rails-acu 2.2.0 → 3.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +17 -16
- data/README.md +17 -2
- data/lib/acu/monitor.rb +18 -10
- data/lib/acu/rules.rb +8 -4
- data/lib/acu/utilities.rb +5 -1
- data/lib/acu/version.rb +1 -1
- data/spec/dummy/app/assets/javascripts/admin/booking/chats.js +2 -0
- data/spec/dummy/app/assets/javascripts/admin/booking/lists.js +2 -0
- data/spec/dummy/app/assets/stylesheets/admin/booking/chats.css +4 -0
- data/spec/dummy/app/assets/stylesheets/admin/booking/lists.css +4 -0
- data/spec/dummy/app/controllers/admin/booking/chats_controller.rb +58 -0
- data/spec/dummy/app/controllers/admin/booking/lists_controller.rb +9 -0
- data/spec/dummy/app/helpers/admin/booking/chats_helper.rb +2 -0
- data/spec/dummy/app/helpers/admin/booking/lists_helper.rb +2 -0
- data/spec/dummy/app/models/admin/booking.rb +5 -0
- data/spec/dummy/app/models/admin/booking/chat.rb +2 -0
- data/spec/dummy/app/models/admin/booking/list.rb +2 -0
- data/spec/dummy/app/views/admin/booking/chats/_form.html.erb +22 -0
- data/spec/dummy/app/views/admin/booking/chats/edit.html.erb +6 -0
- data/spec/dummy/app/views/admin/booking/chats/index.html.erb +27 -0
- data/spec/dummy/app/views/admin/booking/chats/new.html.erb +5 -0
- data/spec/dummy/app/views/admin/booking/chats/show.html.erb +9 -0
- data/spec/dummy/app/views/admin/booking/lists/_form.html.erb +22 -0
- data/spec/dummy/app/views/admin/booking/lists/edit.html.erb +6 -0
- data/spec/dummy/app/views/admin/booking/lists/index.html.erb +27 -0
- data/spec/dummy/app/views/admin/booking/lists/new.html.erb +5 -0
- data/spec/dummy/app/views/admin/booking/lists/show.html.erb +9 -0
- data/spec/dummy/config/routes.rb +12 -0
- data/spec/dummy/db/migrate/20170506054319_create_admin_booking_lists.rb +9 -0
- data/spec/dummy/db/migrate/20170506081928_create_admin_booking_chats.rb +9 -0
- data/spec/dummy/db/schema.rb +7 -1
- data/spec/dummy/spec/controllers/admin/booking/chats_controller_spec.rb +23 -0
- data/spec/dummy/spec/controllers/admin/booking/lists_controller_spec.rb +215 -0
- data/spec/dummy/spec/controllers/admin/manage_controller_spec.rb +6 -6
- data/spec/dummy/spec/controllers/home_controller_spec.rb +47 -47
- metadata +52 -2
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
<p id="notice"><%= notice %></p>
|
|
2
|
+
|
|
3
|
+
<h1>Admin Booking Lists</h1>
|
|
4
|
+
|
|
5
|
+
<table>
|
|
6
|
+
<thead>
|
|
7
|
+
<tr>
|
|
8
|
+
<th>Name</th>
|
|
9
|
+
<th colspan="3"></th>
|
|
10
|
+
</tr>
|
|
11
|
+
</thead>
|
|
12
|
+
|
|
13
|
+
<tbody>
|
|
14
|
+
<% @admin_booking_lists.each do |admin_booking_list| %>
|
|
15
|
+
<tr>
|
|
16
|
+
<td><%= admin_booking_list.name %></td>
|
|
17
|
+
<td><%= link_to 'Show', admin_booking_list %></td>
|
|
18
|
+
<td><%= link_to 'Edit', edit_admin_booking_list_path(admin_booking_list) %></td>
|
|
19
|
+
<td><%= link_to 'Destroy', admin_booking_list, method: :delete, data: { confirm: 'Are you sure?' } %></td>
|
|
20
|
+
</tr>
|
|
21
|
+
<% end %>
|
|
22
|
+
</tbody>
|
|
23
|
+
</table>
|
|
24
|
+
|
|
25
|
+
<br>
|
|
26
|
+
|
|
27
|
+
<%= link_to 'New Admin Booking List', new_admin_booking_list_path %>
|
data/spec/dummy/config/routes.rb
CHANGED
|
@@ -1,5 +1,17 @@
|
|
|
1
1
|
Rails.application.routes.draw do
|
|
2
2
|
|
|
3
|
+
namespace :admin do
|
|
4
|
+
namespace :booking do
|
|
5
|
+
resources :chats
|
|
6
|
+
end
|
|
7
|
+
end
|
|
8
|
+
namespace :admin do
|
|
9
|
+
namespace :booking do
|
|
10
|
+
get 'lists/index'
|
|
11
|
+
get 'lists/show'
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
|
|
3
15
|
namespace :admin do
|
|
4
16
|
get 'manage/index'
|
|
5
17
|
get 'manage/show'
