permissioner 0.0.2.beta → 0.1.0.beta

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,188 @@
1
+ require 'spec_helper'
2
+
3
+ describe Permissioner::Matchers::ExactlyExpectActions do
4
+
5
+ let(:permission_service) do
6
+ permission_service = PermissionService.new
7
+ permission_service.allow_actions :comments, [:index, :show, :new, :create]
8
+ permission_service.allow_actions :users, [:show, :new, :create]
9
+ permission_service.allow_actions :posts, [:show, :edit, :update]
10
+ permission_service
11
+ end
12
+
13
+ def create_matcher(*all_expected_actions)
14
+ Permissioner::Matchers::ExactlyExpectActions.new(:@allowed_actions, *all_expected_actions)
15
+ end
16
+
17
+ describe '#initialize' do
18
+
19
+ it 'should transform expected_actions into string array' do
20
+ matcher = create_matcher [:controller, :action]
21
+ matcher.instance_variable_get(:@all_expected_actions).should eq [['controller', ['action']]]
22
+ matcher = create_matcher [:controller, [:action_1, :action_2]]
23
+ matcher.instance_variable_get(:@all_expected_actions).should eq [['controller', ['action_1', 'action_2']]]
24
+ end
25
+
26
+ it 'should raise an exception if multiple actions not stated as array' do
27
+ expect {
28
+ create_matcher [:controller, :action_1, :action_2]
29
+ }.to raise_exception "multiple actions for a controller must stated as array, e.g. [:new, :create]"
30
+ end
31
+ end
32
+
33
+ describe '#matches' do
34
+
35
+ context 'on success' do
36
+
37
+ it 'should return true if all expected controllers with actions are exactly allowed' do
38
+ matcher = create_matcher(
39
+ [:comments, [:index, :show, :new, :create]],
40
+ [:users, [:show, :new, :create]],
41
+ [:posts, [:show, :edit, :update]]
42
+ )
43
+ matcher.matches?(permission_service).should be_true
44
+ end
45
+
46
+ it 'should return true if for a given controller all actions are allowed and all is expected' do
47
+ permission_service.allow_actions :comments, :all
48
+ matcher = create_matcher(
49
+ [:comments, :all],
50
+ [:users, [:show, :new, :create]],
51
+ [:posts, [:show, :edit, :update]]
52
+ )
53
+ matcher.matches?(permission_service).should be_true
54
+ end
55
+ end
56
+
57
+ context 'if controllers did not match' do
58
+
59
+ it 'should return false if at least one expected controller is not allowed' do
60
+ matcher = create_matcher(
61
+ [:comments, [:index, :show, :new, :create]],
62
+ [:users, [:show, :new, :create]],
63
+ [:accounts, [:show, :edit, :update]]
64
+ )
65
+ matcher.matches?(permission_service).should be_false
66
+ end
67
+
68
+ it 'should return false if at least one controller is allowed but no expected' do
69
+ matcher = create_matcher(
70
+ [:comments, [:index, :show, :new, :create]],
71
+ [:users, [:show, :new, :create]]
72
+ )
73
+ matcher.matches?(permission_service).should be_false
74
+ end
75
+ end
76
+
77
+ context 'if actions for controllers did not match' do
78
+
79
+ it 'should return false if at least one expected action is not allowed' do
80
+ matcher = create_matcher(
81
+ [:comments, [:update, :show, :new, :create]],
82
+ [:users, [:show, :new, :create]],
83
+ [:posts, [:show, :edit, :update]]
84
+ )
85
+ matcher.matches?(permission_service).should be_false
86
+ end
87
+
88
+ it 'should return false if at least one action is not allowed but no expected' do
89
+ matcher = create_matcher(
