pundit 0.3.0 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: dce73a23b63776e71c55792ade6b1066fb5a5896
-  data.tar.gz: b4bdb26c70cb66aa77b1424dd2fe4cd1bc340926
+  metadata.gz: b2e10a94ed9f8cbd38d1c51f38344eedd7d680d8
+  data.tar.gz: 89b88467b3f85513d764ff7f2357f98dfa078b5c
 SHA512:
-  metadata.gz: 76b5740261dd485d461e2209c1fe5558faf2eda1917cdb2f87c4fe7eff026d1519341c260f2f071b37384516a886d6f1cafebdaf7ef688c3c908e59fce028cc8
-  data.tar.gz: d9c8e46eb64b1a03f4741db7bbede7781180f41bd63de8291ab1ebd133c2a9108ff4e0f22d6ba0b41a290325f318281fc767df2224ff2a4f5013da2f77071c6f
+  metadata.gz: 78331e942eabf7eb0b0990e0760481498cd056f10f3b11ecc7f9fb9718ae6532a1bd64a3682d012d8245ab019cf39f2e8671dff82e55dee1bf4e76afcf62dd05
+  data.tar.gz: c95f7e2fb27998009aeb6948464ce550938fc59a21d9169d0def6df7b3e467140f2d00fa198b97adce8cb08d232bd42d95cda46ab84813e08f305cc2277aee40

data/.travis.yml

@@ -1,11 +1,11 @@
 language: ruby
+sudo: false
 rvm:
-  - 1.9.3
   - 2.0.0
-  - 2.1.0
+  - 2.1.5
+  - 2.2.0
   - jruby-19mode
   - rbx-2
 env:
   - RSPEC_VERSION="<2.99"
-  - RSPEC_VERSION="~>2.99"
   - RSPEC_VERSION="~>3.0

data/CHANGELOG.md

@@ -1,6 +1,21 @@
 # Pundit
 
-## 0.3.0 (unreleased)
+## 1.0.0 (2015-04-19)
+
+- Caches policy scopes and policies.
+- Explicitly setting the policy for the controller via `controller.policy = foo` has been removed. Instead use `controller.policies[record] = foo`.
+- Explicitly setting the policy scope for the controller via `controller.policy_policy = foo` has been removed. Instead use `controller.policy_scopes[scope] = foo`.
+- Add `permitted_attributes` helper to fetch attributes from policy.
+- Add `pundit_policy_authorized?` and `pundit_policy_scoped?` methods.
+- Instance variables are prefixed to avoid collisions.
+- Add `Pundit.authorize` method.
+- Add `skip_authorization` and `skip_policy_scope` helpers.
+- Better errors when checking multiple permissions in RSpec tests.
+- Better errors in case `nil` is passed to `policy` or `policy_scope`.
+- Use `inpect` when printing object for better errors.
+- Dropped official support for Ruby 1.9.3
+
+## 0.3.0 (2014-08-22)
 
 - Extend the default `ApplicationPolicy` with an `ApplicationPolicy::Scope` (#120)
 - Fix RSpec 3 deprecation warnings for built-in matchers (#162)

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,28 @@
+# Contributor Code of Conduct
+
+As contributors and maintainers of this project, we pledge to respect all
+people who contribute through reporting issues, posting feature requests,
+updating documentation, submitting pull requests or patches, and other
+activities.
+
+We are committed to making participation in this project a harassment-free
+experience for everyone, regardless of level of experience, gender, gender
+identity and expression, sexual orientation, disability, personal appearance,
+body size, race, age, or religion.
+
+Examples of unacceptable behavior by participants include the use of sexual
+language or imagery, derogatory comments or personal attacks, trolling, public
+or private harassment, insults, or other unprofessional conduct.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct. Project maintainers who do not
+follow the Code of Conduct may be removed from the project team.
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by opening an issue or contacting one or more of the project
+maintainers.
+
+This Code of Conduct is adapted from the [Contributor
+Covenant](http:contributor-covenant.org), version 1.0.0, available at
+[http://contributor-covenant.org/version/1/0/0/](http://contributor-covenant.org/version/1/0/0/)

