pundit-matchers 1.7.0 → 2.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/pundit/matchers/utils/all_actions/actions_matcher.rb +39 -0
- data/lib/pundit/matchers/utils/all_actions/error_message_formatter.rb +47 -0
- data/lib/pundit/matchers/utils/all_actions/forbidden_actions_error_formatter.rb +26 -0
- data/lib/pundit/matchers/utils/all_actions/forbidden_actions_matcher.rb +20 -0
- data/lib/pundit/matchers/utils/all_actions/permitted_actions_error_formatter.rb +26 -0
- data/lib/pundit/matchers/utils/all_actions/permitted_actions_matcher.rb +20 -0
- data/lib/pundit/matchers/utils/only_actions/actions_matcher.rb +39 -0
- data/lib/pundit/matchers/utils/only_actions/error_message_formatter.rb +54 -0
- data/lib/pundit/matchers/utils/only_actions/forbidden_actions_error_formatter.rb +26 -0
- data/lib/pundit/matchers/utils/only_actions/forbidden_actions_matcher.rb +20 -0
- data/lib/pundit/matchers/utils/only_actions/permitted_actions_error_formatter.rb +26 -0
- data/lib/pundit/matchers/utils/only_actions/permitted_actions_matcher.rb +20 -0
- data/lib/pundit/matchers/utils/policy_info.rb +31 -0
- data/lib/pundit/matchers.rb +136 -96
- metadata +20 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7eba90ec029bb4c7c2559d3660f4c63a20a5f6a08296e9aea787bb88ee9eb81c
|
4
|
+
data.tar.gz: 9bb49382052dff3484503d94d61db694ded688f451db5c238ee93c665081661b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e449b597f5dcffd05af7b642f63a5fd36960784b4eabb07d92ecd165c6fe9b6809bb2c6f540b93d3fff9dbe46b7678f64aeb276064e5a4da3084bce7db0bfdd6
|
7
|
+
data.tar.gz: ee59374a8518b01d267807ebbc78a345092ceec8f0f78f7b11deaa4753890ba78df4dcc579bd5658938efc685bde64e39ebec0a0be6fec3e813ea04d4c7b7969
|
@@ -0,0 +1,39 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Pundit
|
4
|
+
module Matchers
|
5
|
+
module Utils
|
6
|
+
module AllActions
|
7
|
+
# Parent class for specific all_action matcher. Should not be used directly.
|
8
|
+
#
|
9
|
+
# Expects methods in child class:
|
10
|
+
# * actual_actions - list of actions which actually matches expected type.
|
11
|
+
class ActionsMatcher
|
12
|
+
attr_reader :policy_info
|
13
|
+
|
14
|
+
def initialize(policy)
|
15
|
+
@policy_info = PolicyInfo.new(policy)
|
16
|
+
end
|
17
|
+
|
18
|
+
def match?
|
19
|
+
missed_expected_actions.empty?
|
20
|
+
end
|
21
|
+
|
22
|
+
def missed_expected_actions
|
23
|
+
@missed_expected_actions ||= expected_actions - actual_actions
|
24
|
+
end
|
25
|
+
|
26
|
+
def policy
|
27
|
+
policy_info.policy
|
28
|
+
end
|
29
|
+
|
30
|
+
private
|
31
|
+
|
32
|
+
def expected_actions
|
33
|
+
policy_info.actions
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
@@ -0,0 +1,47 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Pundit
|
4
|
+
module Matchers
|
5
|
+
module Utils
|
6
|
+
module AllActions
|
7
|
+
# Adds #message method which generates failed assertion message
|
8
|
+
# for *_all_actions matchers.
|
9
|
+
#
|
10
|
+
# Expects methods to be defined:
|
11
|
+
# * matcher - instance which has `AllActions::ActionsMatcher` as a parent class
|
12
|
+
# * expected_kind - string with expected actions type (can be "forbidden" or "permitted")
|
13
|
+
# * opposite_kind - string with oposite then expected actions type (can be "permitted" or "forbidden")
|
14
|
+
module ErrorMessageFormatter
|
15
|
+
def message
|
16
|
+
"#{policy_name} expected to have all actions #{expected_kind}, " \
|
17
|
+
"but #{mismatches_are(missed_expected_actions)} #{opposite_kind}"
|
18
|
+
end
|
19
|
+
|
20
|
+
private
|
21
|
+
|
22
|
+
attr_reader :matcher, :expected_kind, :opposite_kind
|
23
|
+
|
24
|
+
def policy
|
25
|
+
matcher.policy
|
26
|
+
end
|
27
|
+
|
28
|
+
def missed_expected_actions
|
29
|
+
matcher.missed_expected_actions
|
30
|
+
end
|
31
|
+
|
32
|
+
def policy_name
|
33
|
+
policy.class.name
|
34
|
+
end
|
35
|
+
|
36
|
+
def mismatches_are(mismatches)
|
37
|
+
if mismatches.count == 1
|
38
|
+
"#{mismatches} is"
|
39
|
+
else
|
40
|
+
"#{mismatches} are"
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative 'error_message_formatter'
