json-crud-api 0.0.11 → 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/json-crud-api/crud.rb +5 -5
- data/lib/json-crud-api/service.rb +8 -19
- data/spec/unit/crud_spec.rb +22 -17
- data/spec/unit/service_spec.rb +18 -61
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e3e1e5bf85ec51418cbf586a6ccab176542b12d9
|
|
4
|
+
data.tar.gz: 0e0bd52b46f1ab21e289238d51dbcdee38235cfa
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 899bd551c4ffc00d715d89fba3a41c809eea75280cb0d3f99c1501b9362b056f6c7691ce87dfa8b15eb56270309c7e4f0d648abde8d7a9059a4b095c3d4a2d94
|
|
7
|
+
data.tar.gz: 45c7ec02f1ad9fe76590023f58a2734272cf468f292782bf3642d337f2ace0c9e8a88f8a3f2ba9c15d9f6356ad438ac31bf81a721882dc1c6da5eb467d119d22
|
data/lib/json-crud-api/crud.rb
CHANGED
|
@@ -5,7 +5,7 @@ module JsonCrudApi
|
|
|
5
5
|
def crud_get_all(key)
|
|
6
6
|
service = settings.services[key]
|
|
7
7
|
presenter = settings.presenters[key]
|
|
8
|
-
return fail_forbidden unless service.user_authorized_for? :get_all
|
|
8
|
+
return fail_forbidden unless service.user_authorized_for? @user, :get_all
|
|
9
9
|
entities = service.get_all
|
|
10
10
|
return fail_not_found if entities.nil?
|
|
11
11
|
|
|
@@ -15,7 +15,7 @@ module JsonCrudApi
|
|
|
15
15
|
def crud_get(key)
|
|
16
16
|
service = settings.services[key]
|
|
17
17
|
presenter = settings.presenters[key]
|
|
18
|
-
return fail_forbidden unless service.user_authorized_for? :get
|
|
18
|
+
return fail_forbidden unless service.user_authorized_for? @user, :get
|
|
19
19
|
entity = service.get(params["id"])
|
|
20
20
|
return fail_not_found if entity.nil?
|
|
21
21
|
|
|
@@ -25,7 +25,7 @@ module JsonCrudApi
|
|
|
25
25
|
def crud_post(key)
|
|
26
26
|
service = settings.services[key]
|
|
27
27
|
presenter = settings.presenters[key]
|
|
28
|
-
return fail_forbidden unless service.user_authorized_for? :create
|
|
28
|
+
return fail_forbidden unless service.user_authorized_for? @user, :create
|
|
29
29
|
post_data = presenter.parse @payload, :post
|
|
30
30
|
return fail_with_errors unless service.valid_for? post_data, :create, self
|
|
31
31
|
entity = service.create post_data
|
|
@@ -35,7 +35,7 @@ module JsonCrudApi
|
|
|
35
35
|
def crud_put(key)
|
|
36
36
|
service = settings.services[key]
|
|
37
37
|
presenter = settings.presenters[key]
|
|
38
|
-
return fail_forbidden unless service.user_authorized_for? :update
|
|
38
|
+
return fail_forbidden unless service.user_authorized_for? @user, :update
|
|
39
39
|
put_data = presenter.parse @payload, :put
|
|
40
40
|
return fail_with_errors unless service.valid_for? put_data, :update, self
|
|
41
41
|
return fail_not_found unless service.update params["id"], put_data
|
|
@@ -46,7 +46,7 @@ module JsonCrudApi
|
|
|
46
46
|
def crud_delete(key)
|
|
47
47
|
service = settings.services[key]
|
|
48
48
|
presenter = settings.presenters[key]
|
|
49
|
-
return fail_forbidden unless service.user_authorized_for? :delete
|
|
49
|
+
return fail_forbidden unless service.user_authorized_for? @user, :delete
|
|
50
50
|
return fail_not_found unless service.delete params["id"]
|
|
51
51
|
204
|
|
52
52
|
end
|
|
@@ -3,14 +3,12 @@ require 'rubygems'
|
|
|
3
3
|
module JsonCrudApi
|
|
4
4
|
class Service
|
|
5
5
|
|
|
6
|
-
attr_accessor :log_service, :model, :
|
|
6
|
+
attr_accessor :log_service, :model, :scope_map
|
|
7
7
|
|
|
8
8
|
def initialize(options)
|
|
9
9
|
@log_service = options[:log_service]
|
|
10
10
|
@model = options[:model]
|
|
11
11
|
@scope_map = options[:scope_map]
|
|
12
|
-
@user = nil
|
|
13
|
-
@user_scopes = nil
|
|
14
12
|
end
|
|
15
13
|
|
|
16
14
|
# Create a record with the given attributes
|
|
@@ -51,40 +49,31 @@ module JsonCrudApi
|
|
|
51
49
|
record.destroy
|
|
52
50
|
end
|
|
53
51
|
|
|
54
|
-
# Set the current user
|
|
55
|
-
def set_user(user)
|
|
56
|
-
@user = user
|
|
57
|
-
set_user_scopes(user[:scopes]) unless @user.nil?
