json-crud-api 0.0.11 → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/json-crud-api/crud.rb +5 -5
- data/lib/json-crud-api/service.rb +8 -19
- data/spec/unit/crud_spec.rb +22 -17
- data/spec/unit/service_spec.rb +18 -61
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e3e1e5bf85ec51418cbf586a6ccab176542b12d9
|
|
4
|
+
data.tar.gz: 0e0bd52b46f1ab21e289238d51dbcdee38235cfa
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 899bd551c4ffc00d715d89fba3a41c809eea75280cb0d3f99c1501b9362b056f6c7691ce87dfa8b15eb56270309c7e4f0d648abde8d7a9059a4b095c3d4a2d94
|
|
7
|
+
data.tar.gz: 45c7ec02f1ad9fe76590023f58a2734272cf468f292782bf3642d337f2ace0c9e8a88f8a3f2ba9c15d9f6356ad438ac31bf81a721882dc1c6da5eb467d119d22
|
data/lib/json-crud-api/crud.rb
CHANGED
|
@@ -5,7 +5,7 @@ module JsonCrudApi
|
|
|
5
5
|
def crud_get_all(key)
|
|
6
6
|
service = settings.services[key]
|
|
7
7
|
presenter = settings.presenters[key]
|
|
8
|
-
return fail_forbidden unless service.user_authorized_for? :get_all
|
|
8
|
+
return fail_forbidden unless service.user_authorized_for? @user, :get_all
|
|
9
9
|
entities = service.get_all
|
|
10
10
|
return fail_not_found if entities.nil?
|
|
11
11
|
|
|
@@ -15,7 +15,7 @@ module JsonCrudApi
|
|
|
15
15
|
def crud_get(key)
|
|
16
16
|
service = settings.services[key]
|
|
17
17
|
presenter = settings.presenters[key]
|
|
18
|
-
return fail_forbidden unless service.user_authorized_for? :get
|
|
18
|
+
return fail_forbidden unless service.user_authorized_for? @user, :get
|
|
19
19
|
entity = service.get(params["id"])
|
|
20
20
|
return fail_not_found if entity.nil?
|
|
21
21
|
|
|
@@ -25,7 +25,7 @@ module JsonCrudApi
|
|
|
25
25
|
def crud_post(key)
|
|
26
26
|
service = settings.services[key]
|
|
27
27
|
presenter = settings.presenters[key]
|
|
28
|
-
return fail_forbidden unless service.user_authorized_for? :create
|
|
28
|
+
return fail_forbidden unless service.user_authorized_for? @user, :create
|
|
29
29
|
post_data = presenter.parse @payload, :post
|
|
30
30
|
return fail_with_errors unless service.valid_for? post_data, :create, self
|
|
31
31
|
entity = service.create post_data
|
|
@@ -35,7 +35,7 @@ module JsonCrudApi
|
|
|
35
35
|
def crud_put(key)
|
|
36
36
|
service = settings.services[key]
|
|
37
37
|
presenter = settings.presenters[key]
|
|
38
|
-
return fail_forbidden unless service.user_authorized_for? :update
|
|
38
|
+
return fail_forbidden unless service.user_authorized_for? @user, :update
|
|
39
39
|
put_data = presenter.parse @payload, :put
|
|
40
40
|
return fail_with_errors unless service.valid_for? put_data, :update, self
|
|
41
41
|
return fail_not_found unless service.update params["id"], put_data
|
|
@@ -46,7 +46,7 @@ module JsonCrudApi
|
|
|
46
46
|
def crud_delete(key)
|
|
47
47
|
service = settings.services[key]
|
|
48
48
|
presenter = settings.presenters[key]
|
|
49
|
-
return fail_forbidden unless service.user_authorized_for? :delete
|
|
49
|
+
return fail_forbidden unless service.user_authorized_for? @user, :delete
|
|
50
50
|
return fail_not_found unless service.delete params["id"]
|
|
51
51
|
204
|
|
52
52
|
end
|
|
@@ -3,14 +3,12 @@ require 'rubygems'
|
|
|
3
3
|
module JsonCrudApi
|
|
4
4
|
class Service
|
|
5
5
|
|
|
6
|
-
attr_accessor :log_service, :model, :
|
|
6
|
+
attr_accessor :log_service, :model, :scope_map
|
|
7
7
|
|
|
8
8
|
def initialize(options)
|
|
9
9
|
@log_service = options[:log_service]
|
|
10
10
|
@model = options[:model]
|
|
11
11
|
@scope_map = options[:scope_map]
|
|
12
|
-
@user = nil
|
|
13
|
-
@user_scopes = nil
|
|
14
12
|
end
|
|
15
13
|
|
|
16
14
|
# Create a record with the given attributes
|
|
@@ -51,40 +49,31 @@ module JsonCrudApi
|
|
|
51
49
|
record.destroy
|
|
52
50
|
end
|
|
53
51
|
|
|
54
|
-
# Set the current user
|
|
55
|
-
def set_user(user)
|
|
56
|
-
@user = user
|
|
57
|
-
set_user_scopes(user[:scopes]) unless @user.nil?
