mongoid_ability 0.0.11 → 0.1.0

data/test/mongoid_ability/subject_accessible_by_test.rb

@@ -0,0 +1,135 @@
+require 'test_helper'
+
+module MongoidAbility
+  describe '.accessible_by' do
+
+    let(:role_1) { MyRole.new }
+    let(:role_2) { MyRole.new }
+    let(:owner) { MyOwner.new(my_roles: [ role_1, role_2 ]) }
+    let(:ability) { Ability.new(owner) }
+
+    before do
+      MySubject.default_locks = [ MyLock.new(subject_type: MySubject, action: :read, outcome: true) ]
+      MySubject1.default_locks = []
+
+      @my_subject = MySubject.create!
+      @my_subject_1 = MySubject1.create!
+    end
+
+    # =====================================================================
+
+    describe 'default locks' do
+      describe 'when open' do
+        it 'returns everything' do
+          MySubject.accessible_by(ability, :read).to_a.must_include @my_subject
+          MySubject.accessible_by(ability, :read).to_a.must_include @my_subject_1
+        end
+      end
+
+      describe 'when closed' do
+        before do
+          MySubject.default_locks = [ MyLock.new(subject_type: MySubject, action: :read, outcome: false) ]
+          MySubject1.default_locks = []
+        end
+
+        it 'returns nothing' do
+          MySubject.accessible_by(ability, :read).to_a.wont_include @my_subject
+          MySubject.accessible_by(ability, :read).to_a.wont_include @my_subject_1
+        end
+      end
+    end
+
+    # ---------------------------------------------------------------------
+
+    describe 'subject_type lock' do
+      describe 'on roles' do
+        it 'overrides default lock' do
+          role_1.my_locks = [ MyLock.new(subject_type: MySubject, action: :read, outcome: false) ]
+          MySubject.accessible_by(ability, :read).to_a.must_be :empty?
+        end
+
+        it 'takes the most permissive of roles' do
+          role_1.my_locks = [ MyLock.new(subject_type: MySubject, action: :read, outcome: false) ]
+          role_2.my_locks = [ MyLock.new(subject_type: MySubject, action: :read, outcome: true) ]
+          MySubject.accessible_by(ability, :read).to_a.must_include @my_subject
+          MySubject.accessible_by(ability, :read).to_a.must_include @my_subject_1
+        end
+      end
+
+      describe 'on user' do
+        it 'overrides default lock' do
+          owner.my_locks = [ MyLock.new(subject_type: MySubject, action: :read, outcome: false) ]
+          MySubject.accessible_by(ability, :read).to_a.must_be :empty?
+        end
+
+        it 'overrides role locks' do
+          role_1.my_locks = [ MyLock.new(subject_type: MySubject, action: :read, outcome: false) ]
+          owner.my_locks = [ MyLock.new(subject_type: MySubject, action: :read, outcome: true) ]
+          MySubject.accessible_by(ability, :read).to_a.must_include @my_subject
+          MySubject.accessible_by(ability, :read).to_a.must_include @my_subject_1
+        end
+      end
+    end
+
+    # ---------------------------------------------------------------------
+
+    describe 'subject_id lock' do
+      describe 'on roles' do
+        it 'overrides default lock' do
+          role_1.my_locks = [ MyLock.new(subject: @my_subject, action: :read, outcome: false) ]
+          MySubject1.accessible_by(ability, :read).to_a.wont_include @my_subject
+        end
+
+        it 'overrides default negative lock' do
+          MySubject.default_locks = [ MyLock.new(subject_type: MySubject, action: :read, outcome: false) ]
+          role_1.my_locks = [ MyLock.new(subject: @my_subject, action: :read, outcome: true) ]
+          MySubject.accessible_by(ability, :read).to_a.must_include @my_subject
+        end
+
+        it 'overrides subject_type lock' do
+          role_1.my_locks = [ MyLock.new(subject_type: MySubject, action: :read, outcome: false) ]
+          role_2.my_locks = [ MyLock.new(subject: @my_subject, action: :read, outcome: true) ]
+          MySubject.accessible_by(ability, :read).to_a.must_include @my_subject
+        end
+
+        it 'takes the most permissive of roles' do
+          role_1.my_locks = [ MyLock.new(subject: @my_subject, action: :read, outcome: true) ]
+          role_2.my_locks = [ MyLock.new(subject: @my_subject, action: :read, outcome: false) ]
+          MySubject.accessible_by(ability, :read).to_a.must_include @my_subject
+        end
+
+        describe 'for subclasses' do
+          it 'overrides default negative lock' do
+            MySubject.default_locks = [ MyLock.new(subject_type: MySubject1, action: :read, outcome: false) ]
+            role_1.my_locks = [ MyLock.new(subject: @my_subject_1, action: :read, outcome: true) ]
+            MySubject.accessible_by(ability, :read).to_a.wont_include @my_subject
+            MySubject.accessible_by(ability, :read).to_a.must_include @my_subject_1
+          end
+        end
+      end
+
+      describe 'on user' do
+        it 'overrides default lock' do
+          owner.my_locks = [ MyLock.new(subject_type: MySubject, action: :read, outcome: false) ]
+          MySubject.accessible_by(ability, :read).to_a.must_be :empty?
+        end
+
+        it 'overrides subject_type lock' do
+          owner.my_locks = [
+            MyLock.new(subject_type: MySubject, action: :read, outcome: false),
+            MyLock.new(subject_type: MySubject1, action: :read, outcome: true)
+          ]
+          MySubject.accessible_by(ability, :read).to_a.wont_include @my_subject
+          MySubject.accessible_by(ability, :read).to_a.must_include @my_subject_1
+        end
+
+        it 'overrides role locks' do
+          role_1.my_locks = [ MyLock.new(subject_type: MySubject, action: :read, outcome: false) ]
+          owner.my_locks = [ MyLock.new(subject_type: MySubject, action: :read, outcome: true) ]
+          MySubject.accessible_by(ability, :read).to_a.must_include @my_subject
+        end
+      end
+    end
+
+  end
+end

