rspec-authorization 0.0.2 → 0.0.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +3 -0
- data/Appraisals +7 -0
- data/Gemfile +9 -5
- data/HISTORY.md +20 -1
- data/README.md +28 -3
- data/gemfiles/rails_4.1.9.gemfile +28 -0
- data/gemfiles/rails_4.1.9.gemfile.lock +234 -0
- data/gemfiles/rails_4.2.0.gemfile +28 -0
- data/gemfiles/rails_4.2.0.gemfile.lock +260 -0
- data/lib/rspec/authorization/adapters.rb +3 -0
- data/lib/rspec/authorization/adapters/privilege.rb +14 -0
- data/lib/rspec/authorization/adapters/request.rb +4 -1
- data/lib/rspec/authorization/adapters/resource.rb +58 -0
- data/lib/rspec/authorization/adapters/restful_helper_method.rb +137 -0
- data/lib/rspec/authorization/matchers/have_permission_for.rb +93 -70
- data/lib/rspec/authorization/version.rb +1 -1
- data/rspec-authorization.gemspec +2 -1
- data/spec/controllers/articles_controller_spec.rb +3 -11
- data/spec/lib/rspec/authorization/adapters/resource_spec.rb +102 -0
- data/spec/lib/rspec/authorization/adapters/restful_helper_method_spec.rb +151 -0
- data/spec/lib/rspec/authorization/matchers/have_permission_for_spec.rb +81 -0
- data/spec/rails_helper.rb +1 -0
- data/tools/rails_test_app/template.rb +9 -5
- metadata +36 -2
@@ -0,0 +1,81 @@
|
|
1
|
+
require 'rails_helper'
|
2
|
+
|
3
|
+
include RSpec::Authorization::Adapters
|
4
|
+
include RSpec::Authorization::Matchers::HavePermissionFor
|
5
|
+
|
6
|
+
describe HavePermissionFor do
|
7
|
+
let(:role) { :user }
|
8
|
+
let(:action) { :index }
|
9
|
+
let(:klass) { ArticlesController }
|
10
|
+
let(:results) { {action => false} }
|
11
|
+
let(:matcher) { HavePermissionFor.new(role) }
|
12
|
+
|
13
|
+
let(:privilege) do
|
14
|
+
Privilege.new(
|
15
|
+
actions: [action],
|
16
|
+
negated_actions: [],
|
17
|
+
role: role,
|
18
|
+
controller_class: klass
|
19
|
+
)
|
20
|
+
end
|
21
|
+
|
22
|
+
let(:resource) do
|
23
|
+
r = Resource.new(privilege)
|
24
|
+
allow(r).to receive(:controller_class).and_return(klass)
|
25
|
+
r
|
26
|
+
end
|
27
|
+
|
28
|
+
before do
|
29
|
+
allow_any_instance_of(Resource).to receive(:results).and_return(results)
|
30
|
+
allow(matcher).to receive(:resource).and_return(resource)
|
31
|
+
end
|
32
|
+
|
33
|
+
subject { matcher.to(action) }
|
34
|
+
|
35
|
+
its(:role) { is_expected.to eq role }
|
36
|
+
its(:description) { is_expected.to eq "have permission for #{role} to #{matcher.action}" }
|
37
|
+
its(:failure_message) { is_expected.to eq "Expected #{klass} to have permission for #{role} to #{matcher.action}. results: #{results}, negated_results: " }
|
38
|
+
its(:failure_message_when_negated) { is_expected.to eq "Did not expect #{klass} to have permission for #{role} to #{matcher.action}. results: #{results}, negated_results: " }
|
39
|
+
|
40
|
+
context "evaluator" do
|
41
|
+