|
|
58
|
-
end
|
|
59
|
-
|
|
60
|
-
# Set the current user scopes
|
|
61
|
-
def set_user_scopes(user_scopes)
|
|
62
|
-
@user_scopes = user_scopes
|
|
63
|
-
end
|
|
64
|
-
|
|
65
52
|
# Find if the params are valid for an operation (defaults to true)
|
|
66
53
|
def valid_for?(params, operation, api_instance)
|
|
67
54
|
true
|
|
68
55
|
end
|
|
69
56
|
|
|
70
57
|
# Determine if the current user is authorized for the given operation
|
|
71
|
-
def user_authorized_for?(operation)
|
|
58
|
+
def user_authorized_for?(user, operation)
|
|
72
59
|
# Auth is disabled if scope map is nil
|
|
73
60
|
return true if @scope_map.nil?
|
|
74
61
|
# Auth succeeds if there is no map for this operation
|
|
75
62
|
return true if @scope_map[operation].nil?
|
|
76
63
|
# Auth fails if user is not logged in
|
|
77
|
-
return false if
|
|
64
|
+
return false if user.nil?
|
|
78
65
|
# Auth fails if user has no scopes
|
|
79
|
-
return false
|
|
66
|
+
return false unless user.has_key?(:scopes)
|
|
67
|
+
return false unless user[:scopes].is_a?(Array)
|
|
68
|
+
return false if user[:scopes].empty?
|
|
80
69
|
|
|
81
70
|
if @scope_map[operation].is_a?(Array)
|
|
82
71
|
# Auth succeeds if the intersection of allowed scopes and mapped scopes is non-empty.
|
|
83
|
-
return !((@scope_map[operation] &
|
|
72
|
+
return !((@scope_map[operation] & user[:scopes]).empty?)
|
|
84
73
|
end
|
|
85
74
|
|
|
86
75
|
# Auth succeeds if the mapped scope is singular and the user posesses it
|
|
87
|
-
|
|
76
|
+
user[:scopes].include?(@scope_map[operation])
|
|
88
77
|
end
|
|
89
78
|
end
|
|
90
79
|
end
|
data/spec/unit/crud_spec.rb
CHANGED
|
@@ -2,8 +2,10 @@ require "spec_helper"
|
|
|
2
2
|
|
|
3
3
|
describe JsonCrudApi::AuthClient do
|
|
4
4
|
before(:each) do
|
|
5
|
+
@test_user = { :name=>"Test User", :scopes => ['ADMIN'] }
|
|
6
|
+
|
|
5
7
|
class CrudTest
|
|
6
|
-
attr_accessor :test_settings, :test_params, :payload
|
|
8
|
+
attr_accessor :test_settings, :test_params, :payload, :user
|
|
7
9
|
include JsonCrudApi::Crud
|
|
8
10
|
|
|
9
11
|
def settings
|
|
@@ -16,6 +18,8 @@ describe JsonCrudApi::AuthClient do
|
|
|
16
18
|
end
|
|
17
19
|
|
|
18
20
|
@test = CrudTest.new
|
|
21
|
+
@test.user = @test_user
|
|
22
|
+
|
|
19
23
|
end
|
|
20
24
|
|
|
21
25
|
describe '#crud_get_all' do
|
|
@@ -28,13 +32,14 @@ describe JsonCrudApi::AuthClient do
|
|
|
28
32
|
:services=>OpenStruct.new,
|
|
29
33
|
:presenters=>OpenStruct.new
|
|
30
34
|
})
|
|
35
|
+
|
|
31
36
|
end
|
|
32
37
|
|
|
33
38
|
it 'should call get_all on service, render on the presenter, and return JSON' do
|
|
34
39
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
35
40
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
36
41
|
|
|
37
|
-
expect(@service).to receive(:user_authorized_for?).with(:get_all).and_return(true)
|
|
42
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :get_all).and_return(true)
|
|
38
43
|
expect(@service).to receive(:get_all).and_return([])
|
|
39
44
|
|
|
40
45
|
expect(@presenter).to receive(:render).with([], :get_all).and_return({ :test_output => 1})
|
|
@@ -46,7 +51,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
46
51
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
47
52
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
48
53
|
|
|
49
|
-
expect(@service).to receive(:user_authorized_for?).with(:get_all).and_return(false)
|
|
54
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :get_all).and_return(false)
|
|
50
55
|
|
|
51
56
|
expect(@test).to receive(:fail_forbidden)
|
|
52
57
|
|
|
@@ -60,7 +65,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
60
65