data/test/mongoid_ability/subject_test.rb

@@ -2,222 +2,41 @@ require 'test_helper'
 
 module MongoidAbility
   describe Subject do
+    describe '.default_locks' do
 
-    def subject_type_lock subject_cls, outcome
-      TestLock.new(subject_type: subject_cls.to_s, action: :read, outcome: outcome)
-    end
-
-    def subject_lock subject, outcome
-      TestLock.new(subject: subject, action: :read, outcome: outcome)
-    end
-
-    # ---------------------------------------------------------------------
-
-    subject { SubjectTest.new }
-
-    let(:subject_single_test) { SubjectSingleTest.create! }
-
-    let(:subject_test_1) { SubjectTestOne.create! }
-    let(:subject_test_2) { SubjectTestTwo.create! }
-
-    let(:role_1) { TestRole.new }
-    let(:role_2) { TestRole.new }
-
-    let(:user) { TestUser.new(roles: [role_1, role_2]) }
-    let(:ability) { Ability.new(user) }
-
-    # =====================================================================
-
-    describe 'class methods' do
-      it '.default_locks' do
-        subject.class.must_respond_to :default_locks
-        subject.class.default_locks.must_be_kind_of Array
-      end
-
-      it '.default_lock' do
-        subject.class.must_respond_to :default_lock
-      end
-
-      it 'default_locks_with_inherited' do
-        subject.class.must_respond_to :default_locks_with_inherited
-        subject.class.default_locks_with_inherited.must_be_kind_of Array
-        subject_test_1.class.default_locks_with_inherited.must_equal subject.class.default_locks
-      end
-
-      describe '.default_lock' do
-        it 'sets up new Lock' do
-          lock = subject.class.default_locks.first
-          subject.class.default_locks.length.must_equal 1
-          lock.subject_type.must_equal subject.class.model_name
-          lock.subject_id.must_be_nil
-          lock.action.must_equal :read
-        end
-
-        describe 'when trying to insert another lock for same action' do
-          before { subject.class.default_lock :read, false }
-          after { subject.class.default_lock :read, true }
-
-          it 'does not create duplicate' do
-            subject.class.default_locks.select{ |l| l.action == :read }.length.must_equal 1
-          end
-          it 'sets the new outcome' do
-            subject.class.default_locks.select{ |l| l.action == :read }.first.outcome.must_equal false
-          end
-        end
-      end
+      before do
+        MySubject.default_locks = []
+        MySubject1.default_locks = []
 
