pundit-matchers 1.4.0 → 1.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. checksums.yaml +5 -5
  2. data/lib/pundit/matchers.rb +193 -79
  3. metadata +19 -20
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: fa9d9639180168e0aa248c00f916e8711b0e82a3
4
- data.tar.gz: 2e70263fd7ca377531a0c34e6136dc0e4ed9f80d
2
+ SHA256:
3
+ metadata.gz: b0da80bb866c35b8ab6548d017a9bc022831e3da0c5493b99aac0ba5c8c79cad
4
+ data.tar.gz: 24bfacd140e3976e30c88204db5e33566c42dbd5e45d568c8d857a7a4205951d
5
5
  SHA512:
6
- metadata.gz: 5a5ebc0298d666b8b19884710386fe194f114acd2e7724468286032f516f9a522a13418baba5c5b0e93294000dbbe1f190a0b20e5a1646537ffe5aed28eab0fd
7
- data.tar.gz: c2e2e029245a9e6d52b200905653a9acb092ba23abe481bc1f686364bae5171eeeebc580dc379cad9004f93db9925864579d862f9b551971bc8e43c3f019e67b
6
+ metadata.gz: 5c1fbddf259fce9fa65c6f0613ec5d46e271ab0c7212380bc86cb5fef6fb85a2f74b6c20a4fb6b4c0e1dacc6b8ad11e1c963f8827c997e88bb319cce157d305b
7
+ data.tar.gz: a2363786904df0631c54b8d84094179b61607e300a16ba53cd6406b02272e51f1e21060832f5b64a3eeaaba1ff6dba7c8462d3308732f335dc363df666058120
@@ -2,6 +2,24 @@ require 'rspec/core'
2
2
 
3
3
  module Pundit
4
4
  module Matchers
5
+ class Configuration
6
+ attr_accessor :user_alias
7
+
8
+ def initialize
9
+ @user_alias = :user
10
+ end
11
+ end
12
+
13
+ class << self
14
+ def configure
15
+ yield(configuration)
16
+ end
17
+
18
+ def configuration
19
+ @configuration ||= Pundit::Matchers::Configuration.new
20
+ end
21
+ end
22
+
5
23
  RSpec::Matchers.define :forbid_action do |action, *args|
6
24
  match do |policy|
7
25
  if args.any?
@@ -12,20 +30,23 @@ module Pundit
12
30
  end
13
31
 
14
32
  failure_message do |policy|
15
- "#{policy.class} does not forbid #{action} for " \
16
- "#{policy.user.inspect}."
33
+ "#{policy.class} does not forbid #{action} for " +
34
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
35
+ .inspect + '.'
17
36
  end
18
37
 
19
38
  failure_message_when_negated do |policy|
20
- "#{policy.class} does not permit #{action} for " \
21
- "#{policy.user.inspect}."
39
+ "#{policy.class} does not permit #{action} for " +
40
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
41
+ .inspect + '.'
22
42
  end
23
43
  end
24
44
  end
25
45
 
26
- RSpec::Matchers.define :forbid_actions do |actions|
46
+ RSpec::Matchers.define :forbid_actions do |*actions|
47
+ actions.flatten!
27
48
  match do |policy|
28
- return false if actions.count < 2
49
+ return false if actions.count < 1
29
50
  @allowed_actions = actions.select do |action|
30
51
  policy.public_send("#{action}?")
31
52
  end
@@ -34,26 +55,28 @@ module Pundit
34
55
 
35
56
  attr_reader :allowed_actions
36
57
 
37
- zero_actions_failure_message = 'At least two actions must be ' \
58
+ zero_actions_failure_message = 'At least one action must be ' \
38
59
  'specified when using the forbid_actions matcher.'
39
60
 
40
61
  failure_message do |policy|
41
- case actions.count
42
- when 0
62
+ if actions.count.zero?
43
63
  zero_actions_failure_message
44
64
  else
45
65
  "#{policy.class} expected to forbid #{actions}, but allowed " \
46
- "#{allowed_actions} for #{policy.user.inspect}."
66
+ "#{allowed_actions} for " +
67
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
68
+ .inspect + '.'
47
69
  end
48
70
  end
49
71
 