before { allow_any_instance_of(Resource).to receive(:requests).and_return([]) }
|
42
|
+
|
43
|
+
describe "#matches?" do
|
44
|
+
context "all requests permitted" do
|
45
|
+
let(:results) {{index: true, show: true}}
|
46
|
+
|
47
|
+
specify { expect(matcher.matches?(double)).to be_truthy }
|
48
|
+
end
|
49
|
+
|
50
|
+
context "one of the request is forbidden" do
|
51
|
+
let(:results) {{index: false, show: true}}
|
52
|
+
|
53
|
+
specify { expect(matcher.matches?(double)).to be_falsy }
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
describe "#does_not_match?" do
|
58
|
+
context "all requests forbidden" do
|
59
|
+
let(:results) {{index: false, show: false}}
|
60
|
+
|
61
|
+
specify { expect(matcher.does_not_match?(double)).to be_truthy }
|
62
|
+
end
|
63
|
+
|
64
|
+
context "one of the request is permitted" do
|
65
|
+
let(:results) {{index: false, show: true}}
|
66
|
+
|
67
|
+
specify { expect(matcher.does_not_match?(double)).to be_falsy }
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
|
72
|
+
describe "#method_missing" do
|
73
|
+
context "method not implemented" do
|
74
|
+
specify { expect{ matcher.to_explode }.to raise_error NoMethodError }
|
75
|
+
end
|
76
|
+
|
77
|
+
context "method implemented" do
|
78
|
+
specify { expect{ matcher.to_read }.not_to raise_error }
|
79
|
+
end
|
80
|
+
end
|
81
|
+
end
|
data/spec/rails_helper.rb
CHANGED
@@ -1,12 +1,13 @@
|
|
1
|
-
generate "
|
1
|
+
generate "devise:install"
|
2
|
+
generate "devise user"
|
3
|
+
generate "authorization:install"
|
2
4
|
|
3
5
|
rules = "config/authorization_rules.rb"
|
4
6
|
|
5
7
|
run "mkdir ../../../config"
|
6
8
|
run "ln -s ../spec/.rails/rails-#{Rails::VERSION::STRING}/#{rules} ../../../#{rules}"
|
7
9
|
|
8
|
-
generate "scaffold article --skip-assets --skip-helper"
|
9
|
-
generate "migration AddUserIdToArticles user:references"
|
10
|
+
generate "scaffold article user:references --skip-assets --skip-helper"
|
10
11
|
|
11
12
|
rake "db:migrate"
|
12
13
|
run "bundle exec rake db:migrate RAILS_ENV=test"
|
@@ -15,7 +16,6 @@ first_line = /\A.*/
|
|
15
16
|
last_line = /^.*\Z/
|
16
17
|
|
17
18
|
inject_into_file "app/models/article.rb", %q{
|
18
|
-
belongs_to :user
|
19
19
|
}, after: first_line
|
20
20
|
|
21
21
|
inject_into_file "app/models/user.rb", %q{
|
@@ -28,7 +28,7 @@ inject_into_file "config/authorization_rules.rb", %q{
|
|
28
28
|
end
|
29
29
|
|
30
30
|
role :writer do
|
31
|
-
has_permission_on :articles, to: %i(read create)
|
31
|
+
has_permission_on :articles, to: %i(read create update)
|
32
32
|
end
|
33
33
|
|
34
34
|
role :premium do
|
@@ -40,6 +40,10 @@ inject_into_file "config/authorization_rules.rb", %q{
|
|
40
40
|
end
|
41
41
|
}, after: first_line
|
42
42
|
|
43
|
+
inject_into_file "app/controllers/application_controller.rb", %q{
|
44
|
+
before_action :authenticate_user!
