pundit-matchers 1.4.0 → 1.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/lib/pundit/matchers.rb +193 -79
- metadata +19 -20
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: b0da80bb866c35b8ab6548d017a9bc022831e3da0c5493b99aac0ba5c8c79cad
|
4
|
+
data.tar.gz: 24bfacd140e3976e30c88204db5e33566c42dbd5e45d568c8d857a7a4205951d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5c1fbddf259fce9fa65c6f0613ec5d46e271ab0c7212380bc86cb5fef6fb85a2f74b6c20a4fb6b4c0e1dacc6b8ad11e1c963f8827c997e88bb319cce157d305b
|
7
|
+
data.tar.gz: a2363786904df0631c54b8d84094179b61607e300a16ba53cd6406b02272e51f1e21060832f5b64a3eeaaba1ff6dba7c8462d3308732f335dc363df666058120
|
data/lib/pundit/matchers.rb
CHANGED
@@ -2,6 +2,24 @@ require 'rspec/core'
|
|
2
2
|
|
3
3
|
module Pundit
|
4
4
|
module Matchers
|
5
|
+
class Configuration
|
6
|
+
attr_accessor :user_alias
|
7
|
+
|
8
|
+
def initialize
|
9
|
+
@user_alias = :user
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
13
|
+
class << self
|
14
|
+
def configure
|
15
|
+
yield(configuration)
|
16
|
+
end
|
17
|
+
|
18
|
+
def configuration
|
19
|
+
@configuration ||= Pundit::Matchers::Configuration.new
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
5
23
|
RSpec::Matchers.define :forbid_action do |action, *args|
|
6
24
|
match do |policy|
|
7
25
|
if args.any?
|
@@ -12,20 +30,23 @@ module Pundit
|
|
12
30
|
end
|
13
31
|
|
14
32
|
failure_message do |policy|
|
15
|
-
"#{policy.class} does not forbid #{action} for "
|
16
|
-
|
33
|
+
"#{policy.class} does not forbid #{action} for " +
|
34
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
35
|
+
.inspect + '.'
|
17
36
|
end
|
18
37
|
|
19
38
|
failure_message_when_negated do |policy|
|
20
|
-
"#{policy.class} does not permit #{action} for "
|
21
|
-
|
39
|
+
"#{policy.class} does not permit #{action} for " +
|
40
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
41
|
+
.inspect + '.'
|
22
42
|
end
|
23
43
|
end
|
24
44
|
end
|
25
45
|
|
26
|
-
RSpec::Matchers.define :forbid_actions do
|
46
|
+
RSpec::Matchers.define :forbid_actions do |*actions|
|
47
|
+
actions.flatten!
|
27
48
|
match do |policy|
|
28
|
-
return false if actions.count <
|
49
|
+
return false if actions.count < 1
|
29
50
|
@allowed_actions = actions.select do |action|
|
30
51
|
policy.public_send("#{action}?")
|
31
52
|
end
|
@@ -34,26 +55,28 @@ module Pundit
|
|
34
55
|
|
35
56
|
attr_reader :allowed_actions
|
36
57
|
|
37
|
-
zero_actions_failure_message = 'At least
|
58
|
+
zero_actions_failure_message = 'At least one action must be ' \
|
38
59
|
'specified when using the forbid_actions matcher.'
|
39
60
|
|
40
61
|
failure_message do |policy|
|
41
|
-
|
42
|
-
when 0
|
62
|
+
if actions.count.zero?
|
43
63
|
zero_actions_failure_message
|
44
64
|
else
|
45
65
|
"#{policy.class} expected to forbid #{actions}, but allowed " \
|
46
|
-
"#{allowed_actions} for
|
66
|
+
"#{allowed_actions} for " +
|
67
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
68
|
+
.inspect + '.'
|
47
69
|
end
|
48
70
|
end
|
49
71
|
|
50
72
|
failure_message_when_negated do |policy|
|
51
|
-
|
52
|
-
when 0
|
73
|
+
if actions.count.zero?
|
53
74
|
zero_actions_failure_message
|
54
75
|
else
|
55
76
|
"#{policy.class} expected to permit #{actions}, but forbade " \
|
56
|
-
"#{allowed_actions} for
|
77
|
+
"#{allowed_actions} for " +
|
78
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
79
|
+
.inspect + '.'
