permissioner 0.0.2.beta → 0.1.0.beta

data/lib/permissioner/version.rb

@@ -1,3 +1,3 @@
 module Permissioner
-  VERSION = "0.0.2.beta"
+  VERSION = "0.1.0.beta"
 end

data/permissioner.gemspec

@@ -19,6 +19,6 @@ Gem::Specification.new do |gem|
   gem.require_paths = ["lib"]
 
   gem.add_development_dependency "rspec", "~> 2.13"
-  gem.add_development_dependency "activesupport", "~>3.2"
+  gem.add_development_dependency "activesupport", "~>4.0.0"
   gem.add_development_dependency "guard-rspec", "~>3.0.1"
 end

data/spec/permissioner/{permission_configurer_spec.rb → configurer_spec.rb}

@@ -1,10 +1,10 @@
 require 'spec_helper'
 
-describe Permissioner::PermissionConfigurer do
+describe Permissioner::Configurer do
 
   let(:permission_configurer_class) do
     permission_configurer_class = Class.new
-    permission_configurer_class.send(:include, Permissioner::PermissionConfigurer)
+    permission_configurer_class.send(:include, Permissioner::Configurer)
     permission_configurer_class
   end
 
@@ -27,6 +27,12 @@ describe Permissioner::PermissionConfigurer do
       permission_service.should_receive(:add_filter).with(:comments, :create, &block)
       permission_configurer.add_filter(:comments, :create, &block)
     end
+
+    it 'should delegate call to clear_filter to permission_service' do
+      block = Proc.new {}
+      permission_service.should_receive(:clear_filters).with(no_args)
+      permission_configurer.clear_filters
+    end
   end
 
   context 'setters' do

data/spec/permissioner/controller_additions_spec.rb

@@ -33,40 +33,23 @@ describe Permissioner::ControllerAdditions do
 
     before :each do
       @params = {controller: 'comments', action: 'index'}
+      @controller.stub(:current_resource).and_return('resource')
       @controller.stub(:params).and_return(@params)
     end
 
     it 'should call permit_params! if action allwed and filters passed' do
       @controller.permission_service.should_receive(:allow_action?).and_return(true)
-      @controller.permission_service.should_receive(:passed_filters?).and_return(true)
       @controller.permission_service.should_receive(:permit_params!).with(@params)
       @controller.authorize
     end
 
     it 'should call allow_action? with correct parameters' do
-      @controller.should_receive(:current_resource).and_return('current_resource')
-      @controller.permission_service.should_receive(:allow_action?).with('comments', 'index', 'current_resource').and_return(true)
-      @controller.permission_service.stub(:passed_filters?).and_return(true)
-      @controller.authorize
-    end
-
-    it 'should call add_filters? with correct parameters' do
-      @controller.should_receive(:current_resource).and_return('current_resource')
-      @controller.permission_service.stub(:allow_action?).and_return(true)
-      @controller.permission_service.should_receive(:passed_filters?).with('comments', 'index', @params).and_return(true)
+      @controller.permission_service.should_receive(:allow_action?).with('comments', 'index', resource: 'resource', params: @params).and_return(true)
       @controller.authorize
     end
 
     it 'should raise Permissioner::NotAuthorized when action not allowed' do
-      @controller.permission_service.should_receive(:allow_action?).with('comments', 'index', nil).and_return(false)
-      expect {
-        @controller.authorize
-      }.to raise_error Permissioner::NotAuthorized
-    end
-
-    it 'should raise Permissioner::NotAuthorized when action are allowed but filters did not passed' do
-      @controller.permission_service.should_receive(:allow_action?).and_return(true)
-      @controller.permission_service.should_receive(:passed_filters?).and_return(false)
+      @controller.permission_service.should_receive(:allow_action?).with('comments', 'index', resource: 'resource', params: @params).and_return(false)
       expect {
         @controller.authorize
       }.to raise_error Permissioner::NotAuthorized

