miau 1.1.1 → 1.1.6

data/test/controller_test.rb

@@ -0,0 +1,58 @@
+require "test_helper"
+
+class NotController
+  include Miau
+
+  attr_accessor :current_user, :params
+
+  def initialize(current_user, params = {})
+    @current_user = current_user
+    @params = params
+  end
+end
+
+class NotPolicy < ApplicationPolicy
+end
+
+class FalseController
+  include Miau
+
+  attr_accessor :current_user, :params
+
+  def initialize(current_user, params = {})
+    @current_user = current_user
+    @params = params
+  end
+end
+
+class FalsePolicy < ApplicationPolicy
+  def controller
+    false
+  end
+end
+
+describe Miau, "controller" do
+  let(:user) { "User" }
+
+  def test_authorize_controller!
+    params = {controller: "posts", action: :any}
+    posts_controller = PostsController.new(user, params)
+    posts_controller.authorize_controller!
+  end
+
+  def test_authorize_controller_not_defined
+    params = {controller: "not", action: :any}
+    not_controller = NotController.new(user, params)
+    assert_raises(Miau::NotDefinedError) {
+      not_controller.authorize_controller!
+    }
+  end
+
+  def test_authorize_controller_false
+    params = {controller: "false", action: :any}
+    false_controller = FalseController.new(user, params)
+    assert_raises(Miau::NotAuthorizedError) {
+      false_controller.authorize_controller!
+    }
+  end
+end

data/test/controllers/orders_controller_test.rb

@@ -0,0 +1,47 @@
+require "test_helper"
+
+class OrdersControllerTest < ActionDispatch::IntegrationTest
+  setup do
+    @order = Order.create!(name: "Name", qty: 123)
+  end
+
+  def test_new
+    out, _err = capture_io do
+      get new_order_url
+    end
+
+    assert_response :success
+    assert_equal "controller\nnew\n", out
+  end
+
+  def test_create
+    out, _err = capture_io do
+      assert_difference("Order.count") do
+        post orders_url, params: {order: {name: @order.name, qty: 234}}
+      end
+    end
+
+    assert_redirected_to order_url(Order.last)
+    assert_equal "controller\n", out
+  end
+
+  def test_update
+    out, _err = capture_io do
+      patch order_url(@order), params: {order: {name: @order.name}}
+    end
+
+    assert_redirected_to order_url(@order)
+    assert_equal "controller\n", out
+  end
+
+  def test_destroy
+    out, _err = capture_io do
+      assert_difference("Order.count", -1) do
+        delete order_url(@order)
+      end
+    end
+
+    assert_redirected_to orders_url
+    assert_equal "controller\ndestroy\n", out
+  end
+end

data/test/internal/app/controllers/application_controller.rb

@@ -0,0 +1,7 @@
+class ApplicationController < ActionController::Base
+  include Miau
+
+  def miau_user
+    "User"
+  end
+end

data/test/internal/app/controllers/orders_controller.rb

@@ -0,0 +1,61 @@
+class OrdersController < ApplicationController
+  before_action :authorize_controller!
+  before_action :set_order, only: %i[show edit update destroy]
+
+  # # GET /orders
+  # def index
+  #   @orders = Order.all
+  # end
+  #
+  # # GET /orders/1
+  # def show
+  # end
+
+  # GET /orders/new
+  def new
+    @order = Order.new
+  end
+
+  # # GET /orders/1/edit
+  # def edit
+  # end
+
+  # POST /orders
+  def create
+    @order = Order.new(order_params)
+
+    if @order.save
+      redirect_to @order, notice: "Order was successfully created."
+    else
+      render :new, status: :unprocessable_entity
+    end
+  end
+
+  # PATCH/PUT /orders/1
+  def update
+    if @order.update(order_params)
+      redirect_to @order, notice: "Order was successfully updated.", status: :see_other
+    else
+      render :edit, status: :unprocessable_entity
+    end
+  end
+
+  # DELETE /orders/1
+  def destroy
+    authorize!
+    @order.destroy!
+    redirect_to orders_url, notice: "Order was successfully destroyed.", status: :see_other
+  end
+
+  private
+
+  # Use callbacks to share common setup or constraints between actions.
+  def set_order
+    @order = Order.find(params[:id])
+  end
+
+  # Only allow a list of trusted parameters through.
+  def order_params
+    params.require(:order).permit(:name, :qty)
+  end
+end

data/test/internal/app/controllers/posts_controller.rb

@@ -0,0 +1,10 @@
+class PostsController
+  include Miau
+
+  attr_accessor :current_user, :params
+
+  def initialize(current_user, params = {})
+    @current_user = current_user
+    @params = params
+  end
+end