|
data/spec/dummy/db/schema.rb
CHANGED
|
@@ -10,7 +10,13 @@
|
|
|
10
10
|
#
|
|
11
11
|
# It's strongly recommended that you check this file into your version control system.
|
|
12
12
|
|
|
13
|
-
ActiveRecord::Schema.define(version:
|
|
13
|
+
ActiveRecord::Schema.define(version: 20170506054319) do
|
|
14
|
+
|
|
15
|
+
create_table "admin_booking_lists", force: :cascade do |t|
|
|
16
|
+
t.string "name"
|
|
17
|
+
t.datetime "created_at", null: false
|
|
18
|
+
t.datetime "updated_at", null: false
|
|
19
|
+
end
|
|
14
20
|
|
|
15
21
|
create_table "books", force: :cascade do |t|
|
|
16
22
|
t.string "name"
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
require 'rails_helper'
|
|
2
|
+
|
|
3
|
+
# This spec was generated by rspec-rails when you ran the scaffold generator.
|
|
4
|
+
# It demonstrates how one might use RSpec to specify the controller code that
|
|
5
|
+
# was generated by Rails when you ran the scaffold generator.
|
|
6
|
+
#
|
|
7
|
+
# It assumes that the implementation code is generated by the rails scaffold
|
|
8
|
+
# generator. If you are using any extension libraries to generate different
|
|
9
|
+
# controller code, this generated spec may or may not pass.
|
|
10
|
+
#
|
|
11
|
+
# It only uses APIs available in rails and/or rspec-rails. There are a number
|
|
12
|
+
# of tools you can use to make these specs even more expressive, but we're
|
|
13
|
+
# sticking to rails and rspec-rails APIs to keep things simple and stable.
|
|
14
|
+
#
|
|
15
|
+
# Compared to earlier versions of this generator, there is very limited use of
|
|
16
|
+
# stubs and message expectations in this spec. Stubs are only used when there
|
|
17
|
+
# is no simpler way to get a handle on the object needed for the example.
|
|
18
|
+
# Message expectations are only used when there is no simpler way to specify
|
|
19
|
+
# that an instance is receiving a specific message.
|
|
20
|
+
|
|
21
|
+
RSpec.describe Admin::Booking::ChatsController, type: :controller do
|
|
22
|
+
|
|
23
|
+
end
|
|
@@ -0,0 +1,215 @@
|
|
|
1
|
+
require 'rails_helper'