data/spec/permissioner/matchers/exactly_allow_attributes_spec.rb

@@ -0,0 +1,227 @@
+require 'spec_helper'
+
+describe Permissioner::Matchers::ExactlyAllowAttributes do
+
+  let(:permission_service) do
+    permission_service = PermissionService.new
+    permission_service.allow_attributes :user, [:name, :email, :phone]
+    permission_service.allow_attributes :comment, [:user_id, :post_id, :content]
+    permission_service.allow_attributes :post, [:user_id, :content]
+    permission_service
+  end
+
+  def create_matcher(*expected_attributes)
+    Permissioner::Matchers::ExactlyAllowAttributes.new(*expected_attributes)
+  end
+
+  describe '#initialize' do
+
+    it 'should ensure that all attributes are into an array' do
+      matcher = create_matcher [:resource, :attribute]
+      matcher.instance_variable_get(:@all_expected_attributes).should eq [[:resource, [:attribute]]]
+      matcher = create_matcher [:resource, [:attribute_1, :attribute_2]]
+      matcher.instance_variable_get(:@all_expected_attributes).should eq [[:resource, [:attribute_1, :attribute_2]]]
+    end
+
+    it 'should raise an exception if multiple actions not stated as array' do
+      expect {
+        create_matcher [:resource, :attribute_1, :attribute_2]
+      }.to raise_exception 'multiple attributes for a resource must stated as array, e.g. [:user_id, :username]'
+    end
+  end
+
+  describe '#matches?' do
+
+    context 'on success' do
+
+      it 'should return true if all expected resources with attributes are exactly allowed' do
+        matcher = create_matcher(
+            [:user, [:name, :email, :phone]],
+            [:comment, [:user_id, :post_id, :content]],
+            [:post, [:user_id, :content]]
+        )
+        matcher.matches?(permission_service).should be_true
+      end
+
+      it 'should accept attributs being a hash' do
+        permission_service = PermissionService.new
+        permission_service.allow_attributes(
+            :account,
+            [
+                {user: [:name, :email, :phone]},
+                {adresse: [:name, :street_with_number, :zip_code, :city]},
+            ]
+        )
+        matcher = create_matcher(
+            [:account,
+             [
+                 {user: [:name, :email, :phone]},
+                 {adresse: [:name, :street_with_number, :zip_code, :city]},
+             ]
+            ]
+        )
+        matcher.matches?(permission_service).should be_true
+      end
+    end
+
+    context 'if resources did not match' do
+
+      it 'should return false if at least one expected resource is not allowed' do
+        matcher = create_matcher(
+            [:user, [:name, :email, :phone]],
+            [:comment, [:user_id, :post_id, :content]],
+            [:account, [:user_id, :content]]
+        )
+        matcher.matches?(permission_service).should be_false
+      end
+
+      it 'should return false if at least one resource is allowed but no expected' do
+        matcher = create_matcher(
+            [:user, [:name, :email, :phone]],
+            [:comment, [:user_id, :post_id, :content]]
+        )
+        matcher.matches?(permission_service).should be_false
+      end
+    end
+
+    context 'if attributes of ressrouces did not match' do
+
+      it 'should return false if at least one expected attribute is not allowed' do
+        matcher = create_matcher(
+            [:user, [:name, :email, :phone, :street]],
+            [:comment, [:user_id, :post_id, :content]],
+            [:post, [:user_id, :content]]
+        )
+        matcher.matches?(permission_service).should be_false
+      end
+
+      it 'should return false if at least one attribute is allowed but not expected' do
+        matcher = create_matcher(
+            [:user, [:name, :email]],
+            [:comment, [:user_id, :post_id, :content]],
+            [:post, [:user_id, :content]]
+        )
+        matcher.matches?(permission_service).should be_false
+      end
+    end
+  end
+
+  describe '#failure_message_for_should_not' do
+
+    it 'should be available' do
+      matcher = create_matcher
+      expected_messages = 'given attributes are exactly allowed although this is not expected'
