permissioner 0.0.2.beta → 0.1.0.beta
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/permissioner.rb +2 -2
- data/lib/permissioner/{permission_configurer.rb → configurer.rb} +2 -2
- data/lib/permissioner/controller_additions.rb +1 -2
- data/lib/permissioner/matchers.rb +39 -7
- data/lib/permissioner/matchers/exactly_allow_attributes.rb +137 -0
- data/lib/permissioner/matchers/exactly_allow_controllers.rb +48 -0
- data/lib/permissioner/matchers/exactly_allow_resources.rb +44 -0
- data/lib/permissioner/matchers/exactly_expect_actions.rb +100 -0
- data/lib/permissioner/{permission_service_additions.rb → service_additions.rb} +23 -7
- data/lib/permissioner/version.rb +1 -1
- data/permissioner.gemspec +1 -1
- data/spec/permissioner/{permission_configurer_spec.rb → configurer_spec.rb} +8 -2
- data/spec/permissioner/controller_additions_spec.rb +3 -20
- data/spec/permissioner/matchers/exactly_allow_attributes_spec.rb +227 -0
- data/spec/permissioner/matchers/exactly_allow_controllers_spec.rb +86 -0
- data/spec/permissioner/matchers/exactly_allow_resources_spec.rb +78 -0
- data/spec/permissioner/matchers/exactly_expect_actions_spec.rb +188 -0
- data/spec/permissioner/matchers_spec.rb +70 -27
- data/spec/permissioner/{permission_service_additions_spec.rb → service_additions_spec.rb} +117 -28
- data/spec/spec_helper.rb +1 -1
- metadata +22 -10
@@ -0,0 +1,188 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Permissioner::Matchers::ExactlyExpectActions do
|
4
|
+
|
5
|
+
let(:permission_service) do
|
6
|
+
permission_service = PermissionService.new
|
7
|
+
permission_service.allow_actions :comments, [:index, :show, :new, :create]
|
8
|
+
permission_service.allow_actions :users, [:show, :new, :create]
|
9
|
+
permission_service.allow_actions :posts, [:show, :edit, :update]
|
10
|
+
permission_service
|
11
|
+
end
|
12
|
+
|
13
|
+
def create_matcher(*all_expected_actions)
|
14
|
+
Permissioner::Matchers::ExactlyExpectActions.new(:@allowed_actions, *all_expected_actions)
|
15
|
+
end
|
16
|
+
|
17
|
+
describe '#initialize' do
|
18
|
+
|
19
|
+
it 'should transform expected_actions into string array' do
|
20
|
+
matcher = create_matcher [:controller, :action]
|
21
|
+
matcher.instance_variable_get(:@all_expected_actions).should eq [['controller', ['action']]]
|
22
|
+
matcher = create_matcher [:controller, [:action_1, :action_2]]
|
23
|
+
matcher.instance_variable_get(:@all_expected_actions).should eq [['controller', ['action_1', 'action_2']]]
|
24
|
+
end
|
25
|
+
|
26
|
+
it 'should raise an exception if multiple actions not stated as array' do
|
27
|
+
expect {
|
28
|
+
create_matcher [:controller, :action_1, :action_2]
|
29
|
+
}.to raise_exception "multiple actions for a controller must stated as array, e.g. [:new, :create]"
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
describe '#matches' do
|
34
|
+
|
35
|
+
context 'on success' do
|
36
|
+
|
37
|
+
it 'should return true if all expected controllers with actions are exactly allowed' do
|
38
|
+
matcher = create_matcher(
|
39
|
+
[:comments, [:index, :show, :new, :create]],
|
40
|
+
[:users, [:show, :new, :create]],
|
41
|
+
[:posts, [:show, :edit, :update]]
|
42
|
+
)
|
43
|
+
matcher.matches?(permission_service).should be_true
|
44
|
+
end
|
45
|
+
|
46
|
+
it 'should return true if for a given controller all actions are allowed and all is expected' do
|
47
|
+
permission_service.allow_actions :comments, :all
|
48
|
+
matcher = create_matcher(
|
49
|
+
[:comments, :all],
|
50
|
+
[:users, [:show, :new, :create]],
|
51
|
+
