route_authorizer 0.0.3 → 0.0.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d4d097356ade4d4b4a7970ce122a62644a8bde23
-  data.tar.gz: e69733b53d7502d2ee443cbfe8adb34c50de9925
+  metadata.gz: 672e998c468b5c1fb4cf8279b3ce71ce2aae3d8c
+  data.tar.gz: 00aa2185e514df67db452d5344209c56437ba283
 SHA512:
-  metadata.gz: fb4fcf832f5b96ab5e4b4e8aea623bb0a42a2c4e09c55f55f49c04cfb5b217c7c96a507694d3c0596db9c13f206766b350f4b5d0a9c71e982ee1d0e8b79829ea
-  data.tar.gz: 0589805cc20769d137ca530fcd5c9e69fc13ab917666c4947d375107663ff6075d3d01c303b0d69f3f41b153581d04344fa97b2ba911b45a1e606992ce5768df
+  metadata.gz: b13057a295b5be581734b8e41cd7f44c563435c405170abcf96b360f6c208ec075dff2054433220665c54761e184d36d242d354fda89938bb41ee4710fc332f5
+  data.tar.gz: 5b63acbb71f664ca58d6159ce520e49c0f6d50f57cffea8e808a7706a71988042ff29fe4e3d98c2f36ac02403ed228d3b6da3ee1fb7d0b1afd6823b657ac3391

data/lib/route_authorizer.rb

@@ -4,5 +4,6 @@ module RouteAuthorizer
 
   require 'route_authorizer/version'
   require 'route_authorizer/permission'
+  require 'route_authorizer/permission_dsl'
   require 'route_authorizer/authorizer'
 end

data/lib/route_authorizer/authorizer.rb

@@ -5,7 +5,7 @@ module RouteAuthorizer::Authorizer
   class AccessDenied < StandardError; end
 
   included do
-    helper_method :can_redirect_to?, :can_redirect_to_path?
+    helper_method :permit?, :permit_path?
   end
 
 private
@@ -14,17 +14,17 @@ private
     @permission ||= ::Permission.new(current_user.try(:role))
   end
 
-  def can_redirect_to?(_controller_name, _action_name)
-    permission.redirect_to?(_controller_name, _action_name)
+  def permit?(_controller_name, _action_name)
+    permission.permit?(_controller_name, _action_name)
   end
 
-  def can_redirect_to_path?(path)
+  def permit_path?(path)
     controller_and_action = Rails.application.routes.recognize_path(path).values[0..1]
-    can_redirect_to?(*controller_and_action)
+    permit?(*controller_and_action)
   end
 
   def authorize_user!
-    unless can_redirect_to?(controller_name, action_name)
+    unless permit?(controller_name, action_name)
       raise AccessDenied.new("Acess denied to '#{controller_name}##{action_name}'")
     end
   end

data/lib/route_authorizer/permission.rb

@@ -4,8 +4,8 @@ module RouteAuthorizer::Permission
     @role = role.to_s
   end
 
-  def redirect_to?(controller_name, action_name)
-    redirect_to_action? [
+  def permit?(controller_name, action_name)
+    permit_action? [
       [:all],
       [controller_name.to_sym, :all],
       [controller_name.to_sym, action_name.to_sym],
@@ -16,7 +16,7 @@ private
 
   attr_reader :role
 
-  def redirect_to_action?(role_action)
+  def permit_action?(role_action)
     (role_permissions & role_action).any?
   end
 

data/lib/route_authorizer/permission_dsl.rb

@@ -0,0 +1,35 @@
+module RouteAuthorizer::PermissionDSL
+
+  extend ActiveSupport::Concern
+
+  include RouteAuthorizer::Permission
+
+  class_methods do
+    def all_roles(&block)
+      role(:default, &block)
+    end
+
+    def role(name, &block)
+      define_method name do
+        @current_role = "@#{name}"
+
+        instance_variable_set @current_role, []
+        instance_eval &block
+        instance_variable_get @current_role
+      end
+    end
+  end
+
+  def permit_all
+    instance_variable_get(@current_role) << [:all]
+  end
+
+  def permit(controller, options = {})
+    actions = options[:only] || [:all]
+
+    actions.each do |action|
+      instance_variable_get(@current_role) << [controller, action]
+    end
+  end
+
+end

data/lib/route_authorizer/version.rb

@@ -1,3 +1,3 @@
 module RouteAuthorizer
-  VERSION = '0.0.3'
+  VERSION = '0.0.4'
 end

data/spec/authorizer_spec.rb

@@ -1,12 +1,12 @@
 require 'spec_helper'
 
-Permission = Object.new
+Permission = Class.new
 
 describe RouteAuthorizer::Authorizer do
 
   let(:role) { :admin }
   let(:current_user) { double('User', role: role) }
-  let(:permission) { double('permission', redirect_to?: true) }
+  let(:permission) { double('permission', permit?: true) }
   let(:controller) { ActionController::Base.new }
 
   before do
@@ -40,7 +40,7 @@ describe RouteAuthorizer::Authorizer do
 
   context 'when user has permission' do
     before do
-      expect(permission).to receive(:redirect_to?).with(:controller, :action) { true }
+      expect(permission).to receive(:permit?).with(:controller, :action) { true }
     end
 
     it 'raises no exception' do
@@ -50,7 +50,7 @@ describe RouteAuthorizer::Authorizer do
 
   context 'when user does not have permission' do
     before do
-      expect(permission).to receive(:redirect_to?).with(:controller, :action) { false }
+      expect(permission).to receive(:permit?).with(:controller, :action) { false }
     end
 
     it 'raises AccessDenied exception' do
@@ -58,15 +58,15 @@ describe RouteAuthorizer::Authorizer do
     end
   end
 
-  it '#can_redirect_to?' do
-    expect(permission).to receive(:redirect_to?).with(:other_controller, :other_action)
-    controller.send(:can_redirect_to?, :other_controller, :other_action)
+  it '#permit?' do
+    expect(permission).to receive(:permit?).with(:other_controller, :other_action)
+    controller.send(:permit?, :other_controller, :other_action)
   end
 
-  it '#can_redirect_to_path?' do
+  it '#permit_path?' do
     expect(Rails).to receive_message_chain(:application, :routes, :recognize_path).with('path') { {a: 1, b: 2, c: 3} }
-    expect(permission).to receive(:redirect_to?).with(1, 2)
-    controller.send(:can_redirect_to_path?, 'path')
+    expect(permission).to receive(:permit?).with(1, 2)
+    controller.send(:permit_path?, 'path')
   end
 
 end

data/spec/permission_dsl_spec.rb

@@ -0,0 +1,63 @@
+require 'spec_helper'
+
+describe RouteAuthorizer::PermissionDSL do
+
+  let(:permission_class) { Class.new }
+  let(:permission) { permission_class.new(:admin) }
+
+  before do
+    permission_class.include(RouteAuthorizer::PermissionDSL)
+  end
+
+  it 'includes permission module' do
+    expect(permission_class).to include RouteAuthorizer::Permission
+  end
+
+  it '.all_roles' do
+    expect(permission_class).to receive(:role).with(:default).and_yield
+
+    permission_class.send(:all_roles) { :anything }
+  end
+
+  context '.role' do
+    it 'with no permission' do
+      permission_class.send(:role, :admin) {}
+
+      expect(permission.send(:admin)).to eq([])
+    end
+
+    it 'with all permission' do
+      permission_class.send(:role, :admin) do
+        permit_all
+      end
+
+      expect(permission.send(:admin)).to eq([[:all]])
+    end
+
+    it 'with controller permission' do
+      permission_class.send(:role, :admin) do
+        permit :controller1
+        permit :controller2
+      end
+
+      expect(permission.send(:admin)).to eq([
+        [:controller1, :all],
+        [:controller2, :all],
+      ])
+    end
+
+    it 'with controller and action permissions' do
+      permission_class.send(:role, :admin) do
+        permit :controller1, only: [:action1]
+        permit :controller2, only: [:action1, :action2]
+      end
+
+      expect(permission.send(:admin)).to eq([
+        [:controller1, :action1],
+        [:controller2, :action1],
+        [:controller2, :action2],
+      ])
+    end
+  end
+
+end

data/spec/permission_spec.rb

@@ -37,20 +37,20 @@ describe RouteAuthorizer::Permission do
 
   it 'permits define permission to all controllers and actions' do
     allow(permission).to receive(:admin).and_return [[:all]]
-    expect(permission.redirect_to? :any, :any).to be_truthy
+    expect(permission.permit? :any, :any).to be_truthy
   end
 
   it 'permits define permission to a specific controller and all actions' do
     allow(permission).to receive(:admin).and_return [[:some, :all]]
-    expect(permission.redirect_to? :some, :any).to be_truthy
-    expect(permission.redirect_to? :other, :any).to be_falsey
+    expect(permission.permit? :some, :any).to be_truthy
+    expect(permission.permit? :other, :any).to be_falsey
   end
 
   it 'permits define permission to a specific controller and action' do
     allow(permission).to receive(:admin).and_return [[:some, :some]]
-    expect(permission.redirect_to? :some, :some).to be_truthy
-    expect(permission.redirect_to? :some, :any).to be_falsey
-    expect(permission.redirect_to? :any, :any).to be_falsey
+    expect(permission.permit? :some, :some).to be_truthy
+    expect(permission.permit? :some, :any).to be_falsey
+    expect(permission.permit? :any, :any).to be_falsey
   end
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: route_authorizer
 version: !ruby/object:Gem::Version
-  version: 0.0.3
+  version: 0.0.4
 platform: ruby
 authors:
 - Fábio Rodrigues
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-02-11 00:00:00.000000000 Z
+date: 2015-02-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -96,9 +96,11 @@ files:
 - lib/route_authorizer.rb
 - lib/route_authorizer/authorizer.rb
 - lib/route_authorizer/permission.rb
+- lib/route_authorizer/permission_dsl.rb
 - lib/route_authorizer/version.rb
 - route_authorizer.gemspec
 - spec/authorizer_spec.rb
+- spec/permission_dsl_spec.rb
 - spec/permission_spec.rb
 - spec/spec_helper.rb
 homepage: https://github.com/FabioMR/route_authorizer
@@ -127,5 +129,6 @@ specification_version: 4
 summary: Simple routes authorization solution for Rails based on user roles.
 test_files:
 - spec/authorizer_spec.rb
+- spec/permission_dsl_spec.rb
 - spec/permission_spec.rb
 - spec/spec_helper.rb