|
45
|
+
}, after: first_line
|
46
|
+
|
43
47
|
inject_into_file "app/controllers/application_controller.rb", %q{
|
44
48
|
def current_user
|
45
49
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rspec-authorization
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Hendra Uzia
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2015-03-20 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: declarative_authorization
|
@@ -31,6 +31,9 @@ dependencies:
|
|
31
31
|
- - "~>"
|
32
32
|
- !ruby/object:Gem::Version
|
33
33
|
version: '3.0'
|
34
|
+
- - "<"
|
35
|
+
- !ruby/object:Gem::Version
|
36
|
+
version: '3.2'
|
34
37
|
type: :runtime
|
35
38
|
prerelease: false
|
36
39
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -38,6 +41,23 @@ dependencies:
|
|
38
41
|
- - "~>"
|
39
42
|
- !ruby/object:Gem::Version
|
40
43
|
version: '3.0'
|
44
|
+
- - "<"
|
45
|
+
- !ruby/object:Gem::Version
|
46
|
+
version: '3.2'
|
47
|
+
- !ruby/object:Gem::Dependency
|
48
|
+
name: appraisal
|
49
|
+
requirement: !ruby/object:Gem::Requirement
|
50
|
+
requirements:
|
51
|
+
- - ">="
|
52
|
+
- !ruby/object:Gem::Version
|
53
|
+
version: '0'
|
54
|
+
type: :development
|
55
|
+
prerelease: false
|
56
|
+
version_requirements: !ruby/object:Gem::Requirement
|
57
|
+
requirements:
|
58
|
+
- - ">="
|
59
|
+
- !ruby/object:Gem::Version
|
60
|
+
version: '0'
|
41
61
|
- !ruby/object:Gem::Dependency
|
42
62
|
name: bundler
|
43
63
|
requirement: !ruby/object:Gem::Requirement
|
@@ -122,17 +142,25 @@ files:
|
|
122
142
|
- ".ruby-version"
|
123
143
|
- ".travis.yml"
|
124
144
|
- ".yardopts"
|
145
|
+
- Appraisals
|
125
146
|
- Gemfile
|
126
147
|
- Guardfile
|
127
148
|
- HISTORY.md
|
128
149
|
- LICENSE.txt
|
129
150
|
- README.md
|
130
151
|
- Rakefile
|
152
|
+
- gemfiles/rails_4.1.9.gemfile
|
153
|
+
- gemfiles/rails_4.1.9.gemfile.lock
|
154
|
+
- gemfiles/rails_4.2.0.gemfile
|
155
|
+
- gemfiles/rails_4.2.0.gemfile.lock
|
131
156
|
- lib/rspec/authorization.rb
|
132
157
|
- lib/rspec/authorization/adapters.rb
|
133
158
|
- lib/rspec/authorization/adapters/example.rb
|
134
159
|
- lib/rspec/authorization/adapters/example_group.rb
|
160
|
+
- lib/rspec/authorization/adapters/privilege.rb
|
135
161
|
- lib/rspec/authorization/adapters/request.rb
|
162
|
+
- lib/rspec/authorization/adapters/resource.rb
|
163
|
+
- lib/rspec/authorization/adapters/restful_helper_method.rb
|
136
164
|
- lib/rspec/authorization/adapters/route.rb
|
137
165
|
- lib/rspec/authorization/matchers.rb
|
138
166
|
- lib/rspec/authorization/matchers/have_permission_for.rb
|
@@ -143,7 +171,10 @@ files:
|
|
143
171
|
- spec/lib/rspec/authorization/adapters/example_group_spec.rb
|
144
172
|
- spec/lib/rspec/authorization/adapters/example_spec.rb
|
145
173
|
- spec/lib/rspec/authorization/adapters/request_spec.rb
|
174
|
+
- spec/lib/rspec/authorization/adapters/resource_spec.rb
|
175
|
+
- spec/lib/rspec/authorization/adapters/restful_helper_method_spec.rb
|
146
176
|
- spec/lib/rspec/authorization/adapters/route_spec.rb
|
177
|
+
- spec/lib/rspec/authorization/matchers/have_permission_for_spec.rb
|
147
178
|
- spec/rails_helper.rb
|
148
179
|
- spec/spec_helper.rb
|
149
180
|
- spec/support/group_test_class.rb
|
@@ -183,7 +214,10 @@ test_files:
|
|
183
214
|
- spec/lib/rspec/authorization/adapters/example_group_spec.rb
|
184
215
|
- spec/lib/rspec/authorization/adapters/example_spec.rb
|
185
216
|
- spec/lib/rspec/authorization/adapters/request_spec.rb
|
217
|
+
- spec/lib/rspec/authorization/adapters/resource_spec.rb
|
218
|
+
- spec/lib/rspec/authorization/adapters/restful_helper_method_spec.rb
|
186
219
|
- spec/lib/rspec/authorization/adapters/route_spec.rb
|
220
|
+
- spec/lib/rspec/authorization/matchers/have_permission_for_spec.rb
|
187
221
|
- spec/rails_helper.rb
|
188
222
|
- spec/spec_helper.rb
|
189
223
|
- spec/support/group_test_class.rb
|