releaf-permissions 0.2.1 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/LICENSE +19 -21
- data/app/assets/stylesheets/{releaf/controllers → controllers}/releaf/permissions/sessions.scss +0 -0
- data/app/builders/releaf/permissions/page/header_builder.rb +35 -0
- data/app/builders/releaf/permissions/page/layout_builder.rb +17 -0
- data/app/builders/releaf/permissions/page/menu_builder.rb +18 -0
- data/app/builders/releaf/permissions/roles/form_builder.rb +10 -6
- data/app/builders/releaf/permissions/roles/table_builder.rb +2 -6
- data/app/controllers/releaf/permissions/profile_controller.rb +25 -46
- data/app/controllers/releaf/permissions/roles_controller.rb +3 -5
- data/app/controllers/releaf/permissions/sessions_controller.rb +17 -27
- data/app/controllers/releaf/permissions/users_controller.rb +11 -14
- data/app/models/releaf/permissions/role.rb +0 -25
- data/app/models/releaf/permissions/user.rb +3 -9
- data/lib/releaf-permissions.rb +23 -27
- data/lib/releaf/permissions/access_control.rb +37 -0
- data/lib/releaf/permissions/configuration.rb +26 -0
- data/lib/releaf/permissions/controller_support.rb +33 -0
- data/lib/releaf/permissions/default_controller_resolver.rb +22 -0
- data/lib/releaf/permissions/engine.rb +1 -18
- data/lib/releaf/permissions/layout.rb +5 -0
- data/lib/releaf/permissions/{profile_component.rb → profile.rb} +6 -2
- data/lib/releaf/permissions/{roles_component.rb → roles.rb} +2 -2
- data/lib/releaf/permissions/settings_manager.rb +22 -0
- data/lib/releaf/permissions/users.rb +11 -0
- data/spec/builders/releaf/permissions/page/header_builder_spec.rb +87 -0
- data/spec/builders/releaf/permissions/page/layout_builder_spec.rb +64 -0
- data/spec/builders/releaf/permissions/page/menu_builder_spec.rb +100 -0
- data/spec/builders/{profile → releaf/permissions/profile}/form_builder_spec.rb +0 -0
- data/spec/builders/releaf/permissions/roles/form_builder_spec.rb +56 -0
- data/spec/builders/releaf/permissions/roles/table_builder_spec.rb +41 -0
- data/spec/builders/{users → releaf/permissions/users}/form_builder_spec.rb +0 -0
- data/spec/builders/{users → releaf/permissions/users}/table_builder_spec.rb +0 -0
- data/spec/controllers/permissions/profile_controller_spec.rb +0 -27
- data/spec/controllers/permissions/users_controller_spec.rb +1 -1
- data/spec/features/roles_spec.rb +3 -3
- data/spec/features/users_spec.rb +2 -2
- data/spec/lib/access_control_spec.rb +35 -50
- data/spec/lib/releaf/permissions/configuration_spec.rb +38 -0
- data/spec/lib/releaf/permissions/controller_support_spec.rb +76 -0
- data/spec/lib/releaf/permissions/default_controller_resolver_spec.rb +49 -0
- data/spec/lib/releaf/permissions/layout_spec.rb +10 -0
- data/spec/lib/releaf/permissions/profile_spec.rb +11 -0
- data/spec/lib/releaf/permissions/roles_spec.rb +10 -0
- data/spec/lib/releaf/permissions/settings_manager_spec.rb +38 -0
- data/spec/lib/releaf/permissions/users_spec.rb +17 -0
- data/spec/models/permissions/role_spec.rb +0 -28
- data/spec/models/permissions/user_spec.rb +33 -3
- metadata +56 -32
- data/app/controllers/releaf/permissions/home_controller.rb +0 -32
- data/app/lib/releaf/permissions/access_control.rb +0 -36
- data/lib/releaf/permissions/builders_autoload.rb +0 -11
- data/lib/releaf/permissions/devise_component.rb +0 -8
- data/lib/releaf/permissions/users_component.rb +0 -7
- data/releaf-permissions.gemspec +0 -19
- data/spec/builders/roles/form_builder_spec.rb +0 -38
- data/spec/builders/roles/table_builder_spec.rb +0 -29
- data/spec/controllers/permissions/home_controller_spec.rb +0 -52
File without changes
|
@@ -0,0 +1,56 @@
|
|
1
|
+
require 'rails_helper'
|
2
|
+
|
3
|
+
describe Releaf::Permissions::Roles::FormBuilder, type: :class do
|
4
|
+
class FormBuilderTestHelper < ActionView::Base; end
|
5
|
+
let(:template){ FormBuilderTestHelper.new }
|
6
|
+