data/CONTRIBUTING.md

@@ -0,0 +1,33 @@
+## Security issues
+
+If you have found a security related issue, please do not file an issue on
+GitHub or send a PR addressing the issue. Contact
+[Jonas](mailto:jonas.nicklas@gmail.com) directly. You will be given public
+credit for your disclosure.
+
+## Reporting issues
+
+Please try to answer the following questions in your bug report:
+
+- What did you do?
+- What did you expect to happen?
+- What happened instead?
+
+Make sure to include as much relevant information as possible. Ruby version,
+Pundit version, OS version and any stack traces you have are very valuable.
+
+## Pull Requests
+
+- **Add tests!** Your patch won't be accepted if it doesn't have tests.
+
+- **Document any change in behaviour**. Make sure the README and any other
+  relevant documentation are kept up-to-date.
+
+- **Create topic branches**. Please don't ask us to pull from your master branch.
+
+- **One pull request per feature**. If you want to do more than one thing, send
+  multiple pull requests.
+
+- **Send coherent history**. Make sure each individual commit in your pull
+  request is meaningful. If you had to make multiple intermediate commits while
+  developing, please squash them before sending them to us.

data/README.md

@@ -8,6 +8,17 @@ Pundit provides a set of helpers which guide you in leveraging regular Ruby
 classes and object oriented design patterns to build a simple, robust and
 scaleable authorization system.
 
+Links:
+
+- [API documentation](http://www.rubydoc.info/gems/pundit)
+- [Source Code](https://github.com/elabs/pundit)
+- [Contributing](https://github.com/elabs/pundit/blob/master/CONTRIBUTING.md)
+- [Code of Conduct](https://github.com/elabs/pundit/blob/master/CODE_OF_CONDUCT.md)
+
+Sponsored by:
+
+[<img src="http://d3cv91luii1z1d.cloudfront.net/logo-gh.png" alt="Elabs" height="50px"/>](http://elabs.se)
+
 ## Installation
 
 ``` ruby
@@ -75,11 +86,13 @@ generator, or set up your own base class to inherit from:
 ``` ruby
 class PostPolicy < ApplicationPolicy
   def update?
-    user.admin? or not post.published?
+    user.admin? or not record.published?
   end
 end
 ```
 
+In the generated `ApplicationPolicy`, the model object is called `record`.
+
 Supposing that you have an instance of class `Post`, Pundit now lets you do
 this in your controller:
 
@@ -136,10 +149,14 @@ you can retrieve it by passing a symbol.
 class DashboardPolicy < Struct.new(:user, :dashboard)
   # ...
 end
+```
 
+```ruby
 # In controllers
 authorize :dashboard, :show?
+```
 
+```erb
 # In views
 <% if policy(:dashboard).show? %>
   <%= link_to 'Dashboard', dashboard_path %>
@@ -160,7 +177,7 @@ end
 ```
 
 Likewise, Pundit also adds `verify_policy_scoped` to your controller.  This
-will raise an exception in the vein of `verify_authorized`.  However it tracks
+will raise an exception in the vein of `verify_authorized`.  However, it tracks
 if `policy_scope` is used instead of `authorize`.  This is mostly useful for
 controller actions like `index` which find collections with a scope and don't
 authorize individual instances.
@@ -171,6 +188,28 @@ class ApplicationController < ActionController::Base
 end
 ```
 
+If you're using `verify_authorized` in your controllers but need to
+conditionally bypass verification, you can use `skip_authorization`. For
+bypassing `verify_policy_scoped`, use `skip_policy_scope`. These are useful
+in circumstances where you don't want to disable verification for the
+entire action, but have some cases where you intend to not authorize.
+
+```ruby
+def show
+  record = Record.find_by(attribute: "value")
+  if record.present?
+    authorize record
+  else
+    skip_authorization
+  end
+end
+```
+
+If you need to perform some more sophisticated logic or you want to raise a custom
+exception you can use the two lower level methods `pundit_policy_authorized?`
+and `pundit_policy_scoped?` which return `true` or `false` depending on whether
+`authorize` or `policy_scope` have been called, respectively.
+
 ## Scopes
 
 Often, you will want to have some kind of view listing records which a
@@ -335,13 +374,13 @@ class ApplicationController < ActionController::Base
   private
 
   def user_not_authorized
-    flash[:error] = "You are not authorized to perform this action."
+    flash[:alert] = "You are not authorized to perform this action."
     redirect_to(request.referrer || root_path)
   end
 end
 ```
 
