rbacanable 0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,353 @@
1
+ require 'helper'
2
+
3
+ class RolesTest < Test::Unit::TestCase
4
+ context "Users with a Canable::Role included" do
5
+ setup do
6
+ @resource = mock('resource')
7
+ end
8
+
9
+
10
+ context "and with the role default set to true" do
11
+ setup do
12
+ roleklass = Module.new do
13
+ include Canable::Role
14
+ default_response true
15
+ end
16
+
17
+ userklass = Class.new do
18
+ include Canable::Actor
19
+ end
20
+
21
+ @user = userklass.new
22
+ @user.act roleklass
23
+ end
24
+
25
+ should "default viewable_by? to true" do
26
+ assert @user.can_view?(@resource)
27
+ end
28
+
29
+ should "default creatable_by? to true" do
30
+ assert @user.can_create?(@resource)
31
+ end
32
+
33
+ should "default updatable_by? to true" do
34
+ assert @user.can_update?(@resource)
35
+ end
36
+
37
+ should "default destroyable_by? to true" do
38
+ assert @user.can_destroy?(@resource)
39
+ end
40
+ end
41
+
42
+ context "and with the role default set to false" do
43
+ setup do
44
+ roleklass = Module.new do
45
+ include Canable::Role
46
+ default_response false
47
+ end
48
+
49
+ userklass = Class.new do
50
+ include Canable::Actor
51
+ end
52
+
53
+ @user = userklass.new
54
+ @user.act roleklass
55
+ end
56
+
57
+ should "default viewable_by? to false" do
58
+ assert ! @user.can_view?(@resource)
59
+ end
60
+
61
+ should "default creatable_by? to false" do
62
+ assert ! @user.can_create?(@resource)
63
+ end
64
+
65
+ should "default updatable_by? to false" do
66
+ assert ! @user.can_update?(@resource)
67
+ end
68
+
69
+ should "default destroyable_by? to false" do
70
+ assert ! @user.can_destroy?(@resource)
71
+ end
72
+ end
73
+
74
+ context "which inherits from another role should persist the default response" do
75
+ setup do
76
+ baseroleklass = Module.new do
77
+ include Canable::Role
78
+ default_response true
79
+ end
80
+
81
+ roleklass = Module.new do
82
+ include Canable::Role
83
+ include baseroleklass
84
+ end
85
+
86
+ userklass = Class.new do
87
+ include Canable::Actor
88
+ end
89
+
90
+ @user = userklass.new
91
+ @user.act roleklass
92
+ end
93
+
94
+ should "default viewable_by? to true" do
95
+ assert @user.can_view?(@resource)
96
+ end
97
+
98
+ should "default creatable_by? to true" do
99
+ assert @user.can_create?(@resource)
100
+ end
101
+
102
+ should "default updatable_by? to true" do
103
+ assert @user.can_update?(@resource)
104
+ end
105
+
106
+ should "default destroyable_by? to true" do
107
+ assert @user.can_destroy?(@resource)
108
+ end
109
+ end
110
+
111
+ end
112
+
113
+ context "With several roles" do
114
+ setup do
115
+ @role1klass = Module.new do
116
+ include Canable::Role
117
+ default_response true
118
+ end
119
+
120
+ @role2klass = Module.new do
121
+ include Canable::Role
122
+ default_response false
123
+ end
124
+
125
+ @resource = mock('resource');
126
+ end
127
+
128
+ context "and actors with a default role" do
129
+ setup do
130
+ role1klass = @role1klass
131
+ userklass = Class.new do
132
+ include Canable::Actor
133
+ default_role role1klass
134
+
135
+ def initialize(role=nil)
136
+ @role = role
137
+ self.__initialize_canable_role # nessecary since initialize is overridden
138
+ end
139
+ end
140
+
141
+ @default_user = userklass.new
142
+ @nondefault_user = userklass.new(@role2klass)
143
+ end
144
+
145
+ should "have included the correct roles" do
146
+ assert_equal @role1klass, @default_user.canable_included_role
147
+ assert_equal @role2klass, @nondefault_user.canable_included_role
148
+ end
149
+
150
+ should "be governed by the rules in their roles" do
151
+ assert @default_user.can_view?(@resource)
152
+ assert ! @nondefault_user.can_view?(@resource)
153
+ end
154
+
155
+ end
156
+
157
+ context "and actors with a default role and non standard role attribute" do
158
+ setup do
159
+ role1klass = @role1klass
160
+ userklass = Class.new do
161
+ include Canable::Actor
162
+ default_role role1klass
163
+ role_attribute :@nonstandard
164
+
165
+ def initialize(role=nil)
166
+ @nonstandard = role
167
+ self.__initialize_canable_role # nessecary since initialize is overridden
168
+ end
169
+ end
170
+
171
+ @default_user = userklass.new
172