-      # =====================================================================
-
-      describe '.ancestors_with_default_locks' do
-        it 'lists ancestors with default locks' do
-          subject_test_1.class.ancestors_with_default_locks.must_equal [subject.class]
-        end
+        MySubject.default_lock MyLock, :read, true
+        MySubject1.default_lock MyLock1, :update, false
       end
 
-      describe '.self_and_ancestors_with_default_locks' do
-        it 'lists self and ancestors with default locks' do
-          subject_test_1.class.self_and_ancestors_with_default_locks.must_equal [subject_test_1.class, subject.class]
-        end
+      it 'stores them' do
+        MySubject.default_locks.map(&:action).map(&:to_s).sort.must_equal %w(read)
+        MySubject1.default_locks.map(&:action).map(&:to_s).sort.must_equal %w(update)
       end
 
-      # =====================================================================
-
-      describe '.accessible_by' do
+      describe 'prevents conflicts' do
         before do
-          subject_test_1
-          subject_test_2
-          subject_single_test
+          # FIXME: this permanently adjusts the default test locks – ideally do this other way, stubs etc.
+          MySubject.default_lock MyLock, :read, false
+          MySubject.default_lock MyLock1, :read, false
         end
 
-        # ---------------------------------------------------------------------
-
-        describe 'default locks' do
-          it 'returns everything when open' do
-            subject.class.stub(:default_locks, [ subject_type_lock(subject.class, true) ]) do
-              subject.class.accessible_by(ability).must_include subject_test_1
-              subject.class.accessible_by(ability).must_include subject_test_2
-            end
-          end
-
-          describe 'single class' do
-            it 'returns everything when open' do
-              subject_single_test.class.stub(:default_locks, [ subject_type_lock(subject_single_test.class, true) ]) do
-                subject_single_test.class.accessible_by(ability).must_include subject_single_test
-              end
-            end
-          end
-
-          it 'returns nothing when closed' do
-            subject.class.stub(:default_locks, [ subject_type_lock(subject.class, false) ]) do
-              subject.class.accessible_by(ability).must_be :empty?
-            end
-          end
-
-          describe 'single class' do
-            it 'returns nothing when closed' do
-              subject_single_test.class.stub(:default_locks, [ subject_type_lock(subject_single_test.class, false) ]) do
-                subject_single_test.class.accessible_by(ability).wont_include subject_single_test
-              end
-            end
-          end
+        it 'does not allow multiple locks for same action' do
+          MySubject.default_locks.select{ |l| l.action == :read }.count.must_equal 1
         end
 
-        # ---------------------------------------------------------------------
-
-        describe 'subject_type lock' do
-          describe 'on roles' do
-            it 'overrides default lock' do
-              role_1.test_locks = [ subject_type_lock(subject.class, false) ]
-              subject.class.accessible_by(ability).must_be :empty?
-            end
-            it 'takes the most permissive of roles' do
-              role_1.test_locks = [ subject_type_lock(subject.class, false) ]
-              role_2.test_locks = [ subject_type_lock(subject.class, true) ]
-              subject.class.accessible_by(ability).must_include subject_test_1
-              subject.class.accessible_by(ability).must_include subject_test_2
-            end
-          end
-
-          describe 'on user' do
-            it 'overrides default lock' do
-              user.test_locks = [ subject_type_lock(subject.class, false) ]
-              subject.class.accessible_by(ability).must_be :empty?
-            end
-            it 'overrides role locks' do
-              role_1.test_locks = [ subject_type_lock(subject.class, false) ]
-              user.test_locks = [ subject_type_lock(subject.class, true) ]
-              subject.class.accessible_by(ability).must_include subject_test_1
-              subject.class.accessible_by(ability).must_include subject_test_2
-            end
-          end
+        it 'replace existing locks with new attributes' do
+          MySubject.default_locks.detect{ |l| l.action == :read }.outcome.must_equal false
         end
 