90
+ [:comments, [:index, :show, :new]],
91
+ [:users, [:show, :new, :create]],
92
+ [:posts, [:show, :edit, :update]]
93
+ )
94
+ matcher.matches?(permission_service).should be_false
95
+ end
96
+ end
97
+
98
+ it 'should work even when not action is configured' do
99
+ matcher = create_matcher(
100
+ [:comments, [:update, :show, :new, :create]],
101
+ [:users, [:show, :new, :create]],
102
+ [:posts, [:show, :edit, :update]]
103
+ )
104
+ matcher.matches?(PermissionService.new).should be_false
105
+ end
106
+ end
107
+
108
+ describe '#failure_message_for_should' do
109
+
110
+ context 'if controllers did not match' do
111
+
112
+ it 'should be available' do
113
+ matcher = create_matcher(
114
+ [:users, []],
115
+ [:posts, []]
116
+ )
117
+ expected_messages =
118
+ "expected to find actions for controllers \n" \
119
+ "[\"posts\", \"users\"], but found actions for controllers\n"\
120
+ "[\"comments\", \"posts\", \"users\"]"
121
+ #call is necessary because matches sets @permission_service
122
+ matcher.matches?(permission_service)
123
+ matcher.failure_message_for_should.should eq expected_messages
124
+ end
125
+
126
+ it 'should work if no controller allowed' do
127
+ matcher = create_matcher(
128
+ [:users, []],
129
+ [:posts, []]
130
+ )
131
+ #call is necessary because matches sets @permission_service
132
+ matcher.matches?(PermissionService.new)
133
+ matcher.failure_message_for_should.should be_kind_of(String)
134
+ end
135
+ end
136
+
137
+ context 'if actions for controllers did not match' do
138
+
139
+ it 'should be available' do
140
+ matcher = create_matcher(
141
+ [:comments, [:show, :new, :create]],
142
+ [:users, [:show, :new, :create, :update]],
143
+ [:posts, [:show, :edit, :update]]
144
+ )
145
+ expected_messages =
146
+ "expected actions did not match for following controllers:\n"\
147
+ "comments:\n"\
148
+ "[\"create\", \"new\", \"show\"] were expected but found actions\n"\
149
+ "[\"create\", \"index\", \"new\", \"show\"]\n"\
150
+ "users:\n"\
151
+ "[\"create\", \"new\", \"show\", \"update\"] were expected but found actions\n"\
152
+ "[\"create\", \"new\", \"show\"]\n"
153
+ #call is necessary because matches sets @permission_service
154
+ matcher.matches?(permission_service)
155
+ matcher.failure_message_for_should.should eq expected_messages
156
+ end
157
+
158
+
159
+ it 'should work if no controller allowed' do
160
+ matcher = create_matcher(
161
+ [:comments, [:show, :new, :create]],
162
+ [:users, [:show, :new, :create, :update]],
163
+ [:posts, [:show, :edit, :update]]
164
+ )
165
+ #call is necessary because matches sets @permission_service
166
+ matcher.matches?(PermissionService.new)
167
+ matcher.failure_message_for_should.should be_kind_of(String)
168
+ end
169
+ end
170
+ end
171
+
172
+
173
+ describe '#failure_message_for_should_not' do
174
+
175
+ it 'should be available' do
176
+ matcher = create_matcher
177
+ expected_messages = 'given actions are exactly match although this is not expected'
178
+ matcher.failure_message_for_should_not.should eq expected_messages
179
+ end
180
+
181
+ it 'should be available' do
182
+ matcher = create_matcher
183
+ matcher.matches?(PermissionService.new)
184
+ matcher.failure_message_for_should_not.should be_kind_of(String)
185
+ end
186
+ end
187
+
188
+ end
@@ -1,52 +1,95 @@
1
1
  require 'spec_helper'
2
2
 