-### Creating custom error messages
+## Creating custom error messages
 
 `NotAuthorizedError`s provide information on what query (e.g. `:create?`), what
 record (e.g. an instance of `Post`), and what policy (e.g. an instance of
@@ -360,8 +399,7 @@ class ApplicationController < ActionController::Base
  def user_not_authorized(exception)
    policy_name = exception.policy.class.to_s.underscore
 
-   flash[:error] = I18n.t "pundit.#{policy_name}.#{exception.query}",
-     default: 'You cannot perform this action.'
+   flash[:error] = t "#{policy_name}.#{exception.query}", scope: "pundit", default: :default
    redirect_to(request.referrer || root_path)
  end
 end
@@ -370,6 +408,7 @@ end
 ```yaml
 en:
  pundit:
+   default: 'You cannot perform this action.'
    post_policy:
      update?: 'You cannot edit this post!'
      create?: 'You cannot create posts!'
@@ -408,14 +447,49 @@ def pundit_user
 end
 ```
 
+## Additional context
+
+Pundit strongly encourages you to model your application in such a way that the
+only context you need for authorization is a user object and a domain model that
+you want to check authorization for. If you find yourself needing more context than
+that, consider whether you are authorizing the right domain model, maybe another
+domain model (or a wrapper around multiple domain models) can provide the context
+you need.
+
+Pundit does not allow you to pass additional arguments to policies for precisely
+this reason.
+
+However, in very rare cases, you might need to authorize based on more context than just
+the currently authenticated user. Suppose for example that authorization is dependent
+on IP address in addition to the authenticated user. In that case, one option is to
+create a special class which wraps up both user and IP and passes it to the policy.
+
+``` ruby
+class UserContext
+  attr_reader :user, :ip
+
+  def initialize(user, ip)
+    @user = user
+    @ip = ip
+  end
+end
+
+class ApplicationController
+  include Pundit
+
+  def pundit_user
+    UserContext.new(current_user, request.ip)
+  end
+end
+```
+
 ## Strong parameters
 