50
72
  failure_message_when_negated do |policy|
51
- case actions.count
52
- when 0
73
+ if actions.count.zero?
53
74
  zero_actions_failure_message
54
75
  else
55
76
  "#{policy.class} expected to permit #{actions}, but forbade " \
56
- "#{allowed_actions} for #{policy.user.inspect}."
77
+ "#{allowed_actions} for " +
78
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
79
+ .inspect + '.'
57
80
  end
58
81
  end
59
82
  end
@@ -64,48 +87,80 @@ module Pundit
64
87
  end
65
88
 
66
89
  failure_message do |policy|
67
- "#{policy.class} does not forbid the edit or update action for " \
68
- "#{policy.user.inspect}."
90
+ "#{policy.class} does not forbid the edit or update action for " +
91
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
92
+ .inspect + '.'
69
93
  end
70
94
 
71
95
  failure_message_when_negated do |policy|
72
- "#{policy.class} does not permit the edit or update action for " \
73
- "#{policy.user.inspect}."
96
+ "#{policy.class} does not permit the edit or update action for " +
97
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
98
+ .inspect + '.'
74
99
  end
75
100
  end
76
101
 
77
- RSpec::Matchers.define :forbid_mass_assignment_of do |attribute|
102
+ RSpec::Matchers.define :forbid_mass_assignment_of do |attributes|
103
+ # Map single object argument to an array, if necessary
104
+ attributes = attributes.is_a?(Array) ? attributes : [attributes]
105
+
78
106
  match do |policy|
79
- if defined? @action
80
- !policy.send("permitted_attributes_for_#{@action}").include? attribute
81
- else
82
- !policy.permitted_attributes.include? attribute
107
+ return false if attributes.count < 1
108
+
109
+ @allowed_attributes = attributes.select do |attribute|
110
+ if defined? @action
111
+ policy.send("permitted_attributes_for_#{@action}").include? attribute
112
+ else
113
+ policy.permitted_attributes.include? attribute
114
+ end
83
115
  end
116
+
117
+ @allowed_attributes.empty?
84
118
  end
85
119
 
120
+ attr_reader :allowed_attributes
121
+
86
122
  chain :for_action do |action|
87
123
  @action = action
88
124
  end
89
125
 
126
+ zero_attributes_failure_message = 'At least one attribute must be ' \
127
+ 'specified when using the forbid_mass_assignment_of matcher.'
128
+
90
129
  failure_message do |policy|
91
- if defined? @action
92
- "#{policy.class} does not forbid the mass assignment of the " \
93
- "#{attribute} attribute, when authorising the #{@action} action, " \
94
- "for #{policy.user.inspect}."
130
+ if attributes.count.zero?
131
+ zero_attributes_failure_message
132
+ elsif defined? @action
133
+ "#{policy.class} expected to forbid the mass assignment of the " \
134
+ "attributes #{attributes} when authorising the #{@action} action, " \
135
+ 'but allowed the mass assignment of the attributes ' \
136
+ "#{allowed_attributes} for " +
137
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
138
+ .inspect + '.'
95
139
  else
96
- "#{policy.class} does not forbid the mass assignment of the " \
97
- "#{attribute} attribute for #{policy.user.inspect}."
140
+ "#{policy.class} expected to forbid the mass assignment of the " \
141
+ "attributes #{attributes}, but allowed the mass assignment of " \
142
+ "the attributes #{allowed_attributes} for " +
143
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
144
+ .inspect + '.'
98
145
  end
99
146
  end
100
147
 