-        # ---------------------------------------------------------------------
-
-        describe 'subject_id lock' do
-          describe 'on roles' do
-            it 'overrides default lock' do
-              role_1.test_locks = [ subject_lock(subject_test_1, false) ]
-              subject.class.accessible_by(ability).wont_include subject_test_1
-            end
-
-            it 'overrides default negative lock' do
-              subject.class.stub(:default_locks, [ subject_type_lock(subject_test_1.class, false) ]) do
-                role_1.test_locks = [ subject_lock(subject_test_1, true) ]
-                subject.class.accessible_by(ability).must_include subject_test_1
-              end
-            end
-
-            it 'overrides subject_type lock' do
-              role_1.test_locks = [ subject_type_lock(subject_test_2.class, false) ]
-              role_2.test_locks = [ subject_lock(subject_test_2, true) ]
-              subject.class.accessible_by(ability).must_include subject_test_2
-            end
-
-            it 'overrides default negative lock' do
-              subject.class.stub(:default_locks, [ subject_type_lock(subject_test_2.class, false) ]) do
-                role_2.test_locks = [ subject_lock(subject_test_2, true) ]
-                subject.class.accessible_by(ability).wont_include subject_test_1
-                subject.class.accessible_by(ability).must_include subject_test_2
-              end
-            end
-
-            it 'takes the most permissive of roles' do
-              role_1.test_locks = [ subject_lock(subject_test_2, false) ]
-              role_2.test_locks = [ subject_lock(subject_test_2, true) ]
-              subject.class.accessible_by(ability).must_include subject_test_2
-            end
-          end
-
-          describe 'on user' do
-            it 'overrides default lock' do
-              user.test_locks = [ subject_lock(subject_test_1, false) ]
-              subject.class.accessible_by(ability).wont_include subject_test_1
-              subject.class.accessible_by(ability).must_include subject_test_2
-            end
-
-            it 'overrides subject_type lock' do
-              user.test_locks = [ subject_type_lock(subject_test_1.class, true), subject_lock(subject_test_1, false) ]
-              subject.class.accessible_by(ability).wont_include subject_test_1
-            end
-
-            it 'overrides role locks' do
-              role_1.test_locks = [ subject_lock(subject_test_2, false) ]
-              user.test_locks = [ subject_lock(subject_test_2, true) ]
-              subject.class.accessible_by(ability).must_include subject_test_2
-            end
-
-            it 'overrides default negative lock' do
-              subject.class.stub(:default_locks, [ subject_type_lock(subject_test_2.class, false) ]) do
-                user.test_locks = [ subject_lock(subject_test_2, true) ]
-                subject.class.accessible_by(ability).must_include subject_test_2
-              end
-            end
-          end
+        it 'replaces existing locks with new one' do
+          MySubject.default_locks.detect{ |l| l.action == :read }.class.must_equal MyLock1
         end
-
       end
+
     end
   end
-
 end

data/test/support/test_classes.rb

@@ -1,86 +1,161 @@
-class TestLock
-  include Mongoid::Document
-  include MongoidAbility::Lock
+module MongoidAbility
+  class MyLock
+    include Mongoid::Document
+    include MongoidAbility::Lock
+    embedded_in :owner, polymorphic: true
+  end
 
-  embedded_in :owner, polymorphic: true
-end
+  class MyLock1 < MyLock
+    def calculated_outcome opts={}
+      opts.fetch(:override, outcome)
+    end
+  end
 
-class TestLockSub < TestLock
-end
+  # ---------------------------------------------------------------------
 
-# ---------------------------------------------------------------------
+  class MySubject
+    include Mongoid::Document
+    include MongoidAbility::Subject
 
-class TestOwnerSuper
-  include Mongoid::Document
-  include MongoidAbility::Owner
+    default_lock MyLock, :read, true
+    default_lock MyLock1, :update, false
+  end
 
-  embeds_many :test_locks, class_name: 'TestLock', as: :owner
-end
+  class MySubject1 < MySubject
+    default_lock MyLock, :read, false
+  end
 
-class TestOwner < TestOwnerSuper
-end
+  class MySubject2 < MySubject1
+  end
 
-# ---------------------------------------------------------------------
+  # ---------------------------------------------------------------------
 
-class SubjectTest
-  include Mongoid::Document
-  include MongoidAbility::Subject
+  class MyOwner
+    include Mongoid::Document
+    include MongoidAbility::Owner
 
-  default_lock :read, true
-end
+    embeds_many :my_locks, class_name: 'MongoidAbility::MyLock', as: :owner
+    has_and_belongs_to_many :my_roles
 