|
|
58
|
-
end
|
|
59
|
-
|
|
60
|
-
# Set the current user scopes
|
|
61
|
-
def set_user_scopes(user_scopes)
|
|
62
|
-
@user_scopes = user_scopes
|
|
63
|
-
end
|
|
64
|
-
|
|
65
52
|
# Find if the params are valid for an operation (defaults to true)
|
|
66
53
|
def valid_for?(params, operation, api_instance)
|
|
67
54
|
true
|
|
68
55
|
end
|
|
69
56
|
|
|
70
57
|
# Determine if the current user is authorized for the given operation
|
|
71
|
-
def user_authorized_for?(operation)
|
|
58
|
+
def user_authorized_for?(user, operation)
|
|
72
59
|
# Auth is disabled if scope map is nil
|
|
73
60
|
return true if @scope_map.nil?
|
|
74
61
|
# Auth succeeds if there is no map for this operation
|
|
75
62
|
return true if @scope_map[operation].nil?
|
|
76
63
|
# Auth fails if user is not logged in
|
|
77
|
-
return false if
|
|
64
|
+
return false if user.nil?
|
|
78
65
|
# Auth fails if user has no scopes
|
|
79
|
-
return false
|
|
66
|
+
return false unless user.has_key?(:scopes)
|
|
67
|
+
return false unless user[:scopes].is_a?(Array)
|
|
68
|
+
return false if user[:scopes].empty?
|
|
80
69
|
|
|
81
70
|
if @scope_map[operation].is_a?(Array)
|
|
82
71
|
# Auth succeeds if the intersection of allowed scopes and mapped scopes is non-empty.
|
|
83
|
-
return !((@scope_map[operation] &
|
|
72
|
+
return !((@scope_map[operation] & user[:scopes]).empty?)