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
61
66
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
62
67
|
|
|
63
|
-
expect(@service).to receive(:user_authorized_for?).with(:get_all).and_return(true)
|
|
68
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :get_all).and_return(true)
|
|
64
69
|
expect(@service).to receive(:get_all).and_return(nil)
|
|
65
70
|
|
|
66
71
|
expect(@test).to receive(:fail_not_found)
|
|
@@ -88,7 +93,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
88
93
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
89
94
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
90
95
|
|
|
91
|
-
expect(@service).to receive(:user_authorized_for?).with(:get).and_return(true)
|
|
96
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :get).and_return(true)
|
|
92
97
|
expect(@service).to receive(:get).with(234).and_return([])
|
|
93
98
|
|
|
94
99
|
expect(@presenter).to receive(:render).with([], :get).and_return({ :test_output => 56})
|
|
@@ -100,7 +105,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
100
105
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
101
106
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
102
107
|
|
|
103
|
-
expect(@service).to receive(:user_authorized_for?).with(:get).and_return(false)
|
|
108
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :get).and_return(false)
|
|
104
109
|
|
|
105
110
|
expect(@test).to receive(:fail_forbidden)
|
|
106
111
|
|
|
@@ -114,7 +119,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
114
119
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
115
120
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
116
121
|
|
|
117
|
-
expect(@service).to receive(:user_authorized_for?).with(:get).and_return(true)
|
|
122
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :get).and_return(true)
|
|
118
123
|
expect(@service).to receive(:get).with(234).and_return(nil)
|
|
119
124
|
|
|
120
125
|
expect(@test).to receive(:fail_not_found)
|
|
@@ -142,7 +147,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
142
147
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
143
148
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
144
149
|
|
|
145
|
-
expect(@service).to receive(:user_authorized_for?).with(:create).and_return(true)
|
|
150
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :create).and_return(true)
|
|
146
151
|
expect(@service).to receive(:valid_for?).with({ :test_output => 12398}, :create, @test).and_return(true)
|
|
147
152
|
expect(@service).to receive(:create).with({ :test_output => 12398}).and_return({ :test_output => 77234})
|
|
148
153
|
|
|
@@ -156,7 +161,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
156
161
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
157
162
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
158
163
|
|
|
159
|
-
expect(@service).to receive(:user_authorized_for?).with(:create).and_return(true)
|
|
164
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :create).and_return(true)
|
|
160
165
|
expect(@service).to receive(:valid_for?).with({ :test_output => 12398}, :create, @test).and_return(false)
|
|
161
166
|
|
|
162
167
|
expect(@presenter).to receive(:parse).with(@test.payload, :post).and_return({ :test_output => 12398})
|
|
@@ -173,7 +178,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
173
178
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
174
179
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
175
180
|
|
|
176
|
-
expect(@service).to receive(:user_authorized_for?).with(:create).and_return(false)
|
|
181
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :create).and_return(false)