data/test/internal/app/models/application_record.rb

@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+  primary_abstract_class
+end

data/test/internal/app/models/order.rb

@@ -0,0 +1,2 @@
+class Order < ApplicationRecord
+end

data/test/internal/app/models/post.rb

@@ -0,0 +1,2 @@
+class Post < Struct.new(:user, :id)
+end

data/test/internal/app/policies/orders_policy.rb

@@ -0,0 +1,16 @@
+class OrdersPolicy < ApplicationPolicy
+  def controller
+    puts :controller
+    true
+  end
+
+  def new
+    puts :new
+    true
+  end
+
+  def destroy
+    puts :destroy
+    true
+  end
+end

data/test/internal/app/policies/posts_policy.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+class PostsPolicy < ApplicationPolicy
+  miau %i[asi bsi], :si
+  miau %i[sino], %i[si no]
+
+  def controller
+    true
+  end
+
+  def si
+    true
+  end
+
+  def no
+    false
+  end
+end

data/test/internal/app/views/orders/new.html.erb

@@ -0,0 +1,5 @@
+<% if authorized? %>
+  <p> authorized </p>
+<% else %>
+  <p> NOT authorized </p>
+<% end %>

data/test/internal/config/database.yml

@@ -0,0 +1,3 @@
+test:
+  adapter:  sqlite3
+  database: db/test.sqlite3

data/test/internal/config/routes.rb

@@ -0,0 +1,3 @@
+Rails.application.routes.draw do
+  resources :orders
+end

data/test/internal/db/migrate/20141016161801_create_orders.rb

@@ -0,0 +1,10 @@
+class CreateOrders < ActiveRecord::Migration
+  def change
+    create_table :orders do |t|
+      t.string :name
+      t.string :qty
+
+      t.timestamps null: false
+    end
+  end
+end

data/test/internal/db/schema.rb

@@ -0,0 +1,8 @@
+ActiveRecord::Schema.define(version: 20141016161801) do
+  create_table "orders", force: true do |t|
+    t.string "name"
+    t.string "qty"
+    t.datetime "created_at", null: false
+    t.datetime "updated_at", null: false
+  end
+end

data/test/miau_test.rb

@@ -0,0 +1,46 @@
+require "test_helper"
+
+describe Miau do
+  let(:user) { "User" }
+  let(:post) { Post.new(user, 1) }
+  let(:params) { {action: "si", controller: "posts"} }
+  let(:posts_controller) { PostsController.new(user, params) }
+
+  describe "#authorize!" do
+    def test_ok_no_raise
+      posts_controller.authorize!(post)
+    end
+
+    def test_return_false
+      posts_controller.params[:action] = "no"
+      assert_raises(Miau::NotAuthorizedError) {
+        posts_controller.authorize!(post)
+      }
+    end
+
+    def test_NotDefinedError
+      posts_controller.params[:controller] = "articles"
+      assert_raises(Miau::NotDefinedError) {
+        posts_controller.authorize!(post)
+      }
+    end
+
+    def test_NoMethodError
+      posts_controller.params[:action] = "unknown"
+      assert_raises(Miau::NotDefinedError) {
+        posts_controller.authorize!(post)
+      }
+    end
+  end
+
+  describe "#authorized?" do
+    def test_return_true
+      assert posts_controller.authorized?(post)
+    end
+
+    def test_return_false
+      posts_controller.params[:action] = "no"
+      refute posts_controller.authorized?(post)
+    end
+  end
+end

data/test/run_test.rb

@@ -0,0 +1,69 @@
+require "test_helper"
+
+class ApplicationPolicy
+  miau :nein, :ja
+
+  def ja
+    true
+  end
+end
+
+class SiiPolicy < ApplicationPolicy
+  miau :no, :si
+
+  def si
+    true
+  end
+
+  def run
+    puts :run # use by capture_io
+    true
+  end
+end
+
+describe Miau, "run2" do
+  let(:storage) { Miau::PolicyStorage.instance }
+  let(:miau_run) { Miau::PolicyRun.instance }
+  let(:policy) { SiiPolicy.new }
+  let(:user) { "User" }
+
+  def test_find_methods_si
+    assert_equal :si, miau_run.find_methods(policy, :sii, :si)
+  end
+
+  def test_find_methods_no
+    assert_equal :si, miau_run.find_methods(policy, :sii, :no)
+  end
+
+  def test_find_methods_unknown
+    refute miau_run.find_methods(policy, :sii, :unknown)
+  end
+
+  def test_find_methods_ja
+    assert_equal :ja, miau_run.find_methods(policy, :sii, :ja)
+  end
+
+  def test_find_methods_nein
+    assert_equal :ja, miau_run.find_methods(policy, :sii, :ja)
+  end
+
+  def test_runs
+    out, _err = capture_io do
+      miau_run.runs(policy, :run)
+    end
+
+    assert_equal "run\n", out
+  end
+
+  def test_raise_undef
+    assert_raises(Miau::NotDefinedError) {
+      miau_run.raise_undef(:sii, :ja)
+    }
+  end
+
+  def test_raise_authorize
+    assert_raises(Miau::NotAuthorizedError) {
+      miau_run.raise_authorize(:sii, :ja)
+    }
+  end
+end