+ @nondefault_user = userklass.new(@role2klass)
173
+ end
174
+
175
+ should "have included the correct roles" do
176
+ assert_equal @role1klass, @default_user.canable_included_role
177
+ assert_equal @role2klass, @nondefault_user.canable_included_role
178
+ end
179
+
180
+ should "be governed by the rules in their roles" do
181
+ assert @default_user.can_view?(@resource)
182
+ assert ! @nondefault_user.can_view?(@resource)
183
+ end
184
+ end
185
+ end
186
+
187
+ context "With several users with specific Canable::Roles inherited and included" do
188
+ setup do
189
+
190
+ # Default role where nothing is possible
191
+ baseroleklass = Module.new do
192
+ include Canable::Role
193
+ default_response false
194
+ end
195
+
196
+ # Medium level role where update, create, destroy are possible if you are the owner, and view is always possible
197
+ roleklass = Module.new do
198
+ include Canable::Role
199
+ include baseroleklass
200
+
201
+ def can_update_mocha_mock?(mock)
202
+ mock.owner == @name
203
+ end
204
+
205
+ def can_create_mocha_mock?(mock)
206
+ self.can_update_mocha_mock?(mock)
207
+ end
208
+
209
+ def can_destroy_mocha_mock?(mock)
210
+ self.can_update_mocha_mock?(mock)
211
+ end
212
+
213
+ def can_view_mocha_mock?(mock)
214
+ true
215
+ end
216
+ end
217
+
218
+ # Elevated role who can update anything but only destroy their own
219
+ elevatedroleklass = Module.new do
220
+ include Canable::Role
221
+ include roleklass
222
+
223
+ def can_update_mocha_mock?(mock)
224
+ true
225
+ end
226
+
227
+ def can_destroy_mocha_mock?(mock)
228
+ if mock.owner == @name
229
+ true
230
+ else
231
+ false
232
+ end
233
+ end
234
+ end
235
+
236
+ # Super admin class who can do anything
237
+ superroleklass = Module.new do
238
+ include Canable::Role
239
+ default_response true
240
+ end
241
+
242
+ # Include Actor for a user
243
+ userklass = Class.new do
244
+ include Canable::Actor
245
+ def initialize(_name, _role)
246
+ @name = _name
247
+ @role = _role
248
+ self.__initialize_canable_role # nessecary since initialize is overridden
249
+ end
250
+ end
251
+
252
+ @john = userklass.new("John", baseroleklass)
253
+ @steve = userklass.new("Steve", roleklass)
254
+ @carli = userklass.new("Carli", elevatedroleklass)
255
+ @harry = userklass.new("Harry", superroleklass)
256
+ end
257
+
258
+ context "and plain resources" do
259
+ setup do
260
+ @johns = mock('resource') do expects(:owner).returns("John").times(0) end
261
+ @steves = mock('resource') do expects(:owner).returns("Steve").times(0) end
262
+ @harrys = mock('resource') do expects(:owner).returns("Harry").times(0) end
263
+ end
264
+
265
+ context "the user without permissions" do
266
+ should "not be able to do anything" do
267
+ [@johns, @steves, @harrys].each do |r|
268
+ assert ! @john.can_view?(r)
269
+ assert ! @john.can_update?(r)
270
+ assert ! @john.can_destroy?(r)
271
+ assert ! @john.can_create?(r)
272
+ end
273
+ end
274
+ end
275
+ end
276
+
277
+ context "and resources that belong to them" do
278
+ context "the owner of a resource" do
279
+ setup do
280
+ @steves = mock('resource1') do expects(:owner).returns("Steve").times(3) end
281
+ @harrys = mock('resource2') do expects(:owner).returns("Harry").times(0) end
282
+ @carlis = mock('resource3') do expects(:owner).returns("Carli").times(1) end
283
+ end
284
+
285
+ should "be able to CRUD their resource" do
286
+ assert @steve.can_update?(@steves)
287
+ assert @steve.can_create?(@steves)
288
+ assert @steve.can_destroy?(@steves)
289
+ assert @steve.can_view?(@steves)
290
+
291
+ assert @harry.can_update?(@harrys)
292
+ assert @harry.can_create?(@harrys)
293
+ assert @harry.can_destroy?(@harrys)
294
+ assert @harry.can_view?(@harrys)
295
+
296
+ assert @carli.can_update?(@carlis)
297
+ assert @carli.can_create?(@carlis)
298
+ assert @carli.can_destroy?(@carlis)
299
+ assert @carli.can_view?(@carlis)
300
+ end
301
+ end
302
+
303
+ context "a user who isn't the owner of a resource" do
304
+ setup do
305
+ @noones = mock('resource')
306
+ @noones.expects(:owner).returns("noone").times(2)
307
+ end
308
+ should "not be able to destroy the resource" do
309
+ [@john, @steve, @carli].each do |u|
310
+ assert ! u.can_destroy?(@noones)
311
+ end
312
+ end
313
+ end
314