|
4
|
+
|
5
|
+
module Pundit
|
6
|
+
module Matchers
|
7
|
+
module Utils
|
8
|
+
module AllActions
|
9
|
+
# Error message formatter for `forbid_all_actions` matcher.
|
10
|
+
class ForbiddenActionsErrorFormatter
|
11
|
+
include AllActions::ErrorMessageFormatter
|
12
|
+
|
13
|
+
def initialize(matcher)
|
14
|
+
@expected_kind = 'forbidden'
|
15
|
+
@opposite_kind = 'permitted'
|
16
|
+
@matcher = matcher
|
17
|
+
end
|
18
|
+
|
19
|
+
private
|
20
|
+
|
21
|
+
attr_reader :matcher, :expected_kind, :opposite_kind
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative 'actions_matcher'
|
4
|
+
|
5
|
+
module Pundit
|
6
|
+
module Matchers
|
7
|
+
module Utils
|
8
|
+
module AllActions
|
9
|
+
# Handles all the checks in `forbid_all_actions` matcher.
|
10
|
+
class ForbiddenActionsMatcher < AllActions::ActionsMatcher
|
11
|
+
private
|
12
|
+
|
13
|
+
def actual_actions
|
14
|
+
policy_info.forbidden_actions
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative 'error_message_formatter'
|
4
|
+
|
5
|
+
module Pundit
|
6
|
+
module Matchers
|
7
|
+
module Utils
|
8
|
+
module AllActions
|
9
|
+
# Error message formatter for `permit_all_actions` matcher.
|
10
|
+
class PermittedActionsErrorFormatter
|
11
|
+
include AllActions::ErrorMessageFormatter
|
12
|
+
|
13
|
+
def initialize(matcher)
|
14
|
+
@expected_kind = 'permitted'
|
15
|
+
@opposite_kind = 'forbidden'
|
16
|
+
@matcher = matcher
|
17
|
+
end
|
18
|
+
|
19
|
+
private
|
20
|
+
|
21
|
+
attr_reader :matcher, :expected_kind, :opposite_kind
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative 'actions_matcher'
|
4
|
+
|
5
|
+
module Pundit
|
6
|
+
module Matchers
|
7
|
+
module Utils
|
8
|
+
module AllActions
|
9
|
+
# Handles all the checks in `permit_all_actions` matcher.
|
10
|
+
class PermittedActionsMatcher < AllActions::ActionsMatcher
|
11
|
+
private
|
12
|
+
|
13
|
+
def actual_actions
|
14
|
+
policy_info.permitted_actions
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
@@ -0,0 +1,39 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Pundit
|
4
|
+
module Matchers
|
5
|
+
module Utils
|
6
|
+
module OnlyActions
|
7
|
+
# Parent class for specific only_action matcher. Should not be used directly.
|
8
|
+
#
|
9
|
+
# Expects methods in child class:
|
10
|
+
# * actual_actions - list of actions which actually matches expected type.
|
11
|
+
class ActionsMatcher
|
12
|
+
attr_reader :policy_info, :expected_actions
|
13
|
+
|
14
|
+
def initialize(policy, expected_actions)
|
15
|
+
@policy_info = PolicyInfo.new(policy)
|
16
|
+
@expected_actions = expected_actions
|
17
|
+
end
|
18
|
+
|
19
|
+
def match?