|
|
84
73
|
end
|
|
85
74
|
|
|
86
75
|
# Auth succeeds if the mapped scope is singular and the user posesses it
|
|
87
|
-
|
|
76
|
+
user[:scopes].include?(@scope_map[operation])
|
|
88
77
|
end
|
|
89
78
|
end
|
|
90
79
|
end
|
data/spec/unit/crud_spec.rb
CHANGED
|
@@ -2,8 +2,10 @@ require "spec_helper"
|
|
|
2
2
|
|
|
3
3
|
describe JsonCrudApi::AuthClient do
|
|
4
4
|
before(:each) do
|
|
5
|
+
@test_user = { :name=>"Test User", :scopes => ['ADMIN'] }
|
|
6
|
+
|
|
5
7
|
class CrudTest
|
|
6
|
-
attr_accessor :test_settings, :test_params, :payload
|
|
8
|
+
attr_accessor :test_settings, :test_params, :payload, :user
|
|
7
9
|
include JsonCrudApi::Crud
|
|
8
10
|
|
|
9
11
|
def settings
|
|
@@ -16,6 +18,8 @@ describe JsonCrudApi::AuthClient do
|
|
|
16
18
|
end
|
|
17
19
|
|
|
18
20
|
@test = CrudTest.new
|
|
21
|
+
@test.user = @test_user
|
|
22
|
+
|
|
19
23
|
end
|
|
20
24
|
|
|
21
25
|
describe '#crud_get_all' do
|
|
@@ -28,13 +32,14 @@ describe JsonCrudApi::AuthClient do
|
|
|
28
32
|
:services=>OpenStruct.new,
|
|
29
33
|
:presenters=>OpenStruct.new
|
|
30
34
|
})
|
|
35
|
+
|
|
31
36
|
end
|
|
32
37
|
|
|
33
38
|
it 'should call get_all on service, render on the presenter, and return JSON' do
|
|
34
39
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
35
40
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
36
41
|
|
|
37
|
-
expect(@service).to receive(:user_authorized_for?).with(:get_all).and_return(true)
|
|
42
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :get_all).and_return(true)
|
|
38
43
|
expect(@service).to receive(:get_all).and_return([])
|
|
39
44
|
|
|
40
45
|
expect(@presenter).to receive(:render).with([], :get_all).and_return({ :test_output => 1})
|
|
@@ -46,7 +51,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
46
51
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
47
52
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
48
53
|
|
|
49
|
-
expect(@service).to receive(:user_authorized_for?).with(:get_all).and_return(false)
|
|
54
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :get_all).and_return(false)
|
|
50
55
|
|
|
51
56
|
expect(@test).to receive(:fail_forbidden)
|
|
52
57
|
|
|
@@ -60,7 +65,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
60
65
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
61
66
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
62
67
|
|
|
63
|
-
expect(@service).to receive(:user_authorized_for?).with(:get_all).and_return(true)
|
|
68
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :get_all).and_return(true)
|
|
64
69
|
expect(@service).to receive(:get_all).and_return(nil)
|
|
65
70
|
|
|
66
71
|
expect(@test).to receive(:fail_not_found)
|
|
@@ -88,7 +93,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
88
93
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
89
94
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
90
95
|
|
|
91
|
-
expect(@service).to receive(:user_authorized_for?).with(:get).and_return(true)
|
|
96
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :get).and_return(true)
|
|
92
97
|
expect(@service).to receive(:get).with(234).and_return([])
|
|
93
98
|
|
|
94
99
|
expect(@presenter).to receive(:render).with([], :get).and_return({ :test_output => 56})
|
|
@@ -100,7 +105,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
100
105
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
101
106
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
102
107
|
|
|
103
|
-
expect(@service).to receive(:user_authorized_for?).with(:get).and_return(false)
|
|
108
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :get).and_return(false)
|
|
104
109
|
|
|
105
110
|
expect(@test).to receive(:fail_forbidden)
|
|
106
111
|
|
|
@@ -114,7 +119,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
114
119
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
115
120
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
116
121
|
|
|
117
|
-
expect(@service).to receive(:user_authorized_for?).with(:get).and_return(true)
|
|
122
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :get).and_return(true)
|
|
118
123
|
expect(@service).to receive(:get).with(234).and_return(nil)
|
|
119
124
|
|
|
120
125
|
expect(@test).to receive(:fail_not_found)
|
|
@@ -142,7 +147,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
142
147
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
