RubyGems - permissive - Versions diffs - 0.0.1 → 0.2.0.alpha - Mend

permissive 0.0.1 → 0.2.0.alpha

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (21) hide show

data/.gemspec +19 -1
data/.gitignore +3 -1
data/CHANGELOG +0 -0
data/README.markdown +37 -29
data/Rakefile +2 -2
data/VERSION +1 -1
data/generators/permissive_migration/templates/permissive_migration.rb +0 -2
data/lib/permissive.rb +14 -12
data/lib/permissive/errors.rb +4 -0
data/lib/permissive/has_permissions.rb +153 -0
data/lib/permissive/permission.rb +12 -30
data/lib/permissive/permission_definition.rb +94 -0
data/spec/has_permissions_spec.rb +326 -0
data/spec/rcov.opts +2 -1
data/spec/spec_helper.rb +2 -22
metadata +23 -16
data/README.markdown.html +0 -191
data/lib/permissive/acts_as_permissive.rb +0 -134
data/lib/permissive/permissions.rb +0 -29
data/spec/acts_as_permissive_spec.rb +0 -192
data/spec/permissions_spec.rb +0 -44

data/spec/has_permissions_spec.rb ADDED Viewed

@@ -0,0 +1,326 @@
+require File.join(File.dirname(__FILE__), 'spec_helper')
+# Setup some basic models to test with. We'll set permissions on both,
+# and then test :scope'd permissions through both.
+class Permissive::Organization < ActiveRecord::Base
+  set_table_name :permissive_organizations
+end
+class Permissive::User < ActiveRecord::Base
+  set_table_name :permissive_users
+end
+describe Permissive::Permission do
+  before :each do
+    PermissiveSpecHelper.db_up
+  end
+  describe "`has_permissions' default class method" do
+    [Permissive::User, Permissive::Organization].each do |model|
+      before :each do
+        model.has_permissions do
+          on :organizations
+        end
+      end
+      describe model do
+        it "should create a permissions reflection" do
+          model.new.should respond_to(:permissions)
+        end
+        it "should create a `can?' method" do
+          model.new.should respond_to(:can?)
+        end
+        it "should create a `revoke' method" do
+          model.new.should respond_to(:revoke)
+        end
+      end
+    end
+  end
+  describe "permissions definitions" do
+    it "should require Numeric permissions" do
+      lambda {
+        Permissive::User.has_permissions { to :dance_on_the_rooftops, "Dance, bitches!" }
+      }.should raise_error(Permissive::PermissionError)
+    end
+    it "should allow me to scope permissions inside the block" do
+      Permissive::Organization.has_permissions do
+        to :hire_employees, 0
+        to :fire_employees, 1
+        on :users do
+          to :hire, 0
+          to :fire, 1
+        end
+      end
+      # Ew, lots of assertions here...
+      Permissive::Organization.permissions[:global].permissions.should have_key(:hire_employees)
+      Permissive::Organization.permissions[:global].permissions.should have_key(:fire_employees)
+      Permissive::Organization.permissions[:global].permissions.should_not have_key(:hire)
+      Permissive::Organization.permissions[:global].permissions.should_not have_key(:fire)
+      Permissive::Organization.permissions[:permissive_users].permissions.should have_key(:hire)
+      Permissive::Organization.permissions[:permissive_users].permissions.should have_key(:fire)
+      Permissive::Organization.permissions[:permissive_users].permissions.should_not have_key(:hire_employees)
+      Permissive::Organization.permissions[:permissive_users].permissions.should_not have_key(:fire_employees)
+    end
+  end
+  describe "permissions checking" do
+    before :each do
+      Permissive::User.has_permissions do
+        to :manage_games, 0
+        to :control_rides, 1
+        to :punch, 2
+      end
+      @user = Permissive::User.create
+    end
+    it "should allow permissions checks through the `can?' method" do
+      @user.can?(:manage_games).should be_false
+    end
+    it "should respond to the `can!' method" do
+      @user.should respond_to(:can!)
+    end
+    it "should allow permissions setting through the `can!' method" do
+      count = @user.permissions.count
+      @user.can!(:manage_games)
+      @user.permissions.count.should == count.next
+    end
