignment.id
+    assert_nil role_assignment.assignee_id
+    assert_nil role_assignment.assignee_type
+    assert_equal 'admin', role_assignment.role
   end
 end

data/test/unit/role_permission_test.rb

@@ -0,0 +1,34 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class RolePermissionByDefaultTest < ActiveRecord::TestCase
+  def setup
+    @role_permission = RolePermission.new
+  end
+  
+  def test_should_not_have_a_role
+    assert_nil @role_permission.role_id
+  end
+  
+  def test_should_not_have_a_permission
+    assert_nil @role_permission.permission_id
+  end
+end
+
+class RolePermissionTest < ActiveRecord::TestCase
+  def test_should_be_valid_with_a_valid_set_of_attributes
+    role_permission = new_role_permission
+    assert role_permission.valid?
+  end
+  
+  def test_should_require_a_role
+    role_permission = new_role_permission(:role => nil)
+    assert !role_permission.valid?
+    assert role_permission.errors.invalid?(:role_id)
+  end
+  
+  def test_should_require_a_permission
+    role_permission = new_role_permission(:permission => nil)
+    assert !role_permission.valid?
+    assert role_permission.errors.invalid?(:permission_id)
+  end
+end

data/test/unit/role_test.rb

@@ -1,38 +1,140 @@
-require "#{File.dirname(__FILE__)}/../test_helper"
+require File.dirname(__FILE__) + '/../test_helper'
 
-class RoleTest < Test::Unit::TestCase
-  fixtures :controllers, :permissions, :roles, :permissions_roles, :users, :role_assignments
+class RoleByDefaultTest < ActiveRecord::TestCase
+  def setup
+    @role = Role.new
+  end
+  
+  def test_should_not_have_a_name
+    assert @role.name.blank?
+  end
+end
+
+class RoleTest < ActiveRecord::TestCase
+  def test_should_be_valid_with_a_valid_set_of_attributes
+    role = new_role
+    assert role.valid?
+  end
+  
+  def test_should_require_a_name
+    role = new_role(:name => nil)
+    assert !role.valid?
+    assert role.errors.invalid?(:name)
+  end
+  
+  def test_should_require_a_unique_name
+    role = create_role(:name => 'admin')
+    
+    second_role = new_role(:name => 'admin')
+    assert !second_role.valid?
+    assert second_role.errors.invalid?(:name)
+  end
+end
+
+class RoleAfterBeingCreatedTest < ActiveRecord::TestCase
+  def setup
+    @role = create_role
+  end
+  
+  def test_should_not_have_any_assigned_permissions
+    assert @role.permissions.empty?
+  end
+  
+  def test_should_not_have_any_permissions
+    assert @role.permissions.empty?
+  end
+  
+  def test_should_not_have_any_assignments
+    assert @role.assignments.empty?
+  end
+end
+
+class RoleWithPermissionsTest < ActiveRecord::TestCase
+  def setup
+    @role = create_role
+    @permission_create = create_permission(:controller => 'users', :action => 'create')
+    @permission_update = create_permission(:controller => 'users', :action => 'update')
+    
+    create_role_permission(:role => @role, :permission => @permission_create)
+    create_role_permission(:role => @role, :permission => @permission_update)
+  end
+  
+  def test_should_have_assigned_permissions
+    assert_equal [@permission_create, @permission_update], @role.assigned_permissions.map(&:permission)
+  end
+  
+  def test_should_have_permissions
+    assert_equal [@permission_create, @permission_update], @role.permissions
+  end
+end
+
+class RoleWithAssignmentsTest < ActiveRecord::TestCase
+  def setup
+    @role = create_role
+    
+    @administrator = create_role_assignment(:role => @role, :assignee => create_user(:login => 'admin'))
+    @developer = create_role_assignment(:role => @role, :assignee => create_user(:login => 'dev'))
+  end
+  
+  def test_should_have_assignments
+    assert_equal [@administrator, @developer], @role.assignments
+  end
+end
+
+class RoleAuthorizedForScopeTest < ActiveRecord::TestCase
+  def setup
+    @role = create_role
+    @permission_create = create_permission(:controller => 'users', :action => 'create')
+    @permission_update = create_permission(:controller => 'users', :action => 'update')
+    
+    create_role_permission(:role => @role, :permission => @permission_create)
+    create_role_permission(:role => @role, :permission => @permission_update)
+  end
+  
+  def test_should_authorize_for_a_relative_url
+    assert_equal [@role], Role.authorized_for('/users/create')
+  end
+  
+  def test_should_not_authorize_for_a_relative_url_if_not_permissioned
+    assert_equal [], Role.authorized_for('/admin/users/create')
+  end
+  
+  def test_should_authorize_for_an_absolute_url
+    assert_equal [@role], Role.authorized_for('http://localhost:3000/users/create')
+  end
   