|
57
80
|
end
|
58
81
|
end
|
59
82
|
end
|
@@ -64,48 +87,80 @@ module Pundit
|
|
64
87
|
end
|
65
88
|
|
66
89
|
failure_message do |policy|
|
67
|
-
"#{policy.class} does not forbid the edit or update action for "
|
68
|
-
|
90
|
+
"#{policy.class} does not forbid the edit or update action for " +
|
91
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
92
|
+
.inspect + '.'
|
69
93
|
end
|
70
94
|
|
71
95
|
failure_message_when_negated do |policy|
|
72
|
-
"#{policy.class} does not permit the edit or update action for "
|
73
|
-
|
96
|
+
"#{policy.class} does not permit the edit or update action for " +
|
97
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
98
|
+
.inspect + '.'
|
74
99
|
end
|
75
100
|
end
|
76
101
|
|
77
|
-
RSpec::Matchers.define :forbid_mass_assignment_of do |
|
102
|
+
RSpec::Matchers.define :forbid_mass_assignment_of do |attributes|
|
103
|
+
# Map single object argument to an array, if necessary
|
104
|
+
attributes = attributes.is_a?(Array) ? attributes : [attributes]
|
105
|
+
|
78
106
|
match do |policy|
|
79
|
-
if
|
80
|
-
|
81
|
-
|
82
|
-
|
107
|
+
return false if attributes.count < 1
|
108
|
+
|
109
|
+
@allowed_attributes = attributes.select do |attribute|
|
110
|
+
if defined? @action
|
111
|
+
policy.send("permitted_attributes_for_#{@action}").include? attribute
|
112
|
+
else
|
113
|
+
policy.permitted_attributes.include? attribute
|
114
|
+
end
|
83
115
|
end
|
116
|
+
|
117
|
+
@allowed_attributes.empty?
|
84
118
|
end
|
85
119
|
|
120
|
+
attr_reader :allowed_attributes
|
121
|
+
|
86
122
|
chain :for_action do |action|
|
87
123
|
@action = action
|
88
124
|
end
|
89
125
|
|
126
|
+
zero_attributes_failure_message = 'At least one attribute must be ' \
|
127
|
+
'specified when using the forbid_mass_assignment_of matcher.'
|
128
|
+
|
90
129
|
failure_message do |policy|
|
91
|
-
if
|
92
|
-
|
93
|
-
|
94
|
-
|
130
|
+
if attributes.count.zero?
|
131
|
+
zero_attributes_failure_message
|
132
|
+
elsif defined? @action
|
133
|
+
"#{policy.class} expected to forbid the mass assignment of the " \
|
134
|
+
"attributes #{attributes} when authorising the #{@action} action, " \
|
135
|
+
'but allowed the mass assignment of the attributes ' \
|
136
|
+
"#{allowed_attributes} for " +
|
137
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
138
|
+
.inspect + '.'
|
95
139
|
else
|
96
|
-
"#{policy.class}
|
97
|
-
"#{
|
140
|
+
"#{policy.class} expected to forbid the mass assignment of the " \
|
141
|
+
"attributes #{attributes}, but allowed the mass assignment of " \
|
142
|
+
"the attributes #{allowed_attributes} for " +
|
143
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
144
|
+
.inspect + '.'
|
98
145
|
end
|
99
146
|
end
|
100
147
|
|
101
148
|
failure_message_when_negated do |policy|
|
102
|
-
if
|
103
|
-
|
104
|
-
|
105
|
-
|
149
|
+
if attributes.count.zero?
|
150
|
+
zero_attributes_failure_message
|
151
|
+
elsif defined? @action
|
152
|
+
"#{policy.class} expected to permit the mass assignment of the " \
|
153
|
+
"attributes #{attributes} when authorising the #{@action} action, " \
|
154
|
+
'but permitted the mass assignment of the attributes ' \
|
155
|
+
"#{allowed_attributes} for " +
|
156
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
157
|
+
.inspect + '.'
|
106
158
|
else
|
107
|
-
"#{policy.class}
|
108
|
-
"#{
|
159
|
+
"#{policy.class} expected to permit the mass assignment of the " \
|
160
|
+
"attributes #{attributes}, but permitted the mass assignment of " \
|
161
|
+
"the attributes #{allowed_attributes} for " +
|
162
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
163
|
+
.inspect + '.'