 In Rails 4 (or Rails 3.2 with the
 [strong_parameters](https://github.com/rails/strong_parameters) gem),
-mass-assignment protection is handled in the controller.
-Pundit helps you permit different users to set different attributes. Don't
-forget to provide your policy an instance of object or a class so correct
-permissions could be loaded.
+mass-assignment protection is handled in the controller.  With Pundit you can
+control which attributes a user has access to update via your policies. You can
+set up a `permitted_attributes` method in your policy like this:
 
 ```ruby
 # app/policies/post_policy.rb
@@ -428,12 +502,16 @@ class PostPolicy < ApplicationPolicy
     end
   end
 end
+```
+
+You can now retrieve these attributes from the policy:
 
+```ruby
 # app/controllers/posts_controller.rb
 class PostsController < ApplicationController
   def update
     @post = Post.find(params[:id])
-    if @post.update(post_params)
+    if @post.update_attributes(post_params)
       redirect_to @post
     else
       render :edit
@@ -443,7 +521,23 @@ class PostsController < ApplicationController
   private
 
   def post_params
-    params.require(:post).permit(*policy(@post || Post).permitted_attributes)
+    params.require(:post).permit(policy(@post).permitted_attributes)
+  end
+end
+```
+
+However, this is a bit cumbersome, so Pundit provides a convenient helper method:
+
+```ruby
+# app/controllers/posts_controller.rb
+class PostsController < ApplicationController
+  def update
+    @post = Post.find(params[:id])
+    if @post.update_attributes(permitted_attributes(@post))
+      redirect_to @post
+    else
+      render :edit
+    end
   end
 end
 ```
@@ -463,7 +557,7 @@ Then put your policy specs in `spec/policies`, and make them look somewhat like
 
 ``` ruby
 describe PostPolicy do
-  subject { PostPolicy }
+  subject { described_class }
 
   permissions :update? do
     it "denies access if post is published" do
@@ -484,31 +578,6 @@ end
 An alternative approach to Pundit policy specs is scoping them to a user context as outlined in this
 [excellent post](http://thunderboltlabs.com/blog/2013/03/27/testing-pundit-policies-with-rspec/).
 
-### View Specs
-
-When writing view specs, you'll notice that the policy helper is not available
-and views under test that use it will fail. Thankfully, it's very easy to stub
-out the policy to have it return whatever is appropriate for the spec.
-
-``` ruby
-describe "users/show" do
-  before(:each) do
-    user = assign(:user, build_stubbed(:user))
-    controller.stub(:current_user).and_return user
-  end
-
-  it "renders the destroy action" do
-    allow(view).to receive(:policy).and_return double(edit?: false, destroy?: true)
-
-    render
-    expect(rendered).to match 'Destroy'
-  end
-end
-```
-
-This technique enables easy unit testing of tricky conditionaly view logic
-based on what is or is not authorized.
-
 # External Resources
 
 - [RailsApps Example Application: Pundit and Devise](https://github.com/RailsApps/rails-devise-pundit)

data/lib/generators/pundit/install/templates/application_policy.rb

@@ -51,4 +51,3 @@ class ApplicationPolicy
     end
   end
 end
-

data/lib/generators/rspec/templates/policy_spec.rb

@@ -1,20 +1,20 @@
-require 'spec_helper'
+require '<%= File.exists?('spec/rails_helper.rb') ? 'rails_helper' : 'spec_helper' %>'
 
 describe <%= class_name %>Policy do
 
   let(:user) { User.new }
 
-  subject { <%= class_name %>Policy }
+  subject { described_class }
 
   permissions ".scope" do
     pending "add some examples to (or delete) #{__FILE__}"
   end
 
-  permissions :create? do
+  permissions :show? do
     pending "add some examples to (or delete) #{__FILE__}"
   end
 
-  permissions :show? do
+  permissions :create? do
     pending "add some examples to (or delete) #{__FILE__}"
   end
 

data/lib/generators/test_unit/templates/policy_test.rb

@@ -5,10 +5,10 @@ class <%= class_name %>PolicyTest < ActiveSupport::TestCase
   def test_scope
   end
 
-  def test_create
+  def test_show
   end
 
-  def test_show
+  def test_create
   end
 
   def test_update

data/lib/pundit.rb

@@ -7,16 +7,39 @@ require "active_support/core_ext/module/introspection"
 require "active_support/dependencies/autoload"
 
 module Pundit
-  class NotAuthorizedError < StandardError
-    attr_accessor :query, :record, :policy
+  SUFFIX = "Policy"
+
+  class Error < StandardError; end
+  class NotAuthorizedError < Error
+    attr_reader :query, :record, :policy
+
+    def initialize(options = {})
+      @query  = options[:query]
+      @record = options[:record]
+      @policy = options[:policy]
+