-  def test_should_be_valid
-    assert_valid roles(:administrator)
+  def test_should_not_authorize_for_an_absolute_url_if_not_permissioned
+    assert_equal [], Role.authorized_for('http://localhost:3000/users/edit')
   end
   
-  def test_should_require_name
-    assert_invalid roles(:administrator), :name, nil, ''
+  def test_should_authorize_for_a_controller
+    create_role_permission(:role => @role, :permission => create_permission(:controller => 'users'))
+    assert_equal [@role], Role.authorized_for(:controller => 'users')
   end
   
-  def test_should_require_unique_name
-    assert_invalid roles(:administrator).clone, :name
+  def test_should_not_authorize_for_a_controller_if_not_permissioned
+    assert_equal [], Role.authorized_for(:controller => 'admin/users')
   end
   
-  def test_should_have_permissions_association
-    assert_equal [permissions(:crud_application)], roles(:administrator).permissions
+  def test_should_authorize_for_a_controller_and_action
+    assert_equal [@role], Role.authorized_for(:controller => 'users', :action => 'create')
   end
   
-  def test_should_have_assignments_association
-    assert_equal [role_assignments(:administrator)], roles(:administrator).assignments
+  def test_should_not_authorize_for_a_controller_and_action_if_not_permissioned
+    assert_equal [], Role.authorized_for(:controller => 'users', :action => 'edit')
   end
   
-  def test_should_destroy_assignments_when_destroyed
-    roles(:administrator).destroy
-    assert_nil RoleAssignment.find_by_role_id(1)
+  def test_should_authorize_for_the_entire_application
+    create_role_permission(:role => @role, :permission => create_permission(:controller => 'application'))
+    assert_equal [@role], Role.authorized_for(:controller => 'application')
   end
   
-  def test_should_use_name_for_strinigification
-    assert_equal 'Administrator', roles(:administrator).to_s
+  def test_should_not_authorize_for_the_entire_application_if_not_permissioned
+    assert_equal [], Role.authorized_for(:controller => 'application')
   end
   
-  def test_should_find_all_roles_authorized_for_path
-    assert_equal [roles(:administrator), roles(:guest)], Role.find_all_authorized_for('/users/index')
+  def test_should_authorize_if_permissioned_for_superclass_controller
+    create_role_permission(:role => @role, :permission => create_permission(:controller => 'admin/base'))
+    assert_equal [@role], Role.authorized_for('/admin/users')
   end
 end