+    it "should return correct permissions through the `can?' method" do
+      @user.can!(:manage_games)
+      @user.can?(:manage_games).should be_true
+      @user.can?(:control_rides).should be_false
+      @user.can?(:punch).should be_false
+    end
+    it "should return correct permissions on multiple requests" do
+      @user.can!(:manage_games)
+      @user.can!(:control_rides)
+      @user.can?(:manage_games, :control_rides).should be_true
+      @user.can?(:manage_games, :punch).should be_false
+      @user.can?(:control_rides, :punch).should be_false
+      @user.can?(:manage_games, :control_rides, :punch).should be_false
+    end
+    it "should revoke the correct permissions through the `revoke' method" do
+      @user.can!(:manage_games, :control_rides)
+      @user.can?(:manage_games).should be_true
+      @user.can?(:control_rides).should be_true
+      @user.revoke(:control_rides)
+      @user.can?(:control_rides).should be_false
+      @user.can?(:manage_games).should be_true
+    end
+    it "should revoke the full permissions through the `revoke' method w/an :all argument" do
+      @user.can!(:manage_games, :control_rides)
+      @user.can?(:manage_games).should be_true
+      @user.can?(:control_rides).should be_true
+      @user.revoke(:all)
+      @user.can?(:manage_games).should be_false
+      @user.can?(:control_rides).should be_false
+    end
+    it "should support a :reset option" do
+      @user.can!(:manage_games, :control_rides)
+      @user.can?(:manage_games).should be_true
+      @user.can!(:punch, :reset => true)
+      @user.can?(:manage_games).should_not be_true
+      @user.can?(:punch).should be_true
+    end
+  end
+  describe "scoped permissions" do
+    before :each do
+      Permissive::User.has_permissions(:on => :organizations) do
+        to :manage_games, 0
+        to :control_rides, 1
+        on :users do
+          to :punch, 2
+        end
+      end
+      @user = Permissive::User.create
+      @organization = Permissive::Organization.create
+    end
+    it "should allow scoped permissions checks through the `can?' method" do
+      @user.can?(:manage_games, :on => @organization).should be_false
+    end
+    describe "on instances" do
+      it "should return correct permissions through a scoped `can?' method" do
+        @user.can!(:manage_games, :on => @organization)
+        @user.can?(:manage_games, :on => @organization).should be_true
+      end
+      it "should not respond to generic permissions on scoped permissions" do
+        @user.can!(:manage_games, :on => @organization)
+        @user.can?(:manage_games).should be_false
+        @user.can?(:manage_games, :on => @organization).should be_true
+      end
+      it "should revoke the correct permissions through the `revoke' method" do
+        @user.can!(:manage_games, :control_rides, :on => @organization)
+        @user.can?(:manage_games, :on => @organization).should be_true
+        @user.can?(:control_rides, :on => @organization).should be_true
+        @user.revoke(:manage_games, :on => @organization)
+        @user.can?(:manage_games, :on => @organization).should be_false
+        @user.can?(:control_rides, :on => @organization).should be_true
+      end
+      it "should revoke the full permissions through the `revoke' method w/an :all argument" do
+        @user.can!(:punch)
+        @user.can!(:manage_games, :control_rides, :on => @organization)
+        @user.can?(:manage_games, :on => @organization).should be_true
+        @user.can?(:control_rides, :on => @organization).should be_true
+        @user.can?(:punch).should be_true
+        @user.revoke(:all, :on => @organization)
+        !@user.can?(:manage_games, :on => @organization).should be_false
+        !@user.can?(:control_rides, :on => @organization).should be_false
+        @user.can?(:punch).should be_true
+      end
+    end
+    describe "on classes" do
+      it "should ignore instance-specific permissions" do
+        @user.can!(:punch, :on => Permissive::User)
+        @user.can?(:punch, :on => Permissive::User).should be_true
+        @user.can?(:punch, :on => Permissive::User.create).should be_false