|
109
164
|
end
|
110
165
|
end
|
111
166
|
end
|
@@ -116,13 +171,15 @@ module Pundit
|
|
116
171
|
end
|
117
172
|
|
118
173
|
failure_message do |policy|
|
119
|
-
"#{policy.class} does not forbid the new or create action for "
|
120
|
-
|
174
|
+
"#{policy.class} does not forbid the new or create action for " +
|
175
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
176
|
+
.inspect + '.'
|
121
177
|
end
|
122
178
|
|
123
179
|
failure_message_when_negated do |policy|
|
124
|
-
"#{policy.class} does not permit the new or create action for "
|
125
|
-
|
180
|
+
"#{policy.class} does not permit the new or create action for " +
|
181
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
182
|
+
.inspect + '.'
|
126
183
|
end
|
127
184
|
end
|
128
185
|
|
@@ -136,49 +193,72 @@ module Pundit
|
|
136
193
|
end
|
137
194
|
|
138
195
|
failure_message do |policy|
|
139
|
-
"#{policy.class} does not permit #{action} for "
|
140
|
-
|
196
|
+
"#{policy.class} does not permit #{action} for " +
|
197
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
198
|
+
.inspect + '.'
|
141
199
|
end
|
142
200
|
|
143
201
|
failure_message_when_negated do |policy|
|
144
|
-
"#{policy.class} does not forbid #{action} for "
|
145
|
-
|
202
|
+
"#{policy.class} does not forbid #{action} for " +
|
203
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
204
|
+
.inspect + '.'
|
146
205
|
end
|
147
206
|
end
|
148
207
|
|
149
|
-
RSpec::Matchers.define :permit_actions do
|
208
|
+
RSpec::Matchers.define :permit_actions do |*actions|
|
209
|
+
actions.flatten!
|
150
210
|
match do |policy|
|
151
|
-
return false if actions.count <
|
211
|
+
return false if actions.count < 1
|
152
212
|
@forbidden_actions = actions.reject do |action|
|
153
213
|
policy.public_send("#{action}?")
|
154
214
|
end
|
155
215
|
@forbidden_actions.empty?
|
156
216
|
end
|
157
217
|
|
218
|
+
match_when_negated do |policy|
|
219
|
+
::Kernel.warn 'Using expect { }.not_to permit_actions could produce \
|
220
|
+
confusing results. Please use `.to forbid_actions` instead. To \
|
221
|
+
clarify, `.not_to permit_actions` will look at all of the actions and \
|
222
|
+
checks if ANY actions fail, not if all actions fail. Therefore, you \
|
223
|
+
could result in something like this: \
|
224
|
+
|
225
|
+
it { is_expected.to permit_actions([:new, :create, :edit]) } \
|
226
|
+
it { is_expected.not_to permit_actions([:edit, :destroy]) } \
|
227
|
+
|
228
|
+
In this case, edit would be true and destroy would be false, but both \
|
229
|
+
tests would pass.'
|
230
|
+
|
231
|
+
return true if actions.count < 1
|
232
|
+
@forbidden_actions = actions.reject do |action|
|
233
|
+
policy.public_send("#{action}?")
|
234
|
+
end
|
235
|
+
!@forbidden_actions.empty?
|
236
|
+
end
|
237
|
+
|
158
238
|
attr_reader :forbidden_actions
|
159
239
|
|
160
|
-
zero_actions_failure_message = 'At least
|
161
|
-
'
|
240
|
+
zero_actions_failure_message = 'At least one action must be specified ' \
|
241
|
+
'when using the permit_actions matcher.'
|
162
242
|
|
163
243
|
failure_message do |policy|
|
164
|
-
|
165
|
-
when 0
|
244
|
+
if actions.count.zero?
|
166
245
|
zero_actions_failure_message
|
167
246
|
else
|
168
247
|
"#{policy.class} expected to permit #{actions}, but forbade " \
|
169
|
-
"#{forbidden_actions} for
|
248
|
+
"#{forbidden_actions} for " +
|
249
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
250
|
+
.inspect + '.'
|
170
251
|
end
|
171
252
|
end
|
172
253
|
|
173
254
|
failure_message_when_negated do |policy|
|
174
|
-
|
175
|
-
when 0
|
255
|
+
if actions.count.zero?
