rspec-authorization 0.0.2 → 0.0.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +3 -0
- data/Appraisals +7 -0
- data/Gemfile +9 -5
- data/HISTORY.md +20 -1
- data/README.md +28 -3
- data/gemfiles/rails_4.1.9.gemfile +28 -0
- data/gemfiles/rails_4.1.9.gemfile.lock +234 -0
- data/gemfiles/rails_4.2.0.gemfile +28 -0
- data/gemfiles/rails_4.2.0.gemfile.lock +260 -0
- data/lib/rspec/authorization/adapters.rb +3 -0
- data/lib/rspec/authorization/adapters/privilege.rb +14 -0
- data/lib/rspec/authorization/adapters/request.rb +4 -1
- data/lib/rspec/authorization/adapters/resource.rb +58 -0
- data/lib/rspec/authorization/adapters/restful_helper_method.rb +137 -0
- data/lib/rspec/authorization/matchers/have_permission_for.rb +93 -70
- data/lib/rspec/authorization/version.rb +1 -1
- data/rspec-authorization.gemspec +2 -1
- data/spec/controllers/articles_controller_spec.rb +3 -11
- data/spec/lib/rspec/authorization/adapters/resource_spec.rb +102 -0
- data/spec/lib/rspec/authorization/adapters/restful_helper_method_spec.rb +151 -0
- data/spec/lib/rspec/authorization/matchers/have_permission_for_spec.rb +81 -0
- data/spec/rails_helper.rb +1 -0
- data/tools/rails_test_app/template.rb +9 -5
- metadata +36 -2
@@ -0,0 +1,81 @@
|
|
1
|
+
require 'rails_helper'
|
2
|
+
|
3
|
+
include RSpec::Authorization::Adapters
|
4
|
+
include RSpec::Authorization::Matchers::HavePermissionFor
|
5
|
+
|
6
|
+
describe HavePermissionFor do
|
7
|
+
let(:role) { :user }
|
8
|
+
let(:action) { :index }
|
9
|
+
let(:klass) { ArticlesController }
|
10
|
+
let(:results) { {action => false} }
|
11
|
+
let(:matcher) { HavePermissionFor.new(role) }
|
12
|
+
|
13
|
+
let(:privilege) do
|
14
|
+
Privilege.new(
|
15
|
+
actions: [action],
|
16
|
+
negated_actions: [],
|
17
|
+
role: role,
|
18
|
+
controller_class: klass
|
19
|
+
)
|
20
|
+
end
|
21
|
+
|
22
|
+
let(:resource) do
|
23
|
+
r = Resource.new(privilege)
|
24
|
+
allow(r).to receive(:controller_class).and_return(klass)
|
25
|
+
r
|
26
|
+
end
|
27
|
+
|
28
|
+
before do
|
29
|
+
allow_any_instance_of(Resource).to receive(:results).and_return(results)
|
30
|
+
allow(matcher).to receive(:resource).and_return(resource)
|
31
|
+
end
|
32
|
+
|
33
|
+
subject { matcher.to(action) }
|
34
|
+
|
35
|
+
its(:role) { is_expected.to eq role }
|
36
|
+
its(:description) { is_expected.to eq "have permission for #{role} to #{matcher.action}" }
|
37
|
+
its(:failure_message) { is_expected.to eq "Expected #{klass} to have permission for #{role} to #{matcher.action}. results: #{results}, negated_results: " }
|
38
|
+
its(:failure_message_when_negated) { is_expected.to eq "Did not expect #{klass} to have permission for #{role} to #{matcher.action}. results: #{results}, negated_results: " }
|
39
|
+
|
40
|
+
context "evaluator" do
|
41
|
+