let(:object){ Releaf::Permissions::Role.new }
|
7
|
+
let(:subject){ described_class.new(:resource, object, template, {}) }
|
8
|
+
|
9
|
+
before do
|
10
|
+
allow(Releaf.application.config).to receive(:available_controllers)
|
11
|
+
.and_return(["releaf/content/nodes", "admin/chapters"])
|
12
|
+
|
13
|
+
definition_1 = Releaf::ControllerDefinition.new("xx")
|
14
|
+
allow(definition_1).to receive(:localized_name).and_return("controller 1")
|
15
|
+
allow(definition_1).to receive(:controller_name).and_return("admin/controller_1")
|
16
|
+
|
17
|
+
definition_2 = Releaf::ControllerDefinition.new("xx")
|
18
|
+
allow(definition_2).to receive(:localized_name).and_return("controller 2")
|
19
|
+
allow(definition_2).to receive(:controller_name).and_return("admin/controller_2")
|
20
|
+
|
21
|
+
allow(Releaf::ControllerDefinition).to receive(:for).with("releaf/content/nodes").and_return(definition_1)
|
22
|
+
allow(Releaf::ControllerDefinition).to receive(:for).with("admin/chapters").and_return(definition_2)
|
23
|
+
end
|
24
|
+
|
25
|
+
describe "#render_default_controller" do
|
26
|
+
it "pass localized controller options to releaf item field" do
|
27
|
+
translated_controllers = {
|
28
|
+
"controller 1" => "admin/controller_1",
|
29
|
+
"controller 2" => "admin/controller_2"
|
30
|
+
}
|
31
|
+
|
32
|
+
allow(subject).to receive(:releaf_item_field)
|
33
|
+
.with(:default_controller, options: {select_options: translated_controllers})
|
34
|
+
.and_return("x")
|
35
|
+
expect(subject.render_default_controller).to eq("x")
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
describe "#render_permissions" do
|
40
|
+
it "returns associated set field" do
|
41
|
+
options = {association: {items: "x", field: :permission}}
|
42
|
+
allow(subject).to receive(:permission_items).and_return("x")
|
43
|
+
allow(subject).to receive(:releaf_associated_set_field).with(:permissions, options: options).and_return("y")
|
44
|
+
expect(subject.render_permissions).to eq("y")
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
48
|
+
describe "#permission_items" do
|
49
|
+
it "returns scoped and translated controller values" do
|
50
|
+
expect(subject.permission_items).to eq(
|
51
|
+
"controller.admin/controller_1" => "controller 1",
|
52
|
+
"controller.admin/controller_2" => "controller 2"
|
53
|
+
)
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
@@ -0,0 +1,41 @@
|
|
1
|
+
require "rails_helper"
|
2
|
+
|
3
|
+
describe Releaf::Permissions::Roles::TableBuilder, type: :class do
|
4
|
+
class TableBuilderTestHelper < ActionView::Base; end
|
5
|
+
let(:template){ TableBuilderTestHelper.new }
|
6
|
+
let(:resource_class){ Releaf::Permissions::Role }
|
7
|
+
let(:subject){ described_class.new([], resource_class, template, {}) }
|
8
|
+
|
9
|
+
describe "#column_names" do
|
10
|
+
it "returns name and default_controller as column names array" do
|
11
|
+
expect(subject.column_names).to eq([:name, :default_controller])
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
describe "#default_controller_content" do
|
16
|
+
context "when given resource default controller definition exists" do
|
17
|
+
it "returns localized controller name from definitioned followed by application name" do
|
18
|
+
definition = Releaf::ControllerDefinition.new("xx")
|
19
|
+
allow(definition).to receive(:localized_name).and_return("x")
|
20
|
+
allow(Releaf::ControllerDefinition).to receive(:for).with("contr").and_return(definition)
|
21
|
+
expect(subject.default_controller_content(resource_class.new(default_controller: "contr"))).to eq("x")
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
context "when given resource default controller definition does not exist" do
|
26
|
+
it "returns dash" do
|
27
|
+
definition = Releaf::ControllerDefinition.new("xx")
|
28
|
+
allow(definition).to receive(:localized_name).and_return("x")