metadata

@@ -1,103 +1,118 @@
 --- !ruby/object:Gem::Specification 
-rubygems_version: 0.9.4
-specification_version: 1
 name: has_roles
 version: !ruby/object:Gem::Version 
-  version: 0.0.2
-date: 2007-09-26 00:00:00 -04:00
-summary: Provides simple role management based on controllers/actions
-require_paths: 
-- lib
-email: info@pluginaweek.org
-homepage: http://www.pluginaweek.org
-rubyforge_project: 
-description: 
-autorequire: has_roles
-default_executable: 
-bindir: bin
-has_rdoc: true
-required_ruby_version: !ruby/object:Gem::Version::Requirement 
-  requirements: 
-  - - ">"
-    - !ruby/object:Gem::Version 
-      version: 0.0.0
-  version: 
+  version: 0.3.0
 platform: ruby
-signing_key: 
-cert_chain: 
-post_install_message: 
 authors: 
-- Aaron Pfeifer, Neil Abraham
+- Aaron Pfeifer
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-04-30 00:00:00 -04:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: enumerate_by
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 0.4.0
+    version: 
+description: 
+email: aaron@pluginaweek.org
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
 files: 
 - app/models
 - app/models/role.rb
-- app/models/controller.rb
-- app/models/role_assignment.rb
+- app/models/role_permission.rb
 - app/models/permission.rb
+- app/models/role_assignment.rb
 - db/migrate
-- db/migrate/003_create_roles.rb
-- db/migrate/004_create_permissions_roles.rb
-- db/migrate/001_create_controllers.rb
-- db/migrate/005_create_role_assignments.rb
-- db/migrate/002_create_permissions.rb
-- lib/has_roles.rb
+- db/migrate/003_create_role_permissions.rb
+- db/migrate/004_create_role_assignments.rb
+- db/migrate/002_create_roles.rb
+- db/migrate/001_create_permissions.rb
 - lib/has_roles
+- lib/has_roles/url_helper.rb
 - lib/has_roles/authorization_helper.rb
+- lib/has_roles.rb
+- test/factory.rb
 - test/test_helper.rb
-- test/fixtures
-- test/app_root
+- test/functional
+- test/functional/has_roles_test.rb
+- test/functional/application_controller_test.rb
 - test/unit
-- test/fixtures/controllers.yml
-- test/fixtures/users.yml
-- test/fixtures/role_assignments.yml
-- test/fixtures/permissions.yml
-- test/fixtures/permissions_roles.yml
-- test/fixtures/roles.yml
-- test/app_root/config
-- test/app_root/app
+- test/unit/role_test.rb
+- test/unit/role_assignment_test.rb
+- test/unit/role_permission_test.rb
+- test/unit/permission_test.rb
+- test/helpers
+- test/helpers/url_helper_test.rb
+- test/helpers/authorization_helper_test.rb
+- test/app_root
 - test/app_root/db
-- test/app_root/config/routes.rb
+- test/app_root/db/migrate
+- test/app_root/db/migrate/001_create_users.rb
+- test/app_root/db/migrate/002_migrate_has_roles_to_version_4.rb
+- test/app_root/config
 - test/app_root/config/environment.rb
-- test/app_root/app/models
+- test/app_root/config/routes.rb
+- test/app_root/app
 - test/app_root/app/controllers
-- test/app_root/app/models/user.rb
-- test/app_root/app/controllers/payment
-- test/app_root/app/controllers/users_controller.rb
-- test/app_root/app/controllers/admin
 - test/app_root/app/controllers/home_controller.rb
-- test/app_root/app/controllers/payment/pay_pal
-- test/app_root/app/controllers/payment/transactions_controller.rb
-- test/app_root/app/controllers/payment/pay_pal/transactions_controller.rb
+- test/app_root/app/controllers/application_controller.rb
+- test/app_root/app/controllers/admin
 - test/app_root/app/controllers/admin/users_controller.rb
-- test/app_root/db/migrate
-- test/app_root/db/migrate/001_create_users.rb
-- test/unit/role_test.rb
-- test/unit/permission_test.rb
-- test/unit/role_assignment_test.rb
-- test/unit/has_roles_test.rb
-- test/unit/controller_test.rb
-- test/unit/authorization_helper_test.rb
-- CHANGELOG
+- test/app_root/app/controllers/admin/base_controller.rb
+- test/app_root/app/controllers/users_controller.rb
+- test/app_root/app/models
+- test/app_root/app/models/user.rb
+- CHANGELOG.rdoc
 - init.rb
-- MIT-LICENSE
+- LICENSE
 - Rakefile
-- README
-test_files: 
-- test/unit/role_test.rb
-- test/unit/permission_test.rb
-- test/unit/role_assignment_test.rb
-- test/unit/has_roles_test.rb
-- test/unit/controller_test.rb
-- test/unit/authorization_helper_test.rb
+- README.rdoc
+has_rdoc: true
+homepage: http://www.pluginaweek.org
+post_install_message: 
 rdoc_options: []
 
-extra_rdoc_files: []
-
-executables: []
-
-extensions: []
-
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
 requirements: []
 
-dependencies: []
-
+rubyforge_project: pluginaweek
+rubygems_version: 1.3.1
+signing_key: 
+specification_version: 2
+summary: Demonstrates a reference implementation for handling role management
+test_files: 
+- test/functional/has_roles_test.rb
+- test/functional/application_controller_test.rb
+- test/unit/role_test.rb
+- test/unit/role_assignment_test.rb
+- test/unit/role_permission_test.rb
+- test/unit/permission_test.rb
+- test/helpers/url_helper_test.rb
+- test/helpers/authorization_helper_test.rb

data/CHANGELOG

@@ -1,19 +0,0 @@
-*SVN*
-
-*0.0.2* (September 26th, 2007)
-
-* Fix role_assignments unique index having too long a name
-
-* Add workaround for old sqlite versions that can't handle :distinct => true
-
-*0.0.1* (September 5th, 2007)
-
-* Add #role_ids and #role_ids=(new_ids) for models
-
-* Added documentation
-
-* Added helper methods for determining authorization within views
-
-* Added unit tests
-
-* Convert dos newlines to unix newlines