[:posts, [:show, :edit, :update]]
|
52
|
+
)
|
53
|
+
matcher.matches?(permission_service).should be_true
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
context 'if controllers did not match' do
|
58
|
+
|
59
|
+
it 'should return false if at least one expected controller is not allowed' do
|
60
|
+
matcher = create_matcher(
|
61
|
+
[:comments, [:index, :show, :new, :create]],
|
62
|
+
[:users, [:show, :new, :create]],
|
63
|
+
[:accounts, [:show, :edit, :update]]
|
64
|
+
)
|
65
|
+
matcher.matches?(permission_service).should be_false
|
66
|
+
end
|
67
|
+
|
68
|
+
it 'should return false if at least one controller is allowed but no expected' do
|
69
|
+
matcher = create_matcher(
|
70
|
+
[:comments, [:index, :show, :new, :create]],
|
71
|
+
[:users, [:show, :new, :create]]
|
72
|
+
)
|
73
|
+
matcher.matches?(permission_service).should be_false
|
74
|
+
end
|
75
|
+
end
|
76
|
+
|
77
|
+
context 'if actions for controllers did not match' do
|
78
|
+
|
79
|
+
it 'should return false if at least one expected action is not allowed' do
|
80
|
+
matcher = create_matcher(
|
81
|
+
[:comments, [:update, :show, :new, :create]],
|
82
|
+
[:users, [:show, :new, :create]],
|
83
|
+
[:posts, [:show, :edit, :update]]
|
84
|
+
)
|
85
|
+
matcher.matches?(permission_service).should be_false
|
86
|
+
end
|
87
|
+
|
88
|
+
it 'should return false if at least one action is not allowed but no expected' do
|
89
|
+
matcher = create_matcher(
|
90
|
+
[:comments, [:index, :show, :new]],
|
91
|
+
[:users, [:show, :new, :create]],
|
92
|
+
[:posts, [:show, :edit, :update]]
|
93
|
+
)
|
94
|
+
matcher.matches?(permission_service).should be_false
|
95
|
+
end
|
96
|
+
end
|
97
|
+
|
98
|
+
it 'should work even when not action is configured' do
|
99
|
+
matcher = create_matcher(
|
100
|
+
[:comments, [:update, :show, :new, :create]],
|
101
|
+
[:users, [:show, :new, :create]],
|
102
|
+
[:posts, [:show, :edit, :update]]
|
103
|
+
)
|
104
|
+
matcher.matches?(PermissionService.new).should be_false
|
105
|
+
end
|
106
|
+
end
|
107
|
+
|
108
|
+
describe '#failure_message_for_should' do
|
109
|
+
|
110
|
+
context 'if controllers did not match' do
|
111
|
+
|
112
|
+
it 'should be available' do
|
113
|
+
matcher = create_matcher(
|
114
|
+
[:users, []],
|
115
|
+
[:posts, []]
|
116
|
+
)
|
117
|
+
expected_messages =
|
118
|
+
"expected to find actions for controllers \n" \
|
119
|
+
"[\"posts\", \"users\"], but found actions for controllers\n"\
|
120
|
+
"[\"comments\", \"posts\", \"users\"]"
|
121
|
+
#call is necessary because matches sets @permission_service
|
122
|
+
matcher.matches?(permission_service)
|
123
|
+
matcher.failure_message_for_should.should eq expected_messages
|
124
|
+
end
|
125
|
+
|
126
|
+
it 'should work if no controller allowed' do
|
127
|
+
matcher = create_matcher(
|
128
|
+
[:users, []],
|
129
|
+
[:posts, []]
|
130
|
+
)
|
131
|
+
#call is necessary because matches sets @permission_service
|
132
|
+
matcher.matches?(PermissionService.new)
|
133
|
+
matcher.failure_message_for_should.should be_kind_of(String)
|
134
|
+
end
|
135
|
+
end
|
136
|
+
|
137
|
+
context 'if actions for controllers did not match' do
|
138
|
+
|
139
|
+
it 'should be available' do
|
140
|
+
matcher = create_matcher(
|
141
|
+
[:comments, [:show, :new, :create]],
|
142
|
+
[:users, [:show, :new, :create, :update]],
|
143
|
+
[:posts, [:show, :edit, :update]]
|
144
|
+
)
|
145
|
+
expected_messages =
|
146
|
+
"expected actions did not match for following controllers:\n"\
|
147
|
+
"comments:\n"\
|
148
|
+