|
20
|
+
missed_expected_actions.empty? &&
|
21
|
+
actual_actions.sort == expected_actions.sort
|
22
|
+
end
|
23
|
+
|
24
|
+
def unexpected_actions
|
25
|
+
@unexpected_actions ||= actual_actions - expected_actions
|
26
|
+
end
|
27
|
+
|
28
|
+
def missed_expected_actions
|
29
|
+
@missed_expected_actions ||= expected_actions - actual_actions
|
30
|
+
end
|
31
|
+
|
32
|
+
def policy
|
33
|
+
policy_info.policy
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
@@ -0,0 +1,54 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Pundit
|
4
|
+
module Matchers
|
5
|
+
module Utils
|
6
|
+
module OnlyActions
|
7
|
+
# Adds #message method which generates failed assertion message
|
8
|
+
# for *_only_actions matchers.
|
9
|
+
#
|
10
|
+
# Expects methods to be defined:
|
11
|
+
# * matcher - instance which has `OnlyActions::ActionsMatcher` as a parent class
|
12
|
+
# * expected_kind - string with expected actions type (can be "forbidden" or "permitted")
|
13
|
+
# * opposite_kind - string with oposite then expected actions type (can be "permitted" or "forbidden")
|
14
|
+
module ErrorMessageFormatter
|
15
|
+
def message
|
16
|
+
"#{policy_name} expected to have only actions #{matcher.expected_actions} #{expected_kind}, but " \
|
17
|
+
"#{unless missed_expected_actions.empty?
|
18
|
+
"#{mismatches_are(missed_expected_actions)} #{opposite_kind} and "
|
19
|
+
end}" \
|
20
|
+
"#{mismatches_are(unexpected_actions)} #{expected_kind} too"
|
21
|
+
end
|
22
|
+
|
23
|
+
private
|
24
|
+
|
25
|
+
attr_reader :matcher, :expected_kind, :opposite_kind
|
26
|
+
|
27
|
+
def policy
|
28
|
+
matcher.policy
|
29
|
+
end
|
30
|
+
|
31
|
+
def unexpected_actions
|
32
|
+
matcher.unexpected_actions
|
33
|
+
end
|
34
|
+
|
35
|
+
def missed_expected_actions
|
36
|
+
matcher.missed_expected_actions
|
37
|
+
end
|
38
|
+
|
39
|
+
def policy_name
|
40
|
+
policy.class.name
|
41
|
+
end
|
42
|
+
|
43
|
+
def mismatches_are(mismatches)
|
44
|
+
if mismatches.count == 1
|
45
|
+
"#{mismatches} is"
|
46
|
+
else
|
47
|
+
"#{mismatches} are"
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative 'error_message_formatter'
|
4
|
+
|
5
|
+
module Pundit
|
6
|
+
module Matchers
|
7
|
+
module Utils
|
8
|
+
module OnlyActions
|
9
|
+
# Error message formatter for `forbid_only_actions` matcher.
|
10
|
+
class ForbiddenActionsErrorFormatter
|
11
|
+
include OnlyActions::ErrorMessageFormatter
|
12
|
+
|
13
|
+
def initialize(matcher)
|
14
|
+
@expected_kind = 'forbidden'
|
15
|
+
@opposite_kind = 'permitted'
|
16
|
+
@matcher = matcher
|
17
|
+
end
|
18
|
+
|
19
|
+
private
|
20
|
+
|
21
|
+
attr_reader :matcher, :expected_kind, :opposite_kind
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative 'actions_matcher'
|
4
|
+
|
5
|
+
module Pundit
|
6
|
+
module Matchers
|
7
|
+
module Utils
|
8
|
+
module OnlyActions
|
9
|
+
# Handles all the checks in `forbid_only_actions` matcher.
|
10
|
+
class ForbiddenActionsMatcher < OnlyActions::ActionsMatcher
|
11
|
+
private
|
12
|
+
|
13
|
+
def actual_actions
|
14
|
+
policy_info.forbidden_actions
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative 'error_message_formatter'
|
4
|
+
|
5
|
+
module Pundit
|
6
|
+
module Matchers
|
7
|
+
module Utils
|
8
|
+
module OnlyActions
|
9
|
+
# Error message formatter for `permit_only_actions` matcher.
|
10
|
+
class PermittedActionsErrorFormatter
|
11
|
+
include OnlyActions::ErrorMessageFormatter
|
12
|
+
|
13
|
+
def initialize(matcher)
|
14
|
+
@expected_kind = 'permitted'
|
15
|
+
@opposite_kind = 'forbidden'
|
16
|
+
@matcher = matcher
|
17
|
+
end
|
18
|
+
|
19
|
+
private
|
20
|
+
|
21
|
+
attr_reader :matcher, :expected_kind, :opposite_kind
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative 'actions_matcher'