+      end
+      it "should interpolate symbols" do
+        @user.can!(:punch, :on => :users)
+        @user.can?(:punch, :on => Permissive::User).should be_true
+      end
+      it "should interpolate strings" do
+        @user.can!(:punch, :on => 'users')
+        @user.can?(:punch, :on => Permissive::User).should be_true
+      end
+      it "should forget strings if a corresponding class doesn't exist" do
+        Permissive::User.has_permissions(:on => :foobar) { to :punch, 0 }
+        @user.can!(:punch, :on => :foobar)
+        @user.can?(:punch, :on => :foobar).should be_true
+      end
+      it "should probably work with non-namespaced models, since those are standard these days" do
+        class PermissiveUser < ActiveRecord::Base
+          has_permissions do
+            to :do_stuff, 0
+            to :be_lazy, 1
+            on Permissive::Organization do
+              to :dance, 0
+              to :sing, 1
+            end
+          end
+        end
+        user = PermissiveUser.create
+        user.can!(:do_stuff)
+        user.can?(:do_stuff).should be_true
+        user.can!(:dance, :on => Permissive::Organization)
+        user.can?(:dance, :on => Permissive::Organization).should be_true
+      end
+    end
+  end
+  describe "automatic method creation" do
+    before :each do
+      Permissive::User.has_permissions(:on => :organizations)
+      @user = Permissive::User.create
+      @organization = Permissive::Organization.create
+      @user.can!(:control_rides)
+      @user.can!(:punch)
+      @user.can!(:manage_games, :on => @organization)
+    end
+    it "should not respond to invalid permission methods" do
+      lambda {
+        @user.can_control_rides_fu?
+      }.should raise_error(NoMethodError)
+    end
+    it "should cache chained methods" do
+      @user.respond_to?(:can_control_rides_and_manage_games?).should be_false
+      @user.can_control_rides_and_manage_games?.should be_false
+      @user.should respond_to(:can_control_rides_and_manage_games?)
+    end
+    it "should respond to valid permission methods" do
+      @user.can_control_rides?.should be_true
+      @user.can_punch?.should be_true
+      @user.can_manage_games?.should be_false
+    end
+    it "should respond to chained permission methods" do
+      @user.can_control_rides_and_punch?.should be_true
+      @user.can_control_rides_and_manage_games?.should be_false
+    end
+    it "should respond to scoped permission methods" do
+      @user.can_manage_games_on?(@organization).should be_true
+      @user.can_punch?(@organization).should be_false
+      ['control_rides', 'punch'].each do |permission|
+        @user.send("can_#{permission}_on?", @organization).should be_false
+      end
+    end
+    describe "for setting permissions" do
+      it "should return the permission" do
+        @user.can_manage_games!.should be_instance_of Permissive::Permission
+        @user.can_manage_games?.should be_true
+      end
+      it "should support scoping" do
+        @user.can_manage_games_in!(@organization).should be_instance_of Permissive::Permission
+        @user.can_manage_games?.should be_false
+        @user.can_manage_games_in?(@organization).should be_true
+      end
+    end
+  end
+  describe "roles" do
+    before :each do
+      Permissive::User.has_permissions do
+        to :hire_employees, 0
+        to :manage_games, 1
+        to :control_rides, 2
+        role :games do
+          can :manage_games
+        end
+        role :rides do
+          can :control_rides
+        end
+      end
+    end
+    it "should provide a `roles` hash" do
+      Permissive::User.permissions[:global].roles[:games].should == [:manage_games]
+      Permissive::User.permissions[:global].roles[:rides].should == [:control_rides]
+    end
+    it "should allow me to assign a role" do
+      @james = Permissive::User.create!
+      @james.should respond_to(:role=)
+      @james.role = 'rides'
+      @james.can_control_rides?.should be_true
+      @james.can_manage_games?.should be_false
+    end
+  end
+end
+PermissiveSpecHelper.clear_log

