pundit-matchers 1.4.0 → 1.7.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +5 -5
  2. data/lib/pundit/matchers.rb +193 -79
  3. metadata +19 -20
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: fa9d9639180168e0aa248c00f916e8711b0e82a3
4
- data.tar.gz: 2e70263fd7ca377531a0c34e6136dc0e4ed9f80d
2
+ SHA256:
3
+ metadata.gz: b0da80bb866c35b8ab6548d017a9bc022831e3da0c5493b99aac0ba5c8c79cad
4
+ data.tar.gz: 24bfacd140e3976e30c88204db5e33566c42dbd5e45d568c8d857a7a4205951d
5
5
  SHA512:
6
- metadata.gz: 5a5ebc0298d666b8b19884710386fe194f114acd2e7724468286032f516f9a522a13418baba5c5b0e93294000dbbe1f190a0b20e5a1646537ffe5aed28eab0fd
7
- data.tar.gz: c2e2e029245a9e6d52b200905653a9acb092ba23abe481bc1f686364bae5171eeeebc580dc379cad9004f93db9925864579d862f9b551971bc8e43c3f019e67b
6
+ metadata.gz: 5c1fbddf259fce9fa65c6f0613ec5d46e271ab0c7212380bc86cb5fef6fb85a2f74b6c20a4fb6b4c0e1dacc6b8ad11e1c963f8827c997e88bb319cce157d305b
7
+ data.tar.gz: a2363786904df0631c54b8d84094179b61607e300a16ba53cd6406b02272e51f1e21060832f5b64a3eeaaba1ff6dba7c8462d3308732f335dc363df666058120
data/lib/pundit/matchers.rb CHANGED
@@ -2,6 +2,24 @@ require 'rspec/core'
2
2
 
3
3
  module Pundit
4
4
  module Matchers
5
+ class Configuration
6
+ attr_accessor :user_alias
7
+
8
+ def initialize
9
+ @user_alias = :user
10
+ end
11
+ end
12
+
13
+ class << self
14
+ def configure
15
+ yield(configuration)
16
+ end
17
+
18
+ def configuration
19
+ @configuration ||= Pundit::Matchers::Configuration.new
20
+ end
21
+ end
22
+
5
23
  RSpec::Matchers.define :forbid_action do |action, *args|
6
24
  match do |policy|
7
25
  if args.any?
@@ -12,20 +30,23 @@ module Pundit
12
30
  end
13
31
 
14
32
  failure_message do |policy|
15
- "#{policy.class} does not forbid #{action} for " \
16
- "#{policy.user.inspect}."
33
+ "#{policy.class} does not forbid #{action} for " +
34
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
35
+ .inspect + '.'
17
36
  end
18
37
 
19
38
  failure_message_when_negated do |policy|
20
- "#{policy.class} does not permit #{action} for " \
21
- "#{policy.user.inspect}."
39
+ "#{policy.class} does not permit #{action} for " +
40
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
41
+ .inspect + '.'
22
42
  end
23
43
  end
24
44
  end
25
45
 
26
- RSpec::Matchers.define :forbid_actions do |actions|
46
+ RSpec::Matchers.define :forbid_actions do |*actions|
47
+ actions.flatten!
27
48
  match do |policy|
28
- return false if actions.count < 2
49
+ return false if actions.count < 1
29
50
  @allowed_actions = actions.select do |action|
30
51
  policy.public_send("#{action}?")
31
52
  end
@@ -34,26 +55,28 @@ module Pundit
34
55
 
35
56
  attr_reader :allowed_actions
36
57
 
37
- zero_actions_failure_message = 'At least two actions must be ' \
58
+ zero_actions_failure_message = 'At least one action must be ' \
38
59
  'specified when using the forbid_actions matcher.'
39
60
 
40
61
  failure_message do |policy|
41
- case actions.count
42
- when 0
62
+ if actions.count.zero?
43
63
  zero_actions_failure_message
44
64
  else
45
65
  "#{policy.class} expected to forbid #{actions}, but allowed " \
46
- "#{allowed_actions} for #{policy.user.inspect}."
66
+ "#{allowed_actions} for " +
67
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
68
+ .inspect + '.'
47
69
  end
48
70
  end
49
71
 