|
4
|
+
|
5
|
+
module Pundit
|
6
|
+
module Matchers
|
7
|
+
module Utils
|
8
|
+
module OnlyActions
|
9
|
+
# Handles all the checks in `permit_only_actions` matcher.
|
10
|
+
class PermittedActionsMatcher < OnlyActions::ActionsMatcher
|
11
|
+
private
|
12
|
+
|
13
|
+
def actual_actions
|
14
|
+
policy_info.permitted_actions
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Pundit
|
4
|
+
module Matchers
|
5
|
+
module Utils
|
6
|
+
# Collects all details about given policy class.
|
7
|
+
class PolicyInfo
|
8
|
+
attr_reader :policy
|
9
|
+
|
10
|
+
def initialize(policy)
|
11
|
+
@policy = policy
|
12
|
+
end
|
13
|
+
|
14
|
+
def actions
|
15
|
+
@actions ||= begin
|
16
|
+
policy_methods = @policy.public_methods - Object.instance_methods
|
17
|
+
policy_methods.grep(/\?$/).sort.map { |policy_method| policy_method.to_s.delete_suffix('?').to_sym }
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
def permitted_actions
|
22
|
+
@permitted_actions ||= actions.select { |action| policy.public_send("#{action}?") }
|
23
|
+
end
|
24
|
+
|
25
|
+
def forbidden_actions
|
26
|
+
actions - permitted_actions
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
data/lib/pundit/matchers.rb
CHANGED
@@ -1,7 +1,20 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'rspec/core'
|
2
4
|
|
3
5
|
module Pundit
|
4
6
|
module Matchers
|
7
|
+
require_relative 'matchers/utils/policy_info'
|
8
|
+
require_relative 'matchers/utils/all_actions/forbidden_actions_error_formatter'
|
9
|
+
require_relative 'matchers/utils/all_actions/forbidden_actions_matcher'
|
10
|
+
require_relative 'matchers/utils/all_actions/permitted_actions_error_formatter'
|
11
|
+
require_relative 'matchers/utils/all_actions/permitted_actions_matcher'
|
12
|
+
|
13
|
+
require_relative 'matchers/utils/only_actions/forbidden_actions_error_formatter'
|
14
|
+
require_relative 'matchers/utils/only_actions/forbidden_actions_matcher'
|
15
|
+
require_relative 'matchers/utils/only_actions/permitted_actions_error_formatter'
|
16
|
+
require_relative 'matchers/utils/only_actions/permitted_actions_matcher'
|
17
|
+
|
5
18
|
class Configuration
|
6
19
|
attr_accessor :user_alias
|
7
20
|
|
@@ -19,27 +32,25 @@ module Pundit
|
|
19
32
|
@configuration ||= Pundit::Matchers::Configuration.new
|
20
33
|
end
|
21
34
|
end
|
35
|
+
end
|
22
36
|
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
end
|
37
|
+
RSpec::Matchers.define :forbid_action do |action, *args, **kwargs|
|
38
|
+
match do |policy|
|
39
|
+
if args.any?
|
40
|
+
!policy.public_send("#{action}?", *args, **kwargs)
|
41
|
+
else
|
42
|
+
!policy.public_send("#{action}?", **kwargs)
|
30
43
|
end
|
44
|
+
end
|
31
45
|
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
end
|
46
|
+
failure_message do |policy|
|
47
|
+
"#{policy.class} does not forbid #{action} for " \
|
48
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
49
|
+
end
|
37
50
|
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
.inspect + '.'
|
42
|
-
end
|
51
|
+
failure_message_when_negated do |policy|
|
52
|
+
"#{policy.class} does not permit #{action} for " \
|
53
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
43
54
|
end
|
44
55
|
end
|
45
56
|
|
@@ -47,6 +58,7 @@ module Pundit
|
|
47
58
|
actions.flatten!
|
48
59
|
match do |policy|
|
49
60
|
return false if actions.count < 1
|
61
|
+
|
50
62
|
@allowed_actions = actions.select do |action|
|
51
63
|
policy.public_send("#{action}?")
|
52
64
|
end
|
@@ -56,16 +68,15 @@ module Pundit
|
|
56
68
|
attr_reader :allowed_actions
|
57
69
|
|
58
70
|
zero_actions_failure_message = 'At least one action must be ' \
|
59
|
-
|
71
|
+
'specified when using the forbid_actions matcher.'
|
60
72
|
|
61
73
|
failure_message do |policy|
|
62
74
|
if actions.count.zero?
|
63
75
|
zero_actions_failure_message
|
64
76
|
else
|
65
|
-
"#{policy.class} expected to forbid #{actions}, but
|
66
|
-
"#{allowed_actions} for "
|
67
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
68
|
-
.inspect + '.'