|
|
2
|
+
|
|
3
|
+
# This spec was generated by rspec-rails when you ran the scaffold generator.
|
|
4
|
+
# It demonstrates how one might use RSpec to specify the controller code that
|
|
5
|
+
# was generated by Rails when you ran the scaffold generator.
|
|
6
|
+
#
|
|
7
|
+
# It assumes that the implementation code is generated by the rails scaffold
|
|
8
|
+
# generator. If you are using any extension libraries to generate different
|
|
9
|
+
# controller code, this generated spec may or may not pass.
|
|
10
|
+
#
|
|
11
|
+
# It only uses APIs available in rails and/or rspec-rails. There are a number
|
|
12
|
+
# of tools you can use to make these specs even more expressive, but we're
|
|
13
|
+
# sticking to rails and rspec-rails APIs to keep things simple and stable.
|
|
14
|
+
#
|
|
15
|
+
# Compared to earlier versions of this generator, there is very limited use of
|
|
16
|
+
# stubs and message expectations in this spec. Stubs are only used when there
|
|
17
|
+
# is no simpler way to get a handle on the object needed for the example.
|
|
18
|
+
# Message expectations are only used when there is no simpler way to specify
|
|
19
|
+
# that an instance is receiving a specific message.
|
|
20
|
+
|
|
21
|
+
RSpec.describe Admin::Booking::ListsController, type: :controller do
|
|
22
|
+
|
|
23
|
+
before(:each) {
|
|
24
|
+
# reset rules
|
|
25
|
+
Acu::Rules.reset
|
|
26
|
+
# reset configs
|
|
27
|
+
Acu.setup do |config|
|
|
28
|
+
config.allow_by_default = false
|
|
29
|
+
config.audit_log_file = '/tmp/acu-rspec.log'
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
Acu::Rules.define do
|
|
33
|
+
whois :admin, args: [:c] { |c| c == :admin }
|
|
34
|
+
whois :client, args: [:c] { |c| c == :client }
|
|
35
|
+
end
|
|
36
|
+
}
|
|
37
|
+
|
|
38
|
+
def as e, &block
|
|
39
|
+
Acu::Monitor.args c: e
|
|
40
|
+
block.call()
|
|
41
|
+
Acu::Monitor.args c: nil
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
def as_admin &block
|
|
45
|
+
as :admin, &block
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
def as_client &block
|
|
49
|
+
as :client, &block
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
it "should work with top-level namespace rules" do
|
|
53
|
+
Acu::Rules.define do
|
|
54
|
+
namespace :admin do
|
|
55
|
+
allow :admin
|
|
56
|
+
controller :lists, only: [:show] do
|
|
57
|
+
allow :client
|
|
58
|
+
end
|
|
59
|
+
end
|
|
60
|
+
end
|
|
61
|
+
as_admin do
|
|
62
|
+
get :index
|
|
63
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\["admin", "booking"\].*controller=\["lists"\].*action=\["index"\].*as `:admin`/
|
|
64
|
+
end
|
|
65
|
+
as_client do
|
|
66
|
+
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
67
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\["admin", "booking"\].*controller=\["lists"\].*action=\["index"\].*\[autherized by :allow_by_default\]/
|
|
68
|
+
end
|
|
69
|
+
|
|
70
|
+
[:client, :admin].each do |cc|
|
|
71
|
+
as cc do
|
|
72
|
+
get :show
|
|
73
|
+
end
|
|
74
|
+
end
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
|
|
78
|
+
it "should work with nested namespace rules" do
|
|
79
|
+
Acu::Rules.define do
|
|
80
|
+
namespace :admin do
|
|
81
|
+
allow :admin
|
|
82
|
+
namespace :booking do
|
|
83
|
+
controller :lists, only: [:show] do
|
|
84
|
+
allow :client
|
|
85
|
+
end
|
|
86
|
+
end
|
|
87
|
+
end
|
|
88
|
+
end
|
|
89
|
+
as_admin do
|
|
90
|
+
get :index
|
|
91
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\["admin", "booking"\].*controller=\["lists"\].*action=\["index"\].*as `:admin`/
|
|
92
|
+
end
|
|
93
|
+
as_client do
|
|
94
|
+
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
95
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\["admin", "booking"\].*controller=\["lists"\].*action=\["index"\].*\[autherized by :allow_by_default\]/
|
|
96
|
+
end
|
|
97
|
+
|
|
98
|
+
[:client, :admin].each do |cc|
|
|
99
|
+
as cc do
|
|
100
|
+
get :show
|
|
101
|
+
end
|
|
102
|
+
end
|
|
103
|
+
end
|
|
104
|
+
|
|
105
|
+
context "nested namespace only/expect tags" do
|
|
106
|
+
it 'should not allow nested `only` tags' do
|
|
107
|
+
expect {
|
|
108
|
+
Acu::Rules.define do
|
|
109
|
+
namespace :admin, only: [:index] do
|
|
110
|
+
allow :admin
|
|
111
|
+
namespace :booking, only: [:show] do
|
|
112
|
+
allow :client
|
|
113
|
+
end
|
|
114
|
+
end
|
|
115
|
+
end
|
|
116
|
+
}.to raise_error(Acu::Errors::AmbiguousRule)
|
|
117
|
+
end
|
|
118
|
+
it 'should not allow nested `except` tags' do
|