before { allow_any_instance_of(Resource).to receive(:requests).and_return([]) }
|
42
|
+
|
43
|
+
describe "#matches?" do
|
44
|
+
context "all requests permitted" do
|
45
|
+
let(:results) {{index: true, show: true}}
|
46
|
+
|
47
|
+
specify { expect(matcher.matches?(double)).to be_truthy }
|
48
|
+
end
|
49
|
+
|
50
|
+
context "one of the request is forbidden" do
|
51
|
+
let(:results) {{index: false, show: true}}
|
52
|
+
|
53
|
+
specify { expect(matcher.matches?(double)).to be_falsy }
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
describe "#does_not_match?" do
|
58
|
+
context "all requests forbidden" do
|
59
|
+
let(:results) {{index: false, show: false}}
|
60
|
+
|
61
|
+
specify { expect(matcher.does_not_match?(double)).to be_truthy }
|
62
|
+
end
|
63
|
+
|
64
|
+
context "one of the request is permitted" do
|
65
|
+
let(:results) {{index: false, show: true}}
|
66
|
+
|
67
|
+
specify { expect(matcher.does_not_match?(double)).to be_falsy }
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
|
72
|
+
describe "#method_missing" do
|
73
|
+
context "method not implemented" do
|
74
|
+
specify { expect{ matcher.to_explode }.to raise_error NoMethodError }
|
75
|
+
end
|
76
|
+
|
77
|
+
context "method implemented" do
|
78
|
+
specify { expect{ matcher.to_read }.not_to raise_error }
|
79
|
+
end
|
80
|
+
end
|
81
|
+
end
|
data/spec/rails_helper.rb
CHANGED
@@ -1,12 +1,13 @@
|
|
1
|
-
generate "
|
1
|
+
generate "devise:install"
|
2
|
+
generate "devise user"
|
3
|
+
generate "authorization:install"
|
2
4
|
|
3
5
|
rules = "config/authorization_rules.rb"
|
4
6
|
|
5
7
|
run "mkdir ../../../config"
|
6
8
|
run "ln -s ../spec/.rails/rails-#{Rails::VERSION::STRING}/#{rules} ../../../#{rules}"
|
7
9
|
|
8
|
-
generate "scaffold article --skip-assets --skip-helper"
|
9
|
-
generate "migration AddUserIdToArticles user:references"
|
10
|
+
generate "scaffold article user:references --skip-assets --skip-helper"
|
10
11
|
|
11
12
|
rake "db:migrate"
|
12
13
|
run "bundle exec rake db:migrate RAILS_ENV=test"
|
@@ -15,7 +16,6 @@ first_line = /\A.*/
|
|
15
16
|
last_line = /^.*\Z/
|
16
17
|
|
17
18
|
inject_into_file "app/models/article.rb", %q{
|
18
|
-
belongs_to :user
|
19
19
|
}, after: first_line
|
20
20
|
|
21
21
|
inject_into_file "app/models/user.rb", %q{
|
@@ -28,7 +28,7 @@ inject_into_file "config/authorization_rules.rb", %q{
|
|
28
28
|
end
|
29
29
|
|
30
30
|
role :writer do
|
31
|
-
has_permission_on :articles, to: %i(read create)
|
31
|
+
has_permission_on :articles, to: %i(read create update)
|
32
32
|
end
|
33
33
|
|
34
34
|
role :premium do
|
@@ -40,6 +40,10 @@ inject_into_file "config/authorization_rules.rb", %q{
|
|
40
40
|
end
|
41
41
|
}, after: first_line
|
42
42
|
|
43
|
+
inject_into_file "app/controllers/application_controller.rb", %q{
|
44
|
+
before_action :authenticate_user!
