RubyGems - policy-assertions - Versions diffs - 0.0.2 → 0.0.3 - Mend

policy-assertions 0.0.2 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +4 -0
data/README.md +0 -3
data/lib/policy_assertions.rb +18 -19
data/lib/policy_assertions/errors.rb +0 -7
data/lib/policy_assertions/version.rb +1 -1
data/policy-assertions.gemspec +2 -2
data/test/lib/policy_assertions_test.rb +36 -4
data/test/test_helper.rb +72 -0
metadata +4 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 53e8739d031b758729afa0bbb35943b9435d82e0
-  data.tar.gz: 7084ff252fda8db066873be079a1955320e3a52d
+  metadata.gz: de43c6a77ae8bc5ef2887f016bc04b7924842852
+  data.tar.gz: a68e538a28931ce1702a987c17ec56c433a132ee
 SHA512:
-  metadata.gz: 3ea9753e8d7a4b09f8add5e23f9f4077769d53a85123175e035e25287680bf6ec64df9526fb2a2bb8137810aac93a94be497ced0bb8057f776cb9c12186cb5ac
-  data.tar.gz: c90daf60ee58b1b60107c2bf76c18f7f373b3e3004027677969aa18556733856a549604e126fc83871e21fd68d041857ff99b4de11047811858812fb32c987b2
+  metadata.gz: d3958f8816690edb5148180e06b4f4245f98ff1f1a9e68e0643444a2793001f9f8d3b5fb91288a9f4f2fcbf74c85a2e4a70d4ff57addfc9a376ab5c3780991b7
+  data.tar.gz: 40c562a177f6387d8bff50d8aec2dbf838d46f5fb7399d96b0dbcc8a87a285266c9c166248cb9bb253d94adfdee376bd3a0d91cb02aaf44ab9846fbd88af6e42

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,7 @@
+## v0.0.3
+* Compatibility with pundit 1.1.0
 ## v0.0.1
 * initial release