|
29
|
+
allow(Releaf::ControllerDefinition).to receive(:for).with("contr").and_return(nil)
|
30
|
+
expect(subject.default_controller_content(resource_class.new(default_controller: "contr"))).to eq("-")
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
context "when default controller is not defined for given resource" do
|
35
|
+
it "returns dash" do
|
36
|
+
expect(Releaf::ControllerDefinition).to_not receive(:for)
|
37
|
+
expect(subject.default_controller_content(resource_class.new)).to eq("-")
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
File without changes
|
File without changes
|
@@ -36,31 +36,4 @@ describe Releaf::Permissions::ProfileController do
|
|
36
36
|
end
|
37
37
|
end
|
38
38
|
end
|
39
|
-
|
40
|
-
describe "PUT settings", db_strategy: :truncation do
|
41
|
-
context 'when params[:settings] is not Hash' do
|
42
|
-
it "has a 422 status code" do
|
43
|
-
put :settings
|
44
|
-
expect(response.status).to eq(422)
|
45
|
-
end
|
46
|
-
end
|
47
|
-
|
48
|
-
context 'when params[:settings] is Hash' do
|
49
|
-
it "has a 200 status code" do
|
50
|
-
put :settings, {settings: {dummy: 'maybe'}}
|
51
|
-
expect(response.status).to eq(200)
|
52
|
-
end
|
53
|
-
|
54
|
-
it "saves given data within current user settings" do
|
55
|
-
put :settings, {settings: {dummy: 'maybe'}}
|
56
|
-
expect(user.settings.dummy).to eq('maybe')
|
57
|
-
end
|
58
|
-
|
59
|
-
it "casts bolean values from strings to booleans" do
|
60
|
-
put :settings, {settings: {be_true: 'true', be_false: 'false'}}
|
61
|
-
expect(user.settings.be_true).to be true
|
62
|
-
expect(user.settings.be_false).to be false
|
63
|
-
end
|
64
|
-
end
|
65
|
-
end
|
66
39
|
end
|
@@ -1,6 +1,6 @@
|
|
1
1
|
require 'rails_helper'
|
2
2
|
|
3
|
-
# use Admin::BooksController as it inherit Releaf::
|
3
|
+
# use Admin::BooksController as it inherit Releaf::ActionController and
|
4
4
|
# have no extra methods or overrides
|
5
5
|
describe Releaf::Permissions::UsersController do
|
6
6
|
before do
|
data/spec/features/roles_spec.rb
CHANGED
@@ -19,7 +19,7 @@ feature "Roles management", js: true do
|
|
19
19
|
visit releaf_permissions_roles_path
|
20
20
|
create_resource do
|
21
21
|
fill_in("Name", with: "second role")
|
22
|
-
select('
|
22
|
+
select('Admin/nodes', from: 'Default controller')
|
23
23
|
end
|
24
24
|
visit releaf_permissions_roles_path
|
25
25
|
expect(page).to have_content "second role"
|
@@ -55,9 +55,9 @@ feature "Roles management", js: true do
|
|
55
55
|
|
56
56
|
Releaf.application.config.available_controllers.each do |controller|
|
57
57
|
if controller == "admin/books"
|
58
|
-
expect(page).to have_unchecked_field(I18n.t(controller
|
58
|
+
expect(page).to have_unchecked_field(I18n.t(controller))
|
59
59
|
else
|
60
|
-
expect(page).to have_checked_field(I18n.t(controller
|
60
|
+
expect(page).to have_checked_field(I18n.t(controller))
|
61
61
|
end
|
62
62
|
end
|
63
63
|
end
|
data/spec/features/users_spec.rb
CHANGED
@@ -57,7 +57,7 @@ feature "Users", js: true do
|
|
57
57
|
|
58
58
|
scenario "user page content" do
|
59
59
|
expect(page).to have_css('body > header form.sign-out button')
|
60
|
-
expect(page).to have_content '
|
60
|
+
expect(page).to have_content 'Admin/nodes'
|
61
61
|
expect(page).to have_content 'Permissions'
|
62
62
|
expect(page).to have_content 'Releaf/i18n database/translations'
|
63
63
|
# admin/users index view
|
@@ -87,7 +87,7 @@ feature "Users", js: true do
|
|
87
87
|
|
88
88
|
scenario "user page content" do
|
89
89
|
expect(page).to have_css('body > header form.sign-out button')
|
90
|
-
expect(page).to have_content '
|
90
|
+
expect(page).to have_content 'Admin/nodes'
|
91
91
|
end
|
92
92
|
|
93
93
|
scenario "translations module access denied" do
|
@@ -1,81 +1,66 @@
|
|
1
1
|
require "rails_helper"
|
2
2
|
|
3
3
|
describe Releaf::Permissions::AccessControl do
