permissioner 0.1.0.beta → 0.1.1.beta

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/permissioner/service_additions.rb +17 -10
  3. data/lib/permissioner/version.rb +1 -1
  4. data/spec/permissioner/controller_additions_spec.rb +30 -33
  5. data/spec/permissioner/service_additions_spec.rb +108 -62
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 5ba85c8029c5e0f9a4f4f9e57c546ff2dc87e74e
4
- data.tar.gz: e9502b6cb5c9a1dc7a269ce74af1e93b23e4606e
3
+ metadata.gz: 283f7e1c48c2fa3ef067f72a57ef99c64b0bee45
4
+ data.tar.gz: 7d2445b825b484f698f46887dbae818adca3af02
5
5
  SHA512:
6
- metadata.gz: e4802cc89cfb79b4a6d500f72ca4d0e4d31650bf6c183bebd8c7caac7d34342d074fead3c94e9ece2d6e3eb79f4d3b04566a497c52806d2cf8e12be65c993295
7
- data.tar.gz: 9d1710c507e6d7a74ed131d8f8899bd3ef6abcd7623ff676c69c3341be585a0d150f7c7536c073152ae4ad8674286157c017cbaf83f983a24485448b90d995c0
6
+ metadata.gz: 2e4f293f79ca9bae4d30bf4c8e262f57cba4f7f2920c355b08b894ebaef1058e4bf7c4e0704a448f8c30f343bff1bae332b2075db0364cf53776e99c41429782
7
+ data.tar.gz: 8699d0ae874e3b08ef9efa448bf8fdb70fdefc32510c2beb5376da705451b63f643228e0d906def191daaa5efcf4491c2e6f95227f0b3ce41569e5785665ffed
data/lib/permissioner/service_additions.rb CHANGED
@@ -5,16 +5,16 @@ module Permissioner
5
5
 
6
6
  def initialize current_user=nil
7
7
  @current_user = current_user
8
+ @filters = {}
8
9
  configure_permissions
9
10
  end
10
11
 
11
12
  def allow_action?(controller, action, subjects={})
12
- allowed =
13
- @allow_all ||
14
- (@allowed_actions &&
15
- (@allowed_actions[[controller.to_s, action.to_s]] || @allowed_actions[[controller.to_s, 'all']]))
16
- allowed = allowed && (allowed == true || allowed.call(subjects[:resource]))
17
- allowed && passed_filters?(controller, action, subjects)
13
+ allowed = @allow_all
14
+ if !allowed && @allowed_actions
15
+ allowed = @allowed_actions[[controller.to_s, action.to_s]] || @allowed_actions[[controller.to_s, 'all']]
16
+ end
17
+ allowed && (@allow_all || passed_filters?(controller, action, subjects))
18
18
  end
19
19
 
20
20
  def allow_attribute?(resource, attribute)
@@ -61,7 +61,8 @@ module Permissioner
61
61
  @allowed_actions ||= {}
62
62
  Array(controllers).each do |controller|
63
63
  Array(actions).each do |action|
64
- @allowed_actions[[controller.to_s, action.to_s]] = block || true
64
+ @allowed_actions[[controller.to_s, action.to_s]] = true
65
+ add_block_to_filters(controller, action, &block) if block_given?
65
66
  end
66
67
  end
67
68
  end
@@ -80,11 +81,9 @@ module Permissioner
80
81
 
81
82
  def add_filter(controllers, actions, &block)
82
83
  raise 'no block given' unless block_given?
83
- @filters ||= {}
84
84
  Array(controllers).each do |controller|
85
85
  Array(actions).each do |action|
86
- @filters[[controller.to_s, action.to_s]] ||= []
87
- @filters[[controller.to_s, action.to_s]] << block
86
+ add_block_to_filters(controller, action, &block)
88
87
  end
89
88
  end
90
89
  end
@@ -113,5 +112,13 @@ module Permissioner
113
112
  #
114
113
  def configure_permissions
115
114
  end
115
+
116
+ private
117
+
118
+ def add_block_to_filters(controller, action, &block)
119
+ raise 'cannot add filter to :all' if action.to_s == 'all'
120
+ @filters[[controller.to_s, action.to_s]] ||= []
121
+ @filters[[controller.to_s, action.to_s]] << block
122
+ end
116
123
  end
117
124
  end
data/lib/permissioner/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Permissioner
2
- VERSION = "0.1.0.beta"
2
+ VERSION = "0.1.1.beta"
3
3
  end
data/spec/permissioner/controller_additions_spec.rb CHANGED
@@ -2,56 +2,55 @@ require 'spec_helper'
2
2
 