|
|
177
182
|
|
|
178
183
|
expect(@test).to receive(:fail_forbidden)
|
|
179
184
|
|
|
@@ -201,7 +206,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
201
206
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
202
207
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
203
208
|
|
|
204
|
-
expect(@service).to receive(:user_authorized_for?).with(:update).and_return(true)
|
|
209
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :update).and_return(true)
|
|
205
210
|
expect(@presenter).to receive(:parse).with(@test.payload, :put).and_return({ :test_output => 12398})
|
|
206
211
|
expect(@service).to receive(:valid_for?).with({ :test_output => 12398},:update,@test).and_return(true)
|
|
207
212
|
expect(@service).to receive(:update).with(7345, { :test_output => 12398}).and_return(true)
|
|
@@ -216,7 +221,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
216
221
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
217
222
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
218
223
|
|
|
219
|
-
expect(@service).to receive(:user_authorized_for?).with(:update).and_return(true)
|
|
224
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :update).and_return(true)
|
|
220
225
|
expect(@presenter).to receive(:parse).with(@test.payload, :put).and_return({ :test_output => 12398})
|
|
221
226
|
expect(@service).to receive(:valid_for?).with({ :test_output => 12398},:update,@test).and_return(false)
|
|
222
227
|
expect(@presenter).not_to receive(:render)
|
|
@@ -230,7 +235,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
230
235
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
231
236
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
232
237
|
|
|
233
|
-
expect(@service).to receive(:user_authorized_for?).with(:update).and_return(true)
|
|
238
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :update).and_return(true)
|
|
234
239
|
expect(@service).to receive(:valid_for?).with({ :test_output => 12398},:update,@test).and_return(true)
|
|
235
240
|
expect(@service).to receive(:update).with(7345, { :test_output => 12398}).and_return(false)
|
|
236
241
|
|
|
@@ -246,7 +251,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
246
251
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
247
252
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
248
253
|
|
|
249
|
-
expect(@service).to receive(:user_authorized_for?).with(:update).and_return(false)
|
|
254
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :update).and_return(false)
|
|
250
255
|
|
|
251
256
|
expect(@test).to receive(:fail_forbidden)
|
|
252
257
|
|
|
@@ -274,7 +279,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
274
279
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
275
280
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
276
281
|
|
|
277
|
-
expect(@service).to receive(:user_authorized_for?).with(:delete).and_return(true)
|
|
282
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :delete).and_return(true)
|
|
278
283
|
expect(@service).to receive(:delete).with(234).and_return(true)
|
|
279
284
|
|
|
280
285
|
expect(@test.send(:crud_delete,'thekey')).to eq 204
|
|
@@ -284,7 +289,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
284
289
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
285
290
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
286
291
|
|
|
287
|
-
expect(@service).to receive(:user_authorized_for?).with(:delete).and_return(false)
|
|
292
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :delete).and_return(false)
|
|
288
293
|
|
|
289
294
|
expect(@test).to receive(:fail_forbidden)
|
|
290
295
|
|
|
