releaf-permissions 0.2.1

data/spec/features/roles_spec.rb

@@ -0,0 +1,64 @@
+require 'rails_helper'
+feature "Roles management", js: true do
+  background do
+    auth_as_user
+    @role = Releaf::Permissions::Role.first
+  end
+
+  scenario "Role search", focus: true do
+    create(:admin_role, name: 'super role')
+    visit releaf_permissions_roles_path
+    expect(page).to have_content @role.name
+    expect(page).to have_content 'super role'
+    search "super"
+    expect(page).to have_no_content @role.name
+    expect(page).to have_content 'super role'
+  end
+
+  scenario "User creates a new role" do
+    visit releaf_permissions_roles_path
+    create_resource do
+      fill_in("Name", with: "second role")
+      select('Releaf/content/nodes', from: 'Default controller')
+    end
+    visit releaf_permissions_roles_path
+    expect(page).to have_content "second role"
+  end
+
+  scenario "User updates an existing role" do
+    visit releaf_permissions_roles_path
+    click_link @role.name
+    update_resource do
+      fill_in("Name", with: "new name")
+    end
+
+    visit releaf_permissions_roles_path
+    expect(page).to have_content "new name"
+  end
+
+  scenario "User changes the default controller of a role" do
+    visit releaf_permissions_roles_path
+    click_link @role.name
+    update_resource do
+      select('Admin/books', from: 'Default controller')
+    end
+
+    expect(page).to have_select('Default controller', selected: 'Admin/books')
+  end
+
+  scenario "User changes permissions of a role controller" do
+    visit releaf_permissions_roles_path
+    click_link @role.name
+    update_resource do
+      uncheck('Admin/books')
+    end
+
+    Releaf.application.config.available_controllers.each do |controller|
+      if controller == "admin/books"
+        expect(page).to have_unchecked_field(I18n.t(controller, scope: 'admin.controllers'))
+      else
+        expect(page).to have_checked_field(I18n.t(controller, scope: 'admin.controllers'))
+      end
+    end
+  end
+end

data/spec/features/users_spec.rb

@@ -0,0 +1,107 @@
+require 'rails_helper'
+feature "Users", js: true do
+  let!(:user){ create(:user, email: "admin@example.com") }
+  let!(:simple_user){ create(:content_user, email: "simple@example.com") }
+
+  describe "users CRUD" do
+    background do
+      visit "/admin"
+      within("form.login") do
+        fill_in 'Email', with: user.email
+        fill_in 'Password', with: user.password
+      end
+      click_button 'Sign in'
+      expect(page).to have_css('body > header form.sign-out button')
+    end
+
+    scenario "new user creation", js: true do
+      visit releaf_permissions_users_path
+      create_resource do
+        fill_in 'Name', with: "John"
+        fill_in 'Surname', with: "Appleseed"
+        fill_in 'Email', with: "john@example.com"
+        fill_in 'Password', with: "password", match: :prefer_exact
+        fill_in 'Password confirmation', with: "password", match: :prefer_exact
+
+        expect(page).to have_select('Locale', options: ["", "En", "Lv"])
+        select 'En', from: 'Locale'
+      end
+
+      expect(page).to have_content 'John Appleseed'
+      visit '/admin/users'
+      expect(page).to have_content 'john@example.com'
+
+      visit (releaf_permissions_users_path)
+      open_toolbox_dialog("Delete", Releaf::Permissions::User.last)
+      click_button 'Yes'
+      expect(page).not_to have_content 'john@example.com'
+    end
+
+    scenario "user search" do
+      visit '/admin/users'
+      expect(page).to have_content 'simple@example.com'
+      search "admin@example.com"
+      expect(page).not_to have_content 'simple@example.com'
+    end
+  end
+
+  describe "login as user procedure" do
+    background do
+      visit "/admin"
+      within("form.login") do
+        fill_in 'Email', with: user.email
+        fill_in 'Password', with: user.password
+      end
+      click_button 'Sign in'
+    end
+
+    scenario "user page content" do
+      expect(page).to have_css('body > header form.sign-out button')
+      expect(page).to have_content 'Releaf/content'
+      expect(page).to have_content 'Permissions'
+      expect(page).to have_content 'Releaf/i18n database/translations'
+      # admin/users index view
+      expect(page).to have_content 'admin@example.com'
+      expect(page).to have_content 'simple@example.com'
+    end
+
+    scenario "logout sequence" do
+      find('body > header form.sign-out button').click
+
+      expect(page).to have_content 'Welcome to Releaf'
+
+      visit "/admin"
+      expect(page).to have_content 'Sign in'
+    end
+  end
+
+  describe "login as simple user procedure" do
+    background do
+      visit "/admin"
+      within("form.login") do
+        fill_in 'Email', with: simple_user.email
+        fill_in 'Password', with: simple_user.password
+      end
+      click_button 'Sign in'
+    end
+
+    scenario "user page content" do
+      expect(page).to have_css('body > header form.sign-out button')
+      expect(page).to have_content 'Releaf/content'
+    end
+
+    scenario "translations module access denied" do
+      visit "/admin/translations"
+      expect(page).to have_content 'You are not authorized to access translations'
+    end
+
+    scenario "logout sequence" do
+      find('body > header form.sign-out button').click
+
+      expect(page).to have_content 'Welcome to Releaf'
+
+      visit "/admin"
+      expect(page).to have_content 'Sign in'
+    end
+  end
+end