3
3
  describe Permissioner::ControllerAdditions do
4
4
 
5
- before :each do
6
- @controller_class = Class.new
7
- @controller_class.stub(:helper_method)
8
- @controller_class.send(:include, Permissioner::ControllerAdditions)
9
- @controller = @controller_class.new
10
- @controller.stub(:current_user)
5
+ let(:controller) do
6
+ controller_class = Class.new
7
+ controller_class.stub(:helper_method)
8
+ controller_class.send(:include, Permissioner::ControllerAdditions)
9
+ controller = controller_class.new
10
+ controller.stub(:current_user)
11
+ controller
11
12
  end
12
13
 
13
14
  describe '::included' do
14
15
 
15
- before :each do
16
- @clazz = Class.new
17
- end
16
+ let(:clazz) { Class.new }
18
17
 
19
18
  it 'should set view helpers' do
20
- @clazz.should_receive(:helper_method).with(:allow_action?, :allow_attribute?, :permission_service)
21
- @clazz.send(:include, Permissioner::ControllerAdditions)
19
+ clazz.should_receive(:helper_method).with(:allow_action?, :allow_attribute?, :permission_service)
20
+ clazz.send(:include, Permissioner::ControllerAdditions)
22
21
  end
23
22
 
24
23
  it 'should delegate helper methods to permission servie' do
25
- @clazz.stub(:helper_method)
26
- @clazz.should_receive(:delegate).with(:allow_action?, :allow_attribute?, to: :permission_service)
27
- @clazz.send(:include, Permissioner::ControllerAdditions)
24
+ clazz.stub(:helper_method)
25
+ clazz.should_receive(:delegate).with(:allow_action?, :allow_attribute?, to: :permission_service)
26
+ clazz.send(:include, Permissioner::ControllerAdditions)
28
27
  end
29
28
  end
30
29
 
31
-
32
30
  describe 'authorize' do
33
31
 
32
+ let(:params) { {controller: 'comments', action: 'index'} }
33
+
34
34
  before :each do
35
- @params = {controller: 'comments', action: 'index'}
36
- @controller.stub(:current_resource).and_return('resource')
37
- @controller.stub(:params).and_return(@params)
35
+ controller.stub(:current_resource).and_return('resource')
36
+ controller.stub(:params).and_return(params)
38
37
  end
39
38
 
40
39
  it 'should call permit_params! if action allwed and filters passed' do
41
- @controller.permission_service.should_receive(:allow_action?).and_return(true)
42
- @controller.permission_service.should_receive(:permit_params!).with(@params)
43
- @controller.authorize
40
+ controller.permission_service.should_receive(:allow_action?).and_return(true)
41
+ controller.permission_service.should_receive(:permit_params!).with(params)
42
+ controller.authorize
44
43
  end
45
44
 
46
45
  it 'should call allow_action? with correct parameters' do
47
- @controller.permission_service.should_receive(:allow_action?).with('comments', 'index', resource: 'resource', params: @params).and_return(true)
48
- @controller.authorize
46
+ controller.permission_service.should_receive(:allow_action?).with('comments', 'index', resource: 'resource', params: params).and_return(true)
47
+ controller.authorize
49
48
  end
50
49
 
51
50
  it 'should raise Permissioner::NotAuthorized when action not allowed' do
52
- @controller.permission_service.should_receive(:allow_action?).with('comments', 'index', resource: 'resource', params: @params).and_return(false)
51
+ controller.permission_service.should_receive(:allow_action?).with('comments', 'index', resource: 'resource', params: params).and_return(false)
53
52
  expect {
54
- @controller.authorize
53
+ controller.authorize
55
54
  }.to raise_error Permissioner::NotAuthorized
56
55
  end
57
56
  end
@@ -59,31 +58,29 @@ describe Permissioner::ControllerAdditions do
59
58
  describe '#permission_service' do
60
59
 