+      message = options.fetch(:message) { "not allowed to #{query} this #{record.inspect}" }
+
+      super(message)
+    end
   end
-  class AuthorizationNotPerformedError < StandardError; end
+  class AuthorizationNotPerformedError < Error; end
   class PolicyScopingNotPerformedError < AuthorizationNotPerformedError; end
-  class NotDefinedError < StandardError; end
+  class NotDefinedError < Error; end
 
   extend ActiveSupport::Concern
 
   class << self
+    def authorize(user, record, query)
+      policy = policy!(user, record)
+
+      unless policy.public_send(query)
+        raise NotAuthorizedError.new(query: query, record: record, policy: policy)
+      end
+
+      true
+    end
+
     def policy_scope(user, scope)
       policy_scope = PolicyFinder.new(scope).scope
       policy_scope.new(user, scope).resolve if policy_scope
@@ -36,62 +59,100 @@ module Pundit
     end
   end
 
+  module Helper
+    def policy_scope(scope)
+      pundit_policy_scope(scope)
+    end
+  end
+
   included do
+    helper Helper if respond_to?(:helper)
     if respond_to?(:helper_method)
-      helper_method :policy_scope
       helper_method :policy
+      helper_method :pundit_policy_scope
       helper_method :pundit_user
     end
     if respond_to?(:hide_action)
-      hide_action :policy_scope
-      hide_action :policy_scope=
       hide_action :policy
-      hide_action :policy=
+      hide_action :policy_scope
+      hide_action :policies
+      hide_action :policy_scopes
       hide_action :authorize
       hide_action :verify_authorized
       hide_action :verify_policy_scoped
+      hide_action :permitted_attributes
       hide_action :pundit_user
+      hide_action :skip_authorization
+      hide_action :skip_policy_scope
     end
   end
 
+  def pundit_policy_authorized?
+    !!@_pundit_policy_authorized
+  end
+
+  def pundit_policy_scoped?
+    !!@_pundit_policy_scoped
+  end
+
   def verify_authorized
-    raise AuthorizationNotPerformedError unless @_policy_authorized
+    raise AuthorizationNotPerformedError unless pundit_policy_authorized?
   end
 
   def verify_policy_scoped
-    raise PolicyScopingNotPerformedError unless @_policy_scoped
+    raise PolicyScopingNotPerformedError unless pundit_policy_scoped?
   end
 
   def authorize(record, query=nil)
     query ||= params[:action].to_s + "?"
-    @_policy_authorized = true
+
+    @_pundit_policy_authorized = true
 
     policy = policy(record)
     unless policy.public_send(query)
-      error = NotAuthorizedError.new("not allowed to #{query} this #{record}")
-      error.query, error.record, error.policy = query, record, policy
-
-      raise error
+      raise NotAuthorizedError.new(query: query, record: record, policy: policy)
     end
 
     true
   end
 
+  def skip_authorization
+    @_pundit_policy_authorized = true
+  end
+
+  def skip_policy_scope
+    @_pundit_policy_scoped = true
+  end
+
   def policy_scope(scope)
-    @_policy_scoped = true
-    @policy_scope or Pundit.policy_scope!(pundit_user, scope)
+    @_pundit_policy_scoped = true
+    pundit_policy_scope(scope)
   end
-  attr_writer :policy_scope
 
   def policy(record)
-    @_policy or Pundit.policy!(pundit_user, record)
+    policies[record] ||= Pundit.policy!(pundit_user, record)
   end
 
-  def policy=(policy)
-    @_policy = policy
+  def permitted_attributes(record)
+    name = record.class.to_s.demodulize.underscore
+    params.require(name).permit(policy(record).permitted_attributes)
+  end
+
+  def policies
+    @_pundit_policies ||= {}
+  end
+
+  def policy_scopes
+    @_pundit_policy_scopes ||= {}
   end
 
   def pundit_user
     current_user
   end
+
+private
+
+  def pundit_policy_scope(scope)
+    policy_scopes[scope] ||= Pundit.policy_scope!(pundit_user, scope)
+  end
 end

data/lib/pundit/policy_finder.rb

@@ -21,17 +21,21 @@ module Pundit
     end
 
     def scope!
-      scope or raise NotDefinedError, "unable to find scope #{find}::Scope for #{object}"
+      raise NotDefinedError, "unable to find policy scope of nil" if object.nil?
+      scope or raise NotDefinedError, "unable to find scope `#{find}::Scope` for `#{object.inspect}`"
     end
 
     def policy!
-      policy or raise NotDefinedError, "unable to find policy #{find} for #{object}"
+      raise NotDefinedError, "unable to find policy of nil" if object.nil?
+      policy or raise NotDefinedError, "unable to find policy `#{find}` for `#{object.inspect}`"
     end
 
   private
 
     def find
-      if object.respond_to?(:policy_class)
+      if object.nil?
+        nil
+      elsif object.respond_to?(:policy_class)
         object.policy_class
       elsif object.class.respond_to?(:policy_class)