3
- describe 'matchers' do
3
+ describe Permissioner::Matchers do
4
4
 
5
- before :each do
6
- @permission_service = double('permission_service')
5
+ let(:matcher_helper) do
6
+ matcher_helper = Class.new
7
+ matcher_helper.extend(Permissioner::Matchers)
8
+ matcher_helper
7
9
  end
8
10
 
9
- describe 'allow_action' do
11
+ let(:permission_service) { PermissionService.new }
10
12
 
11
- it 'should delegate call to PermissionService#allow_action?' do
12
- @permission_service.should_receive(:allow_action?).with(:comments, :index).and_return(true)
13
- @permission_service.should allow_action :comments, :index
13
+ describe '#allow_action' do
14
+
15
+ it 'should delegate call to PermissionService#allow_action? and pass when is returns true' do
16
+ permission_service.should_receive(:allow_action?).with(:comments, :index, resource: 'resource', params: 'params').and_return(true)
17
+ permission_service.should allow_action :comments, :index, resource: 'resource', params: 'params'
18
+ end
19
+
20
+ it 'should fail when PermissionService#allow_action? returns false' do
21
+ permission_service.should_receive(:allow_action?).and_return(false)
22
+ permission_service.should_not allow_action
23
+ end
24
+ end
25
+
26
+ describe '#allow_attribute' do
27
+
28
+ it 'should delegate call to PermissionService#allow_action? and pass when is returns true' do
29
+ permission_service.should_receive(:allow_attribute?).with(:comment, :user_id, :text).and_return(true)
30
+ permission_service.should allow_attribute :comment, :user_id, :text
31
+ end
32
+
33
+ it 'should fail when PermissionService#allow_action? returns false' do
34
+ permission_service.should_receive(:allow_attribute?).and_return(false)
35
+ permission_service.should_not allow_attribute
36
+ end
37
+ end
38
+
39
+ describe '#pass_filters' do
40
+
41
+ it 'should delegate call to PermissionService#passed_filters? and pass when is returns true' do
42
+ permission_service.should_receive(:passed_filters?).with(:comment, :user_id, resource: 'resource', params: 'params').and_return(true)
43
+ permission_service.should pass_filters :comment, :user_id, resource: 'resource', params: 'params'
14
44
  end
15
45
 
16
- it 'should return false when PermissionService#allow_action? returns false' do
17
- @permission_service.should_receive(:allow_action?).and_return(false)
18
- @permission_service.should_not allow_action
46
+ it 'should fail when PermissionService#passed_filters? returns false' do
47
+ permission_service.should_receive(:passed_filters?).and_return(false)
48
+ permission_service.should_not pass_filters
19
49
  end
20
50
  end
21
51
 
22
- describe 'allow_attribute' do
52
+ describe '#exactly_allow_actions' do
23
53
 
24
- it 'should delegate call to PermissionService#allow_action?' do
25
- @permission_service.should_receive(:allow_attribute?).with(:comment, :user_id, :text).and_return(true)
26
- @permission_service.should allow_attribute :comment, :user_id, :text
54
+ it 'should return correctly instantiated instance of ExactlyExpectActions' do
55
+ expected_actions = [:controller_1, :actions_1], [:controller_2, :actions_2]
56
+ Permissioner::Matchers::ExactlyExpectActions.should_receive(:new).with(:@allowed_actions, *expected_actions).and_call_original
57
+ matcher_helper.exactly_allow_actions(*expected_actions).should be_kind_of(Permissioner::Matchers::ExactlyExpectActions)
27
58
  end
59
+ end
60
+
61
+ describe '#exactly_have_filters_for' do
28
62
 
29
- it 'should return false when PermissionService#allow_action? returns false' do
30
- @permission_service.should_receive(:allow_attribute?).and_return(false)
31
- @permission_service.should_not allow_attribute
63
+ it 'should return correctly instantiated instance of ExactlyExpectActions' do
64
+ expected_actions = [:controller_1, :actions_1], [:controller_2, :actions_2]
65
+ Permissioner::Matchers::ExactlyExpectActions.should_receive(:new).with(:@filters, *expected_actions).and_call_original
66
+ matcher_helper.exactly_have_filters_for(*expected_actions).should be_kind_of(Permissioner::Matchers::ExactlyExpectActions)
32
67
  end
33
68
  end
34
69
 
35
- describe 'pass_filters' do
70
+ describe '#exactly_allow_attributes' do
36
71
 
37
- it 'should delegate call to PermissionService#passed_filters?' do
38
- @permission_service.should_receive(:passed_filters?).with(:comment, :user_id, :block).and_return(true)
39
- @permission_service.should pass_filters :comment, :user_id, :block
72
+ it 'should return correctly instantiated instance of ExactlyAllowAttributes' do
73
+ expected_attributes = [:resource_1, :attribute_1], [:resource_2, :attribute_2]
74
+ Permissioner::Matchers::ExactlyAllowAttributes.should_receive(:new).with(*expected_attributes).and_call_original
75
+ matcher_helper.exactly_allow_attributes(*expected_attributes).should be_kind_of(Permissioner::Matchers::ExactlyAllowAttributes)
40
76
  end
77
+ end
78
+
79
+ describe '#exactly_allow_controllers' do
41
80
 