143
148
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
144
149
|
|
|
145
|
-
expect(@service).to receive(:user_authorized_for?).with(:create).and_return(true)
|
|
150
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :create).and_return(true)
|
|
146
151
|
expect(@service).to receive(:valid_for?).with({ :test_output => 12398}, :create, @test).and_return(true)
|
|
147
152
|
expect(@service).to receive(:create).with({ :test_output => 12398}).and_return({ :test_output => 77234})
|
|
148
153
|
|
|
@@ -156,7 +161,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
156
161
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
157
162
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
158
163
|
|
|
159
|
-
expect(@service).to receive(:user_authorized_for?).with(:create).and_return(true)
|
|
164
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :create).and_return(true)
|
|
160
165
|
expect(@service).to receive(:valid_for?).with({ :test_output => 12398}, :create, @test).and_return(false)
|
|
161
166
|
|
|
162
167
|
expect(@presenter).to receive(:parse).with(@test.payload, :post).and_return({ :test_output => 12398})
|
|
@@ -173,7 +178,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
173
178
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
174
179
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
175
180
|
|
|
176
|
-
expect(@service).to receive(:user_authorized_for?).with(:create).and_return(false)
|
|
181
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :create).and_return(false)
|
|
177
182
|
|
|
178
183
|
expect(@test).to receive(:fail_forbidden)
|
|
179
184
|
|
|
@@ -201,7 +206,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
201
206
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
202
207
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
203
208
|
|
|
204
|
-
expect(@service).to receive(:user_authorized_for?).with(:update).and_return(true)
|
|
209
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :update).and_return(true)
|
|
205
210
|
expect(@presenter).to receive(:parse).with(@test.payload, :put).and_return({ :test_output => 12398})
|
|
206
211
|
expect(@service).to receive(:valid_for?).with({ :test_output => 12398},:update,@test).and_return(true)
|
|
207
212
|
expect(@service).to receive(:update).with(7345, { :test_output => 12398}).and_return(true)
|
|
@@ -216,7 +221,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
216
221
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
217
222
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
218
223
|
|
|
219
|
-
expect(@service).to receive(:user_authorized_for?).with(:update).and_return(true)
|
|
224
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :update).and_return(true)
|
|
220
225
|
expect(@presenter).to receive(:parse).with(@test.payload, :put).and_return({ :test_output => 12398})
|
|
221
226
|
expect(@service).to receive(:valid_for?).with({ :test_output => 12398},:update,@test).and_return(false)
|
|
222
227
|
expect(@presenter).not_to receive(:render)
|
|
@@ -230,7 +235,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
230
235
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
231
236
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
232
237
|
|
|
233
|
-
expect(@service).to receive(:user_authorized_for?).with(:update).and_return(true)
|
|
238
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :update).and_return(true)
|
|
234
239
|
expect(@service).to receive(:valid_for?).with({ :test_output => 12398},:update,@test).and_return(true)
|
|
235
240
|
expect(@service).to receive(:update).with(7345, { :test_output => 12398}).and_return(false)
|
|
236
241
|
|
|
@@ -246,7 +251,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
246
251
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
247
252
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
248
253
|
|
|
249
|
-
expect(@service).to receive(:user_authorized_for?).with(:update).and_return(false)
|
|
254
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :update).and_return(false)
|
|
250
255
|
|
|
251
256
|
expect(@test).to receive(:fail_forbidden)
|
|
252
257
|
|
|
@@ -274,7 +279,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
274
279
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
275
280
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
276
281
|
|