101
148
  failure_message_when_negated do |policy|
102
- if defined? @action
103
- "#{policy.class} does not permit the mass assignment of the " \
104
- "#{attribute} attribute, when authorising the #{@action} action, " \
105
- "for #{policy.user.inspect}."
149
+ if attributes.count.zero?
150
+ zero_attributes_failure_message
151
+ elsif defined? @action
152
+ "#{policy.class} expected to permit the mass assignment of the " \
153
+ "attributes #{attributes} when authorising the #{@action} action, " \
154
+ 'but permitted the mass assignment of the attributes ' \
155
+ "#{allowed_attributes} for " +
156
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
157
+ .inspect + '.'
106
158
  else
107
- "#{policy.class} does not permit the mass assignment of the " \
108
- "#{attribute} attribute for #{policy.user.inspect}."
159
+ "#{policy.class} expected to permit the mass assignment of the " \
160
+ "attributes #{attributes}, but permitted the mass assignment of " \
161
+ "the attributes #{allowed_attributes} for " +
162
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
163
+ .inspect + '.'
109
164
  end
110
165
  end
111
166
  end
@@ -116,13 +171,15 @@ module Pundit
116
171
  end
117
172
 
118
173
  failure_message do |policy|
119
- "#{policy.class} does not forbid the new or create action for " \
120
- "#{policy.user.inspect}."
174
+ "#{policy.class} does not forbid the new or create action for " +
175
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
176
+ .inspect + '.'
121
177
  end
122
178
 
123
179
  failure_message_when_negated do |policy|
124
- "#{policy.class} does not permit the new or create action for " \
125
- "#{policy.user.inspect}."
180
+ "#{policy.class} does not permit the new or create action for " +
181
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
182
+ .inspect + '.'
126
183
  end
127
184
  end
128
185
 
@@ -136,49 +193,72 @@ module Pundit
136
193
  end
137
194
 
138
195
  failure_message do |policy|
139
- "#{policy.class} does not permit #{action} for " \
140
- "#{policy.user.inspect}."
196
+ "#{policy.class} does not permit #{action} for " +
197
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
198
+ .inspect + '.'
141
199
  end
142
200
 
143
201
  failure_message_when_negated do |policy|
144
- "#{policy.class} does not forbid #{action} for " \
145
- "#{policy.user.inspect}."
202
+ "#{policy.class} does not forbid #{action} for " +
203
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
204
+ .inspect + '.'
146
205
  end
147
206
  end
148
207
 
149
- RSpec::Matchers.define :permit_actions do |actions|
208
+ RSpec::Matchers.define :permit_actions do |*actions|
209
+ actions.flatten!
150
210
  match do |policy|
151
- return false if actions.count < 2
211
+ return false if actions.count < 1
152
212
  @forbidden_actions = actions.reject do |action|
153
213
  policy.public_send("#{action}?")
154
214
  end
155
215
  @forbidden_actions.empty?
156
216
  end
157
217
 
218
+ match_when_negated do |policy|
219
+ ::Kernel.warn 'Using expect { }.not_to permit_actions could produce \
220
+ confusing results. Please use `.to forbid_actions` instead. To \
221
+ clarify, `.not_to permit_actions` will look at all of the actions and \
222
+ checks if ANY actions fail, not if all actions fail. Therefore, you \
223
+ could result in something like this: \
224
+
225
+ it { is_expected.to permit_actions([:new, :create, :edit]) } \
226
+ it { is_expected.not_to permit_actions([:edit, :destroy]) } \
227
+
228
+ In this case, edit would be true and destroy would be false, but both \
229
+ tests would pass.'
230
+
231
+ return true if actions.count < 1
232
+ @forbidden_actions = actions.reject do |action|
233
+ policy.public_send("#{action}?")
234
+ end
235
+ !@forbidden_actions.empty?
236
+ end
237
+
158
238
  attr_reader :forbidden_actions
159
239
 
160
- zero_actions_failure_message = 'At least two actions must be ' \
161
- 'specified when using the permit_actions matcher.'
240
+ zero_actions_failure_message = 'At least one action must be specified ' \
241
+ 'when using the permit_actions matcher.'
162
242
 
163
243
  failure_message do |policy|
164
- case actions.count
165
- when 0
244
+ if actions.count.zero?
166
245
  zero_actions_failure_message
167
246
  else
168
247
  "#{policy.class} expected to permit #{actions}, but forbade " \
169
- "#{forbidden_actions} for #{policy.user.inspect}."
248
+ "#{forbidden_actions} for " +
249
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
250
+ .inspect + '.'
170
251
  end
171
252
  end
172
253
 