50
72
  failure_message_when_negated do |policy|
51
- case actions.count
52
- when 0
73
+ if actions.count.zero?
53
74
  zero_actions_failure_message
54
75
  else
55
76
  "#{policy.class} expected to permit #{actions}, but forbade " \
56
- "#{allowed_actions} for #{policy.user.inspect}."
77
+ "#{allowed_actions} for " +
78
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
79
+ .inspect + '.'
57
80
  end
58
81
  end
59
82
  end
@@ -64,48 +87,80 @@ module Pundit
64
87
  end
65
88
 
66
89
  failure_message do |policy|
67
- "#{policy.class} does not forbid the edit or update action for " \
68
- "#{policy.user.inspect}."
90
+ "#{policy.class} does not forbid the edit or update action for " +
91
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
92
+ .inspect + '.'
69
93
  end
70
94
 
71
95
  failure_message_when_negated do |policy|
72
- "#{policy.class} does not permit the edit or update action for " \
73
- "#{policy.user.inspect}."
96
+ "#{policy.class} does not permit the edit or update action for " +
97
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
98
+ .inspect + '.'
74
99
  end
75
100
  end
76
101
 
77
- RSpec::Matchers.define :forbid_mass_assignment_of do |attribute|
102
+ RSpec::Matchers.define :forbid_mass_assignment_of do |attributes|
103
+ # Map single object argument to an array, if necessary
104
+ attributes = attributes.is_a?(Array) ? attributes : [attributes]
105
+
78
106
  match do |policy|
79
- if defined? @action
80
- !policy.send("permitted_attributes_for_#{@action}").include? attribute
81
- else
82
- !policy.permitted_attributes.include? attribute
107
+ return false if attributes.count < 1
108
+
109
+ @allowed_attributes = attributes.select do |attribute|
110
+ if defined? @action
111
+ policy.send("permitted_attributes_for_#{@action}").include? attribute
112
+ else
113
+ policy.permitted_attributes.include? attribute
114
+ end
83
115
  end
116
+
117
+ @allowed_attributes.empty?
84
118
  end
85
119
 
120
+ attr_reader :allowed_attributes
121
+
86
122
  chain :for_action do |action|
87
123
  @action = action
88
124
  end
89
125
 
126
+ zero_attributes_failure_message = 'At least one attribute must be ' \
127
+ 'specified when using the forbid_mass_assignment_of matcher.'
128
+
90
129
  failure_message do |policy|
91
- if defined? @action
92
- "#{policy.class} does not forbid the mass assignment of the " \
93
- "#{attribute} attribute, when authorising the #{@action} action, " \
94
- "for #{policy.user.inspect}."
130
+ if attributes.count.zero?
131
+ zero_attributes_failure_message
132
+ elsif defined? @action
133
+ "#{policy.class} expected to forbid the mass assignment of the " \
134
+ "attributes #{attributes} when authorising the #{@action} action, " \
135
+ 'but allowed the mass assignment of the attributes ' \
136
+ "#{allowed_attributes} for " +
137
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
138
+ .inspect + '.'
95
139
  else
96
- "#{policy.class} does not forbid the mass assignment of the " \
97
- "#{attribute} attribute for #{policy.user.inspect}."
140
+ "#{policy.class} expected to forbid the mass assignment of the " \
141
+ "attributes #{attributes}, but allowed the mass assignment of " \
142
+ "the attributes #{allowed_attributes} for " +
143
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
144
+ .inspect + '.'
98
145
  end
99
146
  end
100
147
 