42
- it 'should return false when PermissionService#passed_filters? returns false' do
43
- @permission_service.should_receive(:passed_filters?).and_return(false)
44
- @permission_service.should_not pass_filters
81
+ it 'should return correctly instantiated instance of ExactlyAllowControllers' do
82
+ Permissioner::Matchers::ExactlyAllowControllers.should_receive(:new).with(:controller_1, :controller_2).and_call_original
83
+ matcher_helper.exactly_allow_controllers(:controller_1, :controller_2).should be_kind_of(Permissioner::Matchers::ExactlyAllowControllers)
45
84
  end
85
+ end
46
86
 
47
- it 'should set empty Hash as default value for params argument' do
48
- @permission_service.should_receive(:passed_filters?).with(:comment, :user_id, {}).and_return(true)
49
- @permission_service.should pass_filters :comment, :user_id
87
+ describe '#exactly_allow_resources' do
88
+
89
+ it 'should return correctly instantiated instance of ExactlyAllowControllers' do
90
+ Permissioner::Matchers::ExactlyAllowResources.should_receive(:new).with(:resource_1, :resource_2).and_call_original
91
+ matcher_helper.exactly_allow_resources(:resource_1, :resource_2).should be_kind_of(Permissioner::Matchers::ExactlyAllowResources)
50
92
  end
51
93
  end
94
+
52
95
  end
@@ -1,10 +1,10 @@
1
1
  require 'spec_helper'
2
2
 
3
- describe Permissioner::PermissionServiceAdditions do
3
+ describe Permissioner::ServiceAdditions do
4
4
 
5
5
  let(:permission_service_class) do
6
6
  permission_service_class = Class.new
7
- permission_service_class.send(:include, Permissioner::PermissionServiceAdditions)
7
+ permission_service_class.send(:include, Permissioner::ServiceAdditions)
8
8
  permission_service_class
9
9
  end
10
10
 
@@ -30,99 +30,157 @@ describe Permissioner::PermissionServiceAdditions do
30
30
  permission_service.allow_action?(:comments, :index).should be_true
31
31
  end
32
32
 
33
- context 'when no block given' do
33
+ context 'block not given' do
34
34
 
35
35
  it 'should return true if given action allowed' do
36
36
  permission_service.allow_actions :comments, :index
37
37
  permission_service.allow_action?(:comments, :index).should be_true
38
38
  end
39
39
 
40
+ it 'should return true for every action when all actions are allowed' do
41
+ permission_service.allow_actions :comments, :all
42
+ permission_service.allow_action?(:comments, :index).should be_true
43
+ end
44
+
45
+ it 'should return true if action is allowed and given filter returns true' do
46
+ permission_service.add_filter :comments, :index, &Proc.new { true }
47
+ permission_service.allow_actions :comments, :index
48
+ permission_service.allow_action?(:comments, :index).should be_true
49
+ end
50
+
40
51
  it 'should return false if given action not allowed' do
41
52
  permission_service.allow_action?(:comments, :index).should be_false
42
53
  permission_service.allow_actions :comments, :create
43
54
  permission_service.allow_action?(:comments, :index).should be_false
44
55
  end
56
+
57
+ it 'should return false if action is allowed and given filter returns false' do
58
+ permission_service.add_filter :comments, :index, &Proc.new { false }
59
+ permission_service.allow_actions :comments, :index
60
+ permission_service.allow_action?(:comments, :index).should be_false
61
+ end
45
62
  end
46
63
 