@@ -297,7 +302,7 @@ describe JsonCrudApi::AuthClient do
|
|
|
297
302
|
expect(@test.test_settings.services).to receive(:[]).with('thekey').and_return(@service)
|
|
298
303
|
expect(@test.test_settings.presenters).to receive(:[]).with('thekey').and_return(@presenter)
|
|
299
304
|
|
|
300
|
-
expect(@service).to receive(:user_authorized_for?).with(:delete).and_return(true)
|
|
305
|
+
expect(@service).to receive(:user_authorized_for?).with(@test_user, :delete).and_return(true)
|
|
301
306
|
expect(@service).to receive(:delete).with(234).and_return(false)
|
|
302
307
|
|
|
303
308
|
expect(@test).to receive(:fail_not_found)
|
data/spec/unit/service_spec.rb
CHANGED
|
@@ -19,11 +19,6 @@ describe JsonCrudApi::Service do
|
|
|
19
19
|
expect(@service.model).to be @mock_model
|
|
20
20
|
expect(@service.scope_map).to be @mock_map
|
|
21
21
|
end
|
|
22
|
-
|
|
23
|
-
it 'should initialize user and scopes to nil' do
|
|
24
|
-
expect(@service.user).to be nil
|
|
25
|
-
expect(@service.user_scopes).to be nil
|
|
26
|
-
end
|
|
27
22
|
end
|
|
28
23
|
|
|
29
24
|
describe '#create' do
|
|
@@ -130,36 +125,6 @@ describe JsonCrudApi::Service do
|
|
|
130
125
|
end
|
|
131
126
|
end
|
|
132
127
|
|
|
133
|
-
describe '#set_user' do
|
|
134
|
-
it 'should set user in service to param' do
|
|
135
|
-
@service.set_user(nil)
|
|
136
|
-
expect(@service.user).to eq nil
|
|
137
|
-
end
|
|
138
|
-
|
|
139
|
-
it 'should not call set_user_scopes if user is nil' do
|
|
140
|
-
expect(@service).not_to receive(:set_user_scopes)
|
|
141
|
-
@service.set_user(nil)
|
|
142
|
-
expect(@service.user).to eq nil
|
|
143
|
-
end
|
|
144
|
-
|
|
145
|
-
it 'should call set_user_scopes if user is not' do
|
|
146
|
-
user = { :scopes => [1,2] }
|
|
147
|
-
expect(@service).to receive(:set_user_scopes).with([1,2])
|
|
148
|
-
@service.set_user(user)
|
|
149
|
-
expect(@service.user).to eq user
|
|
150
|
-
end
|
|
151
|
-
end
|
|
152
|
-
|
|
153
|
-
describe '#set_user_scopes' do
|
|
154
|
-
it 'should set user_scopes in service to param' do
|
|
155
|
-
@service.set_user_scopes(nil)
|
|
156
|
-
expect(@service.user_scopes).to eq nil
|
|
157
|
-
|
|
158
|
-
@service.set_user_scopes(234234)
|
|
159
|
-
expect(@service.user_scopes).to eq 234234
|
|
160
|
-
end
|
|
161
|
-
end
|
|
162
|
-
|
|
163
128
|
describe '#valid_for?' do
|
|
164
129
|
it 'should return true' do
|
|
165
130
|
expect(@service.valid_for?(nil,nil,nil)).to be true
|
|
@@ -169,67 +134,59 @@ describe JsonCrudApi::Service do
|
|
|
169
134
|
describe '#user_authorized_for?' do
|
|
170
135
|
it 'should return true if scope_map is nil' do
|
|
171
136
|
@service.scope_map = nil
|
|
172
|
-
expect(@service.user_authorized_for?(
|
|
137
|
+
expect(@service.user_authorized_for?(nil,:one)).to be true
|
|
173
138
|
end
|
|
174
139
|
|
|
175
140
|
it 'should return true if scope_map is not nil but no map for operation' do
|
|
176
141
|
@service.scope_map = { :two => 'TWO' }
|
|
177
|
-
expect(@service.user_authorized_for?(
|
|
142
|
+
expect(@service.user_authorized_for?(nil,:one)).to be true
|
|
178
143
|
end
|
|
179
144
|
|
|
180
|
-
it 'should return false if user is nil' do
|
|
145
|
+
it 'should return false if user is nil with non nil scope map' do
|
|
181
146
|
@service.scope_map = { :two => 'TWO' }
|
|
182
|
-
@service.
|
|
183
|
-
expect(@service.user_authorized_for?(:two)).to be false
|
|
147
|
+
expect(@service.user_authorized_for?(nil, :two)).to be false
|
|
184
148
|
end
|
|
185
149
|
|
|
186
150
|
it 'should return false if user has nil scopes' do
|
|
187
151
|
@service.scope_map = { :two => 'TWO' }
|
|
188
|
-
@
|
|
189
|
-
@service.