|
4
|
-
class AcessControllDummyController < ActionController::Base; end
|
5
|
-
|
6
|
-
let(:controller){ AcessControllDummyController.new }
|
7
4
|
let(:role){ Releaf::Permissions::Role.new }
|
8
5
|
let(:user){ Releaf::Permissions::User.new(role: role) }
|
9
|
-
subject{ described_class.new(
|
10
|
-
|
11
|
-
before do
|
12
|
-
allow(controller).to receive(:current_releaf_permissions_user).and_return(user)
|
13
|
-
end
|
6
|
+
subject{ described_class.new(user: user) }
|
14
7
|
|
15
|
-
describe "#controller_permitted" do
|
16
|
-
before do
|
17
|
-
allow(subject).to receive(:permitted_controllers).and_return(["a", "b"])
|
18
|
-
allow(role).to receive(:controller_permitted?).with("c").and_return(true)
|
19
|
-
allow(role).to receive(:controller_permitted?).with("d").and_return(false)
|
20
|
-
end
|
21
8
|
|
22
|
-
|
9
|
+
describe "#controller_permitted?" do
|
10
|
+
context "when allowed controllers contains given controller" do
|
23
11
|
it "returns true" do
|
12
|
+
allow(subject).to receive(:allowed_controllers).and_return(["a", "b"])
|
24
13
|
expect(subject.controller_permitted?("a")).to be true
|
25
14
|
end
|
26
15
|
end
|
27
16
|
|
28
|
-
context "when
|
29
|
-
it "returns
|
30
|
-
|
31
|
-
|
32
|
-
end
|
33
|
-
|
34
|
-
context "when neither permitted controllers contains given controller or user role permit given controller" do
|
35
|
-
it "returns true" do
|
36
|
-
expect(subject.controller_permitted?("d")).to be false
|
17
|
+
context "when allowed controllers does not contain given controller" do
|
18
|
+
it "returns false" do
|
19
|
+
allow(subject).to receive(:allowed_controllers).and_return(["c", "b"])
|
20
|
+
expect(subject.controller_permitted?("a")).to be false
|
37
21
|
end
|
38
22
|
end
|
39
23
|
end
|
40
24
|
|
41
|
-
describe "#
|
42
|
-
it "returns
|
43
|
-
|
25
|
+
describe "#allowed_controllers" do
|
26
|
+
it "returns array with permanent allowed controllers and role allowed controllers" do
|
27
|
+
allow(subject).to receive(:permanent_allowed_controllers).and_return(["a", "b"])
|
28
|
+
allow(subject).to receive(:role_allowed_controllers).and_return(["c", "d"])
|
29
|
+
expect(subject.allowed_controllers).to eq(%w(a b c d))
|
44
30
|
end
|
45
31
|
end
|
46
32
|
|
47
|
-
describe "#
|
48
|
-
it "returns
|
49
|
-
|
33
|
+
describe "#permanent_allowed_controllers" do
|
34
|
+
it "returns array with permanent allowed controllers" do
|
35
|
+
allow(Releaf.application.config.permissions).to receive(:permanent_allowed_controllers).and_return("x")
|
36
|
+
expect(subject.permanent_allowed_controllers).to eq("x")
|
50
37
|
end
|
51
38
|
end
|
52
39
|
|
53
|
-
describe "#
|
54
|
-
it "returns array
|
55
|
-
|
56
|
-
|
57
|
-
|
40
|
+
describe "#role_allowed_controllers" do
|
41
|
+
it "returns array of roles allowed controllers" do
|
42
|
+
role.permissions.build(permission: "controller.a")
|
43
|
+
role.permissions.build(permission: "controller.x")
|
44
|
+
role.permissions.build(permission: "export.some_data")
|
45
|
+
allow(subject).to receive(:controller_name_from_permission).with("controller.a").and_return(nil)
|
46
|
+
allow(subject).to receive(:controller_name_from_permission).with("controller.x").and_return("asd")
|
47
|
+
allow(subject).to receive(:controller_name_from_permission).with("export.some_data").and_return("fd")
|
58
48
|
|
59
|
-
|
60
|
-
it "returns whether devise has signed in current user" do
|
61
|
-
expect(controller).to receive(:releaf_permissions_user_signed_in?).and_return(true)
|
62
|
-
expect(subject.authorized?).to be true
|
63
|
-
expect(controller).to receive(:releaf_permissions_user_signed_in?).and_return(false)
|
64
|
-
expect(subject.authorized?).to be false
|
49
|
+
expect(subject.role_allowed_controllers).to match_array(["asd", "fd"])
|
65
50
|
end
|
66
51
|
end
|
67
52
|
|
68
|
-
describe "#
|
69
|
-
|
70
|
-
|
71
|
-
|