173
254
  failure_message_when_negated do |policy|
174
- case actions.count
175
- when 0
255
+ if actions.count.zero?
176
256
  zero_actions_failure_message
177
- when 1
178
- one_action_failure_message
179
257
  else
180
258
  "#{policy.class} expected to forbid #{actions}, but allowed " \
181
- "#{forbidden_actions} for #{policy.user.inspect}."
259
+ "#{forbidden_actions} for " +
260
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
261
+ .inspect + '.'
182
262
  end
183
263
  end
184
264
  end
@@ -189,48 +269,80 @@ module Pundit
189
269
  end
190
270
 
191
271
  failure_message do |policy|
192
- "#{policy.class} does not permit the edit or update action for " \
193
- "#{policy.user.inspect}."
272
+ "#{policy.class} does not permit the edit or update action for " +
273
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
274
+ .inspect + '.'
194
275
  end
195
276
 
196
277
  failure_message_when_negated do |policy|
197
- "#{policy.class} does not forbid the edit or update action for " \
198
- "#{policy.user.inspect}."
278
+ "#{policy.class} does not forbid the edit or update action for " +
279
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
280
+ .inspect + '.'
199
281
  end
200
282
  end
201
283
 
202
- RSpec::Matchers.define :permit_mass_assignment_of do |attribute|
284
+ RSpec::Matchers.define :permit_mass_assignment_of do |attributes|
285
+ # Map single object argument to an array, if necessary
286
+ attributes = attributes.is_a?(Array) ? attributes : [attributes]
287
+
203
288
  match do |policy|
204
- if defined? @action
205
- policy.send("permitted_attributes_for_#{@action}").include? attribute
206
- else
207
- policy.permitted_attributes.include? attribute
289
+ return false if attributes.count < 1
290
+
291
+ @forbidden_attributes = attributes.select do |attribute|
292
+ if defined? @action
293
+ !policy.send("permitted_attributes_for_#{@action}").include? attribute
294
+ else
295
+ !policy.permitted_attributes.include? attribute
296
+ end
208
297
  end
298
+
299
+ @forbidden_attributes.empty?
209
300
  end
210
301
 
302
+ attr_reader :forbidden_attributes
303
+
211
304
  chain :for_action do |action|
212
305
  @action = action
213
306
  end
214
307
 
308
+ zero_attributes_failure_message = 'At least one attribute must be ' \
309
+ 'specified when using the permit_mass_assignment_of matcher.'
310
+
215
311
  failure_message do |policy|
216
- if defined? @action
217
- "#{policy.class} does not permit the mass assignment of the " \
218
- "#{attribute} attribute, when authorising the #{@action} action, " \
219
- "for #{policy.user.inspect}."
312
+ if attributes.count.zero?
313
+ zero_attributes_failure_message
314
+ elsif defined? @action
315
+ "#{policy.class} expected to permit the mass assignment of the " \
316
+ "attributes #{attributes} when authorising the #{@action} action, " \
317
+ 'but forbade the mass assignment of the attributes ' \
318
+ "#{forbidden_attributes} for " +
319
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
320
+ .inspect + '.'
220
321
  else
221
- "#{policy.class} does not permit the mass assignment of the " \
222
- "#{attribute} attribute for #{policy.user.inspect}."
322
+ "#{policy.class} expected to permit the mass assignment of the " \
323
+ "attributes #{attributes}, but forbade the mass assignment of the " \
324
+ "attributes #{forbidden_attributes} for " +
325
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
326
+ .inspect + '.'
223
327
  end
224
328
  end
225
329
 