|
45
|
+
}, after: first_line
|
46
|
+
|
43
47
|
inject_into_file "app/controllers/application_controller.rb", %q{
|
44
48
|
def current_user
|
45
49
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rspec-authorization
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Hendra Uzia
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2015-03-20 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: declarative_authorization
|
@@ -31,6 +31,9 @@ dependencies:
|
|
31
31
|
- - "~>"
|
32
32
|
- !ruby/object:Gem::Version
|
33
33
|
version: '3.0'
|
34
|
+
- - "<"
|
35
|
+
- !ruby/object:Gem::Version
|
36
|
+
version: '3.2'
|
34
37
|
type: :runtime
|
35
38
|
prerelease: false
|
36
39
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -38,6 +41,23 @@ dependencies:
|
|
38
41
|
- - "~>"
|
39
42
|
- !ruby/object:Gem::Version
|
40
43
|
version: '3.0'
|
44
|
+
- - "<"
|
45
|
+
- !ruby/object:Gem::Version
|
46
|
+
version: '3.2'
|
47
|
+
- !ruby/object:Gem::Dependency
|
48
|
+
name: appraisal
|
49
|
+
requirement: !ruby/object:Gem::Requirement
|
50
|
+
requirements:
|
51
|
+
- - ">="
|
52
|
+
- !ruby/object:Gem::Version
|
53
|
+
version: '0'
|
54
|
+
type: :development
|
55
|
+
prerelease: false
|
56
|
+
version_requirements: !ruby/object:Gem::Requirement
|
57
|
+
requirements:
|
58
|
+
- - ">="
|
59
|
+
- !ruby/object:Gem::Version
|
60
|
+
version: '0'
|
41
61
|
- !ruby/object:Gem::Dependency
|
42
62
|
name: bundler
|
43
63
|
requirement: !ruby/object:Gem::Requirement
|
@@ -122,17 +142,25 @@ files:
|
|
122
142
|
- ".ruby-version"
|
123
143
|
- ".travis.yml"
|
124
144
|
- ".yardopts"
|
145
|
+
- Appraisals
|
125
146
|
- Gemfile
|
126
147
|
- Guardfile
|
127
148
|
- HISTORY.md
|
128
149
|
- LICENSE.txt
|
129
150
|
- README.md
|
130
151
|
- Rakefile
|
152
|
+
- gemfiles/rails_4.1.9.gemfile
|
153
|
+
- gemfiles/rails_4.1.9.gemfile.lock
|
154
|
+
- gemfiles/rails_4.2.0.gemfile
|
155
|
+
- gemfiles/rails_4.2.0.gemfile.lock
|
131
156
|
- lib/rspec/authorization.rb
|
132
157
|
- lib/rspec/authorization/adapters.rb
|
133
158
|
- lib/rspec/authorization/adapters/example.rb
|
134
159
|
- lib/rspec/authorization/adapters/example_group.rb
|
160
|
+
- lib/rspec/authorization/adapters/privilege.rb
|
135
161
|
- lib/rspec/authorization/adapters/request.rb
|
162
|
+
- lib/rspec/authorization/adapters/resource.rb
|
163
|
+
- lib/rspec/authorization/adapters/restful_helper_method.rb
|
136
164
|
- lib/rspec/authorization/adapters/route.rb
|
137
165
|
- lib/rspec/authorization/matchers.rb
|
138
166
|
- lib/rspec/authorization/matchers/have_permission_for.rb
|
@@ -143,7 +171,10 @@ files:
|
|
143
171
|
- spec/lib/rspec/authorization/adapters/example_group_spec.rb
|
144
172
|
- spec/lib/rspec/authorization/adapters/example_spec.rb
|
145
173
|
- spec/lib/rspec/authorization/adapters/request_spec.rb
|
174
|
+
- spec/lib/rspec/authorization/adapters/resource_spec.rb
|
175
|
+
- spec/lib/rspec/authorization/adapters/restful_helper_method_spec.rb
|
146
176
|
- spec/lib/rspec/authorization/adapters/route_spec.rb
|
177
|
+
- spec/lib/rspec/authorization/matchers/have_permission_for_spec.rb
|
147
178
|
- spec/rails_helper.rb
|
148
179
|
- spec/spec_helper.rb
|
149
180
|
- spec/support/group_test_class.rb
|
@@ -183,7 +214,10 @@ test_files:
|
|
183
214
|
- spec/lib/rspec/authorization/adapters/example_group_spec.rb
|
184
215
|
- spec/lib/rspec/authorization/adapters/example_spec.rb
|
185
216
|
- spec/lib/rspec/authorization/adapters/request_spec.rb
|
217
|
+
- spec/lib/rspec/authorization/adapters/resource_spec.rb
|
218
|
+
- spec/lib/rspec/authorization/adapters/restful_helper_method_spec.rb
|
186
219
|
- spec/lib/rspec/authorization/adapters/route_spec.rb
|
220
|
+
- spec/lib/rspec/authorization/matchers/have_permission_for_spec.rb
|
187
221
|
- spec/rails_helper.rb
|
188
222
|
- spec/spec_helper.rb
|
189
223
|
- spec/support/group_test_class.rb
|