+
315
+ context "the user with elevated permissions" do
316
+ setup do
317
+ @johns = mock('resource') do expects(:owner).returns("John").times(0..1) end
318
+ @steves = mock('resource') do expects(:owner).returns("Steve").times(0..1) end
319
+ @carlis = mock('resource') do expects(:owner).returns("Carli").times(0..1) end
320
+ end
321
+
322
+ should "be able to edit anyones resource" do
323
+ assert @carli.can_update?(@steves)
324
+ assert @carli.can_update?(@johns)
325
+ assert @carli.can_update?(@carlis)
326
+ end
327
+
328
+ should "not be able to destroy anyone else's resource" do
329
+ assert ! @carli.can_destroy?(@steves)
330
+ assert ! @carli.can_destroy?(@johns)
331
+ assert @carli.can_destroy?(@carlis)
332
+ end
333
+ end
334
+
335
+ context "the super user" do
336
+ setup do
337
+ @johns = mock('resource') do expects(:owner).returns("John").times(0) end
338
+ @steves = mock('resource') do expects(:owner).returns("Steve").times(0) end
339
+ @harrys = mock('resource') do expects(:owner).returns("Harry").times(0) end
340
+ end
341
+
342
+ should "be able to do anything to anyone's resource" do
343
+ [@johns, @steves, @harrys].each do |r|
344
+ assert @harry.can_view?(r)
345
+ assert @harry.can_update?(r)
346
+ assert @harry.can_destroy?(r)
347
+ assert @harry.can_create?(r)
348
+ end
349
+ end
350
+ end
351
+ end
352
+ end
353
+ end
metadata ADDED
@@ -0,0 +1,124 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: rbacanable
3
+ version: !ruby/object:Gem::Version
4
+ prerelease: false
5
+ segments:
6
+ - 0
7
+ - 2
8
+ version: "0.2"
9
+ platform: ruby
10
+ authors:
11
+ - John Nunemaker
12
+ - Harry Brundage
13
+ autorequire:
14
+ bindir: bin
15
+ cert_chain: []
16
+
17
+ date: 2010-03-31 00:00:00 -04:00
18
+ default_executable:
19
+ dependencies:
20
+ - !ruby/object:Gem::Dependency
21
+ name: shoulda
22
+ prerelease: false
23
+ requirement: &id001 !ruby/object:Gem::Requirement
24
+ requirements:
25
+ - - "="
26
+ - !ruby/object:Gem::Version
27
+ segments:
28
+ - 2
29
+ - 10
30
+ - 3
31
+ version: 2.10.3
32
+ type: :development
33
+ version_requirements: *id001
34
+ - !ruby/object:Gem::Dependency
35
+ name: mocha
36
+ prerelease: false
37
+ requirement: &id002 !ruby/object:Gem::Requirement
38
+ requirements:
39
+ - - "="
40
+ - !ruby/object:Gem::Version
41
+ segments:
42
+ - 0
43
+ - 9
44
+ - 8
45
+ version: 0.9.8
46
+ type: :development
47
+ version_requirements: *id002
48
+ - !ruby/object:Gem::Dependency
49
+ name: yard
50
+ prerelease: false
51
+ requirement: &id003 !ruby/object:Gem::Requirement
52
+ requirements:
53
+ - - ">="
54
+ - !ruby/object:Gem::Version
55
+ segments:
56
+ - 0
57
+ version: "0"
58
+ type: :development
59
+ version_requirements: *id003
60
+ description: Simple role based permissions system
61
+ email: harry.brundage@gmail.com
62
+ executables: []
63
+
64
+ extensions: []
65
+
66
+ extra_rdoc_files:
67
+ - LICENSE
68
+ - README.rdoc
69
+ files:
70
+ - .document
71
+ - .gitignore
72
+ - Changes.rdoc
73
+ - LICENSE
74
+ - README.rdoc
75
+ - Rakefile
76
+ - examples/basic.rb
77
+ - examples/roles.rb
78
+ - lib/canable.rb
79
+ - specs.watchr
80
+ - test/helper.rb
81
+ - test/test_ables.rb
82
+ - test/test_canable.rb
83
+ - test/test_cans.rb
84
+ - test/test_enforcers.rb
85
+ - test/test_roles.rb
86
+ has_rdoc: true
87
+ homepage: http://github.com/hornairs/rbacanable
88
+ licenses: []
89
+
90
+ post_install_message:
91
+ rdoc_options:
92
+ - --charset=UTF-8
93
+ require_paths:
94
+ - lib
95
+ required_ruby_version: !ruby/object:Gem::Requirement
96
+ requirements:
97
+ - - ">="
98
+ - !ruby/object:Gem::Version
99
+ segments:
100
+ - 0
101
+ version: "0"
102
+ required_rubygems_version: !ruby/object:Gem::Requirement
103
+ requirements:
104
+ - - ">="
105
+ - !ruby/object:Gem::Version
106
+ segments:
107
+ - 0
108
+ version: "0"
109
+ requirements: []
110
+
111
+ rubyforge_project:
112
+ rubygems_version: 1.3.6
113
+ signing_key:
114
+ specification_version: 3
115
+ summary: Simple role based permissions system
116
+ test_files:
117
+ - test/helper.rb
118
+ - test/test_ables.rb
119
+ - test/test_canable.rb
120
+ - test/test_cans.rb
121
+ - test/test_enforcers.rb
122
+ - test/test_roles.rb
123
+ - examples/basic.rb
124
+ - examples/roles.rb