stffn-declarative_authorization 0.3.1 → 0.3.2
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/declarative_authorization/in_model.rb +1 -1
- data/test/model_test.rb +44 -0
- metadata +1 -1
|
@@ -8,7 +8,7 @@ module Authorization
|
|
|
8
8
|
|
|
9
9
|
# If the user meets the given privilege, permitted_to? returns true
|
|
10
10
|
# and yields to the optional block.
|
|
11
|
-
def permitted_to? (privilege, options = {} )
|
|
11
|
+
def permitted_to? (privilege, options = {}, &block)
|
|
12
12
|
options = {
|
|
13
13
|
:user => Authorization.current_user,
|
|
14
14
|
:object => self
|
data/test/model_test.rb
CHANGED
|
@@ -1168,4 +1168,48 @@ class ModelTest < Test::Unit::TestCase
|
|
|
1168
1168
|
TestModel.delete_all
|
|
1169
1169
|
TestAttr.delete_all
|
|
1170
1170
|
end
|
|
1171
|
+
|
|
1172
|
+
def test_model_permitted_to
|
|
1173
|
+
reader = Authorization::Reader::DSLReader.new
|
|
1174
|
+
reader.parse %{
|
|
1175
|
+
authorization do
|
|
1176
|
+
role :test_role do
|
|
1177
|
+
has_permission_on :companies, :to => :read do
|
|
1178
|
+
if_attribute :name => "company_1"
|
|
1179
|
+
end
|
|
1180
|
+
end
|
|
1181
|
+
end
|
|
1182
|
+
}
|
|
1183
|
+
Authorization::Engine.instance(reader)
|
|
1184
|
+
|
|
1185
|
+
user = MockUser.new(:test_role)
|
|
1186
|
+
allowed_read_company = Company.new(:name => 'company_1')
|
|
1187
|
+
prohibited_company = Company.new(:name => 'company_2')
|
|
1188
|
+
|
|
1189
|
+
assert allowed_read_company.permitted_to?(:read, :user => user)
|
|
1190
|
+
assert !allowed_read_company.permitted_to?(:update, :user => user)
|
|
1191
|
+
assert !prohibited_company.permitted_to?(:read, :user => user)
|
|
1192
|
+
|
|
1193
|
+
executed_block = false
|
|
1194
|
+
allowed_read_company.permitted_to?(:read, :user => user) do
|
|
1195
|
+
executed_block = true
|
|
1196
|
+
end
|
|
1197
|
+
assert executed_block
|
|
1198
|
+
|
|
1199
|
+
executed_block = false
|
|
1200
|
+
prohibited_company.permitted_to?(:read, :user => user) do
|
|
1201
|
+
executed_block = true
|
|
1202
|
+
end
|
|
1203
|
+
assert !executed_block
|
|
1204
|
+
|
|
1205
|
+
assert_nothing_raised do
|
|
1206
|
+
allowed_read_company.permitted_to!(:read, :user => user)
|
|
1207
|
+
end
|
|
1208
|
+
assert_raise Authorization::NotAuthorized do
|
|
1209
|
+
prohibited_company.permitted_to!(:update, :user => user)
|
|
1210
|
+
end
|
|
1211
|
+
assert_raise Authorization::AttributeAuthorizationError do
|
|
1212
|
+
prohibited_company.permitted_to!(:read, :user => user)
|
|
1213
|
+
end
|
|
1214
|
+
end
|
|
1171
1215
|
end
|