data/spec/lib/access_control_spec.rb

@@ -0,0 +1,81 @@
+require "rails_helper"
+
+describe Releaf::Permissions::AccessControl do
+  class AcessControllDummyController < ActionController::Base; end
+
+  let(:controller){ AcessControllDummyController.new }
+  let(:role){ Releaf::Permissions::Role.new }
+  let(:user){ Releaf::Permissions::User.new(role: role) }
+  subject{ described_class.new(controller: controller) }
+
+  before do
+    allow(controller).to receive(:current_releaf_permissions_user).and_return(user)
+  end
+
+  describe "#controller_permitted" do
+    before do
+      allow(subject).to receive(:permitted_controllers).and_return(["a", "b"])
+      allow(role).to receive(:controller_permitted?).with("c").and_return(true)
+      allow(role).to receive(:controller_permitted?).with("d").and_return(false)
+    end
+
+    context "when permitted controllers contains given controller" do
+      it "returns true" do
+        expect(subject.controller_permitted?("a")).to be true
+      end
+    end
+
+    context "when user role permit given controller" do
+      it "returns true" do
+        expect(subject.controller_permitted?("c")).to be true
+      end
+    end
+
+    context "when neither permitted controllers contains given controller or user role permit given controller" do
+      it "returns true" do
+        expect(subject.controller_permitted?("d")).to be false
+      end
+    end
+  end
+
+  describe "#current_controller_name" do
+    it "returns normalized access controller assign controller name" do
+      expect(subject.current_controller_name).to eq("acess_controll_dummy")
+    end
+  end
+
+  describe "#user" do
+    it "returns current controller devise user instance" do
+      expect(subject.user).to eq(user)
+    end
+  end
+
+  describe "#permitted_controllers" do
+    it "returns array with `releaf/permissions/home` and `releaf/core/errors` as permanently permitted controllers" do
+      expect(subject.permitted_controllers).to match_array(['releaf/permissions/home', 'releaf/core/errors'])
+    end
+  end
+
+  describe "#authorized?" do
+    it "returns whether devise has signed in current user" do
+      expect(controller).to receive(:releaf_permissions_user_signed_in?).and_return(true)
+      expect(subject.authorized?).to be true
+      expect(controller).to receive(:releaf_permissions_user_signed_in?).and_return(false)
+      expect(subject.authorized?).to be false
+    end
+  end
+
+  describe "#authenticate!" do
+    it "returns whether devise has signed in current user" do
+      expect(controller).to receive(:authenticate_releaf_permissions_user!)
+      subject.authenticate!
+    end
+  end
+
+  describe "#devise_model_name" do
+    it "returns normalized Releaf devise model name" do
+      allow(Releaf.application.config).to receive(:devise_for).and_return("asdasd/asdasd")
+      expect(subject.devise_model_name).to eq("asdasd_asdasd")
+    end
+  end
+end

data/spec/models/permissions/role_spec.rb

@@ -0,0 +1,41 @@
+require "rails_helper"
+
+describe Releaf::Permissions::Role do
+  describe 'validations' do
+    it { is_expected.to validate_presence_of(:name) }
+    it { is_expected.to validate_presence_of(:default_controller) }
+    it { is_expected.to validate_uniqueness_of(:name).case_insensitive }
+  end
+
+  describe 'associations' do
+    it { is_expected.to have_many(:users).dependent(:restrict_with_exception) }
+  end
+
+  describe "#controller_permitted?" do
+    before do
+      allow(subject).to receive(:allowed_controllers).and_return(["a", "b"])
+    end
+
+    context "when given controller name exists within permissions" do
+      it "returns true" do
+        expect(subject.controller_permitted?("a")).to be true
+        expect(subject.controller_permitted?("b")).to be true
+      end
+    end
+
+    context "when given controller name does not exist within permissions" do
+      it "returns false" do
+        expect(subject.controller_permitted?("c")).to be false
+      end
+    end
+  end
+
+  describe "#allowed_controllers" do
+    it "returns array of roles allowed controllers" do
+      subject.permissions.build(permission: "controller.a")
+      subject.permissions.build(permission: "controller.x")
+      subject.permissions.build(permission: "export.some_data")
+      expect(subject.allowed_controllers).to match_array(["a", "x"])
+    end
+  end
+end

