miau 1.1.1 → 1.1.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/rake.yml +1 -1
- data/.gitignore +7 -4
- data/Gemfile +5 -3
- data/Gemfile.lock +181 -9
- data/README.md +7 -6
- data/Rakefile +4 -6
- data/gemfiles/rails_6.1.gemfile +3 -2
- data/gemfiles/rails_7.0.gemfile +3 -2
- data/gemfiles/rails_7.1.gemfile +3 -2
- data/lib/miau/application_policy.rb +1 -1
- data/lib/miau/run.rb +16 -15
- data/lib/miau/storage.rb +2 -2
- data/lib/miau/version.rb +2 -1
- data/lib/miau.rb +27 -19
- data/miau.gemspec +6 -8
- data/test/authorization_test.rb +28 -0
- data/test/benchmark_test.rb +34 -0
- data/test/controller_test.rb +58 -0
- data/test/controllers/orders_controller_test.rb +47 -0
- data/test/internal/app/controllers/application_controller.rb +7 -0
- data/test/internal/app/controllers/orders_controller.rb +61 -0
- data/test/internal/app/controllers/posts_controller.rb +10 -0
- data/test/internal/app/models/application_record.rb +3 -0
- data/test/internal/app/models/order.rb +2 -0
- data/test/internal/app/models/post.rb +2 -0
- data/test/internal/app/policies/orders_policy.rb +16 -0
- data/test/internal/app/policies/posts_policy.rb +18 -0
- data/test/internal/app/views/orders/new.html.erb +5 -0
- data/test/internal/config/database.yml +3 -0
- data/test/internal/config/routes.rb +3 -0
- data/test/internal/db/migrate/20141016161801_create_orders.rb +10 -0
- data/test/internal/db/schema.rb +8 -0
- data/test/miau_test.rb +46 -0
- data/test/run_test.rb +69 -0
- data/test/storage_test.rb +51 -0
- data/test/test_helper.rb +17 -0
- metadata +42 -10
- data/gemfiles/rails_6.1.gemfile.lock +0 -223
- data/gemfiles/rails_7.0.gemfile.lock +0 -255
- data/gemfiles/rails_7.1.gemfile.lock +0 -253
@@ -0,0 +1,58 @@
|
|
1
|
+
require "test_helper"
|
2
|
+
|
3
|
+
class NotController
|
4
|
+
include Miau
|
5
|
+
|
6
|
+
attr_accessor :current_user, :params
|
7
|
+
|
8
|
+
def initialize(current_user, params = {})
|
9
|
+
@current_user = current_user
|
10
|
+
@params = params
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
class NotPolicy < ApplicationPolicy
|
15
|
+
end
|
16
|
+
|
17
|
+
class FalseController
|
18
|
+
include Miau
|
19
|
+
|
20
|
+
attr_accessor :current_user, :params
|
21
|
+
|
22
|
+
def initialize(current_user, params = {})
|
23
|
+
@current_user = current_user
|
24
|
+
@params = params
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
class FalsePolicy < ApplicationPolicy
|
29
|
+
def controller
|
30
|
+
false
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
describe Miau, "controller" do
|
35
|
+
let(:user) { "User" }
|
36
|
+
|
37
|
+
def test_authorize_controller!
|
38
|
+
params = {controller: "posts", action: :any}
|
39
|
+
posts_controller = PostsController.new(user, params)
|
40
|
+
posts_controller.authorize_controller!
|
41
|
+
end
|
42
|
+
|
43
|
+
def test_authorize_controller_not_defined
|
44
|
+
params = {controller: "not", action: :any}
|
45
|
+
not_controller = NotController.new(user, params)
|
46
|
+
assert_raises(Miau::NotDefinedError) {
|
47
|
+
not_controller.authorize_controller!
|
48
|
+
}
|
49
|
+
end
|
50
|
+
|
51
|
+
def test_authorize_controller_false
|
52
|
+
params = {controller: "false", action: :any}
|
53
|
+
false_controller = FalseController.new(user, params)
|
54
|
+
assert_raises(Miau::NotAuthorizedError) {
|
55
|
+
false_controller.authorize_controller!