|
77
|
+
"#{policy.class} expected to forbid #{actions}, but permitted " \
|
78
|
+
"#{allowed_actions} for " \
|
79
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
69
80
|
end
|
70
81
|
end
|
71
82
|
|
@@ -74,9 +85,8 @@ module Pundit
|
|
74
85
|
zero_actions_failure_message
|
75
86
|
else
|
76
87
|
"#{policy.class} expected to permit #{actions}, but forbade " \
|
77
|
-
"#{allowed_actions} for "
|
78
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
79
|
-
.inspect + '.'
|
88
|
+
"#{allowed_actions} for " \
|
89
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
80
90
|
end
|
81
91
|
end
|
82
92
|
end
|
@@ -87,21 +97,19 @@ module Pundit
|
|
87
97
|
end
|
88
98
|
|
89
99
|
failure_message do |policy|
|
90
|
-
"#{policy.class} does not forbid the edit or update action for "
|
91
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
92
|
-
.inspect + '.'
|
100
|
+
"#{policy.class} does not forbid the edit or update action for " \
|
101
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
93
102
|
end
|
94
103
|
|
95
104
|
failure_message_when_negated do |policy|
|
96
|
-
"#{policy.class} does not permit the edit or update action for "
|
97
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
98
|
-
.inspect + '.'
|
105
|
+
"#{policy.class} does not permit the edit or update action for " \
|
106
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
99
107
|
end
|
100
108
|
end
|
101
109
|
|
102
110
|
RSpec::Matchers.define :forbid_mass_assignment_of do |attributes|
|
103
111
|
# Map single object argument to an array, if necessary
|
104
|
-
attributes = attributes.is_a?(Array)
|
112
|
+
attributes = [attributes] unless attributes.is_a?(Array)
|
105
113
|
|
106
114
|
match do |policy|
|
107
115
|
return false if attributes.count < 1
|
@@ -124,7 +132,7 @@ module Pundit
|
|
124
132
|
end
|
125
133
|
|
126
134
|
zero_attributes_failure_message = 'At least one attribute must be ' \
|
127
|
-
|
135
|
+
'specified when using the forbid_mass_assignment_of matcher.'
|
128
136
|
|
129
137
|
failure_message do |policy|
|
130
138
|
if attributes.count.zero?
|
@@ -132,16 +140,14 @@ module Pundit
|
|
132
140
|
elsif defined? @action
|
133
141
|
"#{policy.class} expected to forbid the mass assignment of the " \
|
134
142
|
"attributes #{attributes} when authorising the #{@action} action, " \
|
135
|
-
'but
|
136
|
-
"#{allowed_attributes} for "
|
137
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
138
|
-
.inspect + '.'
|
143
|
+
'but permitted the mass assignment of the attributes ' \
|
144
|
+
"#{allowed_attributes} for " \
|
145
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
139
146
|
else
|
140
147
|
"#{policy.class} expected to forbid the mass assignment of the " \
|
141
|
-
"attributes #{attributes}, but
|
142
|
-
"the attributes #{allowed_attributes} for "
|
143
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
144
|
-
.inspect + '.'
|
148
|
+
"attributes #{attributes}, but permitted the mass assignment of " \
|
149
|
+
"the attributes #{allowed_attributes} for " \
|
150
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
145
151
|
end
|
146
152
|
end
|
147
153
|
|
@@ -152,15 +158,13 @@ module Pundit
|
|
152
158
|
"#{policy.class} expected to permit the mass assignment of the " \
|
153
159
|
"attributes #{attributes} when authorising the #{@action} action, " \
|
154
160
|
'but permitted the mass assignment of the attributes ' \
|
155
|
-
"#{allowed_attributes} for "
|
156
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
157
|
-
.inspect + '.'
|
161
|
+
"#{allowed_attributes} for " \
|
162
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
158
163
|
else
|
159
164
|
"#{policy.class} expected to permit the mass assignment of the " \
|
160
165
|
"attributes #{attributes}, but permitted the mass assignment of " \
|
161
|
-
"the attributes #{allowed_attributes} for "
|
162
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
163
|
-
.inspect + '.'
|
166
|
+
"the attributes #{allowed_attributes} for " \
|
167
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
164
168
|
end
|
165
169
|
end
|
166
170
|
end
|
@@ -171,37 +175,33 @@ module Pundit
|
|
171
175
|
end
|
172
176
|
|
173
177
|
failure_message do |policy|
|
174
|
-
"#{policy.class} does not forbid the new or create action for "
|
175
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
176
|
-
.inspect + '.'