         object.class.policy_class
@@ -44,10 +48,12 @@ module Pundit
           object
         elsif object.is_a?(Symbol)
           object.to_s.classify
+        elsif object.is_a?(Array)
+          object.join('/').to_s.classify
         else
           object.class
         end
-        "#{klass}Policy"
+        "#{klass}#{SUFFIX}"
       end
     end
   end

data/lib/pundit/rspec.rb

@@ -7,19 +7,23 @@ module Pundit
 
       matcher :permit do |user, record|
         match_proc = lambda do |policy|
-          permissions.all? { |permission| policy.new(user, record).public_send(permission) }
+          @violating_permissions = permissions.find_all { |permission| not policy.new(user, record).public_send(permission) }
+          @violating_permissions.empty?
         end
 
         match_when_negated_proc = lambda do |policy|
-          permissions.none? { |permission| policy.new(user, record).public_send(permission) }
+          @violating_permissions = permissions.find_all { |permission| policy.new(user, record).public_send(permission) }
+          @violating_permissions.empty?
         end
 
         failure_message_proc = lambda do |policy|
-          "Expected #{policy} to grant #{permissions.to_sentence} on #{record} but it didn't"
+          was_were = @violating_permissions.count > 1 ? "were" : "was"
+          "Expected #{policy} to grant #{permissions.to_sentence} on #{record} but #{@violating_permissions.to_sentence} #{was_were} not granted"
         end
 
         failure_message_when_negated_proc = lambda do |policy|
-          "Expected #{policy} not to grant #{permissions.to_sentence} on #{record} but it did"
+          was_were = @violating_permissions.count > 1 ? "were" : "was"
+          "Expected #{policy} not to grant #{permissions.to_sentence} on #{record} but #{@violating_permissions.to_sentence} #{was_were} granted"
         end
 
         if respond_to?(:match_when_negated)

data/lib/pundit/version.rb

@@ -1,3 +1,3 @@
 module Pundit
-  VERSION = "0.3.0"
+  VERSION = "1.0.0"
 end

data/pundit.gemspec

@@ -20,6 +20,7 @@ Gem::Specification.new do |gem|
 
   gem.add_dependency "activesupport", ">= 3.0.0"
   gem.add_development_dependency "activemodel", ">= 3.0.0"
+  gem.add_development_dependency "actionpack", ">= 3.0.0"
   gem.add_development_dependency "bundler", "~> 1.3"
   gem.add_development_dependency "rspec", ">=2.0.0"
   gem.add_development_dependency "pry"

data/spec/policies/post_policy_spec.rb

@@ -4,7 +4,7 @@ describe PostPolicy do
   let(:user) { double }
   let(:own_post) { double(user: user) }
   let(:other_post) { double(user: double) }
-  subject { PostPolicy }
+  subject { described_class }
 
   permissions :update?, :show? do
     it "is successful when all permissions match" do

data/spec/pundit_spec.rb

@@ -8,6 +8,27 @@ describe Pundit do
   let(:controller) { Controller.new(user, { :action => 'update' }) }
   let(:artificial_blog) { ArtificialBlog.new }
   let(:article_tag) { ArticleTag.new }
+  let(:comments_relation) { CommentsRelation.new }
+  let(:empty_comments_relation) { CommentsRelation.new(true) }
+
+  describe ".authorize" do
+    it "infers the policy and authorizes based on it" do
+      expect(Pundit.authorize(user, post, :update?)).to be_truthy
+    end
+
+    it "works with anonymous class policies" do
+      expect(Pundit.authorize(user, article_tag, :show?)).to be_truthy
+      expect { Pundit.authorize(user, article_tag, :destroy?) }.to raise_error(Pundit::NotAuthorizedError)
+    end
+
+    it "raises an error with a query and action" do
+      expect { Pundit.authorize(user, post, :destroy?) }.to raise_error(Pundit::NotAuthorizedError, "not allowed to destroy? this #<Post>") do |error|
+        expect(error.query).to eq :destroy?
+        expect(error.record).to eq post
+        expect(error.policy).to eq Pundit.policy(user, post)
+      end
+    end
+  end
 
   describe ".policy_scope" do
     it "returns an instantiated policy scope given a plain model class" do
@@ -18,9 +39,21 @@ describe Pundit do
       expect(Pundit.policy_scope(user, Comment)).to eq Comment
     end
 
+    it "returns an instantiated policy scope given an active record relation" do
+      expect(Pundit.policy_scope(user, comments_relation)).to eq comments_relation
+    end
+
+    it "returns an instantiated policy scope given an empty active record relation" do
+      expect(Pundit.policy_scope(user, empty_comments_relation)).to eq empty_comments_relation
+    end
+
     it "returns nil if the given policy scope can't be found" do
       expect(Pundit.policy_scope(user, Article)).to be_nil
     end
+
+    it "returns nil if blank object given" do