47
- context 'when block given' do
64
+ context 'block given' do
48
65
 
49
66
  it 'should call block for given action when ressource is given' do
50
67
  block = Proc.new {}
51
68
  block.should_receive(:call)
52
69
  permission_service.allow_actions :comments, :index, &block
53
- permission_service.allow_action?(:comments, :index, 'resource')
54
- end
55
-
56
- it 'should not call block for given action but no ressource is given' do
57
- block = Proc.new {}
58
- block.should_receive(:call).never
59
- permission_service.allow_actions :comments, :index, &block
60
- permission_service.allow_action?(:comments, :index)
70
+ permission_service.allow_action?(:comments, :index, resource: 'resource')
61
71
  end
62
72
 
63
73
  it 'should return true when block returns true' do
64
74
  block = Proc.new { true }
65
75
  permission_service.allow_actions :comments, :index, &block
66
- permission_service.allow_action?(:comments, :index, 'resource').should be_true
76
+ permission_service.allow_action?(:comments, :index).should be_true
77
+ end
78
+
79
+ it 'should return true if block and given filter returns true' do
80
+ permission_service.add_filter :comments, :index, &Proc.new { true }
81
+ permission_service.allow_actions :comments, :index, &Proc.new { true }
82
+ permission_service.allow_action?(:comments, :index).should be_true
67
83
  end
68
84
 
69
85
  it 'should return false when block returns false' do
70
86
  block = Proc.new { false }
71
87
  permission_service.allow_actions :comments, :index, &block
72
- permission_service.allow_action?(:comments, :index, 'resource').should be_false
88
+ permission_service.allow_action?(:comments, :index, resource: 'resource').should be_false
73
89
  end
74
90
 
75
- it 'should return false when no ressource given' do
76
- block = Proc.new { true }
77
- permission_service.allow_actions :comments, :index, &block
78
- permission_service.allow_action?(:comments, :index).should be_false
91
+ it 'should return false if block returns true and given filter returns false' do
92
+ permission_service.add_filter :comments, :index, &Proc.new { false }
93
+ permission_service.allow_actions :comments, :index, &Proc.new { true }
94
+ permission_service.allow_action?(:comments, :index, resource: 'resource').should be_false
95
+ end
96
+
97
+ it 'should return false if block returns false and given filter returns true' do
98
+ permission_service.add_filter :comments, :index, &Proc.new { true }
99
+ permission_service.allow_actions :comments, :index, &Proc.new { false }
100
+ permission_service.allow_action?(:comments, :index, resource: 'resource').should be_false
79
101
  end
80
102
  end
103
+
104
+ it 'should also except arguments as string' do
105
+ permission_service.allow_actions :comments, :index
106
+ permission_service.allow_action?('comments', 'index').should be_true
107
+ end
108
+
109
+ it 'should pass arguments to passed_filters? if action is principally allowed' do
110
+ permission_service.allow_actions :comments, :index
111
+ permission_service.should_receive(:passed_filters?).with(:comments, :index, resource: :resource, params: :params)
112
+ permission_service.allow_action?(:comments, :index, resource: :resource, params: :params)
113
+ end
81
114
  end
82
115
 
83
116
  describe '#passed_filters?' do
84
117
 
85
118
  it 'should return true when all blocks for given controller and action returns true' do
86
119
  permission_service.add_filter(:comments, :create, &Proc.new { true })
87
- permission_service.passed_filters?(:comments, :create, 'params').should be_true
120
+ permission_service.passed_filters?(:comments, :create).should be_true
88
121
  end
89
122
 
90
123
  it 'should return true when no filters are added at all' do
91
- permission_service.passed_filters?(:comments, :create, 'params').should be_true
124
+ permission_service.passed_filters?(:comments, :create).should be_true
92
125
  end
93
126
 
94
127
  it 'should return true when for given controller and action no filters has been added' do
95
128
  permission_service.add_filter(:comments, :update, &Proc.new {})
96
- permission_service.passed_filters?(:comments, :create, 'params').should be_true
129
+ permission_service.passed_filters?(:comments, :create).should be_true
97
130
  end
98
131
 