|
277
|
-
expect(@service).to receive(:user_authorized_for?).with(:delete).and_return(true)
|
|
282
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :delete).and_return(true)
|
|
278
283
|
expect(@service).to receive(:delete).with(234).and_return(true)
|
|
279
284
|
|
|
280
285
|
expect(@test.send(:crud_delete,'thekey')).to eq 204
|
|
@@ -284,7 +289,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
284
289
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
285
290
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
286
291
|
|
|
287
|
-
expect(@service).to receive(:user_authorized_for?).with(:delete).and_return(false)
|
|
292
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :delete).and_return(false)
|
|
288
293
|
|
|
289
294
|
expect(@test).to receive(:fail_forbidden)
|
|
290
295
|
|
|
@@ -297,7 +302,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
297
302
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
298
303
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
299
304
|
|
|
300
|
-
expect(@service).to receive(:user_authorized_for?).with(:delete).and_return(true)
|
|
305
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :delete).and_return(true)
|
|
301
306
|
expect(@service).to receive(:delete).with(234).and_return(false)
|
|
302
307
|
|
|
303
308
|
expect(@test).to receive(:fail_not_found)
|
data/spec/unit/service_spec.rb
CHANGED
|
@@ -19,11 +19,6 @@ describe JsonCrudApi::Service do
|
|
|
19
19
|
expect(@service.model).to be @mock_model
|
|
20
20
|
expect(@service.scope_map).to be @mock_map
|
|
21
21
|
end
|
|
22
|
-
|
|
23
|
-
it 'should initialize user and scopes to nil' do
|
|
24
|
-
expect(@service.user).to be nil
|
|
25
|
-
expect(@service.user_scopes).to be nil
|
|
26
|
-
end
|
|
27
22
|
end
|
|
28
23
|
|
|
29
24
|
describe '#create' do
|
|
@@ -130,36 +125,6 @@ describe JsonCrudApi::Service do
|
|
|
130
125
|
end
|
|
131
126
|
end
|
|
132
127
|
|
|
133
|
-
describe '#set_user' do
|
|
134
|
-
it 'should set user in service to param' do
|
|
135
|
-
@service.set_user(nil)
|
|
136
|
-
expect(@service.user).to eq nil
|
|
137
|
-
end
|
|
138
|
-
|
|
139
|
-
it 'should not call set_user_scopes if user is nil' do
|
|
140
|
-
expect(@service).not_to receive(:set_user_scopes)
|
|
141
|
-
@service.set_user(nil)
|
|
142
|
-
expect(@service.user).to eq nil
|
|
143
|
-
end
|
|
144
|
-
|
|
145
|
-
it 'should call set_user_scopes if user is not' do
|
|
146
|
-
user = { :scopes => [1,2] }
|
|
147
|
-
expect(@service).to receive(:set_user_scopes).with([1,2])
|
|
148
|
-
@service.set_user(user)
|
|
149
|
-
expect(@service.user).to eq user
|
|
150
|
-
end
|
|
151
|
-
end
|
|
152
|
-
|
|
153
|
-
describe '#set_user_scopes' do
|
|
154
|
-
it 'should set user_scopes in service to param' do
|
|
155
|
-
@service.set_user_scopes(nil)
|
|
156
|
-
expect(@service.user_scopes).to eq nil
|
|
157
|
-
|
|
158
|
-
@service.set_user_scopes(234234)
|
|
159
|
-
expect(@service.user_scopes).to eq 234234
|
|
160
|
-
end
|
|
161
|
-
end
|
|
162
|
-
|
|
163
128
|
describe '#valid_for?' do
|
|
164
129
|
it 'should return true' do
|
|
165
130
|
expect(@service.valid_for?(nil,nil,nil)).to be true
|
|
@@ -169,67 +134,59 @@ describe JsonCrudApi::Service do
|
|
|
169
134
|
describe '#user_authorized_for?' do
|
|
170
135
|
it 'should return true if scope_map is nil' do
|
|
171
136
|
@service.scope_map = nil
|
|
172
|
-
expect(@service.user_authorized_for?(
|
|
137
|
+
expect(@service.user_authorized_for?(nil,:one)).to be true
|
|
173
138
|
end
|
|
174
139
|
|
|
175
140
|
it 'should return true if scope_map is not nil but no map for operation' do
|
|
176
141
|
@service.scope_map = { :two => 'TWO' }
|
|
177
|
-
expect(@service.user_authorized_for?(
|
|
142
|
+
expect(@service.user_authorized_for?(nil,:one)).to be true
|
|
178
143
|
end
|
|
179
144
|
|
|
180
|
-
it 'should return false if user is nil' do
|
|
145
|
+
it 'should return false if user is nil with non nil scope map' do
|
|
181
146
|
@service.scope_map = { :two => 'TWO' }
|
|
182
|
-
@service.
|
|
183
|
-
expect(@service.user_authorized_for?(:two)).to be false
|
|
147
|
+
expect(@service.user_authorized_for?(nil, :two)).to be false
|
|
184
148
|
end
|
|
185
149
|
|
|
186
150
|
it 'should return false if user has nil scopes' do
|
|
187
151
|
@service.scope_map = { :two => 'TWO' }
|
|
188
|
-
@
|
|
189
|
-
@service.