|
|
190
|
-
expect(@service.user_authorized_for?(:two)).to be false
|
|
152
|
+
@user = { :name => "Tom", :scopes => nil }
|
|
153
|
+
expect(@service.user_authorized_for?(@user, :two)).to be false
|
|
191
154
|
end
|
|
192
155
|
|
|
193
156
|
it 'should return false if user has empty scopes' do
|
|
194
157
|
@service.scope_map = { :two => 'TWO' }
|
|
195
|
-
@
|
|
196
|
-
@service.
|
|
197
|
-
expect(@service.user_authorized_for?(:two)).to be false
|
|
158
|
+
@user = { :name => "Tom", :scopes => [] }
|
|
159
|
+
expect(@service.user_authorized_for?(@user, :two)).to be false
|
|
198
160
|
end
|
|
199
161
|
|
|
200
162
|
it 'should return true if scope map exists in user scopes' do
|
|
201
163
|
@service.scope_map = { :two => 'FIVE'}
|
|
202
|
-
@
|
|
203
|
-
@service.
|
|
204
|
-
expect(@service.user_authorized_for?(:two)).to be true
|
|
164
|
+
@user = { :name => "Tom", :scopes => [ 'ONE', 'TWO', 'FIVE'] }
|
|
165
|
+
expect(@service.user_authorized_for?(@user, :two)).to be true
|
|
205
166
|
end
|
|
206
167
|
|
|
207
168
|
it 'should return false if scope map does not exist in user scopes' do
|
|
208
169
|
@service.scope_map = { :two => 'SEVEN'}
|
|
209
|
-
@
|
|
210
|
-
@service.
|
|
211
|
-
expect(@service.user_authorized_for?(:two)).to be false
|
|
170
|
+
@user = { :name => "Tom", :scopes => [ 'ONE', 'TWO', 'FIVE'] }
|
|
171
|
+
expect(@service.user_authorized_for?(@user, :two)).to be false
|
|
212
172
|
end
|
|
213
173
|
|
|
214
174
|
it 'should return true if scope map is array and shares one scope with user' do
|
|
215
175
|
@service.scope_map = { :two => ['TWO'] }
|
|
216
|
-
@
|
|
217
|
-
@service.
|
|
218
|
-
expect(@service.user_authorized_for?(:two)).to be true
|
|
176
|
+
@user = { :name => "Tom", :scopes => [ 'ONE', 'TWO', 'THREE'] }
|
|
177
|
+
expect(@service.user_authorized_for?(@user, :two)).to be true
|
|
219
178
|
end
|
|
220
179
|
|
|
221
180
|
it 'should return true if scope map is array and shares more than one scope with user' do
|
|
222
181
|
@service.scope_map = { :two => ['TWO','THREE'] }
|
|
223
|
-
@
|
|
224
|
-
@service.
|
|
225
|
-
expect(@service.user_authorized_for?(:two)).to be true
|
|
182
|
+
@user = { :name => "Tom", :scopes => [ 'ONE', 'TWO', 'THREE'] }
|
|
183
|
+
expect(@service.user_authorized_for?(@user, :two)).to be true
|
|
226
184
|
end
|
|
227
185
|
|
|
228
186
|
it 'should return false if scope map is array and does not share scopes with user' do
|
|
229
187
|
@service.scope_map = { :two => ['FOUR'] }
|
|
230
|
-
@
|
|
231
|
-
@service.
|
|
232
|
-
expect(@service.user_authorized_for?(:two)).to be false
|
|
188
|
+
@user = { :name => "Tom", :scopes => [ 'ONE', 'TWO', 'THREE'] }
|
|
189
|
+
expect(@service.user_authorized_for?(@user, :two)).to be false
|
|
233
190
|
end
|
|
234
191
|
end
|
|
235
192
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: json-crud-api
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0
|
|
4
|
+
version: 0.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tom Cully
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-
|
|
11
|
+
date: 2014-07-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rake
|