|
178
|
+
"#{policy.class} does not forbid the new or create action for " \
|
179
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
177
180
|
end
|
178
181
|
|
179
182
|
failure_message_when_negated do |policy|
|
180
|
-
"#{policy.class} does not permit the new or create action for "
|
181
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
182
|
-
.inspect + '.'
|
183
|
+
"#{policy.class} does not permit the new or create action for " \
|
184
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
183
185
|
end
|
184
186
|
end
|
185
187
|
|
186
|
-
RSpec::Matchers.define :permit_action do |action, *args|
|
188
|
+
RSpec::Matchers.define :permit_action do |action, *args, **kwargs|
|
187
189
|
match do |policy|
|
188
190
|
if args.any?
|
189
|
-
policy.public_send("#{action}?", *args)
|
191
|
+
policy.public_send("#{action}?", *args, **kwargs)
|
190
192
|
else
|
191
|
-
policy.public_send("#{action}?")
|
193
|
+
policy.public_send("#{action}?", **kwargs)
|
192
194
|
end
|
193
195
|
end
|
194
196
|
|
195
197
|
failure_message do |policy|
|
196
|
-
"#{policy.class} does not permit #{action} for "
|
197
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
198
|
-
.inspect + '.'
|
198
|
+
"#{policy.class} does not permit #{action} for " \
|
199
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
199
200
|
end
|
200
201
|
|
201
202
|
failure_message_when_negated do |policy|
|
202
|
-
"#{policy.class} does not forbid #{action} for "
|
203
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
204
|
-
.inspect + '.'
|
203
|
+
"#{policy.class} does not forbid #{action} for " \
|
204
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
205
205
|
end
|
206
206
|
end
|
207
207
|
|
@@ -209,6 +209,7 @@ module Pundit
|
|
209
209
|
actions.flatten!
|
210
210
|
match do |policy|
|
211
211
|
return false if actions.count < 1
|
212
|
+
|
212
213
|
@forbidden_actions = actions.reject do |action|
|
213
214
|
policy.public_send("#{action}?")
|
214
215
|
end
|
@@ -229,6 +230,7 @@ module Pundit
|
|
229
230
|
tests would pass.'
|
230
231
|
|
231
232
|
return true if actions.count < 1
|
233
|
+
|
232
234
|
@forbidden_actions = actions.reject do |action|
|
233
235
|
policy.public_send("#{action}?")
|
234
236
|
end
|
@@ -238,16 +240,15 @@ module Pundit
|
|
238
240
|
attr_reader :forbidden_actions
|
239
241
|
|
240
242
|
zero_actions_failure_message = 'At least one action must be specified ' \
|
241
|
-
|
243
|
+
'when using the permit_actions matcher.'
|
242
244
|
|
243
245
|
failure_message do |policy|
|
244
246
|
if actions.count.zero?
|
245
247
|
zero_actions_failure_message
|
246
248
|
else
|
247
249
|
"#{policy.class} expected to permit #{actions}, but forbade " \
|
248
|
-
"#{forbidden_actions} for "
|
249
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
250
|
-
.inspect + '.'
|
250
|
+
"#{forbidden_actions} for " \
|
251
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
251
252
|
end
|
252
253
|
end
|
253
254
|
|
@@ -255,10 +256,9 @@ module Pundit
|
|
255
256
|
if actions.count.zero?
|
256
257
|
zero_actions_failure_message
|
257
258
|
else
|
258
|
-
"#{policy.class} expected to forbid #{actions}, but
|
259
|
-
"#{forbidden_actions} for "
|
260
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
261
|
-
.inspect + '.'
|
259
|
+
"#{policy.class} expected to forbid #{actions}, but permitted " \
|
260
|
+
"#{forbidden_actions} for " \
|
261
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
262
262
|
end
|
263
263
|
end
|
264
264
|
end
|
@@ -269,21 +269,19 @@ module Pundit
|
|
269
269
|
end
|
270
270
|
|
271
271
|
failure_message do |policy|
|
272
|
-
"#{policy.class} does not permit the edit or update action for "
|
273
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
274
|
-
.inspect + '.'
|
272
|
+
"#{policy.class} does not permit the edit or update action for " \
|
273
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
275
274
|
end
|
276
275
|
|
277
276
|
failure_message_when_negated do |policy|
|
278
|
-
"#{policy.class} does not forbid the edit or update action for "
|
279
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
280
|
-
.inspect + '.'