53
|
+
describe "#controller_name_from_permission" do
|
54
|
+
context "when given permission contains `controller`" do
|
55
|
+
it "returns name" do
|
56
|
+
expect(subject.controller_name_from_permission("controller.a")).to eq("a")
|
57
|
+
end
|
72
58
|
end
|
73
|
-
end
|
74
59
|
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
60
|
+
context "when given permission does not contain `controller`" do
|
61
|
+
it "returns nil" do
|
62
|
+
expect(subject.controller_name_from_permission("aasd.a")).to be nil
|
63
|
+
end
|
79
64
|
end
|
80
65
|
end
|
81
66
|
end
|
@@ -0,0 +1,38 @@
|
|
1
|
+
require "rails_helper"
|
2
|
+
|
3
|
+
describe Releaf::Permissions::Configuration do
|
4
|
+
subject{ described_class.new(devise_for: "asd", access_control: "X", permanent_allowed_controllers: [1, 2]) }
|
5
|
+
|
6
|
+
it do
|
7
|
+
is_expected.to have_attributes(devise_for: "asd")
|
8
|
+
is_expected.to have_attributes(access_control: "X")
|
9
|
+
is_expected.to have_attributes(permanent_allowed_controllers: [1, 2])
|
10
|
+
end
|
11
|
+
|
12
|
+
describe "#devise_model_name" do
|
13
|
+
it "returns devise model name with slashes replaced by underscores" do
|
14
|
+
subject.devise_for = "releaf/permissions/user"
|
15
|
+
expect(subject.devise_model_name).to eq("releaf_permissions_user")
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
describe "#devise_model_class" do
|
20
|
+
it "returns devise model class" do
|
21
|
+
subject.devise_for = "releaf/permissions/role"
|
22
|
+
expect(subject.devise_model_class).to eq(Releaf::Permissions::Role)
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
describe ".configure_component" do
|
27
|
+
it "adds `Releaf::Permissions::Configuration` configuration with devise, access_control and permanent allowed controllers configured" do
|
28
|
+
allow(Releaf::Permissions::Configuration).to receive(:new)
|
29
|
+
.with(
|
30
|
+
devise_for: "releaf/permissions/user",
|
31
|
+
access_control: Releaf::Permissions::AccessControl,
|
32
|
+
permanent_allowed_controllers: ['releaf/root', 'releaf/errors']
|
33
|
+
).and_return("_new")
|
34
|
+
expect(Releaf.application.config).to receive(:add_configuration).with("_new")
|
35
|
+
described_class.configure_component
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
@@ -0,0 +1,76 @@
|
|
1
|
+
require "rails_helper"
|
2
|
+
|
3
|
+
describe Releaf::Permissions::ControllerSupport do
|
4
|
+
let(:user){ Releaf::Permissions::User.new(locale: "de") }
|
5
|
+
|
6
|
+
class AcessControllDummyController < Releaf::ActionController
|
7
|
+
include Releaf::Permissions::ControllerSupport
|
8
|
+
end
|
9
|
+
|
10
|
+
subject{ AcessControllDummyController.new }
|
11
|
+
|
12
|
+
before do
|
13
|
+
allow(subject).to receive(:current_releaf_permissions_user).and_return(user)
|
14
|
+
end
|
15
|
+
|
16
|
+
describe "before filters" do
|
17
|
+
it "prepends `:authenticate!, :verify_controller_access!, :set_locale` before filters" do
|
18
|
+
all_before_actions = subject._process_action_callbacks.select{|f| f.kind == :before}.map{|f| f.filter }
|
19
|
+
expect(all_before_actions).to start_with(:authenticate!, :verify_controller_access!, :set_locale)
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
23
|
+
describe "#set_locale" do
|
24
|
+
it "assigns user locale to I18n locale" do
|
25
|
+
expect(I18n).to receive(:locale=).with("de")
|
26
|
+
subject.set_locale
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
describe "#verify_controller_access!" do
|
31
|
+
let(:access_control){ Releaf::Permissions::AccessControl.new(user: user) }
|
32
|
+
|
33
|
+
before do
|
34
|
+
allow(subject).to receive(:short_name).and_return("some_controller")
|
35
|
+
allow(Releaf.application.config.permissions.access_control).to receive(:new)
|
36
|
+
.with(user: user).and_return(access_control)
|
37
|
+
end
|
38
|
+
|
39
|
+