"[\"create\", \"new\", \"show\"] were expected but found actions\n"\
|
149
|
+
"[\"create\", \"index\", \"new\", \"show\"]\n"\
|
150
|
+
"users:\n"\
|
151
|
+
"[\"create\", \"new\", \"show\", \"update\"] were expected but found actions\n"\
|
152
|
+
"[\"create\", \"new\", \"show\"]\n"
|
153
|
+
#call is necessary because matches sets @permission_service
|
154
|
+
matcher.matches?(permission_service)
|
155
|
+
matcher.failure_message_for_should.should eq expected_messages
|
156
|
+
end
|
157
|
+
|
158
|
+
|
159
|
+
it 'should work if no controller allowed' do
|
160
|
+
matcher = create_matcher(
|
161
|
+
[:comments, [:show, :new, :create]],
|
162
|
+
[:users, [:show, :new, :create, :update]],
|
163
|
+
[:posts, [:show, :edit, :update]]
|
164
|
+
)
|
165
|
+
#call is necessary because matches sets @permission_service
|
166
|
+
matcher.matches?(PermissionService.new)
|
167
|
+
matcher.failure_message_for_should.should be_kind_of(String)
|
168
|
+
end
|
169
|
+
end
|
170
|
+
end
|
171
|
+
|
172
|
+
|
173
|
+
describe '#failure_message_for_should_not' do
|
174
|
+
|
175
|
+
it 'should be available' do
|
176
|
+
matcher = create_matcher
|
177
|
+
expected_messages = 'given actions are exactly match although this is not expected'
|
178
|
+
matcher.failure_message_for_should_not.should eq expected_messages
|
179
|
+
end
|
180
|
+
|
181
|
+
it 'should be available' do
|
182
|
+
matcher = create_matcher
|
183
|
+
matcher.matches?(PermissionService.new)
|
184
|
+
matcher.failure_message_for_should_not.should be_kind_of(String)
|
185
|
+
end
|
186
|
+
end
|
187
|
+
|
188
|
+
end
|
@@ -1,52 +1,95 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
|
-
describe
|
3
|
+
describe Permissioner::Matchers do
|
4
4
|
|
5
|
-
|
6
|
-
|
5
|
+
let(:matcher_helper) do
|
6
|
+
matcher_helper = Class.new
|
7
|
+
matcher_helper.extend(Permissioner::Matchers)
|
8
|
+
matcher_helper
|
7
9
|
end
|
8
10
|
|
9
|
-
|
11
|
+
let(:permission_service) { PermissionService.new }
|
10
12
|
|
11
|
-
|
12
|
-
|
13
|
-
|
13
|
+
describe '#allow_action' do
|
14
|
+
|
15
|
+
it 'should delegate call to PermissionService#allow_action? and pass when is returns true' do
|
16
|
+
permission_service.should_receive(:allow_action?).with(:comments, :index, resource: 'resource', params: 'params').and_return(true)
|
17
|
+
permission_service.should allow_action :comments, :index, resource: 'resource', params: 'params'
|
18
|
+
end
|
19
|
+
|
20
|
+
it 'should fail when PermissionService#allow_action? returns false' do
|
21
|
+
permission_service.should_receive(:allow_action?).and_return(false)
|
22
|
+
permission_service.should_not allow_action
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
describe '#allow_attribute' do
|
27
|
+
|
28
|
+
it 'should delegate call to PermissionService#allow_action? and pass when is returns true' do
|
29
|
+
permission_service.should_receive(:allow_attribute?).with(:comment, :user_id, :text).and_return(true)
|
30
|
+
permission_service.should allow_attribute :comment, :user_id, :text
|
31
|
+
end
|
32
|
+
|
33
|
+
it 'should fail when PermissionService#allow_action? returns false' do
|
34
|
+
permission_service.should_receive(:allow_attribute?).and_return(false)
|
35
|
+
permission_service.should_not allow_attribute
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
describe '#pass_filters' do
|
40
|
+
|
41
|
+
it 'should delegate call to PermissionService#passed_filters? and pass when is returns true' do
|
42
|
+
permission_service.should_receive(:passed_filters?).with(:comment, :user_id, resource: 'resource', params: 'params').and_return(true)
