rspec-authorization 0.0.2 → 0.0.6

data/spec/lib/rspec/authorization/matchers/have_permission_for_spec.rb

@@ -0,0 +1,81 @@
+require 'rails_helper'
+
+include RSpec::Authorization::Adapters
+include RSpec::Authorization::Matchers::HavePermissionFor
+
+describe HavePermissionFor do
+  let(:role)    { :user }
+  let(:action)  { :index }
+  let(:klass)   { ArticlesController }
+  let(:results) { {action => false} }
+  let(:matcher) { HavePermissionFor.new(role) }
+
+  let(:privilege) do
+    Privilege.new(
+      actions: [action],
+      negated_actions: [],
+      role: role,
+      controller_class: klass
+    )
+  end
+
+  let(:resource) do
+    r = Resource.new(privilege)
+    allow(r).to receive(:controller_class).and_return(klass)
+    r
+  end
+
+  before do
+    allow_any_instance_of(Resource).to receive(:results).and_return(results)
+    allow(matcher).to receive(:resource).and_return(resource)
+  end
+
+  subject { matcher.to(action) }
+
+  its(:role) { is_expected.to eq role }
+  its(:description) { is_expected.to eq "have permission for #{role} to #{matcher.action}" }
+  its(:failure_message) { is_expected.to eq "Expected #{klass} to have permission for #{role} to #{matcher.action}. results: #{results}, negated_results: " }
+  its(:failure_message_when_negated) { is_expected.to eq "Did not expect #{klass} to have permission for #{role} to #{matcher.action}. results: #{results}, negated_results: " }
+
+  context "evaluator" do
+    before { allow_any_instance_of(Resource).to receive(:requests).and_return([]) }
+
+    describe "#matches?" do
+      context "all requests permitted" do
+        let(:results) {{index: true, show: true}}
+
+        specify { expect(matcher.matches?(double)).to be_truthy }
+      end
+
+      context "one of the request is forbidden" do
+        let(:results) {{index: false, show: true}}
+
+        specify { expect(matcher.matches?(double)).to be_falsy }
+      end
+    end
+
+    describe "#does_not_match?" do
+      context "all requests forbidden" do
+        let(:results) {{index: false, show: false}}
+
+        specify { expect(matcher.does_not_match?(double)).to be_truthy }
+      end
+
+      context "one of the request is permitted" do
+        let(:results) {{index: false, show: true}}
+
+        specify { expect(matcher.does_not_match?(double)).to be_falsy }
+      end
+    end
+  end
+
+  describe "#method_missing" do
+    context "method not implemented" do
+      specify { expect{ matcher.to_explode }.to raise_error NoMethodError }
+    end
+
+    context "method implemented" do
+      specify { expect{ matcher.to_read }.not_to raise_error }
+    end
+  end
+end

data/spec/rails_helper.rb

@@ -7,6 +7,7 @@ require 'spec_helper'
 require "#{ENV['RAILS_ROOT']}/config/environment"
 require 'rspec/rails'
 require 'rspec/authorization'
+require 'shoulda-matchers'
 
 # Add additional requires below this line. Rails is not loaded until this point!
 

data/tools/rails_test_app/template.rb

@@ -1,12 +1,13 @@
-generate "authorization:install --create-user"
+generate "devise:install"
+generate "devise user"
+generate "authorization:install"
 
 rules = "config/authorization_rules.rb"
 
 run "mkdir ../../../config"
 run "ln -s ../spec/.rails/rails-#{Rails::VERSION::STRING}/#{rules} ../../../#{rules}"
 
-generate "scaffold article --skip-assets --skip-helper"
-generate "migration AddUserIdToArticles user:references"
+generate "scaffold article user:references --skip-assets --skip-helper"
 
 rake "db:migrate"
 run "bundle exec rake db:migrate RAILS_ENV=test"
@@ -15,7 +16,6 @@ first_line = /\A.*/
 last_line  = /^.*\Z/
 
 inject_into_file "app/models/article.rb", %q{
-  belongs_to :user
 }, after: first_line
 
 inject_into_file "app/models/user.rb", %q{
@@ -28,7 +28,7 @@ inject_into_file "config/authorization_rules.rb", %q{
   end
 
   role :writer do
-    has_permission_on :articles, to: %i(read create)
+    has_permission_on :articles, to: %i(read create update)
   end
 
   role :premium do
@@ -40,6 +40,10 @@ inject_into_file "config/authorization_rules.rb", %q{
   end
 }, after: first_line
 
+inject_into_file "app/controllers/application_controller.rb", %q{
+  before_action :authenticate_user!
+}, after: first_line
+
 inject_into_file "app/controllers/application_controller.rb", %q{
   def current_user
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rspec-authorization
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 0.0.6
 platform: ruby
 authors:
 - Hendra Uzia
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-11-11 00:00:00.000000000 Z
+date: 2015-03-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: declarative_authorization
@@ -31,6 +31,9 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -38,6 +41,23 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+- !ruby/object:Gem::Dependency
+  name: appraisal
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -122,17 +142,25 @@ files:
 - ".ruby-version"
 - ".travis.yml"
 - ".yardopts"
+- Appraisals
 - Gemfile
 - Guardfile
 - HISTORY.md
 - LICENSE.txt
 - README.md
 - Rakefile
+- gemfiles/rails_4.1.9.gemfile
+- gemfiles/rails_4.1.9.gemfile.lock
+- gemfiles/rails_4.2.0.gemfile
+- gemfiles/rails_4.2.0.gemfile.lock
 - lib/rspec/authorization.rb
 - lib/rspec/authorization/adapters.rb
 - lib/rspec/authorization/adapters/example.rb
 - lib/rspec/authorization/adapters/example_group.rb
+- lib/rspec/authorization/adapters/privilege.rb
 - lib/rspec/authorization/adapters/request.rb
+- lib/rspec/authorization/adapters/resource.rb
+- lib/rspec/authorization/adapters/restful_helper_method.rb
 - lib/rspec/authorization/adapters/route.rb
 - lib/rspec/authorization/matchers.rb
 - lib/rspec/authorization/matchers/have_permission_for.rb
@@ -143,7 +171,10 @@ files:
 - spec/lib/rspec/authorization/adapters/example_group_spec.rb
 - spec/lib/rspec/authorization/adapters/example_spec.rb
 - spec/lib/rspec/authorization/adapters/request_spec.rb
+- spec/lib/rspec/authorization/adapters/resource_spec.rb
+- spec/lib/rspec/authorization/adapters/restful_helper_method_spec.rb
 - spec/lib/rspec/authorization/adapters/route_spec.rb
+- spec/lib/rspec/authorization/matchers/have_permission_for_spec.rb
 - spec/rails_helper.rb
 - spec/spec_helper.rb
 - spec/support/group_test_class.rb
@@ -183,7 +214,10 @@ test_files:
 - spec/lib/rspec/authorization/adapters/example_group_spec.rb
 - spec/lib/rspec/authorization/adapters/example_spec.rb
 - spec/lib/rspec/authorization/adapters/request_spec.rb
+- spec/lib/rspec/authorization/adapters/resource_spec.rb
+- spec/lib/rspec/authorization/adapters/restful_helper_method_spec.rb
 - spec/lib/rspec/authorization/adapters/route_spec.rb
+- spec/lib/rspec/authorization/matchers/have_permission_for_spec.rb
 - spec/rails_helper.rb
 - spec/spec_helper.rb
 - spec/support/group_test_class.rb