context "when controller is not permitted" do
|
40
|
+
it "raises `Releaf::AccessDenied exception`" do
|
41
|
+
allow(access_control).to receive(:controller_permitted?).with("some_controller").and_return(false)
|
42
|
+
expect{ subject.verify_controller_access! }.to raise_error(Releaf::AccessDenied)
|
43
|
+
end
|
44
|
+
end
|
45
|
+
|
46
|
+
context "when controller is permitted" do
|
47
|
+
it "does not raise `Releaf::AccessDenied exception`" do
|
48
|
+
allow(access_control).to receive(:controller_permitted?).with("some_controller").and_return(true)
|
49
|
+
expect{ subject.verify_controller_access! }.to_not raise_error
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
describe "#user" do
|
55
|
+
it "returns current controller devise user instance" do
|
56
|
+
expect(subject.user).to eq(user)
|
57
|
+
end
|
58
|
+
end
|
59
|
+
|
60
|
+
describe "#authorized?" do
|
61
|
+
it "returns whether devise has signed in current user" do
|
62
|
+
allow(subject).to receive(:releaf_permissions_user_signed_in?).and_return(true)
|
63
|
+
expect(subject.authorized?).to be true
|
64
|
+
|
65
|
+
allow(subject).to receive(:releaf_permissions_user_signed_in?).and_return(false)
|
66
|
+
expect(subject.authorized?).to be false
|
67
|
+
end
|
68
|
+
end
|
69
|
+
|
70
|
+
describe "#authenticate!" do
|
71
|
+
it "returns whether devise has signed in current user" do
|
72
|
+
expect(subject).to receive(:authenticate_releaf_permissions_user!)
|
73
|
+
subject.authenticate!
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
@@ -0,0 +1,49 @@
|
|
1
|
+
require "rails_helper"
|
2
|
+
|
3
|
+
describe Releaf::Permissions::DefaultControllerResolver do
|
4
|
+
subject{ described_class.new(current_controller: Releaf::RootController.new) }
|
5
|
+
|
6
|
+
it "inherit `Releaf::Root::DefaultControllerResolver`" do
|
7
|
+
expect(described_class.ancestors.include?(Releaf::Root::DefaultControllerResolver)).to be true
|
8
|
+
end
|
9
|
+
|
10
|
+
describe ".configure_component" do
|
11
|
+
it "adds itself as default controller resolver" do
|
12
|
+
expect(Releaf.application.config.root).to receive(:default_controller_resolver=).with(described_class)
|
13
|
+
described_class.configure_component
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
describe "#controllers" do
|
18
|
+
it "returns user available controllers with role default controller as first" do
|
19
|
+
role = Releaf::Permissions::Role.new(default_controller: "a")
|
20
|
+
user = Releaf::Permissions::User.new(role: role)
|
21
|
+
allow(Releaf.application.config).to receive(:available_controllers).and_return(["a", "b", "c"])
|
22
|
+
allow(subject).to receive(:user).and_return(user)
|
23
|
+
|
24
|
+
allow(subject).to receive(:allowed_controllers).and_return(["a", "c", "d"])
|
25
|
+
expect(subject.controllers).to eq(["a", "c"])
|
26
|
+
|
27
|
+
allow(subject).to receive(:allowed_controllers).and_return(["c", "d"])
|
28
|
+
expect(subject.controllers).to eq(["c"])
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
describe "#allowed_controllers" do
|
33
|
+
it "returns allowed controllers from access contro for given user" do
|
34
|
+
allow(subject).to receive(:user).and_return("_user")
|
35
|
+
access_control = Releaf::Permissions::AccessControl.new(user: Releaf::Permissions::User.new)
|
36
|
+
allow(access_control).to receive(:allowed_controllers).and_return(["a", "d"])
|
37
|
+
allow(Releaf.application.config.permissions.access_control).to receive(:new).with(user: "_user").and_return(access_control)
|
38
|
+
|
39
|
+
expect(subject.allowed_controllers).to eq(["a", "d"])
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
describe "#user" do
|
44
|
+
it "returns controller user" do
|
45
|
+
allow(subject.current_controller).to receive(:user).and_return("_user")
|
46
|
+
expect(subject.user).to eq("_user")
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|