|
43
|
+
permission_service.should pass_filters :comment, :user_id, resource: 'resource', params: 'params'
|
14
44
|
end
|
15
45
|
|
16
|
-
it 'should
|
17
|
-
|
18
|
-
|
46
|
+
it 'should fail when PermissionService#passed_filters? returns false' do
|
47
|
+
permission_service.should_receive(:passed_filters?).and_return(false)
|
48
|
+
permission_service.should_not pass_filters
|
19
49
|
end
|
20
50
|
end
|
21
51
|
|
22
|
-
describe '
|
52
|
+
describe '#exactly_allow_actions' do
|
23
53
|
|
24
|
-
it 'should
|
25
|
-
|
26
|
-
|
54
|
+
it 'should return correctly instantiated instance of ExactlyExpectActions' do
|
55
|
+
expected_actions = [:controller_1, :actions_1], [:controller_2, :actions_2]
|
56
|
+
Permissioner::Matchers::ExactlyExpectActions.should_receive(:new).with(:@allowed_actions, *expected_actions).and_call_original
|
57
|
+
matcher_helper.exactly_allow_actions(*expected_actions).should be_kind_of(Permissioner::Matchers::ExactlyExpectActions)
|
27
58
|
end
|
59
|
+
end
|
60
|
+
|
61
|
+
describe '#exactly_have_filters_for' do
|
28
62
|
|
29
|
-
it 'should return
|
30
|
-
|
31
|
-
|
63
|
+
it 'should return correctly instantiated instance of ExactlyExpectActions' do
|
64
|
+
expected_actions = [:controller_1, :actions_1], [:controller_2, :actions_2]
|
65
|
+
Permissioner::Matchers::ExactlyExpectActions.should_receive(:new).with(:@filters, *expected_actions).and_call_original
|
66
|
+
matcher_helper.exactly_have_filters_for(*expected_actions).should be_kind_of(Permissioner::Matchers::ExactlyExpectActions)
|
32
67
|
end
|
33
68
|
end
|
34
69
|
|
35
|
-
describe '
|
70
|
+
describe '#exactly_allow_attributes' do
|
36
71
|
|
37
|
-
it 'should
|
38
|
-
|
39
|
-
|
72
|
+
it 'should return correctly instantiated instance of ExactlyAllowAttributes' do
|
73
|
+
expected_attributes = [:resource_1, :attribute_1], [:resource_2, :attribute_2]
|
74
|
+
Permissioner::Matchers::ExactlyAllowAttributes.should_receive(:new).with(*expected_attributes).and_call_original
|
75
|
+
matcher_helper.exactly_allow_attributes(*expected_attributes).should be_kind_of(Permissioner::Matchers::ExactlyAllowAttributes)
|
40
76
|
end
|
77
|
+
end
|
78
|
+
|
79
|
+
describe '#exactly_allow_controllers' do
|
41
80
|
|
42
|
-
it 'should return
|
43
|
-
|
44
|
-
|
81
|
+
it 'should return correctly instantiated instance of ExactlyAllowControllers' do
|
82
|
+
Permissioner::Matchers::ExactlyAllowControllers.should_receive(:new).with(:controller_1, :controller_2).and_call_original
|
83
|
+
matcher_helper.exactly_allow_controllers(:controller_1, :controller_2).should be_kind_of(Permissioner::Matchers::ExactlyAllowControllers)
|
45
84
|
end
|
85
|
+
end
|
46
86
|
|
47
|
-
|
48
|
-
|
49
|
-
|
87
|
+
describe '#exactly_allow_resources' do
|
88
|
+
|
89
|
+
it 'should return correctly instantiated instance of ExactlyAllowControllers' do
|
90
|
+
Permissioner::Matchers::ExactlyAllowResources.should_receive(:new).with(:resource_1, :resource_2).and_call_original
|
91
|
+
matcher_helper.exactly_allow_resources(:resource_1, :resource_2).should be_kind_of(Permissioner::Matchers::ExactlyAllowResources)
|
50
92
|
end
|
51
93
|
end
|
94
|
+
|
52
95
|
end
|
@@ -1,10 +1,10 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
|
-
describe Permissioner::
|
3
|
+
describe Permissioner::ServiceAdditions do
|
4
4
|
|
5
5
|
let(:permission_service_class) do
|
6
6
|
permission_service_class = Class.new
|
7
|
-
permission_service_class.send(:include, Permissioner::
|
7
|
+
permission_service_class.send(:include, Permissioner::ServiceAdditions)