+      expect(Pundit.policy_scope(user, nil)).to be_nil
+    end
   end
 
   describe ".policy_scope!" do
@@ -39,6 +72,10 @@ describe Pundit do
     it "throws an exception if the given policy scope can't be found" do
       expect { Pundit.policy_scope!(user, ArticleTag) }.to raise_error(Pundit::NotDefinedError)
     end
+
+    it "throws an exception if the given policy scope is nil" do
+      expect { Pundit.policy_scope!(user, nil) }.to raise_error(Pundit::NotDefinedError, "unable to find policy scope of nil")
+    end
   end
 
   describe ".policy" do
@@ -71,6 +108,10 @@ describe Pundit do
       expect(Pundit.policy(user, Article)).to be_nil
     end
 
+    it "returns nil if the given policy is nil" do
+      expect(Pundit.policy(user, nil)).to be_nil
+    end
+
     describe "with .policy_class set on the model" do
       it "returns an instantiated policy given a plain model instance" do
         policy = Pundit.policy(user, artificial_blog)
@@ -102,6 +143,13 @@ describe Pundit do
         expect(policy.user).to eq user
         expect(policy.dashboard).to eq :dashboard
       end
+
+      it "returns an instantiated policy given an array" do
+        policy = Pundit.policy(user, [:project, :dashboard])
+        expect(policy.class).to eq Project::DashboardPolicy
+        expect(policy.user).to eq user
+        expect(policy.dashboard).to eq [:project, :dashboard]
+      end
     end
   end
 
@@ -137,10 +185,21 @@ describe Pundit do
       expect(policy.dashboard).to eq :dashboard
     end
 
+    it "returns an instantiated policy given an array" do
+      policy = Pundit.policy!(user, [:project, :dashboard])
+      expect(policy.class).to eq Project::DashboardPolicy
+      expect(policy.user).to eq user
+      expect(policy.dashboard).to eq [:project, :dashboard]
+    end
+
     it "throws an exception if the given policy can't be found" do
       expect { Pundit.policy!(user, article) }.to raise_error(Pundit::NotDefinedError)
       expect { Pundit.policy!(user, Article) }.to raise_error(Pundit::NotDefinedError)
     end
+
+    it "throws an exception if the given policy is nil" do
+      expect { Pundit.policy!(user, nil) }.to raise_error(Pundit::NotDefinedError, "unable to find policy of nil")
+    end
   end
 
   describe "#verify_authorized" do
@@ -165,8 +224,30 @@ describe Pundit do
     end
   end
 
+  describe "#pundit_policy_authorized?" do
+    it "is true when authorized" do
+      controller.authorize(post)
+      expect(controller.pundit_policy_authorized?).to be true
+    end
+
+    it "is false when not authorized" do
+      expect(controller.pundit_policy_authorized?).to be false
+    end
+  end
+
+  describe "#pundit_policy_scoped?" do
+    it "is true when policy_scope is used" do
+      controller.policy_scope(Post)
+      expect(controller.pundit_policy_scoped?).to be true
+    end
+
+    it "is false when policy scope is not used" do
+      expect(controller.pundit_policy_scoped?).to be false
+    end
+  end
+
   describe "#authorize" do
-    it "infers the policy name and authorized based on it" do
+    it "infers the policy name and authorizes based on it" do
       expect(controller.authorize(post)).to be_truthy
     end
 
@@ -180,16 +261,36 @@ describe Pundit do
       expect { controller.authorize(article_tag, :destroy?) }.to raise_error(Pundit::NotAuthorizedError)
     end
 
-    it "raises an error when the permission check fails" do
+    it "throws an exception when the permission check fails" do
       expect { controller.authorize(Post.new) }.to raise_error(Pundit::NotAuthorizedError)
     end
 
-    it "raises an error with a query and action" do
-      expect { controller.authorize(post, :destroy?) }.to raise_error do |error|
-        expect(error.query).to eq :destroy?
-        expect(error.record).to eq post
-        expect(error.policy).to eq controller.policy(post)
-      end
+    it "throws an exception when a policy cannot be found" do
+      expect { controller.authorize(Article) }.to raise_error(Pundit::NotDefinedError)
+    end
+
+    it "caches the policy" do
+      expect(controller.policies[post]).to be_nil
+      controller.authorize(post)
+      expect(controller.policies[post]).not_to be_nil
+    end
+
+    it "raises an error when the given record is nil" do
+      expect { controller.authorize(nil, :destroy?) }.to raise_error(Pundit::NotDefinedError)
+    end
+  end
+
+  describe "#skip_authorization" do
+    it "disables authorization verification" do
+      controller.skip_authorization
+      expect { controller.verify_authorized }.not_to raise_error
+    end
+  end
+