|
119
|
+
expect {
|
|
120
|
+
Acu::Rules.define do
|
|
121
|
+
namespace :admin, except: [:index] do
|
|
122
|
+
allow :admin
|
|
123
|
+
namespace :booking, except: [:show] do
|
|
124
|
+
allow :client
|
|
125
|
+
end
|
|
126
|
+
end
|
|
127
|
+
end
|
|
128
|
+
}.to raise_error(Acu::Errors::AmbiguousRule)
|
|
129
|
+
end
|
|
130
|
+
it 'should not allow nested `except/only` tags' do
|
|
131
|
+
expect {
|
|
132
|
+
Acu::Rules.define do
|
|
133
|
+
namespace :admin, except: [:index] do
|
|
134
|
+
allow :admin
|
|
135
|
+
namespace :booking, only: [:show] do
|
|
136
|
+
allow :client
|
|
137
|
+
end
|
|
138
|
+
end
|
|
139
|
+
end
|
|
140
|
+
}.to raise_error(Acu::Errors::AmbiguousRule)
|
|
141
|
+
expect {
|
|
142
|
+
Acu::Rules.define do
|
|
143
|
+
namespace :admin, except: [:index], only: [:show] do
|
|
144
|
+
allow :admin
|
|
145
|
+
namespace :booking do
|
|
146
|
+
allow :client
|
|
147
|
+
end
|
|
148
|
+
end
|
|
149
|
+
end
|
|
150
|
+
}.to raise_error(Acu::Errors::AmbiguousRule)
|
|
151
|
+
end
|
|
152
|
+
|
|
153
|
+
it "nested namespaces should work with `only` tags" do
|
|
154
|
+
Acu::Rules.define do
|
|
155
|
+
namespace :admin, only: [:lists] do
|
|
156
|
+
allow :admin
|
|
157
|
+
namespace :booking do
|
|
158
|
+
allow :client
|
|
159
|
+
end
|
|
160
|
+
end
|
|
161
|
+
end
|
|
162
|
+
[:admin, :client].each do |_as|
|
|
163
|
+
as _as do
|
|
164
|
+
[:index, :show].each do |a|
|
|
165
|
+
get a
|
|
166
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\["admin", "booking"\].*controller=\["lists"\].*action=\["#{a.to_s}"\].*as `:#{_as.to_s}`/
|
|
167
|
+
end
|
|
168
|
+
end
|
|
169
|
+
end
|
|
170
|
+
end
|
|
171
|
+
|
|
172
|
+
it "nested namespaces should work with `expect` tags [1/2]" do
|
|
173
|
+
Acu::Rules.define do
|
|
174
|
+
namespace :admin do
|
|
175
|
+
allow :admin
|
|
176
|
+
namespace :booking, except: [:lists] do
|
|
177
|
+
allow :client
|
|
178
|
+
end
|
|
179
|
+
end
|
|
180
|
+
end
|
|
181
|
+
as_admin do
|
|
182
|
+
[:index, :show].each do |a|
|
|
183
|
+
get a
|
|
184
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\["admin", "booking"\].*controller=\["lists"\].*action=\["#{a.to_s}"\].*as `:admin`/
|
|
185
|
+
end
|
|
186
|
+
end
|
|
187
|
+
as_client do
|
|
188
|
+
[:index, :show].each do |a|
|
|
189
|
+
expect {get a}.to raise_error(Acu::Errors::AccessDenied)
|
|
190
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\["admin", "booking"\].*controller=\["lists"\].*action=\["#{a.to_s}"\].*\[autherized by :allow_by_default\]/
|
|
191
|
+
end
|
|
192
|
+
end
|
|
193
|
+
end
|
|
194
|
+
|
|
195
|
+
it "nested namespaces should work with `expect` tags [2/2]" do
|
|
196
|
+
Acu::Rules.define do
|
|
197
|
+
namespace :admin, except: [:lists] do
|
|
198
|
+
allow :admin
|
|
199
|
+
namespace :booking do
|
|
200
|
+
allow :client
|
|
201
|
+
end
|
|
202
|
+
end
|
|
203
|
+
end
|
|
204
|
+
[:admin, :client].each do |_as|
|
|
205
|
+
as _as do
|
|
206
|
+
[:index, :show].each do |a|
|
|
207
|
+
expect {get a}.to raise_error(Acu::Errors::AccessDenied)
|
|
208
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\["admin", "booking"\].*controller=\["lists"\].*action=\["#{a.to_s}"\].*\[autherized by :allow_by_default\]/
|
|
209
|
+
end
|
|
210
|
+
end
|
|
211
|
+
end
|
|
212
|
+
end
|
|
213
|
+
end
|
|
214
|
+
|
|
215
|
+
end
|
|
@@ -28,7 +28,7 @@ RSpec.describe Admin::ManageController, type: :controller do
|
|
|
28
28
|
end
|
|
29
29
|
# we filtered the default namespace not this
|
|
30
30
|
get :index
|
|
31
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace
|
|
31
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\["admin"\].*controller=\["manage"\].*action=\["index"\].*as `:everyone`/
|
|
32
32
|
|
|
33
33
|
Acu::Rules.define do
|
|
34
34
|
namespace :admin, except: [:posts] do
|
|
@@ -39,11 +39,11 @@ RSpec.describe Admin::ManageController, type: :controller do
|
|
|
39
39
|
end
|
|
40
40
|
end
|
|
41
41
|
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
42
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
42
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\["admin"\].*controller=\["manage"\].*action=\["index"\].*as `:everyone`/
|
|
43
43
|
expect {get :show}.to raise_error(Acu::Errors::AccessDenied)
|
|
44
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
44
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\["admin"\].*controller=\["manage"\].*action=\["show"\].*as `:everyone`/
|
|
45
45
|
expect {get :list}.to raise_error(Acu::Errors::AccessDenied)