99
132
  it 'should return false when at least one block for given controller and action returns false' do
100
133
  permission_service.add_filter(:comments, :create, &Proc.new { true })
101
134
  permission_service.add_filter(:comments, :create, &Proc.new { false })
102
135
  permission_service.add_filter(:comments, :create, &Proc.new { true })
103
- permission_service.passed_filters?(:comments, :create, 'params').should be_false
136
+ permission_service.passed_filters?(:comments, :create).should be_false
137
+ end
138
+
139
+ it 'should pass resource to the given block' do
140
+ resource = Object.new
141
+ permission_service.add_filter(:comments, :create, &Proc.new { |r, p| r.should be resource })
142
+ permission_service.passed_filters?(:comments, :create, resource: resource)
104
143
  end
105
144
 
106
145
  it 'should pass params to the given block' do
107
146
  params = Object.new
108
- permission_service.add_filter(:comments, :create, &Proc.new { |p| p.object_id.should eq params.object_id })
109
- permission_service.passed_filters?(:comments, :create, params)
147
+ permission_service.add_filter(:comments, :create, &Proc.new { |r, p| p.should be params })
148
+ permission_service.passed_filters?(:comments, :create, params: params)
149
+ end
150
+
151
+ it 'should set params to {} if not given' do
152
+ permission_service.add_filter(:comments, :create, &Proc.new { |r, p| p.should eq({}) })
153
+ permission_service.passed_filters?(:comments, :create)
154
+ end
155
+
156
+ it 'should set params to {} if nil' do
157
+ permission_service.add_filter(:comments, :create, &Proc.new { |r, p| p.should eq({}) })
158
+ permission_service.passed_filters?(:comments, :create, params: nil)
159
+ end
160
+
161
+ it 'should set default values for params and current resource' do
162
+ block = Proc.new do |current_resource, params|
163
+ current_resource.should be_nil
164
+ params.should eq({})
165
+ end
166
+ permission_service.add_filter(:comments, :create, &block)
167
+ permission_service.passed_filters?(:comments, :create)
110
168
  end
111
169
  end
112
170
 
113
- describe '#allow_attributes?' do
171
+ describe '#allow_attribute?' do
114
172
 
115
173
  it 'should return true when @allow_all is true' do
116
174
  permission_service.allow_all
117
175
  permission_service.allow_attribute?(:comment, :user_id).should be_true
118
176
  end
119
177
 
120
- it 'should return true when param is allowed' do
178
+ it 'should return true when attribute is allowed' do
121
179
  permission_service.allow_attributes(:comment, :user_id)
122
180
  permission_service.allow_attribute?(:comment, :user_id).should be_true
123
181
  end
124
182
 
125
- it 'should return false when param not allowed' do
183
+ it 'should return false when attribute not allowed' do
126
184
  permission_service.allow_attribute?(:comment, :user_id).should be_false
127
185
  end
128
186
  end
@@ -242,7 +300,38 @@ describe Permissioner::PermissionServiceAdditions do
242
300
  end
243
301
  end
244
302
 
245
- describe 'configure' do
303
+ describe '#clear_filters' do
304
+
305
+ before :each do
306
+ permission_service.add_filter [:users, :comments], [:edit, :update], &Proc.new {}
307
+ end
308
+
309
+ it 'should delete filters for actions if one controller and action are given' do
310
+ permission_service.clear_filters :users, :edit
311
+ filters = permission_service.instance_variable_get(:@filters)
312
+ filters.count.should eq 3
313
+ filters.should_not have_key([:users, :edit])
314
+ end
315
+
316
+ it 'should delete filters for actions if multiple controllers and actions are given' do
317
+ permission_service.clear_filters [:users, :comments], [:edit, :update]
318
+ filters = permission_service.instance_variable_get(:@filters)
319
+ filters.should be_empty
320
+ end
321
+
322
+ end
323
+
324
+ describe '#clear_all_filters' do
325
+
326
+ it 'should set @filters to nil' do
327
+ permission_service.add_filter(:comments, :create, &Proc.new {})
328
+ permission_service.instance_variable_get(:@filters).should_not be_nil
329
+ permission_service.clear_all_filters
330
+ permission_service.instance_variable_get(:@filters).should be_nil
331
+ end
332
+ end
333
+
334
+ describe '#configure' do
246
335
 
247
336
  it 'should create new instance of given configurer class' do
248
337
  permission_service.stub(:current_user).and_return('current_user')