|
277
|
+
"#{policy.class} does not forbid the edit or update action for " \
|
278
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
281
279
|
end
|
282
280
|
end
|
283
281
|
|
284
282
|
RSpec::Matchers.define :permit_mass_assignment_of do |attributes|
|
285
283
|
# Map single object argument to an array, if necessary
|
286
|
-
attributes = attributes.is_a?(Array)
|
284
|
+
attributes = [attributes] unless attributes.is_a?(Array)
|
287
285
|
|
288
286
|
match do |policy|
|
289
287
|
return false if attributes.count < 1
|
@@ -306,7 +304,7 @@ module Pundit
|
|
306
304
|
end
|
307
305
|
|
308
306
|
zero_attributes_failure_message = 'At least one attribute must be ' \
|
309
|
-
|
307
|
+
'specified when using the permit_mass_assignment_of matcher.'
|
310
308
|
|
311
309
|
failure_message do |policy|
|
312
310
|
if attributes.count.zero?
|
@@ -315,15 +313,13 @@ module Pundit
|
|
315
313
|
"#{policy.class} expected to permit the mass assignment of the " \
|
316
314
|
"attributes #{attributes} when authorising the #{@action} action, " \
|
317
315
|
'but forbade the mass assignment of the attributes ' \
|
318
|
-
"#{forbidden_attributes} for "
|
319
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
320
|
-
.inspect + '.'
|
316
|
+
"#{forbidden_attributes} for " \
|
317
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
321
318
|
else
|
322
319
|
"#{policy.class} expected to permit the mass assignment of the " \
|
323
320
|
"attributes #{attributes}, but forbade the mass assignment of the " \
|
324
|
-
"attributes #{forbidden_attributes} for "
|
325
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
326
|
-
.inspect + '.'
|
321
|
+
"attributes #{forbidden_attributes} for " \
|
322
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
327
323
|
end
|
328
324
|
end
|
329
325
|
|
@@ -334,15 +330,13 @@ module Pundit
|
|
334
330
|
"#{policy.class} expected to forbid the mass assignment of the " \
|
335
331
|
"attributes #{attributes} when authorising the #{@action} action, " \
|
336
332
|
'but forbade the mass assignment of the attributes ' \
|
337
|
-
"#{forbidden_attributes} for "
|
338
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
339
|
-
.inspect + '.'
|
333
|
+
"#{forbidden_attributes} for " \
|
334
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
340
335
|
else
|
341
336
|
"#{policy.class} expected to forbid the mass assignment of the " \
|
342
337
|
"attributes #{attributes}, but forbade the mass assignment of the " \
|
343
|
-
"attributes #{forbidden_attributes} for "
|
344
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
345
|
-
.inspect + '.'
|
338
|
+
"attributes #{forbidden_attributes} for " \
|
339
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
346
340
|
end
|
347
341
|
end
|
348
342
|
end
|
@@ -353,15 +347,61 @@ module Pundit
|
|
353
347
|
end
|
354
348
|
|
355
349
|
failure_message do |policy|
|
356
|
-
"#{policy.class} does not permit the new or create action for "
|
357
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
358
|
-
.inspect + '.'
|
350
|
+
"#{policy.class} does not permit the new or create action for " \
|
351
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
359
352
|
end
|
360
353
|
|
361
354
|
failure_message_when_negated do |policy|
|
362
|
-
"#{policy.class} does not forbid the new or create action for "
|
363
|
-
policy.public_send(Pundit::Matchers.configuration.user_alias)
|
364
|
-
|
355
|
+
"#{policy.class} does not forbid the new or create action for " \
|
356
|
+
"#{policy.public_send(Pundit::Matchers.configuration.user_alias).inspect}."
|
357
|
+
end
|
358
|
+
end
|
359
|
+
|
360
|
+
RSpec::Matchers.define :permit_all_actions do
|
361
|
+
match do |policy|
|
362
|
+
@matcher = Pundit::Matchers::Utils::AllActions::PermittedActionsMatcher.new(policy)
|
363
|
+
@matcher.match?
|
364
|
+
end
|
365
|
+
|
366
|
+
failure_message do
|
367
|
+
formatter = Pundit::Matchers::Utils::AllActions::PermittedActionsErrorFormatter.new(@matcher)
|
368
|
+
formatter.message
|
369
|
+
end
|
370
|
+
end
|
371
|
+
|
372
|
+
RSpec::Matchers.define :permit_only_actions do |actions|
|
373
|
+
match do |policy|
|
374
|
+
@matcher = Pundit::Matchers::Utils::OnlyActions::PermittedActionsMatcher.new(policy, actions)
|
375
|
+
@matcher.match?