|
|
46
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
46
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\["admin"\].*controller=\["manage"\].*action=\["list"\].*as `:everyone`/
|
|
47
47
|
end
|
|
48
48
|
it '[local-global & args]' do
|
|
49
49
|
Acu::Rules.define do
|
|
@@ -58,10 +58,10 @@ RSpec.describe Admin::ManageController, type: :controller do
|
|
|
58
58
|
end
|
|
59
59
|
Acu::Monitor.args c: :admin
|
|
60
60
|
get :index
|
|
61
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace
|
|
61
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\["admin"\].*controller=\["manage"\].*action=\["index"\].*as `:admin`/
|
|
62
62
|
Acu::Monitor.args c: :client
|
|
63
63
|
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
64
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
64
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\["admin"\].*controller=\["manage"\].*action=\["index"\].*\[autherized by :allow_by_default\]/
|
|
65
65
|
|
|
66
66
|
[:client, :admin].each do |cc|
|
|
67
67
|
Acu::Monitor.args c: cc
|
|
@@ -65,7 +65,7 @@ RSpec.describe HomeController, type: :controller do
|
|
|
65
65
|
expect(Acu::Rules.rules.length).to be 1
|
|
66
66
|
expect(Acu::Rules.rules[{}].length).to be 2
|
|
67
67
|
get :index
|
|
68
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace
|
|
68
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*as `:everyone, :client`/
|
|
69
69
|
end
|
|
70
70
|
it "{ one of rules failed = AccessDenied }" do
|
|
71
71
|
Acu::Rules.define do
|
|
@@ -77,7 +77,7 @@ RSpec.describe HomeController, type: :controller do
|
|
|
77
77
|
deny :client
|
|
78
78
|
end
|
|
79
79
|
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
80
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
80
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*as `:everyone, :client`/
|
|
81
81
|
|
|
82
82
|
Acu::Rules.define do
|
|
83
83
|
whois :client { false }
|
|
@@ -85,7 +85,7 @@ RSpec.describe HomeController, type: :controller do
|
|
|
85
85
|
deny :client
|
|
86
86
|
end
|
|
87
87
|
get :index
|
|
88
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace
|
|
88
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*as `:everyone`/
|
|
89
89
|
end
|
|
90
90
|
end
|
|
91
91
|
context "[levels]" do
|
|
@@ -105,7 +105,7 @@ RSpec.describe HomeController, type: :controller do
|
|
|
105
105
|
end
|
|
106
106
|
end
|
|
107
107
|
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
108
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
108
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*as `:everyone`/
|
|
109
109
|
Acu::Rules.define do
|
|
110
110
|
namespace do
|
|
111
111
|
allow :everyone
|
|
@@ -128,7 +128,7 @@ RSpec.describe HomeController, type: :controller do
|
|
|
128
128
|
deny :everyone
|
|
129
129
|
end
|
|
130
130
|
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
131
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
131
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*as `:everyone`/
|
|
132
132
|
end
|
|
133
133
|
it "[with only]" do
|
|
134
134
|
Acu::Rules.define do
|
|
@@ -138,7 +138,7 @@ RSpec.describe HomeController, type: :controller do
|
|
|
138
138
|
end
|
|
139
139
|
end
|
|
140
140
|
get :index
|
|
141
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace
|
|
141
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*as `:everyone`/
|
|
142
142
|
|
|
143
143
|
Acu::Rules.define do
|
|
144
144
|
whois :everyone { true }
|
|
@@ -152,7 +152,7 @@ RSpec.describe HomeController, type: :controller do
|
|
|
152
152
|
end
|
|
153
153
|
# by override
|
|
154
154
|
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
155
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
155
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*as `:everyone`/
|
|
156
156
|
end
|
|
157
157
|
it "[with except]" do
|
|
158
158
|
Acu::Rules.define do
|
|
@@ -172,7 +172,7 @@ RSpec.describe HomeController, type: :controller do
|
|
|
172
172
|
end
|
|
173
173
|
end
|
|
174
174
|
get :index
|
|
175
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace
|
|
175
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*as `:everyone`/
|
|
176
176
|
end
|
|
177
177
|
end
|
|
178
178
|
|
|
@@ -201,9 +201,9 @@ RSpec.describe HomeController, type: :controller do
|
|
|
201
201
|
end
|
|
202
202
|
# deny by default
|
|
203
203
|
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
204
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
204