data/spec/rcov.opts CHANGED Viewed

@@ -1,2 +1,3 @@
 --exclude "spec/*,gems/*"
---rails
+--rails
+--aggregate "coverage.data"

data/spec/spec_helper.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 require 'rubygems'
-require 'activerecord'
+require 'active_record'
 require 'permissive'
 module PermissiveSpecHelper
@@ -9,13 +9,8 @@ module PermissiveSpecHelper
     end
   end
-  def self.db_down
-    File.unlink(db) if File.exists?(db)
-  end
   def self.db_up
-    db_down
-    ActiveRecord::Base.establish_connection({:adapter => 'sqlite3', :database => db, :pool => 5, :timeout => 5000})
+    ActiveRecord::Base.establish_connection({:adapter => 'sqlite3', :database => ':memory:', :pool => 5, :timeout => 5000})
     silence_stream(STDOUT) do
       ActiveRecord::Schema.define do
         create_table :permissive_users, :force => true do |t|
@@ -30,7 +25,6 @@ module PermissiveSpecHelper
           t.integer :scoped_object_id
           t.string :scoped_object_type, :limit => 32
           t.integer :mask, :default => 0
-          t.integer :grant_mask, :default => 0
         end
       end
     end
@@ -39,20 +33,6 @@ module PermissiveSpecHelper
   def self.log_path
     File.join(File.dirname(__FILE__), 'spec.log')
   end
-  private
-  def self.db
-    @@db ||= File.expand_path(File.join(File.dirname(__FILE__), 'test.sqlite3'))
-  end
-end
-# Setup some test permissions
-module Permissive::Permissions
-  FINALIZE_LAB_SELECTION_LIST = 0
-  SEARCH_APPLICANTS = 1
-  CREATE_BASIC_USER = 2
-  VIEW_USERS = 3
-  VIEW_BUDGET_REPORT = 4
 end
 # Setup the logging

metadata CHANGED Viewed

@@ -1,16 +1,21 @@
 --- !ruby/object:Gem::Specification
 name: permissive
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  prerelease: true
+  segments:
+  - 0
+  - 2
+  - 0
+  - alpha
+  version: 0.2.0.alpha
 platform: ruby
 authors:
 - Flip Sasser
-- Simon Parsons
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2009-11-01 00:00:00 -04:00
+date: 2010-04-19 00:00:00 -04:00
 default_executable:
 dependencies: []
@@ -26,10 +31,10 @@ extensions: []
 extra_rdoc_files:
 - README.markdown
-- README.markdown.html
 files:
 - .gemspec
 - .gitignore
+- CHANGELOG
 - MIT-LICENSE
 - README.markdown
 - Rakefile
@@ -38,16 +43,15 @@ files:
 - generators/permissive_migration/permissive_migration_generator.rb
 - generators/permissive_migration/templates/permissive_migration.rb
 - lib/permissive.rb
-- lib/permissive/acts_as_permissive.rb
+- lib/permissive/errors.rb
+- lib/permissive/has_permissions.rb
 - lib/permissive/permission.rb
-- lib/permissive/permissions.rb
+- lib/permissive/permission_definition.rb
 - rails/init.rb
-- spec/acts_as_permissive_spec.rb
-- spec/permissions_spec.rb
+- spec/has_permissions_spec.rb
 - spec/rcov.opts
 - spec/spec.opts
 - spec/spec_helper.rb
-- README.markdown.html
 has_rdoc: true
 homepage: http://github.com/flipsasser/permissive
 licenses: []
@@ -61,22 +65,25 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
+      segments:
+      - 0
       version: "0"
-  version:
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: "0"
-  version:
+      segments:
+      - 1
+      - 3
+      - 1
+      version: 1.3.1
 requirements: []
 rubyforge_project:
-rubygems_version: 1.3.5
+rubygems_version: 1.3.6
 signing_key:
 specification_version: 3
 summary: Permissive gives your ActiveRecord models granular permission support
 test_files:
-- spec/acts_as_permissive_spec.rb
-- spec/permissions_spec.rb
+- spec/has_permissions_spec.rb
 - spec/spec_helper.rb