|
176
256
|
zero_actions_failure_message
|
177
|
-
when 1
|
178
|
-
one_action_failure_message
|
179
257
|
else
|
180
258
|
"#{policy.class} expected to forbid #{actions}, but allowed " \
|
181
|
-
"#{forbidden_actions} for
|
259
|
+
"#{forbidden_actions} for " +
|
260
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
261
|
+
.inspect + '.'
|
182
262
|
end
|
183
263
|
end
|
184
264
|
end
|
@@ -189,48 +269,80 @@ module Pundit
|
|
189
269
|
end
|
190
270
|
|
191
271
|
failure_message do |policy|
|
192
|
-
"#{policy.class} does not permit the edit or update action for "
|
193
|
-
|
272
|
+
"#{policy.class} does not permit the edit or update action for " +
|
273
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
274
|
+
.inspect + '.'
|
194
275
|
end
|
195
276
|
|
196
277
|
failure_message_when_negated do |policy|
|
197
|
-
"#{policy.class} does not forbid the edit or update action for "
|
198
|
-
|
278
|
+
"#{policy.class} does not forbid the edit or update action for " +
|
279
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
280
|
+
.inspect + '.'
|
199
281
|
end
|
200
282
|
end
|
201
283
|
|
202
|
-
RSpec::Matchers.define :permit_mass_assignment_of do |
|
284
|
+
RSpec::Matchers.define :permit_mass_assignment_of do |attributes|
|
285
|
+
# Map single object argument to an array, if necessary
|
286
|
+
attributes = attributes.is_a?(Array) ? attributes : [attributes]
|
287
|
+
|
203
288
|
match do |policy|
|
204
|
-
if
|
205
|
-
|
206
|
-
|
207
|
-
|
289
|
+
return false if attributes.count < 1
|
290
|
+
|
291
|
+
@forbidden_attributes = attributes.select do |attribute|
|
292
|
+
if defined? @action
|
293
|
+
!policy.send("permitted_attributes_for_#{@action}").include? attribute
|
294
|
+
else
|
295
|
+
!policy.permitted_attributes.include? attribute
|
296
|
+
end
|
208
297
|
end
|
298
|
+
|
299
|
+
@forbidden_attributes.empty?
|
209
300
|
end
|
210
301
|
|
302
|
+
attr_reader :forbidden_attributes
|
303
|
+
|
211
304
|
chain :for_action do |action|
|
212
305
|
@action = action
|
213
306
|
end
|
214
307
|
|
308
|
+
zero_attributes_failure_message = 'At least one attribute must be ' \
|
309
|
+
'specified when using the permit_mass_assignment_of matcher.'
|
310
|
+
|
215
311
|
failure_message do |policy|
|
216
|
-
if
|
217
|
-
|
218
|
-
|
219
|
-
|
312
|
+
if attributes.count.zero?
|
313
|
+
zero_attributes_failure_message
|
314
|
+
elsif defined? @action
|
315
|
+
"#{policy.class} expected to permit the mass assignment of the " \
|
316
|
+
"attributes #{attributes} when authorising the #{@action} action, " \
|
317
|
+
'but forbade the mass assignment of the attributes ' \
|
318
|
+
"#{forbidden_attributes} for " +
|
319
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
320
|
+
.inspect + '.'
|
220
321
|
else
|
221
|
-
"#{policy.class}
|
222
|
-
"#{
|
322
|
+
"#{policy.class} expected to permit the mass assignment of the " \
|
323
|
+
"attributes #{attributes}, but forbade the mass assignment of the " \
|
324
|
+
"attributes #{forbidden_attributes} for " +
|
325
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
326
|
+
.inspect + '.'
|
223
327
|
end
|
224
328
|
end
|
225
329
|
|
226
330
|
failure_message_when_negated do |policy|
|
227
|
-
if
|
228
|
-
|
229
|
-
|
230
|
-
|
331
|
+
if attributes.count.zero?
|
332
|
+
zero_attributes_failure_message
|
333
|
+
elsif defined? @action
|
334
|
+
"#{policy.class} expected to forbid the mass assignment of the " \
|
335
|
+
"attributes #{attributes} when authorising the #{@action} action, " \
|
336
|
+
'but forbade the mass assignment of the attributes ' \
|
337
|
+
"#{forbidden_attributes} for " +
|
338
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
339
|
+
.inspect + '.'