|
56
|
+
}
|
57
|
+
end
|
58
|
+
end
|
@@ -0,0 +1,47 @@
|
|
1
|
+
require "test_helper"
|
2
|
+
|
3
|
+
class OrdersControllerTest < ActionDispatch::IntegrationTest
|
4
|
+
setup do
|
5
|
+
@order = Order.create!(name: "Name", qty: 123)
|
6
|
+
end
|
7
|
+
|
8
|
+
def test_new
|
9
|
+
out, _err = capture_io do
|
10
|
+
get new_order_url
|
11
|
+
end
|
12
|
+
|
13
|
+
assert_response :success
|
14
|
+
assert_equal "controller\nnew\n", out
|
15
|
+
end
|
16
|
+
|
17
|
+
def test_create
|
18
|
+
out, _err = capture_io do
|
19
|
+
assert_difference("Order.count") do
|
20
|
+
post orders_url, params: {order: {name: @order.name, qty: 234}}
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
assert_redirected_to order_url(Order.last)
|
25
|
+
assert_equal "controller\n", out
|
26
|
+
end
|
27
|
+
|
28
|
+
def test_update
|
29
|
+
out, _err = capture_io do
|
30
|
+
patch order_url(@order), params: {order: {name: @order.name}}
|
31
|
+
end
|
32
|
+
|
33
|
+
assert_redirected_to order_url(@order)
|
34
|
+
assert_equal "controller\n", out
|
35
|
+
end
|
36
|
+
|
37
|
+
def test_destroy
|
38
|
+
out, _err = capture_io do
|
39
|
+
assert_difference("Order.count", -1) do
|
40
|
+
delete order_url(@order)
|
41
|
+
end
|
42
|
+
end
|
43
|
+
|
44
|
+
assert_redirected_to orders_url
|
45
|
+
assert_equal "controller\ndestroy\n", out
|
46
|
+
end
|
47
|
+
end
|
@@ -0,0 +1,61 @@
|
|
1
|
+
class OrdersController < ApplicationController
|
2
|
+
before_action :authorize_controller!
|
3
|
+
before_action :set_order, only: %i[show edit update destroy]
|
4
|
+
|
5
|
+
# # GET /orders
|
6
|
+
# def index
|
7
|
+
# @orders = Order.all
|
8
|
+
# end
|
9
|
+
#
|
10
|
+
# # GET /orders/1
|
11
|
+
# def show
|
12
|
+
# end
|
13
|
+
|
14
|
+
# GET /orders/new
|
15
|
+
def new
|
16
|
+
@order = Order.new
|
17
|
+
end
|
18
|
+
|
19
|
+
# # GET /orders/1/edit
|
20
|
+
# def edit
|
21
|
+
# end
|
22
|
+
|
23
|
+
# POST /orders
|
24
|
+
def create
|
25
|
+
@order = Order.new(order_params)
|
26
|
+
|
27
|
+
if @order.save
|
28
|
+
redirect_to @order, notice: "Order was successfully created."
|
29
|
+
else
|
30
|
+
render :new, status: :unprocessable_entity
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
# PATCH/PUT /orders/1
|
35
|
+
def update
|
36
|
+
if @order.update(order_params)
|
37
|
+
redirect_to @order, notice: "Order was successfully updated.", status: :see_other
|
38
|
+
else
|
39
|
+
render :edit, status: :unprocessable_entity
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
# DELETE /orders/1
|
44
|
+
def destroy
|
45
|
+
authorize!
|
46
|
+
@order.destroy!
|
47
|
+
redirect_to orders_url, notice: "Order was successfully destroyed.", status: :see_other
|
48
|
+
end
|
49
|
+
|
50
|
+
private
|
51
|
+
|
52
|
+
# Use callbacks to share common setup or constraints between actions.
|
53
|
+
def set_order
|
54
|
+
@order = Order.find(params[:id])
|
55
|
+
end
|
56
|
+
|
57
|
+
# Only allow a list of trusted parameters through.
|
58
|
+
def order_params
|
59
|
+
params.require(:order).permit(:name, :qty)
|
60
|
+
end
|
61
|
+
end
|
data/test/miau_test.rb
ADDED
@@ -0,0 +1,46 @@
|
|
1
|
+
require "test_helper"
|
2
|
+
|
3
|
+
describe Miau do
|
4
|
+
let(:user) { "User" }
|
5
|
+
let(:post) { Post.new(user, 1) }
|
6
|
+
let(:params) { {action: "si", controller: "posts"} }
|
7
|
+
let(:posts_controller) { PostsController.new(user, params) }
|
8
|
+
|
9
|
+
describe "#authorize!" do
|
10
|
+
def test_ok_no_raise
|
11
|
+
posts_controller.authorize!(post)
|
12
|
+
end
|
13
|
+
|
14
|
+
def test_return_false
|
15
|
+
posts_controller.params[:action] = "no"
|
16
|
+
assert_raises(Miau::NotAuthorizedError) {
|
17
|
+
posts_controller.authorize!(post)
|
18
|
+
}
|
19
|
+
end
|
20
|
+
|
21
|
+
def test_NotDefinedError
|
22
|
+
posts_controller.params[:controller] = "articles"
|
23
|
+
assert_raises(Miau::NotDefinedError) {
|
24
|
+
posts_controller.authorize!(post)
|
25
|
+
}
|
26
|
+
end
|
27
|
+
|
28
|
+
def test_NoMethodError
|
29
|
+
posts_controller.params[:action] = "unknown"
|
30
|
+
assert_raises(Miau::NotDefinedError) {
|