61
60
  it 'should return instance of PermissionService' do
62
- @controller.permission_service.class.should eq PermissionService
61
+ controller.permission_service.class.should eq PermissionService
63
62
  end
64
63
 
65
64
  it 'should cache PermissionService instance' do
66
- permission_service_1 = @controller.permission_service
67
- permission_service_2 = @controller.permission_service
68
- permission_service_1.should eq permission_service_2
65
+ controller.permission_service.should be controller.permission_service
69
66
  end
70
67
 
71
68
  it 'should create PermissionService by calling PermissionService::new' do
72
69
  PermissionService.should_receive(:new)
73
- @controller.permission_service
70
+ controller.permission_service
74
71
  end
75
72
 
76
73
  it 'should pass current_user to PermissionService::initialize' do
77
- @controller.should_receive(:current_user).and_return('current_user')
74
+ controller.should_receive(:current_user).and_return('current_user')
78
75
  PermissionService.should_receive(:new).with('current_user')
79
- @controller.permission_service
76
+ controller.permission_service
80
77
  end
81
78
  end
82
79
 
83
80
  describe '#current_resource' do
84
81
 
85
82
  it 'should return nil as default' do
86
- @controller.current_resource.should be_nil
83
+ controller.current_resource.should be_nil
87
84
  end
88
85
  end
89
86
  end
data/spec/permissioner/service_additions_spec.rb CHANGED
@@ -25,79 +25,64 @@ describe Permissioner::ServiceAdditions do
25
25
 
26
26
  describe '#allow_action?' do
27
27
 
28
- it 'should return true if @allow_all is true' do
29
- permission_service.allow_all
30
- permission_service.allow_action?(:comments, :index).should be_true
31
- end
32
-
33
- context 'block not given' do
28
+ context 'filters not given' do
34
29
 
35
- it 'should return true if given action allowed' do
30
+ it 'should return true if action is allowed' do
36
31
  permission_service.allow_actions :comments, :index
37
32
  permission_service.allow_action?(:comments, :index).should be_true
38
33
  end
39
34
 
40
- it 'should return true for every action when all actions are allowed' do
35
+ it 'should return true for every action if all actions of controller are allowed' do
41
36
  permission_service.allow_actions :comments, :all
42
37
  permission_service.allow_action?(:comments, :index).should be_true
43
38
  end
44
39
 
45
- it 'should return true if action is allowed and given filter returns true' do
46
- permission_service.add_filter :comments, :index, &Proc.new { true }
47
- permission_service.allow_actions :comments, :index
40
+ it 'should return true if allow_all is true' do
41
+ permission_service.allow_all
48
42
  permission_service.allow_action?(:comments, :index).should be_true
49
43
  end
50
44
 
51
- it 'should return false if given action not allowed' do
52
- permission_service.allow_action?(:comments, :index).should be_false
53
- permission_service.allow_actions :comments, :create
54
- permission_service.allow_action?(:comments, :index).should be_false
55
- end
56
-
57
- it 'should return false if action is allowed and given filter returns false' do
58
- permission_service.add_filter :comments, :index, &Proc.new { false }
59
- permission_service.allow_actions :comments, :index
45
+ it 'should return false if actions is not allowed' do
60
46
  permission_service.allow_action?(:comments, :index).should be_false
61
47
  end
62
48
  end
63
49
 
64
- context 'block given' do
50
+ context 'filters given' do
65
51
 
66
- it 'should call block for given action when ressource is given' do
67
- block = Proc.new {}
68
- block.should_receive(:call)
69
- permission_service.allow_actions :comments, :index, &block
70
- permission_service.allow_action?(:comments, :index, resource: 'resource')
52
+ it 'should return true if action is allowed and all filters return true' do
53
+ permission_service.allow_actions :comments, :index, &Proc.new { true }
54
+ permission_service.add_filter :comments, :index, &Proc.new { true }
55
+ permission_service.allow_action?(:comments, :index).should be_true
71
56
  end
72
57
 