101
148
  failure_message_when_negated do |policy|
102
- if defined? @action
103
- "#{policy.class} does not permit the mass assignment of the " \
104
- "#{attribute} attribute, when authorising the #{@action} action, " \
105
- "for #{policy.user.inspect}."
149
+ if attributes.count.zero?
150
+ zero_attributes_failure_message
151
+ elsif defined? @action
152
+ "#{policy.class} expected to permit the mass assignment of the " \
153
+ "attributes #{attributes} when authorising the #{@action} action, " \
154
+ 'but permitted the mass assignment of the attributes ' \
155
+ "#{allowed_attributes} for " +
156
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
157
+ .inspect + '.'
106
158
  else
107
- "#{policy.class} does not permit the mass assignment of the " \
108
- "#{attribute} attribute for #{policy.user.inspect}."
159
+ "#{policy.class} expected to permit the mass assignment of the " \
160
+ "attributes #{attributes}, but permitted the mass assignment of " \
161
+ "the attributes #{allowed_attributes} for " +
162
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
163
+ .inspect + '.'
109
164
  end
110
165
  end
111
166
  end
@@ -116,13 +171,15 @@ module Pundit
116
171
  end
117
172
 
118
173
  failure_message do |policy|
119
- "#{policy.class} does not forbid the new or create action for " \
120
- "#{policy.user.inspect}."
174
+ "#{policy.class} does not forbid the new or create action for " +
175
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
176
+ .inspect + '.'
121
177
  end
122
178
 
123
179
  failure_message_when_negated do |policy|
124
- "#{policy.class} does not permit the new or create action for " \
125
- "#{policy.user.inspect}."
180
+ "#{policy.class} does not permit the new or create action for " +
181
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
182
+ .inspect + '.'
126
183
  end
127
184
  end
128
185
 
@@ -136,49 +193,72 @@ module Pundit
136
193
  end
137
194
 
138
195
  failure_message do |policy|
139
- "#{policy.class} does not permit #{action} for " \
140
- "#{policy.user.inspect}."
196
+ "#{policy.class} does not permit #{action} for " +
197
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
198
+ .inspect + '.'
141
199
  end
142
200
 
143
201
  failure_message_when_negated do |policy|
144
- "#{policy.class} does not forbid #{action} for " \
145
- "#{policy.user.inspect}."
202
+ "#{policy.class} does not forbid #{action} for " +
203
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
204
+ .inspect + '.'
146
205
  end
147
206
  end
148
207
 
149
- RSpec::Matchers.define :permit_actions do |actions|
208
+ RSpec::Matchers.define :permit_actions do |*actions|
209
+ actions.flatten!
150
210
  match do |policy|
151
- return false if actions.count < 2
211
+ return false if actions.count < 1
152
212
  @forbidden_actions = actions.reject do |action|
153
213
  policy.public_send("#{action}?")
154
214
  end
155
215
  @forbidden_actions.empty?
156
216
  end
157
217
 
218
+ match_when_negated do |policy|
219
+ ::Kernel.warn 'Using expect { }.not_to permit_actions could produce \
220
+ confusing results. Please use `.to forbid_actions` instead. To \
221
+ clarify, `.not_to permit_actions` will look at all of the actions and \
222
+ checks if ANY actions fail, not if all actions fail. Therefore, you \
223
+ could result in something like this: \
224
+
225
+ it { is_expected.to permit_actions([:new, :create, :edit]) } \
226
+ it { is_expected.not_to permit_actions([:edit, :destroy]) } \
227
+
228
+ In this case, edit would be true and destroy would be false, but both \
229
+ tests would pass.'
230
+
231
+ return true if actions.count < 1
232
+ @forbidden_actions = actions.reject do |action|
233
+ policy.public_send("#{action}?")
234
+ end
235
+ !@forbidden_actions.empty?
236
+ end
237
+
158
238
  attr_reader :forbidden_actions
159
239
 
160
- zero_actions_failure_message = 'At least two actions must be ' \
161
- 'specified when using the permit_actions matcher.'
240
+ zero_actions_failure_message = 'At least one action must be specified ' \
241
+ 'when using the permit_actions matcher.'
162
242
 
163
243
  failure_message do |policy|
164
- case actions.count
165
- when 0
244
+ if actions.count.zero?
166
245
  zero_actions_failure_message
167
246
  else
168
247
  "#{policy.class} expected to permit #{actions}, but forbade " \
169
- "#{forbidden_actions} for #{policy.user.inspect}."
248
+ "#{forbidden_actions} for " +
249
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
250
+ .inspect + '.'
170
251
  end
171
252
  end
172
253
 