|
8
8
|
permission_service_class
|
9
9
|
end
|
10
10
|
|
@@ -30,99 +30,157 @@ describe Permissioner::PermissionServiceAdditions do
|
|
30
30
|
permission_service.allow_action?(:comments, :index).should be_true
|
31
31
|
end
|
32
32
|
|
33
|
-
context '
|
33
|
+
context 'block not given' do
|
34
34
|
|
35
35
|
it 'should return true if given action allowed' do
|
36
36
|
permission_service.allow_actions :comments, :index
|
37
37
|
permission_service.allow_action?(:comments, :index).should be_true
|
38
38
|
end
|
39
39
|
|
40
|
+
it 'should return true for every action when all actions are allowed' do
|
41
|
+
permission_service.allow_actions :comments, :all
|
42
|
+
permission_service.allow_action?(:comments, :index).should be_true
|
43
|
+
end
|
44
|
+
|
45
|
+
it 'should return true if action is allowed and given filter returns true' do
|
46
|
+
permission_service.add_filter :comments, :index, &Proc.new { true }
|
47
|
+
permission_service.allow_actions :comments, :index
|
48
|
+
permission_service.allow_action?(:comments, :index).should be_true
|
49
|
+
end
|
50
|
+
|
40
51
|
it 'should return false if given action not allowed' do
|
41
52
|
permission_service.allow_action?(:comments, :index).should be_false
|
42
53
|
permission_service.allow_actions :comments, :create
|
43
54
|
permission_service.allow_action?(:comments, :index).should be_false
|
44
55
|
end
|
56
|
+
|
57
|
+
it 'should return false if action is allowed and given filter returns false' do
|
58
|
+
permission_service.add_filter :comments, :index, &Proc.new { false }
|
59
|
+
permission_service.allow_actions :comments, :index
|
60
|
+
permission_service.allow_action?(:comments, :index).should be_false
|
61
|
+
end
|
45
62
|
end
|
46
63
|
|
47
|
-
context '
|
64
|
+
context 'block given' do
|
48
65
|
|
49
66
|
it 'should call block for given action when ressource is given' do
|
50
67
|
block = Proc.new {}
|
51
68
|
block.should_receive(:call)
|
52
69
|
permission_service.allow_actions :comments, :index, &block
|
53
|
-
permission_service.allow_action?(:comments, :index, 'resource')
|
54
|
-
end
|
55
|
-
|
56
|
-
it 'should not call block for given action but no ressource is given' do
|
57
|
-
block = Proc.new {}
|
58
|
-
block.should_receive(:call).never
|
59
|
-
permission_service.allow_actions :comments, :index, &block
|
60
|
-
permission_service.allow_action?(:comments, :index)
|
70
|
+
permission_service.allow_action?(:comments, :index, resource: 'resource')
|
61
71
|
end
|
62
72
|
|
63
73
|
it 'should return true when block returns true' do
|
64
74
|
block = Proc.new { true }
|
65
75
|
permission_service.allow_actions :comments, :index, &block
|
66
|
-
permission_service.allow_action?(:comments, :index
|
76
|
+
permission_service.allow_action?(:comments, :index).should be_true
|
77
|
+
end
|
78
|
+
|
79
|
+
it 'should return true if block and given filter returns true' do
|
80
|
+
permission_service.add_filter :comments, :index, &Proc.new { true }
|
81
|
+
permission_service.allow_actions :comments, :index, &Proc.new { true }
|
82
|
+
permission_service.allow_action?(:comments, :index).should be_true
|
67
83
|
end
|
68
84
|
|
69
85
|
it 'should return false when block returns false' do
|
70
86
|
block = Proc.new { false }
|
71
87
|
permission_service.allow_actions :comments, :index, &block
|
72
|
-
permission_service.allow_action?(:comments, :index, 'resource').should be_false
|
88
|
+
permission_service.allow_action?(:comments, :index, resource: 'resource').should be_false
|
73
89
|
end
|
74
90
|
|
75
