johnsbrn-has_permission 0.1.4 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- data/VERSION.yml +2 -2
- data/lib/active_record/has/permission.rb +1 -1
- data/lib/permission/base.rb +36 -0
- data/test/has_permission_test.rb +32 -0
- data/test/test_helper.rb +24 -0
- metadata +2 -2
data/VERSION.yml
CHANGED
data/lib/permission/base.rb
CHANGED
|
@@ -24,6 +24,42 @@ module Permission
|
|
|
24
24
|
object.send(method, *args)
|
|
25
25
|
end
|
|
26
26
|
|
|
27
|
+
def update_attribute(name, value)
|
|
28
|
+
if can_write?(name)
|
|
29
|
+
object.update_attribute(name, value)
|
|
30
|
+
else
|
|
31
|
+
raise PermissionException.new "#{user} does not have permission to access #{name} on #{object}"
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def update_attributes(attributes)
|
|
36
|
+
object.update_attributes(attributes.reject{|key,value| !can_write?(key) })
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
def read_attribute(attr_name)
|
|
40
|
+
if can_read?(attr_name)
|
|
41
|
+
object.read_attribute(attr_name)
|
|
42
|
+
else
|
|
43
|
+
raise PermissionException.new "#{user} does not have permission to access #{attr_name} on #{object}"
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
def write_attribute(attr_name, value)
|
|
48
|
+
if can_write?(attr_name)
|
|
49
|
+
object.write_attribute(attr_name, value)
|
|
50
|
+
else
|
|
51
|
+
raise PermissionException.new "#{user} does not have permission to access #{attr_name} on #{object}"
|
|
52
|
+
end
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
def can_read?(attr_name)
|
|
56
|
+
true
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
def can_write?(attr_name)
|
|
60
|
+
true
|
|
61
|
+
end
|
|
62
|
+
|
|
27
63
|
protected
|
|
28
64
|
|
|
29
65
|
def check_roles(user, roles, object)
|
data/test/has_permission_test.rb
CHANGED
|
@@ -34,6 +34,37 @@ class HasPermissionTest < Test::Unit::TestCase
|
|
|
34
34
|
assert @model.with_permission(nil).eql?(@model)
|
|
35
35
|
end
|
|
36
36
|
|
|
37
|
+
should "throw PermissionException for attribute that does not allow reading" do
|
|
38
|
+
assert_raise PermissionException do
|
|
39
|
+
@model.with_permission(nil).read_attribute(:no_access)
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
should "allow access for readable attribute" do
|
|
44
|
+
@model.with_permission(nil).read_attribute(:read_access)
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
should "throw PermissionException for attribute that does not allow writing" do
|
|
48
|
+
assert_raise PermissionException do
|
|
49
|
+
@model.with_permission(nil).write_attribute(:no_access, "test")
|
|
50
|
+
end
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
should "allow access for writeable attribute" do
|
|
54
|
+
@model.with_permission(nil).write_attribute(:write_access, "test")
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
should "only allow writeable attribute for update attributes" do
|
|
58
|
+
@model.expects(:update_attributes).with(:write_access => "test")
|
|
59
|
+
@model.with_permission(nil).update_attributes(:no_access => "test", :write_access => "test")
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
should "only allow writeable attribute for update attribute" do
|
|
63
|
+
assert_raise PermissionException do
|
|
64
|
+
@model.with_permission(nil).update_attribute(:no_access, "test")
|
|
65
|
+
end
|
|
66
|
+
end
|
|
67
|
+
|
|
37
68
|
end
|
|
38
69
|
|
|
39
70
|
context "model class" do
|
|
@@ -63,4 +94,5 @@ class HasPermissionTest < Test::Unit::TestCase
|
|
|
63
94
|
end
|
|
64
95
|
|
|
65
96
|
# TODO need to test proxy associations somehow
|
|
97
|
+
|
|
66
98
|
end
|
data/test/test_helper.rb
CHANGED
|
@@ -13,6 +13,14 @@ class Model
|
|
|
13
13
|
|
|
14
14
|
has_permission
|
|
15
15
|
|
|
16
|
+
def read_attribute(attr_name)
|
|
17
|
+
"test"
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
def write_attribute(attr_name, value)
|
|
21
|
+
value
|
|
22
|
+
end
|
|
23
|
+
|
|
16
24
|
def some_method
|
|
17
25
|
"no permission"
|
|
18
26
|
end
|
|
@@ -35,6 +43,22 @@ end
|
|
|
35
43
|
module Permission
|
|
36
44
|
class ModelPermission < Permission::Base
|
|
37
45
|
|
|
46
|
+
def can_read?(attr_name)
|
|
47
|
+
case attr_name
|
|
48
|
+
when :read_access : true
|
|
49
|
+
when :no_access : false
|
|
50
|
+
else true
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
def can_write?(attr_name)
|
|
55
|
+
case attr_name
|
|
56
|
+
when :write_access : true
|
|
57
|
+
when :no_access : false
|
|
58
|
+
else true
|
|
59
|
+
end
|
|
60
|
+
end
|
|
61
|
+
|
|
38
62
|
def some_method
|
|
39
63
|
"with permission"
|
|
40
64
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: johnsbrn-has_permission
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Brian Johnson
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
11
|
|
|
12
|
-
date: 2009-
|
|
12
|
+
date: 2009-02-26 00:00:00 -08:00
|
|
13
13
|
default_executable:
|
|
14
14
|
dependencies: []
|
|
15
15
|
|