|
376
|
+
end
|
377
|
+
|
378
|
+
failure_message do
|
379
|
+
formatter = Pundit::Matchers::Utils::OnlyActions::PermittedActionsErrorFormatter.new(@matcher)
|
380
|
+
formatter.message
|
381
|
+
end
|
382
|
+
end
|
383
|
+
|
384
|
+
RSpec::Matchers.define :forbid_all_actions do
|
385
|
+
match do |policy|
|
386
|
+
@matcher = Pundit::Matchers::Utils::AllActions::ForbiddenActionsMatcher.new(policy)
|
387
|
+
@matcher.match?
|
388
|
+
end
|
389
|
+
|
390
|
+
failure_message do
|
391
|
+
formatter = Pundit::Matchers::Utils::AllActions::ForbiddenActionsErrorFormatter.new(@matcher)
|
392
|
+
formatter.message
|
393
|
+
end
|
394
|
+
end
|
395
|
+
|
396
|
+
RSpec::Matchers.define :forbid_only_actions do |actions|
|
397
|
+
match do |policy|
|
398
|
+
@matcher = Pundit::Matchers::Utils::OnlyActions::ForbiddenActionsMatcher.new(policy, actions)
|
399
|
+
@matcher.match?
|
400
|
+
end
|
401
|
+
|
402
|
+
failure_message do
|
403
|
+
formatter = Pundit::Matchers::Utils::OnlyActions::ForbiddenActionsErrorFormatter.new(@matcher)
|
404
|
+
formatter.message
|
365
405
|
end
|
366
406
|
end
|
367
407
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pundit-matchers
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 2.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Chris Alley
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2023-05-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rspec-rails
|
@@ -51,10 +51,24 @@ extensions: []
|
|
51
51
|
extra_rdoc_files: []
|
52
52
|
files:
|
53
53
|
- lib/pundit/matchers.rb
|
54
|
-
|
54
|
+
- lib/pundit/matchers/utils/all_actions/actions_matcher.rb
|
55
|
+
- lib/pundit/matchers/utils/all_actions/error_message_formatter.rb
|
56
|
+
- lib/pundit/matchers/utils/all_actions/forbidden_actions_error_formatter.rb
|
57
|
+
- lib/pundit/matchers/utils/all_actions/forbidden_actions_matcher.rb
|
58
|
+
- lib/pundit/matchers/utils/all_actions/permitted_actions_error_formatter.rb
|
59
|
+
- lib/pundit/matchers/utils/all_actions/permitted_actions_matcher.rb
|
60
|
+
- lib/pundit/matchers/utils/only_actions/actions_matcher.rb
|
61
|
+
- lib/pundit/matchers/utils/only_actions/error_message_formatter.rb
|
62
|
+
- lib/pundit/matchers/utils/only_actions/forbidden_actions_error_formatter.rb
|
63
|
+
- lib/pundit/matchers/utils/only_actions/forbidden_actions_matcher.rb
|
64
|
+
- lib/pundit/matchers/utils/only_actions/permitted_actions_error_formatter.rb
|
65
|
+
- lib/pundit/matchers/utils/only_actions/permitted_actions_matcher.rb
|
66
|
+
- lib/pundit/matchers/utils/policy_info.rb
|
67
|
+
homepage: https://github.com/punditcommunity/pundit-matchers
|
55
68
|
licenses:
|
56
69
|
- MIT
|
57
|
-
metadata:
|
70
|
+
metadata:
|
71
|
+
rubygems_mfa_required: 'true'
|
58
72
|
post_install_message:
|
59
73
|
rdoc_options: []
|
60
74
|
require_paths:
|
@@ -63,14 +77,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
63
77
|
requirements:
|
64
78
|
- - ">="
|
65
79
|
- !ruby/object:Gem::Version
|
66
|
-
version: '0'
|
80
|
+
version: '3.0'
|
67
81
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
68
82
|
requirements:
|
69
83
|
- - ">="
|
70
84
|
- !ruby/object:Gem::Version
|
71
85
|
version: '0'
|
72
86
|
requirements: []
|
73
|
-
rubygems_version: 3.
|
87
|
+
rubygems_version: 3.4.12
|
74
88
|
signing_key:
|
75
89
|
specification_version: 4
|
76
90
|
summary: RSpec matchers for Pundit policies
|