|
-
it 'should return false
|
76
|
-
|
77
|
-
permission_service.allow_actions :comments, :index, &
|
78
|
-
permission_service.allow_action?(:comments, :index).should be_false
|
91
|
+
it 'should return false if block returns true and given filter returns false' do
|
92
|
+
permission_service.add_filter :comments, :index, &Proc.new { false }
|
93
|
+
permission_service.allow_actions :comments, :index, &Proc.new { true }
|
94
|
+
permission_service.allow_action?(:comments, :index, resource: 'resource').should be_false
|
95
|
+
end
|
96
|
+
|
97
|
+
it 'should return false if block returns false and given filter returns true' do
|
98
|
+
permission_service.add_filter :comments, :index, &Proc.new { true }
|
99
|
+
permission_service.allow_actions :comments, :index, &Proc.new { false }
|
100
|
+
permission_service.allow_action?(:comments, :index, resource: 'resource').should be_false
|
79
101
|
end
|
80
102
|
end
|
103
|
+
|
104
|
+
it 'should also except arguments as string' do
|
105
|
+
permission_service.allow_actions :comments, :index
|
106
|
+
permission_service.allow_action?('comments', 'index').should be_true
|
107
|
+
end
|
108
|
+
|
109
|
+
it 'should pass arguments to passed_filters? if action is principally allowed' do
|
110
|
+
permission_service.allow_actions :comments, :index
|
111
|
+
permission_service.should_receive(:passed_filters?).with(:comments, :index, resource: :resource, params: :params)
|
112
|
+
permission_service.allow_action?(:comments, :index, resource: :resource, params: :params)
|
113
|
+
end
|
81
114
|
end
|
82
115
|
|
83
116
|
describe '#passed_filters?' do
|
84
117
|
|
85
118
|
it 'should return true when all blocks for given controller and action returns true' do
|
86
119
|
permission_service.add_filter(:comments, :create, &Proc.new { true })
|
87
|
-
permission_service.passed_filters?(:comments, :create
|
120
|
+
permission_service.passed_filters?(:comments, :create).should be_true
|
88
121
|
end
|
89
122
|
|
90
123
|
it 'should return true when no filters are added at all' do
|
91
|
-
permission_service.passed_filters?(:comments, :create
|
124
|
+
permission_service.passed_filters?(:comments, :create).should be_true
|
92
125
|
end
|
93
126
|
|
94
127
|
it 'should return true when for given controller and action no filters has been added' do
|
95
128
|
permission_service.add_filter(:comments, :update, &Proc.new {})
|
96
|
-
permission_service.passed_filters?(:comments, :create
|
129
|
+
permission_service.passed_filters?(:comments, :create).should be_true
|
97
130
|
end
|
98
131
|
|
99
132
|
it 'should return false when at least one block for given controller and action returns false' do
|
100
133
|
permission_service.add_filter(:comments, :create, &Proc.new { true })
|
101
134
|
permission_service.add_filter(:comments, :create, &Proc.new { false })
|
102
135
|
permission_service.add_filter(:comments, :create, &Proc.new { true })
|
103
|
-
permission_service.passed_filters?(:comments, :create
|
136
|
+
permission_service.passed_filters?(:comments, :create).should be_false
|
137
|
+
end
|
138
|
+
|
139
|
+
it 'should pass resource to the given block' do
|
140
|
+
resource = Object.new
|
141
|
+
permission_service.add_filter(:comments, :create, &Proc.new { |r, p| r.should be resource })
|
142
|
+
permission_service.passed_filters?(:comments, :create, resource: resource)
|
104
143
|
end
|
105
144
|
|
106
145
|
it 'should pass params to the given block' do
|
107
146
|
params = Object.new
|
108
|
-
permission_service.add_filter(:comments, :create, &Proc.new { |p| p.