31
|
+
posts_controller.authorize!(post)
|
32
|
+
}
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
describe "#authorized?" do
|
37
|
+
def test_return_true
|
38
|
+
assert posts_controller.authorized?(post)
|
39
|
+
end
|
40
|
+
|
41
|
+
def test_return_false
|
42
|
+
posts_controller.params[:action] = "no"
|
43
|
+
refute posts_controller.authorized?(post)
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
data/test/run_test.rb
ADDED
@@ -0,0 +1,69 @@
|
|
1
|
+
require "test_helper"
|
2
|
+
|
3
|
+
class ApplicationPolicy
|
4
|
+
miau :nein, :ja
|
5
|
+
|
6
|
+
def ja
|
7
|
+
true
|
8
|
+
end
|
9
|
+
end
|
10
|
+
|
11
|
+
class SiiPolicy < ApplicationPolicy
|
12
|
+
miau :no, :si
|
13
|
+
|
14
|
+
def si
|
15
|
+
true
|
16
|
+
end
|
17
|
+
|
18
|
+
def run
|
19
|
+
puts :run # use by capture_io
|
20
|
+
true
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
describe Miau, "run2" do
|
25
|
+
let(:storage) { Miau::PolicyStorage.instance }
|
26
|
+
let(:miau_run) { Miau::PolicyRun.instance }
|
27
|
+
let(:policy) { SiiPolicy.new }
|
28
|
+
let(:user) { "User" }
|
29
|
+
|
30
|
+
def test_find_methods_si
|
31
|
+
assert_equal :si, miau_run.find_methods(policy, :sii, :si)
|
32
|
+
end
|
33
|
+
|
34
|
+
def test_find_methods_no
|
35
|
+
assert_equal :si, miau_run.find_methods(policy, :sii, :no)
|
36
|
+
end
|
37
|
+
|
38
|
+
def test_find_methods_unknown
|
39
|
+
refute miau_run.find_methods(policy, :sii, :unknown)
|
40
|
+
end
|
41
|
+
|
42
|
+
def test_find_methods_ja
|
43
|
+
assert_equal :ja, miau_run.find_methods(policy, :sii, :ja)
|
44
|
+
end
|
45
|
+
|
46
|
+
def test_find_methods_nein
|
47
|
+
assert_equal :ja, miau_run.find_methods(policy, :sii, :ja)
|
48
|
+
end
|
49
|
+
|
50
|
+
def test_runs
|
51
|
+
out, _err = capture_io do
|
52
|
+
miau_run.runs(policy, :run)
|
53
|
+
end
|
54
|
+
|
55
|
+
assert_equal "run\n", out
|
56
|
+
end
|
57
|
+
|
58
|
+
def test_raise_undef
|
59
|
+
assert_raises(Miau::NotDefinedError) {
|
60
|
+
miau_run.raise_undef(:sii, :ja)
|
61
|
+
}
|
62
|
+
end
|
63
|
+
|
64
|
+
def test_raise_authorize
|
65
|
+
assert_raises(Miau::NotAuthorizedError) {
|
66
|
+
miau_run.raise_authorize(:sii, :ja)
|
67
|
+
}
|
68
|
+
end
|
69
|
+
end
|
@@ -0,0 +1,51 @@
|
|
1
|
+
require "test_helper"
|
2
|
+
require "yaml"
|
3
|
+
|
4
|
+
class MyPolicy < ApplicationPolicy
|
5
|
+
miau %i[appli2], :appli1
|
6
|
+
miau %i[appli3], %i[fail ok]
|
7
|
+
|
8
|
+
def appli1
|
9
|
+
true
|
10
|
+
end
|
11
|
+
|
12
|
+
def fail
|
13
|
+
false
|
14
|
+
end
|
15
|
+
|
16
|
+
def ok
|
17
|
+
true
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
describe Miau, "storage" do
|
22
|
+
let(:storage) { Miau::PolicyStorage.instance }
|
23
|
+
|
24
|
+
def test_add_policy_method
|
25
|
+
storage.add_policy "my", "fail", "ok"
|
26
|
+
|
27
|
+
str = storage.to_yaml
|
28
|
+
assert_match(/:my/, str)
|
29
|
+
assert_match(/:fail: :ok/, str)
|
30
|
+
end
|
31
|
+
|
32
|
+
def test_find_or_create_policy
|
33
|
+
storage.find_or_create_policy "application"
|
34
|
+
|
35
|
+
assert ApplicationPolicy, storage.instances[:application]
|
36
|
+
end
|
37
|
+
|
38
|
+
def test_overwrite
|
39
|
+
storage.add_policy "my", "first", "ok"
|
40
|
+
assert_raises(Miau::OverwriteError) {
|
41
|
+
storage.add_policy "my", "first", "ok"
|
42
|
+
}
|
43
|
+
end
|
44
|
+
|
45
|
+
def test_coverage_to_yaml
|
46
|
+
str = storage.to_yaml
|
47
|
+
|
48
|
+
assert str
|
49
|
+
# puts str
|
50
|
+
end
|
51
|
+
end
|
data/test/test_helper.rb
ADDED
@@ -0,0 +1,17 @@
|
|
1
|
+
if ENV["COVERAGE"]
|
2
|
+
require "simplecov"
|
3
|
+
SimpleCov.start do
|
4
|
+
add_filter "/test/"
|
5
|
+
end
|
6
|
+
end
|
7
|
+
|
8
|
+
ENV["RAILS_ENV"] ||= "test"
|
9
|
+
|
10
|
+
require "miau"
|
11
|
+
|
12
|
+
require "combustion"
|
13
|
+
Combustion.path = "test/internal"
|
14
|
+
Combustion.initialize! :active_record
|
15
|
+
|
16
|
+
require "minitest/autorun"
|
17
|
+
require "rails/test_help"
|
metadata
CHANGED
@@ -1,23 +1,23 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: miau
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.1.