173
254
  failure_message_when_negated do |policy|
174
- case actions.count
175
- when 0
255
+ if actions.count.zero?
176
256
  zero_actions_failure_message
177
- when 1
178
- one_action_failure_message
179
257
  else
180
258
  "#{policy.class} expected to forbid #{actions}, but allowed " \
181
- "#{forbidden_actions} for #{policy.user.inspect}."
259
+ "#{forbidden_actions} for " +
260
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
261
+ .inspect + '.'
182
262
  end
183
263
  end
184
264
  end
@@ -189,48 +269,80 @@ module Pundit
189
269
  end
190
270
 
191
271
  failure_message do |policy|
192
- "#{policy.class} does not permit the edit or update action for " \
193
- "#{policy.user.inspect}."
272
+ "#{policy.class} does not permit the edit or update action for " +
273
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
274
+ .inspect + '.'
194
275
  end
195
276
 
196
277
  failure_message_when_negated do |policy|
197
- "#{policy.class} does not forbid the edit or update action for " \
198
- "#{policy.user.inspect}."
278
+ "#{policy.class} does not forbid the edit or update action for " +
279
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
280
+ .inspect + '.'
199
281
  end
200
282
  end
201
283
 
202
- RSpec::Matchers.define :permit_mass_assignment_of do |attribute|
284
+ RSpec::Matchers.define :permit_mass_assignment_of do |attributes|
285
+ # Map single object argument to an array, if necessary
286
+ attributes = attributes.is_a?(Array) ? attributes : [attributes]
287
+
203
288
  match do |policy|
204
- if defined? @action
205
- policy.send("permitted_attributes_for_#{@action}").include? attribute
206
- else
207
- policy.permitted_attributes.include? attribute
289
+ return false if attributes.count < 1
290
+
291
+ @forbidden_attributes = attributes.select do |attribute|
292
+ if defined? @action
293
+ !policy.send("permitted_attributes_for_#{@action}").include? attribute
294
+ else
295
+ !policy.permitted_attributes.include? attribute
296
+ end
208
297
  end
298
+
299
+ @forbidden_attributes.empty?
209
300
  end
210
301
 
302
+ attr_reader :forbidden_attributes
303
+
211
304
  chain :for_action do |action|
212
305
  @action = action
213
306
  end
214
307
 
308
+ zero_attributes_failure_message = 'At least one attribute must be ' \
309
+ 'specified when using the permit_mass_assignment_of matcher.'
310
+
215
311
  failure_message do |policy|
216
- if defined? @action
217
- "#{policy.class} does not permit the mass assignment of the " \
218
- "#{attribute} attribute, when authorising the #{@action} action, " \
219
- "for #{policy.user.inspect}."
312
+ if attributes.count.zero?
313
+ zero_attributes_failure_message
314
+ elsif defined? @action
315
+ "#{policy.class} expected to permit the mass assignment of the " \
316
+ "attributes #{attributes} when authorising the #{@action} action, " \
317
+ 'but forbade the mass assignment of the attributes ' \
318
+ "#{forbidden_attributes} for " +
319
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
320
+ .inspect + '.'
220
321
  else
221
- "#{policy.class} does not permit the mass assignment of the " \
222
- "#{attribute} attribute for #{policy.user.inspect}."
322
+ "#{policy.class} expected to permit the mass assignment of the " \
323
+ "attributes #{attributes}, but forbade the mass assignment of the " \
324
+ "attributes #{forbidden_attributes} for " +
325
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
326
+ .inspect + '.'
223
327
  end
224
328
  end
225
329
 