|
109
|
-
permission_service.passed_filters?(:comments, :create, params)
|
147
|
+
permission_service.add_filter(:comments, :create, &Proc.new { |r, p| p.should be params })
|
148
|
+
permission_service.passed_filters?(:comments, :create, params: params)
|
149
|
+
end
|
150
|
+
|
151
|
+
it 'should set params to {} if not given' do
|
152
|
+
permission_service.add_filter(:comments, :create, &Proc.new { |r, p| p.should eq({}) })
|
153
|
+
permission_service.passed_filters?(:comments, :create)
|
154
|
+
end
|
155
|
+
|
156
|
+
it 'should set params to {} if nil' do
|
157
|
+
permission_service.add_filter(:comments, :create, &Proc.new { |r, p| p.should eq({}) })
|
158
|
+
permission_service.passed_filters?(:comments, :create, params: nil)
|
159
|
+
end
|
160
|
+
|
161
|
+
it 'should set default values for params and current resource' do
|
162
|
+
block = Proc.new do |current_resource, params|
|
163
|
+
current_resource.should be_nil
|
164
|
+
params.should eq({})
|
165
|
+
end
|
166
|
+
permission_service.add_filter(:comments, :create, &block)
|
167
|
+
permission_service.passed_filters?(:comments, :create)
|
110
168
|
end
|
111
169
|
end
|
112
170
|
|
113
|
-
describe '#
|
171
|
+
describe '#allow_attribute?' do
|
114
172
|
|
115
173
|
it 'should return true when @allow_all is true' do
|
116
174
|
permission_service.allow_all
|
117
175
|
permission_service.allow_attribute?(:comment, :user_id).should be_true
|
118
176
|
end
|
119
177
|
|
120
|
-
it 'should return true when
|
178
|
+
it 'should return true when attribute is allowed' do
|
121
179
|
permission_service.allow_attributes(:comment, :user_id)
|
122
180
|
permission_service.allow_attribute?(:comment, :user_id).should be_true
|
123
181
|
end
|
124
182
|
|
125
|
-
it 'should return false when
|
183
|
+
it 'should return false when attribute not allowed' do
|
126
184
|
permission_service.allow_attribute?(:comment, :user_id).should be_false
|
127
185
|
end
|
128
186
|
end
|
@@ -242,7 +300,38 @@ describe Permissioner::PermissionServiceAdditions do
|
|
242
300
|
end
|
243
301
|
end
|
244
302
|
|
245
|
-
describe '
|
303
|
+
describe '#clear_filters' do
|
304
|
+
|
305
|
+
before :each do
|
306
|
+
permission_service.add_filter [:users, :comments], [:edit, :update], &Proc.new {}
|
307
|
+
end
|
308
|
+
|
309
|
+
it 'should delete filters for actions if one controller and action are given' do
|
310
|
+
permission_service.clear_filters :users, :edit
|
311
|
+
filters = permission_service.instance_variable_get(:@filters)
|
312
|
+
filters.count.should eq 3
|
313
|
+
filters.should_not have_key([:users, :edit])
|
314
|
+
end
|
315
|
+
|
316
|
+
it 'should delete filters for actions if multiple controllers and actions are given' do
|
317
|
+
permission_service.clear_filters [:users, :comments], [:edit, :update]
|
318
|
+
filters = permission_service.instance_variable_get(:@filters)
|
319
|
+
filters.should be_empty
|
320
|
+
end
|
321
|
+
|
322
|
+
end
|
323
|
+
|
324
|
+
describe '#clear_all_filters' do
|
325
|
+
|
326
|
+
it 'should set @filters to nil' do
|
327
|
+
permission_service.add_filter(:comments, :create, &Proc.new {})
|
328
|
+
permission_service.instance_variable_get(:@filters).should_not be_nil
|
329
|
+
permission_service.clear_all_filters
|
330
|
+
permission_service.instance_variable_get(:@filters).should be_nil
|
331
|
+
end
|
332
|
+
end
|
333
|
+
|
334
|
+
describe '#configure' do
|
246
335
|
|
247
336
|
it 'should create new instance of given configurer class' do
|
248
337
|
permission_service.stub(:current_user).and_return('current_user')
|