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*\[autherized by :allow_by_default\]/
|
|
205
205
|
expect {get :contact}.to raise_error(Acu::Errors::AccessDenied)
|
|
206
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
206
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["contact"\].*\[autherized by :allow_by_default\]/
|
|
207
207
|
|
|
208
208
|
Acu::Rules.define do
|
|
209
209
|
controller :home, only: [:contact] do
|
|
@@ -213,7 +213,7 @@ RSpec.describe HomeController, type: :controller do
|
|
|
213
213
|
get :contact
|
|
214
214
|
# deny by default
|
|
215
215
|
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
216
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
216
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*\[autherized by :allow_by_default\]/
|
|
217
217
|
|
|
218
218
|
# the rules won't override with above, this will give us the needed flexibility for multi-dimentional rules
|
|
219
219
|
Acu::Rules.define do
|
|
@@ -257,10 +257,10 @@ RSpec.describe HomeController, type: :controller do
|
|
|
257
257
|
end
|
|
258
258
|
# we have rule for this
|
|
259
259
|
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
260
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
260
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*as `:everyone`/
|
|
261
261
|
# and this is by detailt
|
|
262
262
|
expect {get :contact}.to raise_error(Acu::Errors::AccessDenied)
|
|
263
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
263
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["contact"\].*\[autherized by :allow_by_default\]/
|
|
264
264
|
end
|
|
265
265
|
end
|
|
266
266
|
|
|
@@ -274,9 +274,9 @@ RSpec.describe HomeController, type: :controller do
|
|
|
274
274
|
end
|
|
275
275
|
end
|
|
276
276
|
get :index
|
|
277
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace
|
|
277
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*as `:everyone`/
|
|
278
278
|
get :contact
|
|
279
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace
|
|
279
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\[nil\].*controller=\["home"\].*action=\["contact"\].*as `:everyone`/
|
|
280
280
|
|
|
281
281
|
Acu::Rules.define do
|
|
282
282
|
namespace do
|
|
@@ -285,9 +285,9 @@ RSpec.describe HomeController, type: :controller do
|
|
|
285
285
|
end
|
|
286
286
|
end
|
|
287
287
|
get :index
|
|
288
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace
|
|
288
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*as `:everyone`/
|
|
289
289
|
expect {get :contact}.to raise_error(Acu::Errors::AccessDenied)
|
|
290
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
290
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["contact"\].*as `:everyone`/
|
|
291
291
|
|
|
292
292
|
end
|
|
293
293
|
|
|
@@ -299,7 +299,7 @@ RSpec.describe HomeController, type: :controller do
|
|
|
299
299
|
end
|
|
300
300
|
# deny by default
|
|
301
301
|
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
302
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
302
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*\[autherized by :allow_by_default\]/
|
|
303
303
|
|
|
304
304
|
Acu::Rules.define do
|
|
305
305
|
controller :home do
|
|
@@ -309,7 +309,7 @@ RSpec.describe HomeController, type: :controller do
|
|
|
309
309
|
get :contact
|
|
310
310
|
# deny by default
|
|
311
311
|
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
312
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
312
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*\[autherized by :allow_by_default\]/
|
|
313
313
|
|
|
314
314
|
Acu::Rules.define do
|
|
315
315
|
controller :home do
|
|
@@ -331,7 +331,7 @@ RSpec.describe HomeController, type: :controller do
|
|
|
331
331
|
end
|
|
332
332
|
# deny by default
|
|
333
333
|
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
334
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
334
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*\[autherized by :allow_by_default\]/
|
|
335
335
|
|
|
336
336
|
Acu::Rules.define do
|
|
337
337
|
namespace do
|
|
@@ -343,7 +343,7 @@ RSpec.describe HomeController, type: :controller do
|
|
|
343
343
|
get :contact
|
|
344
344
|
# deny by default
|
|
345
345
|
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
346
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
346
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*\[autherized by :allow_by_default\]/
|
|
347
347
|
|
|
348
348
|
Acu::Rules.define do
|
|
349
349
|
namespace do
|
|