data/README.md CHANGED Viewed

@@ -143,10 +143,7 @@ end
 ### Strong Parameters
 Since Pundit offers a [permitted_attributes](https://github.com/elabs/pundit#strong-parameters) helper, policy-assertions provides an assert method for testing.
-To use this assertion the test class **must** match an existing policy with 'Test' appended. If the class name does not match a policy a PolicyAssertions::InvalidClassName error is thrown. See the code sample below.
 ```ruby
-# The class name matches the ArticlePolicy class.
 class ArticlePolicyTest < PolicyAssertions::Test
   # Test that a site staff member has access to the
   # parameters defined in the params method.

data/lib/policy_assertions.rb CHANGED Viewed

@@ -33,16 +33,18 @@ module PolicyAssertions
       end
     end
-    def assert_strong_parameters(user, record,
-                                 params_hash, allowed_params)
-      params = ActionController::Parameters.new(class_symbol => params_hash)
+    def assert_strong_parameters(user, record, params_hash, allowed_params)
+      policy = Pundit.policy!(user, record)
-      strong_params = params.require(class_symbol)
-                      .permit(*get_strong_params(user, record)).keys
+      param_key = find_param_key(record)
+      params = ActionController::Parameters.new(param_key => params_hash)
+      strong_params = params.require(param_key)
+                      .permit(*policy.permitted_attributes).keys
       strong_params.each do |param|
-        assert_includes allowed_params,
-                        param.to_sym,
+        assert_includes allowed_params, param.to_sym,
                         "User #{user} should not be permitted to "\
                         "update parameter [#{param}]"
       end
@@ -50,18 +52,15 @@ module PolicyAssertions
     private
-    def class_symbol
-      @class_symbol ||= klass.to_s.gsub(/Policy/, '').downcase.to_sym
-    end
-    def get_strong_params(user, record)
-      klass.new(user, record).permitted_attributes
-    end
-    def klass
-      @klass ||= self.class.name.demodulize.to_s.gsub(/Test/, '').constantize
-      rescue NameError
-        raise InvalidClassName
+    # borrowed from Pundit::PolicyFinder
+    def find_param_key(record)
+      if record.respond_to?(:model_name)
+        record.model_name.param_key.to_s
+      elsif record.is_a?(Class)
+        record.to_s.demodulize.underscore
+      else
+        record.class.to_s.demodulize.underscore
+      end
     end
     def get_permissions(permissions)

data/lib/policy_assertions/errors.rb CHANGED Viewed

@@ -1,11 +1,4 @@
 module PolicyAssertions
-  class InvalidClassName < StandardError
-    def message
-      'The test class must be the same as a pundit policy class. ' \
-      'For example, RecordPolicyTest'
-    end
-  end
   class MissingBlockParameters < StandardError
     def message
       'PolicyTest must pass the permissions into the assert if called ' \

data/lib/policy_assertions/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module PolicyAssertions
-  VERSION = '0.0.2'
+  VERSION = '0.0.3'
 end

data/policy-assertions.gemspec CHANGED Viewed

@@ -24,9 +24,9 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'rake'
   spec.add_development_dependency 'minitest', '~> 5.6'
   spec.add_development_dependency 'actionpack', '>= 3.0.0'
-  spec.add_development_dependency 'rack', '~>1.6.1'
+  spec.add_development_dependency 'rack', '~> 1.6.1'
   spec.add_development_dependency 'rack-test', '~> 0.6.3'
-  spec.add_dependency 'pundit', '~> 1.0.0'
+  spec.add_dependency 'pundit', '>= 1.0.0'
   spec.add_dependency 'activesupport', '>= 3.0.0'
 end

data/test/lib/policy_assertions_test.rb CHANGED Viewed

@@ -139,12 +139,11 @@ class StrongParametersTest < Minitest::Test
   end
 end
-class InvalidClassNameTest
+class DifferentClassNameTest
   class FakePolicyTest < PolicyAssertions::Test
     def test_strong_parameters
-      assert_raises(PolicyAssertions::InvalidClassName) do
-        assert_strong_parameters nil, Article, Article.params, [:user_id]
-      end
+      allowed = [:user_id, :title, :description]
+      assert_strong_parameters User.new(1), Article, Article.params, allowed
     end
   end
 end
@@ -159,6 +158,39 @@ class InvalidBlockParametersTest
   end
 end
+class DefinedPolicyClassTest
+  class PersonPolicyTest < PolicyAssertions::Test
+    def test_create_and_destroy
+      assert_permit User.new(100), User.new(101)
+    end
+    def test_strong_parameters
+      assert_strong_parameters nil, User, User.params, [:user_id, :name]
+    end
+  end
+end
+# rubocop:disable Style/ClassAndModuleChildren:
+class ModularizedPolicyClassTest
+  class Users::SessionPolicyTest < PolicyAssertions::Test
+    def test_create_and_destroy
+      assert_permit User.new(100), Users::Session.new(100)
+    end
+    def test_destroy
+      refute_permit User.new(100), Users::Session.new(101)
+      refute_permit nil, Users::Session.new
+    end
+    def test_strong_parameters
+      assert_strong_parameters User.new,
+                               Users::Session,
+                               Users::Session.params,
+                               [:id, :user_id]
+    end
+  end
+end
 class ValidBlockParametersTest
   class ArticlePolicyTest < PolicyAssertions::Test
     test 'index?' do

data/test/test_helper.rb CHANGED Viewed

@@ -16,11 +16,19 @@ def policy_class(&block)
 end
 class User
+  def self.policy_class
+    PersonPolicy
+  end
   attr_accessor :id
   def initialize(id = nil)
     @id = id if id
   end
+  def self.params
+    { :user_id => 1, :name => 'name', :role => 'admin' }
+  end
 end
 class Article
@@ -63,3 +71,67 @@ class ArticlePolicy
     (@user && @user.id == 1) ? [:user_id, :title, :description] : [:title]
   end
 end
+class PersonPolicy
+  attr_reader :user, :record
+  def initialize(user, record)
+    @user = user
+    @record = record
+  end
+  def create?
+    true
+  end
+  def destroy?
+    @user
+  end
+  def permitted_attributes
+    (@user && @user.id == 1) ? [:user_id, :name, :role] : [:user_id, :name]
+  end
+end
+module Users
+  class Session
+    attr_accessor :id, :user_id
+    def initialize(user_id = nil)
+      @id = random_id
+      @user_id = user_id || random_id
+    end
+    def self.params
+      { :id => @id, :user_id => @user_id, :name => 'session_name' }
+    end
+    private
+    def random_id
+      100 + Random.rand(1000)
+    end
+  end
+  class SessionPolicy
+    attr_reader :user, :record
+    def initialize(user, record)
+      @user = user
+      @record = record
+    end
+    def create?
+      @user
+    end
+    def destroy?
+      @user && @user.id == record.user_id
+    end
+    def permitted_attributes
+      return [] unless @user
+      @user.id == 1 ? [:id, :user_id, :name] : [:id, :user_id]
+    end
+  end
+end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: policy-assertions
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 0.0.3
 platform: ruby
 authors:
 - Kevin Simmons
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-07-06 00:00:00.000000000 Z
+date: 2016-02-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -98,14 +98,14 @@ dependencies:
   name: pundit
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: 1.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: 1.0.0
 - !ruby/object:Gem::Dependency