226
330
  failure_message_when_negated do |policy|
227
- if defined? @action
228
- "#{policy.class} does not forbid the mass assignment of the " \
229
- "#{attribute} attribute, when authorising the #{@action} action, " \
230
- "for #{policy.user.inspect}."
331
+ if attributes.count.zero?
332
+ zero_attributes_failure_message
333
+ elsif defined? @action
334
+ "#{policy.class} expected to forbid the mass assignment of the " \
335
+ "attributes #{attributes} when authorising the #{@action} action, " \
336
+ 'but forbade the mass assignment of the attributes ' \
337
+ "#{forbidden_attributes} for " +
338
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
339
+ .inspect + '.'
231
340
  else
232
- "#{policy.class} does not forbid the mass assignment of the " \
233
- "#{attribute} attribute for #{policy.user.inspect}."
341
+ "#{policy.class} expected to forbid the mass assignment of the " \
342
+ "attributes #{attributes}, but forbade the mass assignment of the " \
343
+ "attributes #{forbidden_attributes} for " +
344
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
345
+ .inspect + '.'
234
346
  end
235
347
  end
236
348
  end
@@ -241,13 +353,15 @@ module Pundit
241
353
  end
242
354
 
243
355
  failure_message do |policy|
244
- "#{policy.class} does not permit the new or create action for " \
245
- "#{policy.user.inspect}."
356
+ "#{policy.class} does not permit the new or create action for " +
357
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
358
+ .inspect + '.'
246
359
  end
247
360
 
248
361
  failure_message_when_negated do |policy|
249
- "#{policy.class} does not forbid the new or create action for " \
250
- "#{policy.user.inspect}."
362
+ "#{policy.class} does not forbid the new or create action for " +
363
+ policy.public_send(Pundit::Matchers.configuration.user_alias)
364
+ .inspect + '.'
251
365
  end
252
366
  end
253
367
  end
metadata CHANGED
@@ -1,49 +1,49 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pundit-matchers
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.0
4
+ version: 1.7.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Chris Alley
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-10-30 00:00:00.000000000 Z
11
+ date: 2021-07-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
- name: pundit
14
+ name: rspec-rails
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - "~>"
18
- - !ruby/object:Gem::Version
19
- version: '1.1'
20
17
  - - ">="
21
18
  - !ruby/object:Gem::Version
22
- version: 1.1.0
19
+ version: 3.0.0
23
20
  type: :runtime
24
21
  prerelease: false
25
22
  version_requirements: !ruby/object:Gem::Requirement
26
23
  requirements:
27
- - - "~>"
28
- - !ruby/object:Gem::Version
29
- version: '1.1'
30
24
  - - ">="
31
25
  - !ruby/object:Gem::Version
32
- version: 1.1.0
26
+ version: 3.0.0
33
27
  - !ruby/object:Gem::Dependency
34
- name: rspec-rails
28
+ name: pundit
35
29
  requirement: !ruby/object:Gem::Requirement
36
30
  requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '1.1'
37
34
  - - ">="
38
35
  - !ruby/object:Gem::Version
39
- version: 3.0.0
40
- type: :runtime
36
+ version: 1.1.0
37
+ type: :development
41
38
  prerelease: false
42
39
  version_requirements: !ruby/object:Gem::Requirement
43
40
  requirements:
41
+ - - "~>"
42
+ - !ruby/object:Gem::Version
43
+ version: '1.1'
44
44
  - - ">="
45
45
  - !ruby/object:Gem::Version
46
- version: 3.0.0
46
+ version: 1.1.0
47
47
  description: A set of RSpec matchers for testing Pundit authorisation policies
48
48
  email: chris@chrisalley.info
49
49
  executables: []
@@ -55,7 +55,7 @@ homepage: http://github.com/chrisalley/pundit-matchers
55
55
  licenses:
56
56
  - MIT
57
57
  metadata: {}
58
- post_install_message:
58
+ post_install_message:
59
59
  rdoc_options: []
60
60
  require_paths:
61
61
  - lib
@@ -70,9 +70,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
70
70
  - !ruby/object:Gem::Version
71
71
  version: '0'
72
72
  requirements: []
73
- rubyforge_project:
74
- rubygems_version: 2.6.14
75
- signing_key:
73
+ rubygems_version: 3.2.15
74
+ signing_key:
76
75
  specification_version: 4
77
76
  summary: RSpec matchers for Pundit policies
78
77
  test_files: []