+      matcher.failure_message_for_should_not.should eq expected_messages
+    end
+
+    it 'should be available' do
+      matcher = create_matcher
+      matcher.matches?(PermissionService.new)
+      matcher.failure_message_for_should_not.should be_kind_of(String)
+    end
+  end
+
+  describe '#failure_message_for_should' do
+
+    context 'if resources did not match' do
+
+      it 'should be available' do
+        matcher = create_matcher(
+            [:user, []],
+            [:comment, []]
+        )
+        expected_messages =
+            "expected to find allowed attributes for resources\n"\
+            "[:comment, :user], but found allowed attributes for resources\n"\
+            "[:comment, :post, :user]"
+        #call is necessary because matches sets @permission_service
+        matcher.matches?(permission_service)
+        matcher.failure_message_for_should.should eq expected_messages
+      end
+
+      it 'should work if no controller allowed' do
+        matcher = create_matcher(
+            [:user, []],
+            [:comment, []],
+            [:post, []]
+        )
+        #call is necessary because matches sets @permission_service
+        matcher.matches?(PermissionService.new)
+        matcher.failure_message_for_should.should be_kind_of(String)
+      end
+    end
+
+
+    context 'if attributes for resources did not match' do
+
+      it 'should be available' do
+        matcher = create_matcher(
+            [:user, [:name, :email]],
+            [:comment, [:user_id, :post_id]],
+            [:post, [:user_id, :content]]
+        )
+        expected_messages =
+            "expected attributes did not match for following resources:\n"\
+            "user:\n"\
+            "[:name, :email] were expected to be allowed, but attributes\n"\
+            "[:name, :email, :phone] are allowed\n"\
+            "comment:\n"\
+            "[:user_id, :post_id] were expected to be allowed, but attributes\n"\
+            "[:user_id, :post_id, :content] are allowed\n"
+        #call is necessary because matches sets @permission_service
+        matcher.matches?(permission_service)
+        matcher.failure_message_for_should.should eq expected_messages
+      end
+
+
+      it 'should work if no controller allowed' do
+        matcher = create_matcher(
+            [:comments, [:show, :new, :create]],
+            [:users, [:new, :create, :update]],
+            [:posts, [:show, :edit, :update]]
+        )
+        #call is necessary because matches sets @permission_service
+        matcher.matches?(PermissionService.new)
+        matcher.failure_message_for_should.should be_kind_of(String)
+      end
+    end
+  end
+
+  #describe '#failure_message_for_should' do
+  #
+  #  it 'should be available' do
+  #    matcher = create_matcher :user, [:name, :email, :street]
+  #    expected_messages =
+  #        "expected that for resource \"user\" attributes\n"\
+  #        "[:name, :email, :street] are exactly allowed, but found attributes\n"\
+  #        "[:name, :email, :phone] allowed"
+  #    matcher.matches?(permission_service)
+  #    matcher.failure_message_for_should.should eq expected_messages
+  #  end
+  #
+  #  it 'should work if no controller allowed' do
+  #    matcher = create_matcher :user, [:name, :email, :street]
+  #    matcher.matches?(PermissionService.new)
+  #    matcher.failure_message_for_should.should be_kind_of(String)
+  #  end
+  #end
+  #
+  #describe '#failure_message_for_should_not' do
+  #
+  #  it 'should be available' do
+  #    matcher = create_matcher :user, [:name, :email, :street]
+  #    expected_messages =
+  #        "expected that for resource \"user\" attributes\n"\
+  #        "[:name, :email, :street] are exactly not allowed,\n"\
+  #        "but those attributes are exactly allowed\n"
+  #    matcher.matches?(permission_service)
+  #    matcher.failure_message_for_should_not.should eq expected_messages
+  #  end
+  #
+  #  it 'should work if no controller allowed' do
+  #    matcher = create_matcher :user, [:name, :email, :street]
+  #    matcher.matches?(PermissionService.new)
+  #    matcher.failure_message_for_should_not.should be_kind_of(String)
+  #  end
+  #end
+end

