RubyGems - stffn-declarative_authorization - Versions diffs - 0.3.1 → 0.3.2 - Mend

stffn-declarative_authorization 0.3.1 → 0.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

data/lib/declarative_authorization/in_model.rb +1 -1
data/test/model_test.rb +44 -0
metadata +1 -1

data/lib/declarative_authorization/in_model.rb CHANGED

@@ -8,7 +8,7 @@ module Authorization
     # If the user meets the given privilege, permitted_to? returns true
     # and yields to the optional block.
-    def permitted_to? (privilege, options = {} )
+    def permitted_to? (privilege, options = {}, &block)
       options = {
         :user =>  Authorization.current_user,
         :object => self

data/test/model_test.rb CHANGED

@@ -1168,4 +1168,48 @@ class ModelTest < Test::Unit::TestCase
     TestModel.delete_all
     TestAttr.delete_all
   end
+  def test_model_permitted_to
+    reader = Authorization::Reader::DSLReader.new
+    reader.parse %{
+      authorization do
+        role :test_role do
+          has_permission_on :companies, :to => :read do
+            if_attribute :name => "company_1"
+          end
+        end
+      end
+    }
+    Authorization::Engine.instance(reader)
+    user = MockUser.new(:test_role)
+    allowed_read_company = Company.new(:name => 'company_1')
+    prohibited_company = Company.new(:name => 'company_2')
+    assert allowed_read_company.permitted_to?(:read, :user => user)
+    assert !allowed_read_company.permitted_to?(:update, :user => user)
+    assert !prohibited_company.permitted_to?(:read, :user => user)
+    executed_block = false
+    allowed_read_company.permitted_to?(:read, :user => user) do
+      executed_block = true
+    end
+    assert executed_block
+    executed_block = false
+    prohibited_company.permitted_to?(:read, :user => user) do
+      executed_block = true
+    end
+    assert !executed_block
+    assert_nothing_raised do
+      allowed_read_company.permitted_to!(:read, :user => user)
+    end
+    assert_raise Authorization::NotAuthorized do
+      prohibited_company.permitted_to!(:update, :user => user)
+    end
+    assert_raise Authorization::AttributeAuthorizationError do
+      prohibited_company.permitted_to!(:read, :user => user)
+    end
+  end
 end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: stffn-declarative_authorization
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.3.2
 platform: ruby
 authors:
 - Steffen Bartsch