data/spec/models/permissions/user_spec.rb

@@ -0,0 +1,23 @@
+require "rails_helper"
+
+describe Releaf::Permissions::User do
+  describe 'validations' do
+    it { is_expected.to validate_presence_of(:name) }
+    it { is_expected.to validate_presence_of(:surname) }
+    it { is_expected.to validate_presence_of(:role) }
+    it { is_expected.to validate_presence_of(:locale) }
+    it { is_expected.to validate_presence_of(:email) }
+    it { create(:user); is_expected.to validate_uniqueness_of(:email).case_insensitive }
+  end
+
+  describe 'associations' do
+    it { is_expected.to belong_to(:role) }
+  end
+
+  describe "#display_name" do
+    let(:user){ FactoryGirl.create(:user) }
+    it "returns concated name and surname" do
+      expect(user.display_name).to eq(user.name + " " + user.surname)
+    end
+  end
+end

metadata

@@ -0,0 +1,124 @@
+--- !ruby/object:Gem::Specification
+name: releaf-permissions
+version: !ruby/object:Gem::Version
+  version: 0.2.1
+platform: ruby
+authors:
+- CubeSystems
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2016-01-26 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: releaf-core
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.2.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.2.1
+- !ruby/object:Gem::Dependency
+  name: devise
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Admin/role subsystem for releaf
+email: info@cubesystems.lv
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE
+- app/assets/stylesheets/releaf/controllers/releaf/permissions/sessions.scss
+- app/builders/releaf/permissions/profile/form_builder.rb
+- app/builders/releaf/permissions/roles/form_builder.rb
+- app/builders/releaf/permissions/roles/table_builder.rb
+- app/builders/releaf/permissions/users/form_builder.rb
+- app/builders/releaf/permissions/users/table_builder.rb
+- app/controllers/releaf/permissions/home_controller.rb
+- app/controllers/releaf/permissions/profile_controller.rb
+- app/controllers/releaf/permissions/roles_controller.rb
+- app/controllers/releaf/permissions/sessions_controller.rb
+- app/controllers/releaf/permissions/users_controller.rb
+- app/lib/releaf/permissions/access_control.rb
+- app/models/releaf/permissions/permission.rb
+- app/models/releaf/permissions/role.rb
+- app/models/releaf/permissions/user.rb
+- app/views/releaf/permissions/sessions/new.html.haml
+- lib/releaf-permissions.rb
+- lib/releaf/permissions/builders_autoload.rb
+- lib/releaf/permissions/devise_component.rb
+- lib/releaf/permissions/engine.rb
+- lib/releaf/permissions/profile_component.rb
+- lib/releaf/permissions/roles_component.rb
+- lib/releaf/permissions/users_component.rb
+- releaf-permissions.gemspec
+- spec/builders/profile/form_builder_spec.rb
+- spec/builders/roles/form_builder_spec.rb
+- spec/builders/roles/table_builder_spec.rb
+- spec/builders/users/form_builder_spec.rb
+- spec/builders/users/table_builder_spec.rb
+- spec/controllers/permissions/home_controller_spec.rb
+- spec/controllers/permissions/profile_controller_spec.rb
+- spec/controllers/permissions/users_controller_spec.rb
+- spec/features/profile_updating_spec.rb
+- spec/features/roles_spec.rb
+- spec/features/users_spec.rb
+- spec/lib/access_control_spec.rb
+- spec/models/permissions/role_spec.rb
+- spec/models/permissions/user_spec.rb
+homepage: https://github.com/cubesystems/releaf
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.8
+signing_key: 
+specification_version: 4
+summary: Built-in admin and role support for releaf
+test_files:
+- spec/builders/profile/form_builder_spec.rb
+- spec/builders/roles/form_builder_spec.rb
+- spec/builders/roles/table_builder_spec.rb
+- spec/builders/users/form_builder_spec.rb
+- spec/builders/users/table_builder_spec.rb
+- spec/controllers/permissions/home_controller_spec.rb
+- spec/controllers/permissions/profile_controller_spec.rb
+- spec/controllers/permissions/users_controller_spec.rb
+- spec/features/profile_updating_spec.rb
+- spec/features/roles_spec.rb
+- spec/features/users_spec.rb
+- spec/lib/access_control_spec.rb
+- spec/models/permissions/role_spec.rb
+- spec/models/permissions/user_spec.rb
+has_rdoc: