releaf-permissions 0.2.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (58) hide show
  1. checksums.yaml +4 -4
  2. data/LICENSE +19 -21
  3. data/app/assets/stylesheets/{releaf/controllers → controllers}/releaf/permissions/sessions.scss +0 -0
  4. data/app/builders/releaf/permissions/page/header_builder.rb +35 -0
  5. data/app/builders/releaf/permissions/page/layout_builder.rb +17 -0
  6. data/app/builders/releaf/permissions/page/menu_builder.rb +18 -0
  7. data/app/builders/releaf/permissions/roles/form_builder.rb +10 -6
  8. data/app/builders/releaf/permissions/roles/table_builder.rb +2 -6
  9. data/app/controllers/releaf/permissions/profile_controller.rb +25 -46
  10. data/app/controllers/releaf/permissions/roles_controller.rb +3 -5
  11. data/app/controllers/releaf/permissions/sessions_controller.rb +17 -27
  12. data/app/controllers/releaf/permissions/users_controller.rb +11 -14
  13. data/app/models/releaf/permissions/role.rb +0 -25
  14. data/app/models/releaf/permissions/user.rb +3 -9
  15. data/lib/releaf-permissions.rb +23 -27
  16. data/lib/releaf/permissions/access_control.rb +37 -0
  17. data/lib/releaf/permissions/configuration.rb +26 -0
  18. data/lib/releaf/permissions/controller_support.rb +33 -0
  19. data/lib/releaf/permissions/default_controller_resolver.rb +22 -0
  20. data/lib/releaf/permissions/engine.rb +1 -18
  21. data/lib/releaf/permissions/layout.rb +5 -0
  22. data/lib/releaf/permissions/{profile_component.rb → profile.rb} +6 -2
  23. data/lib/releaf/permissions/{roles_component.rb → roles.rb} +2 -2
  24. data/lib/releaf/permissions/settings_manager.rb +22 -0
  25. data/lib/releaf/permissions/users.rb +11 -0
  26. data/spec/builders/releaf/permissions/page/header_builder_spec.rb +87 -0
  27. data/spec/builders/releaf/permissions/page/layout_builder_spec.rb +64 -0
  28. data/spec/builders/releaf/permissions/page/menu_builder_spec.rb +100 -0
  29. data/spec/builders/{profile → releaf/permissions/profile}/form_builder_spec.rb +0 -0
  30. data/spec/builders/releaf/permissions/roles/form_builder_spec.rb +56 -0
  31. data/spec/builders/releaf/permissions/roles/table_builder_spec.rb +41 -0
  32. data/spec/builders/{users → releaf/permissions/users}/form_builder_spec.rb +0 -0
  33. data/spec/builders/{users → releaf/permissions/users}/table_builder_spec.rb +0 -0
  34. data/spec/controllers/permissions/profile_controller_spec.rb +0 -27
  35. data/spec/controllers/permissions/users_controller_spec.rb +1 -1
  36. data/spec/features/roles_spec.rb +3 -3
  37. data/spec/features/users_spec.rb +2 -2
  38. data/spec/lib/access_control_spec.rb +35 -50
  39. data/spec/lib/releaf/permissions/configuration_spec.rb +38 -0
  40. data/spec/lib/releaf/permissions/controller_support_spec.rb +76 -0
  41. data/spec/lib/releaf/permissions/default_controller_resolver_spec.rb +49 -0
  42. data/spec/lib/releaf/permissions/layout_spec.rb +10 -0
  43. data/spec/lib/releaf/permissions/profile_spec.rb +11 -0
  44. data/spec/lib/releaf/permissions/roles_spec.rb +10 -0
  45. data/spec/lib/releaf/permissions/settings_manager_spec.rb +38 -0
  46. data/spec/lib/releaf/permissions/users_spec.rb +17 -0
  47. data/spec/models/permissions/role_spec.rb +0 -28
  48. data/spec/models/permissions/user_spec.rb +33 -3
  49. metadata +56 -32
  50. data/app/controllers/releaf/permissions/home_controller.rb +0 -32
  51. data/app/lib/releaf/permissions/access_control.rb +0 -36
  52. data/lib/releaf/permissions/builders_autoload.rb +0 -11
  53. data/lib/releaf/permissions/devise_component.rb +0 -8
  54. data/lib/releaf/permissions/users_component.rb +0 -7
  55. data/releaf-permissions.gemspec +0 -19
  56. data/spec/builders/roles/form_builder_spec.rb +0 -38
  57. data/spec/builders/roles/table_builder_spec.rb +0 -29
  58. data/spec/controllers/permissions/home_controller_spec.rb +0 -52
@@ -0,0 +1,56 @@
1
+ require 'rails_helper'
2
+
3
+ describe Releaf::Permissions::Roles::FormBuilder, type: :class do
4
+ class FormBuilderTestHelper < ActionView::Base; end
5
+ let(:template){ FormBuilderTestHelper.new }
6
+ let(:object){ Releaf::Permissions::Role.new }
7
+ let(:subject){ described_class.new(:resource, object, template, {}) }
8
+
9
+ before do
10
+ allow(Releaf.application.config).to receive(:available_controllers)
11
+ .and_return(["releaf/content/nodes", "admin/chapters"])
12
+
13
+ definition_1 = Releaf::ControllerDefinition.new("xx")
14
+ allow(definition_1).to receive(:localized_name).and_return("controller 1")
15
+ allow(definition_1).to receive(:controller_name).and_return("admin/controller_1")
16
+
17
+ definition_2 = Releaf::ControllerDefinition.new("xx")
18
+ allow(definition_2).to receive(:localized_name).and_return("controller 2")
19
+ allow(definition_2).to receive(:controller_name).and_return("admin/controller_2")
20
+
21
+ allow(Releaf::ControllerDefinition).to receive(:for).with("releaf/content/nodes").and_return(definition_1)
22
+ allow(Releaf::ControllerDefinition).to receive(:for).with("admin/chapters").and_return(definition_2)
23
+ end
24
+
25
+ describe "#render_default_controller" do
26
+ it "pass localized controller options to releaf item field" do
27
+ translated_controllers = {
28
+ "controller 1" => "admin/controller_1",
29
+ "controller 2" => "admin/controller_2"
30
+ }
31
+
32
+ allow(subject).to receive(:releaf_item_field)
33
+ .with(:default_controller, options: {select_options: translated_controllers})
34
+ .and_return("x")
35
+ expect(subject.render_default_controller).to eq("x")
36
+ end
37
+ end
38
+
39
+ describe "#render_permissions" do
40
+ it "returns associated set field" do
41
+ options = {association: {items: "x", field: :permission}}
42
+ allow(subject).to receive(:permission_items).and_return("x")
43
+ allow(subject).to receive(:releaf_associated_set_field).with(:permissions, options: options).and_return("y")
44
+ expect(subject.render_permissions).to eq("y")
45
+ end
46
+ end
47
+
48
+ describe "#permission_items" do
49
+ it "returns scoped and translated controller values" do
50
+ expect(subject.permission_items).to eq(
51
+ "controller.admin/controller_1" => "controller 1",
52
+ "controller.admin/controller_2" => "controller 2"
53
+ )
54
+ end
55
+ end
56
+ end
@@ -0,0 +1,41 @@
1
+ require "rails_helper"
2
+
3
+ describe Releaf::Permissions::Roles::TableBuilder, type: :class do
4
+ class TableBuilderTestHelper < ActionView::Base; end
5
+ let(:template){ TableBuilderTestHelper.new }
6
+ let(:resource_class){ Releaf::Permissions::Role }
7
+ let(:subject){ described_class.new([], resource_class, template, {}) }
8
+
9
+ describe "#column_names" do
10
+ it "returns name and default_controller as column names array" do
11
+ expect(subject.column_names).to eq([:name, :default_controller])
12
+ end
13
+ end
14
+
15
+ describe "#default_controller_content" do
16
+ context "when given resource default controller definition exists" do
17
+ it "returns localized controller name from definitioned followed by application name" do
18
+ definition = Releaf::ControllerDefinition.new("xx")
19
+ allow(definition).to receive(:localized_name).and_return("x")
20
+ allow(Releaf::ControllerDefinition).to receive(:for).with("contr").and_return(definition)
21
+ expect(subject.default_controller_content(resource_class.new(default_controller: "contr"))).to eq("x")
22
+ end
23
+ end
24
+
25
+ context "when given resource default controller definition does not exist" do
26
+ it "returns dash" do
27
+ definition = Releaf::ControllerDefinition.new("xx")
28
+ allow(definition).to receive(:localized_name).and_return("x")
29
+ allow(Releaf::ControllerDefinition).to receive(:for).with("contr").and_return(nil)
30
+ expect(subject.default_controller_content(resource_class.new(default_controller: "contr"))).to eq("-")
31
+ end
32
+ end
33
+
34
+ context "when default controller is not defined for given resource" do
35
+ it "returns dash" do
36
+ expect(Releaf::ControllerDefinition).to_not receive(:for)
37
+ expect(subject.default_controller_content(resource_class.new)).to eq("-")
38
+ end
39
+ end
40
+ end
41
+ end
@@ -36,31 +36,4 @@ describe Releaf::Permissions::ProfileController do
36
36
  end
37
37
  end
38
38
  end
39
-
40
- describe "PUT settings", db_strategy: :truncation do
41
- context 'when params[:settings] is not Hash' do
42
- it "has a 422 status code" do
43
- put :settings
44
- expect(response.status).to eq(422)
45
- end
46
- end
47
-
48
- context 'when params[:settings] is Hash' do
49
- it "has a 200 status code" do
50
- put :settings, {settings: {dummy: 'maybe'}}
51
- expect(response.status).to eq(200)
52
- end
53
-
54
- it "saves given data within current user settings" do
55
- put :settings, {settings: {dummy: 'maybe'}}
56
- expect(user.settings.dummy).to eq('maybe')
57
- end
58
-
59
- it "casts bolean values from strings to booleans" do
60
- put :settings, {settings: {be_true: 'true', be_false: 'false'}}
61
- expect(user.settings.be_true).to be true
62
- expect(user.settings.be_false).to be false
63
- end
64
- end
65
- end
66
39
  end
@@ -1,6 +1,6 @@
1
1
  require 'rails_helper'
2
2
 
3
- # use Admin::BooksController as it inherit Releaf::BaseController and
3
+ # use Admin::BooksController as it inherit Releaf::ActionController and
4
4
  # have no extra methods or overrides
5
5
  describe Releaf::Permissions::UsersController do
6
6
  before do
@@ -19,7 +19,7 @@ feature "Roles management", js: true do
19
19
  visit releaf_permissions_roles_path
20
20
  create_resource do
21
21
  fill_in("Name", with: "second role")
22
- select('Releaf/content/nodes', from: 'Default controller')
22
+ select('Admin/nodes', from: 'Default controller')
23
23
  end
24
24
  visit releaf_permissions_roles_path
25
25
  expect(page).to have_content "second role"
@@ -55,9 +55,9 @@ feature "Roles management", js: true do
55
55
 
56
56
  Releaf.application.config.available_controllers.each do |controller|
57
57
  if controller == "admin/books"
58
- expect(page).to have_unchecked_field(I18n.t(controller, scope: 'admin.controllers'))
58
+ expect(page).to have_unchecked_field(I18n.t(controller))
59
59
  else
60
- expect(page).to have_checked_field(I18n.t(controller, scope: 'admin.controllers'))
60
+ expect(page).to have_checked_field(I18n.t(controller))
61
61
  end
62
62
  end
63
63
  end
@@ -57,7 +57,7 @@ feature "Users", js: true do
57
57
 
58
58
  scenario "user page content" do
59
59
  expect(page).to have_css('body > header form.sign-out button')
60
- expect(page).to have_content 'Releaf/content'
60
+ expect(page).to have_content 'Admin/nodes'
61
61
  expect(page).to have_content 'Permissions'
62
62
  expect(page).to have_content 'Releaf/i18n database/translations'
63
63
  # admin/users index view
@@ -87,7 +87,7 @@ feature "Users", js: true do
87
87
 
88
88
  scenario "user page content" do
89
89
  expect(page).to have_css('body > header form.sign-out button')
90
- expect(page).to have_content 'Releaf/content'
90
+ expect(page).to have_content 'Admin/nodes'
91
91
  end
92
92
 
93
93
  scenario "translations module access denied" do
@@ -1,81 +1,66 @@
1
1
  require "rails_helper"
2
2
 
3
3
  describe Releaf::Permissions::AccessControl do
4
- class AcessControllDummyController < ActionController::Base; end
5
-
6
- let(:controller){ AcessControllDummyController.new }
7
4
  let(:role){ Releaf::Permissions::Role.new }
8
5
  let(:user){ Releaf::Permissions::User.new(role: role) }
9
- subject{ described_class.new(controller: controller) }
10
-
11
- before do
12
- allow(controller).to receive(:current_releaf_permissions_user).and_return(user)
13
- end
6
+ subject{ described_class.new(user: user) }
14
7
 
15
- describe "#controller_permitted" do
16
- before do
17
- allow(subject).to receive(:permitted_controllers).and_return(["a", "b"])
18
- allow(role).to receive(:controller_permitted?).with("c").and_return(true)
19
- allow(role).to receive(:controller_permitted?).with("d").and_return(false)
20
- end
21
8
 
22
- context "when permitted controllers contains given controller" do
9
+ describe "#controller_permitted?" do
10
+ context "when allowed controllers contains given controller" do
23
11
  it "returns true" do
12
+ allow(subject).to receive(:allowed_controllers).and_return(["a", "b"])
24
13
  expect(subject.controller_permitted?("a")).to be true
25
14
  end
26
15
  end
27
16
 
28
- context "when user role permit given controller" do
29
- it "returns true" do
30
- expect(subject.controller_permitted?("c")).to be true
31
- end
32
- end
33
-
34
- context "when neither permitted controllers contains given controller or user role permit given controller" do
35
- it "returns true" do
36
- expect(subject.controller_permitted?("d")).to be false
17
+ context "when allowed controllers does not contain given controller" do
18
+ it "returns false" do
19
+ allow(subject).to receive(:allowed_controllers).and_return(["c", "b"])
20
+ expect(subject.controller_permitted?("a")).to be false
37
21
  end
38
22
  end
39
23
  end
40
24
 
41
- describe "#current_controller_name" do
42
- it "returns normalized access controller assign controller name" do
43
- expect(subject.current_controller_name).to eq("acess_controll_dummy")
25
+ describe "#allowed_controllers" do
26
+ it "returns array with permanent allowed controllers and role allowed controllers" do
27
+ allow(subject).to receive(:permanent_allowed_controllers).and_return(["a", "b"])
28
+ allow(subject).to receive(:role_allowed_controllers).and_return(["c", "d"])
29
+ expect(subject.allowed_controllers).to eq(%w(a b c d))
44
30
  end
45
31
  end
46
32
 
47
- describe "#user" do
48
- it "returns current controller devise user instance" do
49
- expect(subject.user).to eq(user)
33
+ describe "#permanent_allowed_controllers" do
34
+ it "returns array with permanent allowed controllers" do
35
+ allow(Releaf.application.config.permissions).to receive(:permanent_allowed_controllers).and_return("x")
36
+ expect(subject.permanent_allowed_controllers).to eq("x")
50
37
  end
51
38
  end
52
39
 
53
- describe "#permitted_controllers" do
54
- it "returns array with `releaf/permissions/home` and `releaf/core/errors` as permanently permitted controllers" do
55
- expect(subject.permitted_controllers).to match_array(['releaf/permissions/home', 'releaf/core/errors'])
56
- end
57
- end
40
+ describe "#role_allowed_controllers" do
41
+ it "returns array of roles allowed controllers" do
42
+ role.permissions.build(permission: "controller.a")
43
+ role.permissions.build(permission: "controller.x")
44
+ role.permissions.build(permission: "export.some_data")
45
+ allow(subject).to receive(:controller_name_from_permission).with("controller.a").and_return(nil)
46
+ allow(subject).to receive(:controller_name_from_permission).with("controller.x").and_return("asd")
47
+ allow(subject).to receive(:controller_name_from_permission).with("export.some_data").and_return("fd")
58
48
 
59
- describe "#authorized?" do
60
- it "returns whether devise has signed in current user" do
61
- expect(controller).to receive(:releaf_permissions_user_signed_in?).and_return(true)
62
- expect(subject.authorized?).to be true
63
- expect(controller).to receive(:releaf_permissions_user_signed_in?).and_return(false)
64
- expect(subject.authorized?).to be false
49
+ expect(subject.role_allowed_controllers).to match_array(["asd", "fd"])
65
50
  end
66
51
  end
67
52
 
68
- describe "#authenticate!" do
69
- it "returns whether devise has signed in current user" do
70
- expect(controller).to receive(:authenticate_releaf_permissions_user!)
71
- subject.authenticate!
53
+ describe "#controller_name_from_permission" do
54
+ context "when given permission contains `controller`" do
55
+ it "returns name" do
56
+ expect(subject.controller_name_from_permission("controller.a")).to eq("a")
57
+ end
72
58
  end
73
- end
74
59
 
75
- describe "#devise_model_name" do
76
- it "returns normalized Releaf devise model name" do
77
- allow(Releaf.application.config).to receive(:devise_for).and_return("asdasd/asdasd")
78
- expect(subject.devise_model_name).to eq("asdasd_asdasd")
60
+ context "when given permission does not contain `controller`" do
61
+ it "returns nil" do
62
+ expect(subject.controller_name_from_permission("aasd.a")).to be nil
63
+ end
79
64
  end
80
65
  end
81
66
  end
@@ -0,0 +1,38 @@
1
+ require "rails_helper"
2
+
3
+ describe Releaf::Permissions::Configuration do
4
+ subject{ described_class.new(devise_for: "asd", access_control: "X", permanent_allowed_controllers: [1, 2]) }
5
+
6
+ it do
7
+ is_expected.to have_attributes(devise_for: "asd")
8
+ is_expected.to have_attributes(access_control: "X")
9
+ is_expected.to have_attributes(permanent_allowed_controllers: [1, 2])
10
+ end
11
+
12
+ describe "#devise_model_name" do
13
+ it "returns devise model name with slashes replaced by underscores" do
14
+ subject.devise_for = "releaf/permissions/user"
15
+ expect(subject.devise_model_name).to eq("releaf_permissions_user")
16
+ end
17
+ end
18
+
19
+ describe "#devise_model_class" do
20
+ it "returns devise model class" do
21
+ subject.devise_for = "releaf/permissions/role"
22
+ expect(subject.devise_model_class).to eq(Releaf::Permissions::Role)
23
+ end
24
+ end
25
+
26
+ describe ".configure_component" do
27
+ it "adds `Releaf::Permissions::Configuration` configuration with devise, access_control and permanent allowed controllers configured" do
28
+ allow(Releaf::Permissions::Configuration).to receive(:new)
29
+ .with(
30
+ devise_for: "releaf/permissions/user",
31
+ access_control: Releaf::Permissions::AccessControl,
32
+ permanent_allowed_controllers: ['releaf/root', 'releaf/errors']
33
+ ).and_return("_new")
34
+ expect(Releaf.application.config).to receive(:add_configuration).with("_new")
35
+ described_class.configure_component
36
+ end
37
+ end
38
+ end
@@ -0,0 +1,76 @@
1
+ require "rails_helper"
2
+
3
+ describe Releaf::Permissions::ControllerSupport do
4
+ let(:user){ Releaf::Permissions::User.new(locale: "de") }
5
+
6
+ class AcessControllDummyController < Releaf::ActionController
7
+ include Releaf::Permissions::ControllerSupport
8
+ end
9
+
10
+ subject{ AcessControllDummyController.new }
11
+
12
+ before do
13
+ allow(subject).to receive(:current_releaf_permissions_user).and_return(user)
14
+ end
15
+
16
+ describe "before filters" do
17
+ it "prepends `:authenticate!, :verify_controller_access!, :set_locale` before filters" do
18
+ all_before_actions = subject._process_action_callbacks.select{|f| f.kind == :before}.map{|f| f.filter }
19
+ expect(all_before_actions).to start_with(:authenticate!, :verify_controller_access!, :set_locale)
20
+ end
21
+ end
22
+
23
+ describe "#set_locale" do
24
+ it "assigns user locale to I18n locale" do
25
+ expect(I18n).to receive(:locale=).with("de")
26
+ subject.set_locale
27
+ end
28
+ end
29
+
30
+ describe "#verify_controller_access!" do
31
+ let(:access_control){ Releaf::Permissions::AccessControl.new(user: user) }
32
+
33
+ before do
34
+ allow(subject).to receive(:short_name).and_return("some_controller")
35
+ allow(Releaf.application.config.permissions.access_control).to receive(:new)
36
+ .with(user: user).and_return(access_control)
37
+ end
38
+
39
+ context "when controller is not permitted" do
40
+ it "raises `Releaf::AccessDenied exception`" do
41
+ allow(access_control).to receive(:controller_permitted?).with("some_controller").and_return(false)
42
+ expect{ subject.verify_controller_access! }.to raise_error(Releaf::AccessDenied)
43
+ end
44
+ end
45
+
46
+ context "when controller is permitted" do
47
+ it "does not raise `Releaf::AccessDenied exception`" do
48
+ allow(access_control).to receive(:controller_permitted?).with("some_controller").and_return(true)
49
+ expect{ subject.verify_controller_access! }.to_not raise_error
50
+ end
51
+ end
52
+ end
53
+
54
+ describe "#user" do
55
+ it "returns current controller devise user instance" do
56
+ expect(subject.user).to eq(user)
57
+ end
58
+ end
59
+
60
+ describe "#authorized?" do
61
+ it "returns whether devise has signed in current user" do
62
+ allow(subject).to receive(:releaf_permissions_user_signed_in?).and_return(true)
63
+ expect(subject.authorized?).to be true
64
+
65
+ allow(subject).to receive(:releaf_permissions_user_signed_in?).and_return(false)
66
+ expect(subject.authorized?).to be false
67
+ end
68
+ end
69
+
70
+ describe "#authenticate!" do
71
+ it "returns whether devise has signed in current user" do
72
+ expect(subject).to receive(:authenticate_releaf_permissions_user!)
73
+ subject.authenticate!
74
+ end
75
+ end
76
+ end
@@ -0,0 +1,49 @@
1
+ require "rails_helper"
2
+
3
+ describe Releaf::Permissions::DefaultControllerResolver do
4
+ subject{ described_class.new(current_controller: Releaf::RootController.new) }
5
+
6
+ it "inherit `Releaf::Root::DefaultControllerResolver`" do
7
+ expect(described_class.ancestors.include?(Releaf::Root::DefaultControllerResolver)).to be true
8
+ end
9
+
10
+ describe ".configure_component" do
11
+ it "adds itself as default controller resolver" do
12
+ expect(Releaf.application.config.root).to receive(:default_controller_resolver=).with(described_class)
13
+ described_class.configure_component
14
+ end
15
+ end
16
+
17
+ describe "#controllers" do
18
+ it "returns user available controllers with role default controller as first" do
19
+ role = Releaf::Permissions::Role.new(default_controller: "a")
20
+ user = Releaf::Permissions::User.new(role: role)
21
+ allow(Releaf.application.config).to receive(:available_controllers).and_return(["a", "b", "c"])
22
+ allow(subject).to receive(:user).and_return(user)
23
+
24
+ allow(subject).to receive(:allowed_controllers).and_return(["a", "c", "d"])
25
+ expect(subject.controllers).to eq(["a", "c"])
26
+
27
+ allow(subject).to receive(:allowed_controllers).and_return(["c", "d"])
28
+ expect(subject.controllers).to eq(["c"])
29
+ end
30
+ end
31
+
32
+ describe "#allowed_controllers" do
33
+ it "returns allowed controllers from access contro for given user" do
34
+ allow(subject).to receive(:user).and_return("_user")
35
+ access_control = Releaf::Permissions::AccessControl.new(user: Releaf::Permissions::User.new)
36
+ allow(access_control).to receive(:allowed_controllers).and_return(["a", "d"])
37
+ allow(Releaf.application.config.permissions.access_control).to receive(:new).with(user: "_user").and_return(access_control)
38
+
39
+ expect(subject.allowed_controllers).to eq(["a", "d"])
40
+ end
41
+ end
42
+
43
+ describe "#user" do
44
+ it "returns controller user" do
45
+ allow(subject.current_controller).to receive(:user).and_return("_user")
46
+ expect(subject.user).to eq("_user")
47
+ end
48
+ end
49
+ end