|
231
340
|
else
|
232
|
-
"#{policy.class}
|
233
|
-
"#{
|
341
|
+
"#{policy.class} expected to forbid the mass assignment of the " \
|
342
|
+
"attributes #{attributes}, but forbade the mass assignment of the " \
|
343
|
+
"attributes #{forbidden_attributes} for " +
|
344
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
345
|
+
.inspect + '.'
|
234
346
|
end
|
235
347
|
end
|
236
348
|
end
|
@@ -241,13 +353,15 @@ module Pundit
|
|
241
353
|
end
|
242
354
|
|
243
355
|
failure_message do |policy|
|
244
|
-
"#{policy.class} does not permit the new or create action for "
|
245
|
-
|
356
|
+
"#{policy.class} does not permit the new or create action for " +
|
357
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
358
|
+
.inspect + '.'
|
246
359
|
end
|
247
360
|
|
248
361
|
failure_message_when_negated do |policy|
|
249
|
-
"#{policy.class} does not forbid the new or create action for "
|
250
|
-
|
362
|
+
"#{policy.class} does not forbid the new or create action for " +
|
363
|
+
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
364
|
+
.inspect + '.'
|
251
365
|
end
|
252
366
|
end
|
253
367
|
end
|
metadata
CHANGED
@@ -1,49 +1,49 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pundit-matchers
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.7.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Chris Alley
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-07-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
|
-
name:
|
14
|
+
name: rspec-rails
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
|
-
- - "~>"
|
18
|
-
- !ruby/object:Gem::Version
|
19
|
-
version: '1.1'
|
20
17
|
- - ">="
|
21
18
|
- !ruby/object:Gem::Version
|
22
|
-
version:
|
19
|
+
version: 3.0.0
|
23
20
|
type: :runtime
|
24
21
|
prerelease: false
|
25
22
|
version_requirements: !ruby/object:Gem::Requirement
|
26
23
|
requirements:
|
27
|
-
- - "~>"
|
28
|
-
- !ruby/object:Gem::Version
|
29
|
-
version: '1.1'
|
30
24
|
- - ">="
|
31
25
|
- !ruby/object:Gem::Version
|
32
|
-
version:
|
26
|
+
version: 3.0.0
|
33
27
|
- !ruby/object:Gem::Dependency
|
34
|
-
name:
|
28
|
+
name: pundit
|
35
29
|
requirement: !ruby/object:Gem::Requirement
|
36
30
|
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '1.1'
|
37
34
|
- - ">="
|
38
35
|
- !ruby/object:Gem::Version
|
39
|
-
version:
|
40
|
-
type: :
|
36
|
+
version: 1.1.0
|
37
|
+
type: :development
|
41
38
|
prerelease: false
|
42
39
|
version_requirements: !ruby/object:Gem::Requirement
|
43
40
|
requirements:
|
41
|
+
- - "~>"
|
42
|
+
- !ruby/object:Gem::Version
|
43
|
+
version: '1.1'
|
44
44
|
- - ">="
|
45
45
|
- !ruby/object:Gem::Version
|
46
|
-
version:
|
46
|
+
version: 1.1.0
|
47
47
|
description: A set of RSpec matchers for testing Pundit authorisation policies
|
48
48
|
email: chris@chrisalley.info
|
49
49
|
executables: []
|
@@ -55,7 +55,7 @@ homepage: http://github.com/chrisalley/pundit-matchers
|
|
55
55
|
licenses:
|
56
56
|
- MIT
|
57
57
|
metadata: {}
|
58
|
-
post_install_message:
|
58
|
+
post_install_message:
|
59
59
|
rdoc_options: []
|
60
60
|
require_paths:
|
61
61
|
- lib
|
@@ -70,9 +70,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
70
70
|
- !ruby/object:Gem::Version
|
71
71
|
version: '0'
|
72
72
|
requirements: []
|
73
|
-
|
74
|
-
|
75
|
-
signing_key:
|
73
|
+
rubygems_version: 3.2.15
|
74
|
+
signing_key:
|
76
75
|
specification_version: 4
|
77
76
|
summary: RSpec matchers for Pundit policies
|
78
77
|
test_files: []
|