-class SubjectTestOne < SubjectTest
-end
+    def self.locks_relation_name
+      :my_locks
+    end
 
-class SubjectTestTwo < SubjectTest
-end
+    def self.inherit_from_relation_name
+      :my_roles
+    end
+  end
 
-class SubjectSingleTest
-  include Mongoid::Document
-  include MongoidAbility::Subject
+  class MyOwner1 < MyOwner
+  end
 
-  default_lock :read, true
-end
+  # ---------------------------------------------------------------------
 
-# ---------------------------------------------------------------------
+  class MyRole
+    include Mongoid::Document
+    include MongoidAbility::Owner
 
-class TestAbilityResolverSubject
-  include Mongoid::Document
-  include MongoidAbility::Subject
+    embeds_many :my_locks, class_name: 'MongoidAbility::MyLock', as: :owner
+    has_and_belongs_to_many :my_owners
 
-  default_lock :read, true
-end
-
-class TestAbilitySubjectSuper2
-  include Mongoid::Document
-  include MongoidAbility::Subject
+    def self.locks_relation_name
+      :my_locks
+    end
+  end
 
-  default_lock :read, false
-  default_lock :update, true
+  class MyRole1 < MyRole
+  end
 end
 
-class TestAbilitySubjectSuper1 < TestAbilitySubjectSuper2
-end
 
-class TestAbilitySubject < TestAbilitySubjectSuper1
-end
 
-# ---------------------------------------------------------------------
 
-class TestRole
-  include Mongoid::Document
-  include MongoidAbility::Owner
 
-  field :name, type: String
 
-  embeds_many :test_locks, class_name: 'TestLock', as: :owner
-  has_and_belongs_to_many :users, class_name: 'TestUser'
-end
-
-class TestUser
-  include Mongoid::Document
-  include MongoidAbility::Owner
 
-  embeds_many :test_locks, class_name: 'TestLock', as: :owner
-  has_and_belongs_to_many :roles, class_name: 'TestRole'
-end
+# class TestLock
+#   include Mongoid::Document
+#   include MongoidAbility::Lock
+#
+#   embedded_in :owner, polymorphic: true
+# end
+#
+# class TestLockSub < TestLock
+# end
+#
+# # ---------------------------------------------------------------------
+#
+# class TestOwnerSuper
+#   include Mongoid::Document
+#   include MongoidAbility::Owner
+#
+#   embeds_many :test_locks, class_name: 'TestLock', as: :owner
+# end
+#
+# class TestOwner < TestOwnerSuper
+# end
+#
+# # ---------------------------------------------------------------------
+#
+# class SubjectTest
+#   include Mongoid::Document
+#   include MongoidAbility::Subject
+#
+#   default_lock :read, true
+# end
+#
+# class SubjectTestOne < SubjectTest
+# end
+#
+# class SubjectTestTwo < SubjectTest
+# end
+#
+# class SubjectSingleTest
+#   include Mongoid::Document
+#   include MongoidAbility::Subject
+#
+#   default_lock :read, true
+# end
+#
+# # ---------------------------------------------------------------------
+#
+# class TestAbilityResolverSubject
+#   include Mongoid::Document
+#   include MongoidAbility::Subject
+#
+#   default_lock :read, true
+# end
+#
+# class TestAbilitySubjectSuper2
+#   include Mongoid::Document
+#   include MongoidAbility::Subject
+#
+#   default_lock :read, false
+#   default_lock :update, true
+# end
+#
+# class TestAbilitySubjectSuper1 < TestAbilitySubjectSuper2
+# end
+#
+# class TestAbilitySubject < TestAbilitySubjectSuper1
+# end
+#
+# # ---------------------------------------------------------------------
+#
+# class TestRole
+#   include Mongoid::Document
+#   include MongoidAbility::Owner
+#
+#   field :name, type: String
+#
+#   embeds_many :test_locks, class_name: 'TestLock', as: :owner
+#   has_and_belongs_to_many :users, class_name: 'TestUser'
+# end
+#
+# class TestUser
+#   include Mongoid::Document
+#   include MongoidAbility::Owner
+#
+#   embeds_many :test_locks, class_name: 'TestLock', as: :owner
+#   has_and_belongs_to_many :roles, class_name: 'TestRole'
+# end