+  describe "#skip_policy_scope" do
+    it "disables policy scope verification" do
+      controller.skip_policy_scope
+      expect { controller.verify_policy_scoped }.not_to raise_error
     end
   end
 
@@ -199,7 +300,7 @@ describe Pundit do
     end
   end
 
-  describe ".policy" do
+  describe "#policy" do
     it "returns an instantiated policy" do
       policy = controller.policy(post)
       expect(policy.user).to eq user
@@ -212,13 +313,13 @@ describe Pundit do
 
     it "allows policy to be injected" do
       new_policy = OpenStruct.new
-      controller.policy = new_policy
+      controller.policies[post] = new_policy
 
       expect(controller.policy(post)).to eq new_policy
     end
   end
 
-  describe ".policy_scope" do
+  describe "#policy_scope" do
     it "returns an instantiated policy scope" do
       expect(controller.policy_scope(Post)).to eq :published
     end
@@ -229,9 +330,18 @@ describe Pundit do
 
     it "allows policy_scope to be injected" do
       new_scope = OpenStruct.new
-      controller.policy_scope = new_scope
+      controller.policy_scopes[Post] = new_scope
+
+      expect(controller.policy_scope(Post)).to eq new_scope
+    end
+  end
+
+  describe "#permitted_attributes" do
+    it "checks policy for permitted attributes" do
+      params = ActionController::Parameters.new({ action: 'update', post: { title: 'Hello', votes: 5, admin: true } })
 
-      expect(controller.policy_scope(post)).to eq new_scope
+      expect(Controller.new(user, params).permitted_attributes(post)).to eq({ 'title' => 'Hello', 'votes' => 5 })
+      expect(Controller.new(double, params).permitted_attributes(post)).to eq({ 'votes' => 5 })
     end
   end
 end

data/spec/spec_helper.rb

@@ -1,19 +1,13 @@
-require "active_support/core_ext/kernel"
-
-warnings = capture(:stderr) do
-  require "pundit"
-  require "pundit/rspec"
-end
-
-unless warnings.to_s.empty?
-  puts "ERROR: Encountered deprecation warning!"
-  puts warnings
-  exit 1
-end
+require "pundit"
+require "pundit/rspec"
 
+require "rack"
+require "rack/test"
 require "pry"
+require "active_support"
 require "active_support/core_ext"
 require "active_model/naming"
+require "action_controller/metal/strong_parameters"
 
 I18n.enforce_available_locales = false
 
@@ -41,6 +35,13 @@ class PostPolicy < Struct.new(:user, :post)
   def show?
     true
   end
+  def permitted_attributes
+    if post.user == user
+      [:title, :votes]
+    else
+      [:votes]
+    end
+  end
 end
 class PostPolicy::Scope < Struct.new(:user, :scope)
   def resolve
@@ -51,6 +52,8 @@ class Post < Struct.new(:user)
   def self.published
     :published
   end
+  def to_s; "Post"; end
+  def inspect; "#<Post>"; end
 end
 
 class CommentPolicy < Struct.new(:user, :comment); end
@@ -61,6 +64,13 @@ class CommentPolicy::Scope < Struct.new(:user, :scope)
 end
 class Comment; extend ActiveModel::Naming; end
 
+# minimum mock for an ActiveRecord Relation returning comments
+class CommentsRelation
+  def initialize(empty=false); @empty=empty; end
+  def blank?; @empty; end
+  def model_name; Comment.model_name; end
+end
+
 class Article; end
 
 class BlogPolicy < Struct.new(:user, :blog); end
@@ -85,6 +95,16 @@ end
 
 class DashboardPolicy < Struct.new(:user, :dashboard); end
 
+module Project
+  class DashboardPolicy < Struct.new(:user, :dashboard); end
+end
+
+class DenierPolicy < Struct.new(:user, :record)
+  def update?
+    false
+  end
+end
+
 class Controller
   include Pundit
 
@@ -95,3 +115,15 @@ class Controller
     @params = params
   end
 end
+
+class NilClassPolicy
+  class Scope
+    def initialize(*)
+      raise "I'm only here to be annoying!"
+    end
+  end
+
+  def initialize(*)
+    raise "I'm only here to be annoying!"
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pundit
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 1.0.0
 platform: ruby
 authors:
 - Jonas Nicklas
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-08-22 00:00:00.000000000 Z
+date: 2015-04-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -39,6 +39,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 3.0.0
+- !ruby/object:Gem::Dependency
+  name: actionpack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.0.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.0.0
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -120,6 +134,8 @@ files:
 - ".gitignore"
 - ".travis.yml"
 - CHANGELOG.md
+- CODE_OF_CONDUCT.md
+- CONTRIBUTING.md
 - Gemfile
 - LICENSE.txt
 - README.md
@@ -162,7 +178,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.2
+rubygems_version: 2.4.5
 signing_key: 
 specification_version: 4
 summary: OO authorization for Rails