@@ -368,9 +368,9 @@ RSpec.describe HomeController, type: :controller do
|
|
|
368
368
|
end
|
|
369
369
|
end
|
|
370
370
|
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
371
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
371
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*\[autherized by :allow_by_default\]/
|
|
372
372
|
expect {get :contact}.to raise_error(Acu::Errors::AccessDenied)
|
|
373
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
373
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["contact"\].*\[autherized by :allow_by_default\]/
|
|
374
374
|
end
|
|
375
375
|
it '[local-global]' do
|
|
376
376
|
Acu::Rules.define do
|
|
@@ -383,18 +383,18 @@ RSpec.describe HomeController, type: :controller do
|
|
|
383
383
|
end
|
|
384
384
|
end
|
|
385
385
|
get :contact
|
|
386
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace
|
|
386
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\[nil\].*controller=\["home"\].*action=\["contact"\].*as `:everyone`/
|
|
387
387
|
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
388
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
388
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*as `:everyone`/
|
|
389
389
|
end
|
|
390
390
|
end
|
|
391
391
|
end
|
|
392
392
|
context "[allow/deny]" do
|
|
393
393
|
it "[allow]" do
|
|
394
394
|
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
395
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
395
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*\[autherized by :allow_by_default\]/
|
|
396
396
|
expect {get :contact}.to raise_error(Acu::Errors::AccessDenied)
|
|
397
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
397
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["contact"\].*\[autherized by :allow_by_default\]/
|
|
398
398
|
|
|
399
399
|
Acu::Rules.define do
|
|
400
400
|
whois :everyone { true }
|
|
@@ -424,9 +424,9 @@ RSpec.describe HomeController, type: :controller do
|
|
|
424
424
|
end
|
|
425
425
|
end
|
|
426
426
|
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
427
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
427
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*as `:everyone`/
|
|
428
428
|
expect {get :contact}.to raise_error(Acu::Errors::AccessDenied)
|
|
429
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
429
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["contact"\].*as `:everyone`/
|
|
430
430
|
end
|
|
431
431
|
end
|
|
432
432
|
context "[bulk settings]" do
|
|
@@ -441,14 +441,14 @@ RSpec.describe HomeController, type: :controller do
|
|
|
441
441
|
end
|
|
442
442
|
end
|
|
443
443
|
get :index
|
|
444
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace
|
|
444
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*as `:everyone`/
|
|
445
445
|
get :contact
|
|
446
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace
|
|
446
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\[nil\].*controller=\["home"\].*action=\["contact"\].*as `:everyone`/
|
|
447
447
|
Acu::Rules.define { whois :client { true } }
|
|
448
448
|
get :index
|
|
449
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace
|
|
449
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*as `:everyone, :client`/
|
|
450
450
|
get :contact
|
|
451
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace
|
|
451
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\[nil\].*controller=\["home"\].*action=\["contact"\].*as `:everyone, :client`/
|
|
452
452
|
Acu::Rules.define do
|
|
453
453
|
namespace do
|
|
454
454
|
controller :home do
|
|
@@ -458,9 +458,9 @@ RSpec.describe HomeController, type: :controller do
|
|
|
458
458
|
end
|
|
459
459
|
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
460
460
|
# the first rule that failed is going to mention
|
|
461
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
461
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*as `:everyone, :client`/
|
|
462
462
|
get :contact
|
|
463
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace
|
|
463
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\[nil\].*controller=\["home"\].*action=\["contact"\].*as `:everyone, :client`/
|
|
464
464
|
end
|
|
465
465
|
it "[namespace/controller]" do
|
|
466
466
|
Acu::Rules.define do
|
|
@@ -473,18 +473,18 @@ RSpec.describe HomeController, type: :controller do
|
|
|
473
473
|
end
|
|
474
474
|
end
|
|
475
475
|
get :contact
|
|
476
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace
|
|
476