|
4
|
+
version: 1.1.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dittmar Krall
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-01-
|
11
|
+
date: 2024-01-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
|
-
name:
|
14
|
+
name: appraisal
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
19
|
version: '0'
|
20
|
-
type: :
|
20
|
+
type: :development
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
@@ -25,7 +25,7 @@ dependencies:
|
|
25
25
|
- !ruby/object:Gem::Version
|
26
26
|
version: '0'
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
|
-
name:
|
28
|
+
name: combustion
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
30
30
|
requirements:
|
31
31
|
- - ">="
|
@@ -66,9 +66,23 @@ dependencies:
|
|
66
66
|
- - ">="
|
67
67
|
- !ruby/object:Gem::Version
|
68
68
|
version: '0'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: sqlite3
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - ">="
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '0'
|
76
|
+
type: :development
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - ">="
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '0'
|
69
83
|
description: |
|
70
|
-
MIAU (MIcro AUthorization) provides
|
71
|
-
|
84
|
+
MIAU (MIcro AUthorization) provides some helpers which
|
85
|
+
raises an exception if a given user violates a policy.
|
72
86
|
email: dittmar.krall@matiq.com
|
73
87
|
executables: []
|
74
88
|
extensions: []
|
@@ -85,11 +99,8 @@ files:
|
|
85
99
|
- README.md
|
86
100
|
- Rakefile
|
87
101
|
- gemfiles/rails_6.1.gemfile
|
88
|
-
- gemfiles/rails_6.1.gemfile.lock
|
89
102
|
- gemfiles/rails_7.0.gemfile
|
90
|
-
- gemfiles/rails_7.0.gemfile.lock
|
91
103
|
- gemfiles/rails_7.1.gemfile
|
92
|
-
- gemfiles/rails_7.1.gemfile.lock
|
93
104
|
- lib/miau.rb
|
94
105
|
- lib/miau/application_policy.rb
|
95
106
|
- lib/miau/error.rb
|
@@ -97,6 +108,27 @@ files:
|
|
97
108
|
- lib/miau/storage.rb
|
98
109
|
- lib/miau/version.rb
|
99
110
|
- miau.gemspec
|
111
|
+
- test/authorization_test.rb
|
112
|
+
- test/benchmark_test.rb
|
113
|
+
- test/controller_test.rb
|
114
|
+
- test/controllers/orders_controller_test.rb
|
115
|
+
- test/internal/app/controllers/application_controller.rb
|
116
|
+
- test/internal/app/controllers/orders_controller.rb
|
117
|
+
- test/internal/app/controllers/posts_controller.rb
|
118
|
+
- test/internal/app/models/application_record.rb
|
119
|
+
- test/internal/app/models/order.rb
|
120
|
+
- test/internal/app/models/post.rb
|
121
|
+
- test/internal/app/policies/orders_policy.rb
|
122
|
+
- test/internal/app/policies/posts_policy.rb
|
123
|
+
- test/internal/app/views/orders/new.html.erb
|
124
|
+
- test/internal/config/database.yml
|
125
|
+
- test/internal/config/routes.rb
|
126
|
+
- test/internal/db/migrate/20141016161801_create_orders.rb
|
127
|
+
- test/internal/db/schema.rb
|
128
|
+
- test/miau_test.rb
|
129
|
+
- test/run_test.rb
|
130
|
+
- test/storage_test.rb
|
131
|
+
- test/test_helper.rb
|
100
132
|
homepage: https://github.com/matique/miau
|
101
133
|
licenses:
|
102
134
|
- MIT
|