data/test/storage_test.rb

@@ -0,0 +1,51 @@
+require "test_helper"
+require "yaml"
+
+class MyPolicy < ApplicationPolicy
+  miau %i[appli2], :appli1
+  miau %i[appli3], %i[fail ok]
+
+  def appli1
+    true
+  end
+
+  def fail
+    false
+  end
+
+  def ok
+    true
+  end
+end
+
+describe Miau, "storage" do
+  let(:storage) { Miau::PolicyStorage.instance }
+
+  def test_add_policy_method
+    storage.add_policy "my", "fail", "ok"
+
+    str = storage.to_yaml
+    assert_match(/:my/, str)
+    assert_match(/:fail: :ok/, str)
+  end
+
+  def test_find_or_create_policy
+    storage.find_or_create_policy "application"
+
+    assert ApplicationPolicy, storage.instances[:application]
+  end
+
+  def test_overwrite
+    storage.add_policy "my", "first", "ok"
+    assert_raises(Miau::OverwriteError) {
+      storage.add_policy "my", "first", "ok"
+    }
+  end
+
+  def test_coverage_to_yaml
+    str = storage.to_yaml
+
+    assert str
+    # puts str
+  end
+end

data/test/test_helper.rb

@@ -0,0 +1,17 @@
+if ENV["COVERAGE"]
+  require "simplecov"
+  SimpleCov.start do
+    add_filter "/test/"
+  end
+end
+
+ENV["RAILS_ENV"] ||= "test"
+
+require "miau"
+
+require "combustion"
+Combustion.path = "test/internal"
+Combustion.initialize! :active_record
+
+require "minitest/autorun"
+require "rails/test_help"

metadata

@@ -1,23 +1,23 @@
 --- !ruby/object:Gem::Specification
 name: miau
 version: !ruby/object:Gem::Version
-  version: 1.1.1
+  version: 1.1.6
 platform: ruby
 authors:
 - Dittmar Krall
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-01-06 00:00:00.000000000 Z
+date: 2024-01-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: activesupport
+  name: appraisal
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-  type: :runtime
+  type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
@@ -25,7 +25,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: appraisal
+  name: combustion
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -66,9 +66,23 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: |
-  MIAU (MIcro AUthorization) provides a set of helpers which restricts what
-  resources a given user is allowed to access.
+  MIAU (MIcro AUthorization) provides some helpers which
+  raises an exception if a given user violates a policy.
 email: dittmar.krall@matiq.com
 executables: []
 extensions: []
@@ -85,11 +99,8 @@ files:
 - README.md
 - Rakefile
 - gemfiles/rails_6.1.gemfile
-- gemfiles/rails_6.1.gemfile.lock
 - gemfiles/rails_7.0.gemfile
-- gemfiles/rails_7.0.gemfile.lock
 - gemfiles/rails_7.1.gemfile
-- gemfiles/rails_7.1.gemfile.lock
 - lib/miau.rb
 - lib/miau/application_policy.rb
 - lib/miau/error.rb
@@ -97,6 +108,27 @@ files:
 - lib/miau/storage.rb
 - lib/miau/version.rb
 - miau.gemspec
+- test/authorization_test.rb
+- test/benchmark_test.rb
+- test/controller_test.rb
+- test/controllers/orders_controller_test.rb
+- test/internal/app/controllers/application_controller.rb
+- test/internal/app/controllers/orders_controller.rb
+- test/internal/app/controllers/posts_controller.rb
+- test/internal/app/models/application_record.rb
+- test/internal/app/models/order.rb
+- test/internal/app/models/post.rb
+- test/internal/app/policies/orders_policy.rb
+- test/internal/app/policies/posts_policy.rb
+- test/internal/app/views/orders/new.html.erb
+- test/internal/config/database.yml
+- test/internal/config/routes.rb
+- test/internal/db/migrate/20141016161801_create_orders.rb
+- test/internal/db/schema.rb
+- test/miau_test.rb
+- test/run_test.rb
+- test/storage_test.rb
+- test/test_helper.rb
 homepage: https://github.com/matique/miau
 licenses:
 - MIT