johnsbrn-has_permission 0.1.4 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/VERSION.yml +2 -2
- data/lib/active_record/has/permission.rb +1 -1
- data/lib/permission/base.rb +36 -0
- data/test/has_permission_test.rb +32 -0
- data/test/test_helper.rb +24 -0
- metadata +2 -2
data/VERSION.yml
CHANGED
data/lib/permission/base.rb
CHANGED
|
@@ -24,6 +24,42 @@ module Permission
|
|
|
24
24
|
object.send(method, *args)
|
|
25
25
|
end
|
|
26
26
|
|
|
27
|
+
def update_attribute(name, value)
|
|
28
|
+
if can_write?(name)
|
|
29
|
+
object.update_attribute(name, value)
|
|
30
|
+
else
|
|
31
|
+
raise PermissionException.new "#{user} does not have permission to access #{name} on #{object}"
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def update_attributes(attributes)
|
|
36
|
+
object.update_attributes(attributes.reject{|key,value| !can_write?(key) })
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
def read_attribute(attr_name)
|
|
40
|
+
if can_read?(attr_name)
|
|
41
|
+
object.read_attribute(attr_name)
|
|
42
|
+
else
|
|
43
|
+
raise PermissionException.new "#{user} does not have permission to access #{attr_name} on #{object}"
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
def write_attribute(attr_name, value)
|
|
48
|
+
if can_write?(attr_name)
|
|
49
|
+
object.write_attribute(attr_name, value)
|
|
50
|
+
else
|
|
51
|
+
raise PermissionException.new "#{user} does not have permission to access #{attr_name} on #{object}"
|
|
52
|
+
end
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
def can_read?(attr_name)
|
|
56
|
+
true
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
def can_write?(attr_name)
|
|
60
|
+
true
|
|
61
|
+
end
|
|
62
|
+
|
|
27
63
|
protected
|
|
28
64
|
|
|
29
65
|
def check_roles(user, roles, object)
|
data/test/has_permission_test.rb
CHANGED
|
@@ -34,6 +34,37 @@ class HasPermissionTest < Test::Unit::TestCase
|
|
|
34
34
|
assert @model.with_permission(nil).eql?(@model)
|
|
35
35
|
end
|
|
36
36
|
|
|
37
|
+
should "throw PermissionException for attribute that does not allow reading" do
|
|
38
|
+
assert_raise PermissionException do
|
|
39
|
+
@model.with_permission(nil).read_attribute(:no_access)
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
should "allow access for readable attribute" do
|
|
44
|
+
@model.with_permission(nil).read_attribute(:read_access)
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
should "throw PermissionException for attribute that does not allow writing" do
|
|
48
|
+
assert_raise PermissionException do
|
|
49
|
+
@model.with_permission(nil).write_attribute(:no_access, "test")
|
|
50
|
+
end
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
should "allow access for writeable attribute" do
|
|
54
|
+
@model.with_permission(nil).write_attribute(:write_access, "test")
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
should "only allow writeable attribute for update attributes" do
|
|
58
|
+
@model.expects(:update_attributes).with(:write_access => "test")
|
|
59
|
+
@model.with_permission(nil).update_attributes(:no_access => "test", :write_access => "test")
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
should "only allow writeable attribute for update attribute" do
|
|
63
|
+
assert_raise PermissionException do
|
|
64
|
+
@model.with_permission(nil).update_attribute(:no_access, "test")
|
|
65
|
+
end
|
|
66
|
+
end
|
|
67
|
+
|
|
37
68
|
end
|
|
38
69
|
|
|
39
70
|
context "model class" do
|
|
@@ -63,4 +94,5 @@ class HasPermissionTest < Test::Unit::TestCase
|
|
|
63
94
|
end
|
|
64
95
|
|
|
65
96
|
# TODO need to test proxy associations somehow
|
|
97
|
+
|
|
66
98
|
end
|
data/test/test_helper.rb
CHANGED
|
@@ -13,6 +13,14 @@ class Model
|
|
|
13
13
|
|
|
14
14
|
has_permission
|
|
15
15
|
|
|
16
|
+
def read_attribute(attr_name)
|
|
17
|
+
"test"
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
def write_attribute(attr_name, value)
|
|
21
|
+
value
|
|
22
|
+
end
|
|
23
|
+
|
|
16
24
|
def some_method
|
|
17
25
|
"no permission"
|
|
18
26
|
end
|
|
@@ -35,6 +43,22 @@ end
|
|
|
35
43
|
module Permission
|
|
36
44
|
class ModelPermission < Permission::Base
|
|
37
45
|
|
|
46
|
+
def can_read?(attr_name)
|
|
47
|
+
case attr_name
|
|
48
|
+
when :read_access : true
|
|
49
|
+
when :no_access : false
|
|
50
|
+
else true
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
def can_write?(attr_name)
|
|
55
|
+
case attr_name
|
|
56
|
+
when :write_access : true
|
|
57
|
+
when :no_access : false
|
|
58
|
+
else true
|
|
59
|
+
end
|
|
60
|
+
end
|
|
61
|
+
|
|
38
62
|
def some_method
|
|
39
63
|
"with permission"
|
|
40
64
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: johnsbrn-has_permission
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Brian Johnson
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
11
|
|
|
12
|
-
date: 2009-
|
|
12
|
+
date: 2009-02-26 00:00:00 -08:00
|
|
13
13
|
default_executable:
|
|
14
14
|
dependencies: []
|
|
15
15
|
|