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\[nil\].*controller=\["home"\].*action=\["contact"\].*as `:everyone`/
|
|
477
477
|
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
478
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
478
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*as `:everyone`/
|
|
479
479
|
|
|
480
480
|
@controller = Admin::ManageController.new
|
|
481
481
|
|
|
482
482
|
expect {get :index}.to raise_error(Acu::Errors::AccessDenied)
|
|
483
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
483
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\["admin"\].*controller=\["manage"\].*action=\["index"\].*as `:everyone`/
|
|
484
484
|
|
|
485
485
|
[:show, :list, :delete, :add, :prove].each do |action|
|
|
486
486
|
get action
|
|
487
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace
|
|
487
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\["admin"\].*controller=\["manage"\].*action=\["#{action.to_s}"\].*as `:everyone`/
|
|
488
488
|
end
|
|
489
489
|
end
|
|
490
490
|
it "[action]" do
|
|
@@ -496,7 +496,7 @@ RSpec.describe HomeController, type: :controller do
|
|
|
496
496
|
end
|
|
497
497
|
[:index, :contact].each do |action|
|
|
498
498
|
get action
|
|
499
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace
|
|
499
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access GRANTED to.*namespace=\[nil\].*controller=\["home"\].*action=\["#{action.to_s}"\].*as `:everyone`/
|
|
500
500
|
end
|
|
501
501
|
|
|
502
502
|
Acu::Rules.define do
|
|
@@ -511,7 +511,7 @@ RSpec.describe HomeController, type: :controller do
|
|
|
511
511
|
|
|
512
512
|
[:index, :contact].each do |action|
|
|
513
513
|
expect {get action}.to raise_error(Acu::Errors::AccessDenied)
|
|
514
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace
|
|
514
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["#{action.to_s}"\].*as `:everyone`/
|
|
515
515
|
end
|
|
516
516
|
|
|
517
517
|
end
|
|
@@ -585,9 +585,9 @@ RSpec.describe HomeController, type: :controller do
|
|
|
585
585
|
# it shouldn't use cache because we haven't told it yet
|
|
586
586
|
5.times do
|
|
587
587
|
get :index
|
|
588
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /\[-\] access GRANTED to.*namespace
|
|
588
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /\[-\] access GRANTED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*as `:everyone`/
|
|
589
589
|
expect {get :contact}.to raise_error(Acu::Errors::AccessDenied)
|
|
590
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /\[x\] access DENIED to.*namespace
|
|
590
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /\[x\] access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["contact"\].*as `:everyone`/
|
|
591
591
|
end
|
|
592
592
|
|
|
593
593
|
setup use_cache: true
|
|
@@ -600,9 +600,9 @@ RSpec.describe HomeController, type: :controller do
|
|
|
600
600
|
# both request should be ruled by cache now!
|
|
601
601
|
5.times do
|
|
602
602
|
get :index
|
|
603
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /\[-\]\[c\] access GRANTED to.*namespace
|
|
603
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /\[-\]\[c\] access GRANTED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*as `:everyone`/
|
|
604
604
|
expect {get :contact}.to raise_error(Acu::Errors::AccessDenied)
|
|
605
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /\[x\]\[c\] access DENIED to.*namespace
|
|
605
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /\[x\]\[c\] access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["contact"\].*as `:everyone`/
|
|
606
606
|
end
|
|
607
607
|
end
|
|
608
608
|
it '[maintains cache]' do
|
|
@@ -618,9 +618,9 @@ RSpec.describe HomeController, type: :controller do
|
|
|
618
618
|
end
|
|
619
619
|
5.times do
|
|
620
620
|
get :index
|
|
621
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /\[-\]\[c\] access GRANTED to.*namespace
|
|
621
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /\[-\]\[c\] access GRANTED to.*namespace=\[nil\].*controller=\["home"\].*action=\["index"\].*as `:everyone`/
|
|
622
622
|
expect {get :contact}.to raise_error(Acu::Errors::AccessDenied)
|
|
623
|
-
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /\[x\]\[c\] access DENIED to.*namespace
|
|
623
|
+
expect(`tail -n 1 #{Acu::Configs.get :audit_log_file}`).to match /\[x\]\[c\] access DENIED to.*namespace=\[nil\].*controller=\["home"\].*action=\["contact"\].*as `:everyone`/
|
|
624
624
|
end
|
|
625
625
|
end
|
|
626
626
|
end
|