|
|
190
|
-
expect(@service.user_authorized_for?(:two)).to be false
|
|
152
|
+
@user = { :name => "Tom", :scopes => nil }
|
|
153
|
+
expect(@service.user_authorized_for?(@user, :two)).to be false
|
|
191
154
|
end
|
|
192
155
|
|
|
193
156
|
it 'should return false if user has empty scopes' do
|
|
194
157
|
@service.scope_map = { :two => 'TWO' }
|
|
195
|
-
@
|
|
196
|
-
@service.
|
|
197
|
-
expect(@service.user_authorized_for?(:two)).to be false
|
|
158
|
+
@user = { :name => "Tom", :scopes => [] }
|
|
159
|
+
expect(@service.user_authorized_for?(@user, :two)).to be false
|
|
198
160
|
end
|
|
199
161
|
|
|
200
162
|
it 'should return true if scope map exists in user scopes' do
|
|
201
163
|
@service.scope_map = { :two => 'FIVE'}
|
|
202
|
-
@
|
|
203
|
-
@service.
|
|
204
|
-
expect(@service.user_authorized_for?(:two)).to be true
|
|
164
|
+
@user = { :name => "Tom", :scopes => [ 'ONE', 'TWO', 'FIVE'] }
|
|
165
|
+
expect(@service.user_authorized_for?(@user, :two)).to be true
|
|
205
166
|
end
|
|
206
167
|
|
|
207
168
|
it 'should return false if scope map does not exist in user scopes' do
|
|
208
169
|
@service.scope_map = { :two => 'SEVEN'}
|
|
209
|
-
@
|
|
210
|
-
@service.
|
|
211
|
-
expect(@service.user_authorized_for?(:two)).to be false
|
|
170
|
+
@user = { :name => "Tom", :scopes => [ 'ONE', 'TWO', 'FIVE'] }
|
|
171
|
+
expect(@service.user_authorized_for?(@user, :two)).to be false
|
|
212
172
|
end
|
|
213
173
|
|
|
214
174
|
it 'should return true if scope map is array and shares one scope with user' do
|
|
215
175
|
@service.scope_map = { :two => ['TWO'] }
|
|
216
|
-
@
|
|
217
|
-
@service.
|
|
218
|
-
expect(@service.user_authorized_for?(:two)).to be true
|
|
176
|
+
@user = { :name => "Tom", :scopes => [ 'ONE', 'TWO', 'THREE'] }
|
|
177
|
+
expect(@service.user_authorized_for?(@user, :two)).to be true
|
|
219
178
|
end
|
|
220
179
|
|
|
221
180
|
it 'should return true if scope map is array and shares more than one scope with user' do
|
|
222
181
|
@service.scope_map = { :two => ['TWO','THREE'] }
|
|
223
|
-
@
|
|
224
|
-
@service.
|
|
225
|
-
expect(@service.user_authorized_for?(:two)).to be true
|
|
182
|
+
@user = { :name => "Tom", :scopes => [ 'ONE', 'TWO', 'THREE'] }
|
|
183
|
+
expect(@service.user_authorized_for?(@user, :two)).to be true
|
|
226
184
|
end
|
|
227
185
|
|
|
228
186
|
it 'should return false if scope map is array and does not share scopes with user' do
|
|
229
187
|
@service.scope_map = { :two => ['FOUR'] }
|
|
230
|
-
@
|
|
231
|
-
@service.
|
|
232
|
-
expect(@service.user_authorized_for?(:two)).to be false
|
|
188
|
+
@user = { :name => "Tom", :scopes => [ 'ONE', 'TWO', 'THREE'] }
|
|
189
|
+
expect(@service.user_authorized_for?(@user, :two)).to be false
|
|
233
190
|
end
|
|
234
191
|
end
|
|
235
192
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: json-crud-api
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0
|
|
4
|
+
version: 0.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tom Cully
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-
|
|
11
|
+
date: 2014-07-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rake
|