73
- it 'should return true when block returns true' do
74
- block = Proc.new { true }
75
- permission_service.allow_actions :comments, :index, &block
58
+ it 'should return true for every action if all actions of controller are allowed and filters return true' do
59
+ permission_service.allow_actions :comments, :all
60
+ permission_service.add_filter :comments, :index, &Proc.new { true }
76
61
  permission_service.allow_action?(:comments, :index).should be_true
77
62
  end
78
63
 
79
- it 'should return true if block and given filter returns true' do
80
- permission_service.add_filter :comments, :index, &Proc.new { true }
81
- permission_service.allow_actions :comments, :index, &Proc.new { true }
64
+ it 'should return true if allow_all is true but filters return false' do
65
+ permission_service.allow_all
66
+ permission_service.allow_actions :comments, :index, &Proc.new { false }
67
+ permission_service.add_filter :comments, :index, &Proc.new { false }
82
68
  permission_service.allow_action?(:comments, :index).should be_true
83
69
  end
84
70
 
85
- it 'should return false when block returns false' do
86
- block = Proc.new { false }
87
- permission_service.allow_actions :comments, :index, &block
88
- permission_service.allow_action?(:comments, :index, resource: 'resource').should be_false
71
+ it 'should return false if given action allowed but filters return false' do
72
+ permission_service.allow_actions :comments, :index, &Proc.new { false }
73
+ permission_service.allow_action?(:comments, :index).should be_false
89
74
  end
90
75
 
91
- it 'should return false if block returns true and given filter returns false' do
92
- permission_service.add_filter :comments, :index, &Proc.new { false }
76
+ it 'should return false if given action allowed but at least one filter returns false' do
93
77
  permission_service.allow_actions :comments, :index, &Proc.new { true }
94
- permission_service.allow_action?(:comments, :index, resource: 'resource').should be_false
78
+ permission_service.add_filter :comments, :index, &Proc.new { false }
79
+ permission_service.allow_action?(:comments, :index).should be_false
95
80
  end
96
81
 
97
- it 'should return false if block returns false and given filter returns true' do
98
- permission_service.add_filter :comments, :index, &Proc.new { true }
99
- permission_service.allow_actions :comments, :index, &Proc.new { false }
100
- permission_service.allow_action?(:comments, :index, resource: 'resource').should be_false
82
+ it 'should return false for every action if all actions of controller are allowed but filters return false' do
83
+ permission_service.allow_actions :comments, :all
84
+ permission_service.add_filter :comments, :index, &Proc.new { false }
85
+ permission_service.allow_action?(:comments, :index).should be_false
101
86
  end
102
87
  end
103
88
 
@@ -215,28 +200,79 @@ describe Permissioner::ServiceAdditions do
215
200
 
216
201
  describe '#allow_actions' do
217
202
 
218
- it 'should add controller and action to @allowed_actions' do
219
- permission_service.allow_actions :comments, :index
220
- allowed_actions = permission_service.instance_variable_get(:@allowed_actions)
221
- allowed_actions.count.should eq 1
222
- allowed_actions[['comments', 'index']].should be_true
223
- end
203
+ context 'block not given' do
204
+
205
+ it 'should add actions to @allowed_actions when one action is given' do
206
+ permission_service.allow_actions :comments, :index
207
+ allowed_actions = permission_service.instance_variable_get(:@allowed_actions)
208
+ allowed_actions.count.should eq 1
209
+ allowed_actions[['comments', 'index']].should be_true
210
+ end
211
+
212
+ it 'should add actions to @allowed_actions when multiple actions are given' do
213
+ permission_service.allow_actions([:comments, :users], [:index, :create])
214
+ allowed_actions = permission_service.instance_variable_get(:@allowed_actions)
215
+ allowed_actions.count.should eq 4
216
+ allowed_actions[['comments', 'index']].should be_true
217
+ allowed_actions[['comments', 'create']].should be_true
218
+ allowed_actions[['users', 'index']].should be_true
219
+ allowed_actions[['users', 'create']].should be_true
220
+ end
224
221
 