data/spec/permissioner/matchers/exactly_allow_controllers_spec.rb

@@ -0,0 +1,86 @@
+require 'spec_helper'
+
+describe Permissioner::Matchers::ExactlyAllowControllers do
+
+  let(:permission_service) do
+    permission_service = PermissionService.new
+    permission_service.allow_actions :comments, :index
+    permission_service.allow_actions :comments, :create
+    permission_service.allow_actions :users, :index
+    permission_service.allow_actions :posts, :update
+    permission_service
+  end
+
+  def create_matcher(*expected_controllers)
+    Permissioner::Matchers::ExactlyAllowControllers.new(*expected_controllers)
+  end
+
+  describe '#initialize' do
+
+    it 'should transform expected_controllers to strings' do
+      matcher = create_matcher(:comments, :users)
+      matcher.instance_variable_get(:@expected_controllers).should eq ['comments', 'users']
+    end
+  end
+
+  describe '#matches?' do
+
+    it 'should return true if exactly all expected controllers allowed' do
+      matcher = create_matcher(:comments, :users, :posts)
+      matcher.matches?(permission_service).should be_true
+    end
+
+    it 'should return false if at least one controller is not allowed' do
+      matcher = create_matcher(:comments, :users, :posts, :blogs)
+      matcher.matches?(permission_service).should be_false
+    end
+
+    it 'should return true if more controllers allowed than expected' do
+      matcher = create_matcher(:comments, :users)
+      matcher.matches?(permission_service).should be_false
+    end
+
+    it 'should work if no controller allowed' do
+      matcher = create_matcher(:comments, :users)
+      matcher.matches?(PermissionService.new).should be_false
+    end
+  end
+
+  describe '#failure_message_for_should' do
+
+    it 'should be available' do
+      matcher = create_matcher(:comments)
+      expected_messages =
+          "expected to exactly allow controllers \n" \
+          "[\"comments\"], but found controllers\n"\
+          "[\"comments\", \"posts\", \"users\"] allowed"
+      #call is necessary because matches sets @permission_service
+      matcher.matches?(permission_service)
+      matcher.failure_message_for_should.should eq expected_messages
+    end
+
+    it 'should work if no controller allowed' do
+      matcher = create_matcher(:comments)
+      #call is necessary because matches sets @permission_service
+      matcher.matches?((PermissionService.new))
+      matcher.failure_message_for_should.should be_kind_of(String)
+    end
+  end
+
+  describe '#failure_message_for_should_not' do
+
+    it 'should be available' do
+      matcher = create_matcher(:users, :comments)
+      expected_messages =
+          "expected to exactly not allow controllers \n" \
+          "[\"comments\", \"users\"], but these controllers are exactly allowed\n"
+      matcher.failure_message_for_should_not.should eq expected_messages
+    end
+
+    it 'should work if no controller allowed' do
+      matcher = create_matcher(:comments, :users)
+      matcher.failure_message_for_should_not.should be_kind_of(String)
+    end
+  end
+
+end

data/spec/permissioner/matchers/exactly_allow_resources_spec.rb

@@ -0,0 +1,78 @@
+require 'spec_helper'
+
+describe Permissioner::Matchers::ExactlyAllowResources do
+
+  let(:permission_service) do
+    permission_service = PermissionService.new
+    permission_service.allow_attributes :user, [:name, :email, :phone]
+    permission_service.allow_attributes :comment, [:user_id, :text]
+    permission_service.allow_attributes :post, [:user_id, :text]
+    permission_service
+  end
+
+
+  def create_matcher(*expected_resources)
+    Permissioner::Matchers::ExactlyAllowResources.new(*expected_resources)
+  end
+
+  describe '#matches?' do
+
+    it 'should return true if given resources exaclty allowed' do
+      matcher = create_matcher :user, :comment, :post
+      matcher.matches?(permission_service).should be_true
+    end
+
+    it 'should return false if at least one resource is not allowed' do
+      matcher = create_matcher :user, :comment, :account
+      matcher.matches?(permission_service).should be_false
+    end
+
+    it 'should return false if more resources allowed than expected' do
+      matcher = create_matcher :user, :comment
+      matcher.matches?(permission_service).should be_false
+    end
+
+    it 'should work if no resource is allowed' do
+      matcher = create_matcher :user, :comment
+      matcher.matches?(PermissionService.new).should be_false
+    end
+  end
+
+  describe '#failure_message_for_should' do
+
+    it 'should be available' do
+      matcher = create_matcher(:user, :comment)
+      expected_messages =
+          "expected to exactly allow resources \n" \
+          "[:comment, :user], but found resources\n"\
+          "[:comment, :post, :user] allowed"
+      #call is necessary because matches sets @permission_service
+      matcher.matches?(permission_service)
+      matcher.failure_message_for_should.should eq expected_messages
+    end
+
+    it 'should work if no controller allowed' do
+      matcher = create_matcher(:user, :comment)
+      #call is necessary because matches sets @permission_service
+      matcher.matches?((PermissionService.new))
+      matcher.failure_message_for_should.should be_kind_of(String)
+    end
+  end
+
+  describe '#failure_message_for_should_not' do
+
+    it 'should be available' do
+      matcher = create_matcher(:user, :comment)
+      expected_messages =
+          "expected to exactly not allow resources \n" \
+          "[:comment, :user], but these resources are exactly allowed\n"
+      matcher.failure_message_for_should_not.should eq expected_messages
+    end
+
+    it 'should work if no controller allowed' do
+      matcher = create_matcher(:comment, :user)
+      matcher.failure_message_for_should_not.should be_kind_of(String)
+    end
+  end
+
+end