226
330
  failure_message_when_negated do |policy|
227
- if defined? @action
228
- "#{policy.class} does not forbid the mass assignment of the " \
229
- "#{attribute} attribute, when authorising the #{@action} action, " \
230
- "for #{policy.user.inspect}."
331
+ if attributes.count.zero?
332
+ zero_attributes_failure_message
333
+ elsif defined? @action
334
+ "#{policy.class} expected to forbid the mass assignment of the " \
335
+ "attributes #{attributes} when authorising the #{@action} action, " \
336
+ 'but forbade the mass assignment of the attributes ' \
337
+ "#{forbidden_attributes} for " +
338
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
339
+ .inspect + '.'
231
340
  else
232
- "#{policy.class} does not forbid the mass assignment of the " \
233
- "#{attribute} attribute for #{policy.user.inspect}."
341
+ "#{policy.class} expected to forbid the mass assignment of the " \
342
+ "attributes #{attributes}, but forbade the mass assignment of the " \
343
+ "attributes #{forbidden_attributes} for " +
344
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
345
+ .inspect + '.'
234
346
  end
235
347
  end
236
348
  end
@@ -241,13 +353,15 @@ module Pundit
241
353
  end
242
354
 
243
355
  failure_message do |policy|
244
- "#{policy.class} does not permit the new or create action for " \
245
- "#{policy.user.inspect}."
356
+ "#{policy.class} does not permit the new or create action for " +
357
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
358
+ .inspect + '.'
246
359
  end
247
360
 
248
361
  failure_message_when_negated do |policy|
249
- "#{policy.class} does not forbid the new or create action for " \
250
- "#{policy.user.inspect}."
362
+ "#{policy.class} does not forbid the new or create action for " +
363
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
364
+ .inspect + '.'
251
365
  end
252
366
  end
253
367
  end
metadata CHANGED
@@ -1,49 +1,49 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pundit-matchers
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.0
4
+ version: 1.7.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Chris Alley
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-10-30 00:00:00.000000000 Z
11
+ date: 2021-07-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
- name: pundit
14
+ name: rspec-rails
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - "~>"
18
- - !ruby/object:Gem::Version
19
- version: '1.1'
20
17
  - - ">="
21
18
  - !ruby/object:Gem::Version
22
- version: 1.1.0
19
+ version: 3.0.0
23
20
  type: :runtime
24
21
  prerelease: false
25
22
  version_requirements: !ruby/object:Gem::Requirement
26
23
  requirements:
27
- - - "~>"
28
- - !ruby/object:Gem::Version
29
- version: '1.1'
30
24
  - - ">="
31
25
  - !ruby/object:Gem::Version
32
- version: 1.1.0
26
+ version: 3.0.0
33
27
  - !ruby/object:Gem::Dependency
34
- name: rspec-rails
28
+ name: pundit
35
29
  requirement: !ruby/object:Gem::Requirement
36
30
  requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '1.1'
37
34
  - - ">="
38
35
  - !ruby/object:Gem::Version
39
- version: 3.0.0
40
- type: :runtime
36
+ version: 1.1.0
37
+ type: :development
41
38
  prerelease: false
42
39
  version_requirements: !ruby/object:Gem::Requirement
43
40
  requirements:
41
+ - - "~>"
42
+ - !ruby/object:Gem::Version
43
+ version: '1.1'
44
44
  - - ">="
45
45
  - !ruby/object:Gem::Version
46
- version: 3.0.0
46
+ version: 1.1.0
47
47
  description: A set of RSpec matchers for testing Pundit authorisation policies
48
48
  email: chris@chrisalley.info
49
49
  executables: []
@@ -55,7 +55,7 @@ homepage: http://github.com/chrisalley/pundit-matchers
55
55
  licenses:
56
56
  - MIT
57
57
  metadata: {}
58
- post_install_message:
58
+ post_install_message:
59
59
  rdoc_options: []
60
60
  require_paths:
61
61
  - lib
@@ -70,9 +70,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
70
70
  - !ruby/object:Gem::Version
71
71
  version: '0'
72
72
  requirements: []
73
- rubyforge_project:
74
- rubygems_version: 2.6.14
75
- signing_key:
73
+ rubygems_version: 3.2.15
74
+ signing_key:
76
75
  specification_version: 4
77
76
  summary: RSpec matchers for Pundit policies
78
77
  test_files: []