225
- it 'should add controllers and action to @allowed_actions when multiple given' do
226
- permission_service.allow_actions([:comments, :users], [:index, :create])
227
- allowed_actions = permission_service.instance_variable_get(:@allowed_actions)
228
- allowed_actions.count.should eq 4
229
- allowed_actions[['comments', 'index']].should be_true
230
- allowed_actions[['comments', 'create']].should be_true
231
- allowed_actions[['users', 'index']].should be_true
232
- allowed_actions[['users', 'create']].should be_true
222
+ it 'should not add any filters' do
223
+ permission_service.allow_actions :comments, :index
224
+ filters = permission_service.instance_variable_get(:@filters)
225
+ filters.count.should eq 0
226
+ end
233
227
  end
234
228
 
235
- it 'should add controllers and action to @allowed_actions and store block when given' do
236
- block = Proc.new {}
237
- permission_service.allow_actions(:comments, :edit, &block)
238
- allowed_actions = permission_service.instance_variable_get(:@allowed_actions)
239
- allowed_actions[['comments', 'edit']].object_id.should eq block.object_id
229
+ context 'block given' do
230
+
231
+ it 'should add block to @filters one aciton is given' do
232
+ block = Proc.new {}
233
+ permission_service.allow_actions :comments, :index, &block
234
+ filters = permission_service.instance_variable_get(:@filters)
235
+ filters.count.should eq 1
236
+ filters[['comments', 'index']].should eq [block]
237
+ end
238
+
239
+ it 'should add block to @filters when multiple actions are given' do
240
+ block = Proc.new {}
241
+ permission_service.allow_actions([:comments, :users], [:index, :create], &block)
242
+ filters = permission_service.instance_variable_get(:@filters)
243
+ filters.count.should eq 4
244
+ filters[['comments', 'index']].should eq [block]
245
+ filters[['comments', 'create']].should eq [block]
246
+ filters[['users', 'index']].should eq [block]
247
+ filters[['users', 'create']].should eq [block]
248
+ end
249
+
250
+ it 'should add multiple blocks to @filters fore every actions' do
251
+ block_1 = Proc.new {}
252
+ block_2 = Proc.new {}
253
+ permission_service.allow_actions :comments, :index, &block_1
254
+ permission_service.allow_actions :comments, :index, &block_2
255
+ filters = permission_service.instance_variable_get(:@filters)
256
+ filters.count.should eq 1
257
+ filters[['comments', 'index']].should eq [block_1, block_2]
258
+ end
259
+
260
+ it 'should add actions to @allowed_actions' do
261
+ permission_service.allow_actions :comments, :index, &Proc.new {}
262
+ allowed_actions = permission_service.instance_variable_get(:@allowed_actions)
263
+ allowed_actions.count.should eq 1
264
+ allowed_actions[['comments', 'index']].should be_true
265
+ end
266
+
267
+ it 'should raise error if block is given for all actions' do
268
+ message = 'cannot add filter to :all'
269
+ expect {
270
+ permission_service.allow_actions :comments, :all, &Proc.new {}
271
+ }.to raise_exception message
272
+ expect {
273
+ permission_service.allow_actions :comments, 'all', &Proc.new {}
274
+ }.to raise_exception message
275
+ end
240
276
  end
241
277
  end
242
278
 
@@ -298,6 +334,16 @@ describe Permissioner::ServiceAdditions do
298
334
  it 'should rails exception when no block given' do
299
335
  expect { permission_service.add_filter(:comments, :index) }.to raise_error('no block given')
300
336
  end
337
+
338
+ it 'should raise error if block is given for all actions' do
339
+ message = 'cannot add filter to :all'
340
+ expect {
341
+ permission_service.add_filter :comments, :all, &Proc.new {}
342
+ }.to raise_exception message
343
+ expect {
344
+ permission_service.add_filter :comments, 'all', &Proc.new {}
345
+ }.to raise_exception message
346
+ end
301
347
  end
302
348
 
303
349
  describe '#clear_filters' do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: permissioner
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0.beta
4
+ version: 0.1.1.beta
5
5
  platform: ruby
6
6
  authors:
7
7
  - Daniel Grawunder, Christian Mierich
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2013-08-15 00:00:00.000000000 Z
11
+ date: 2013-08-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rspec