strong_presenter 0.1.0 → 0.2.0

data/lib/strong_presenter/permissions.rb

@@ -2,56 +2,61 @@ module StrongPresenter
   # @private
   #
   #   Storage format:
-  #     The permissions object is shared by collection presenters with its constituent presenters,
-  #     and it is also shared with all of its associations. Each attribute path is stored as an array
-  #     of symbols in a Set. There is one top level presenter - the one which initialized the
-  #     Permissions object.
+  #     Each attribute path is stored as an array of objects, usually strings in a Set. For indifferent access, 
+  #     all symbols are converted to strings.
   #   
-  #     When a presenter checks for permissions, the attribute path relative to the top
-  #     presenter is prepended to each attribute path, and its existence checked in the Set.
-  #
   #     Arguments can also be part of permissions control. They are simply additional elements in the attribute path array,
-  #     and need not be symbols. If they are symbols, there is no way for Permissions to know whether they
-  #     are part of the attribute path, or additional arguments. Only the presenter knows that.
+  #     and need not be strings or symbols. Permitting a string or symbol argument automatically permits both.
+  #
+  #     When checking if paths with tainted strings/elements are permitted, only exact matches are allowed
   class Permissions
 
-    # Checks whether everything is permitted.
-    #
+    def prefix_path
+      @prefix_path || []
+    end
+
+    # Initialize, optionally with link to permitted paths, and the prefix to that (with copy on write semantics)
+    def initialize(permissions = nil, prefix_path = [])
+      unless permissions.nil?
+        @permitted_paths = permissions.permitted_paths
+        @prefix_path = permissions.prefix_path + canonicalize(prefix_path) # copy on write
+      end
+    end
+
+    # Checks whether everything is permitted. Considers :*, which permits all methods
+    # but not association methods to be complete.
     # @return [Boolean]
     def complete?
-      permitted_paths.include? [] and ((@permitted_paths = Set[[]] if permitted_paths.count > 1) or true)
+      permitted? prefix_path + [:*]
     end
 
-    # Permits everything
-    #
+    # Permits wildcard method, but not association methods.
     # @return self
     def permit_all!
-      permitted_paths.clear
-      permitted_paths << []
+      copy_on_write!
+      permitted_paths << [:*]
       self
     end
 
-    # @overload permitted? prefix_path = nil, attribute_path
-    #
     # Checks if the attribute path is permitted. This is the case if
     # any array prefix has been permitted.
-    #
-    # @param [Symbol, Array<Symbol>] prefix_path
-    # @param [Symbol, Array<Symbol,Object>] attribute_path
+    # @param [Object, Array<Object>] prefix_path
+    # @param [Object, Array<Object>] attribute_path
     # @return [Boolean]
-    def permitted? prefix_path, attribute_path = nil
-      raw_permitted? Array(prefix_path), Array(attribute_path)
+    def permitted? attribute_path
+      attribute_path = canonicalize(attribute_path)
+      return true if permitted_paths.include? prefix_path + attribute_path # exact match
+      !path_tainted?(attribute_path) and permitted_by_wildcard?(prefix_path + attribute_path)  # wildcard match only if not tainted
     end
 
     # Selects the attribute paths which are permitted.
-    #
     # @param [Array] prefix_path
     #   namespace in which each of the given attribute paths are in
-    # @param [[Symbol, Array<Symbol,Object>]*] *attribute_paths
+    # @param [[Object, Array<Object>]*] *attribute_paths
     #   each attribute path is a symbol or array of symbols
-    # @return [Array<Symbol, Array<Symbol,Object>>] array of attribute paths permitted
-    def select_permitted prefix_path, *attribute_paths
-      raw_select_permitted Array(prefix_path), nested_array(attribute_paths)
+    # @return [Array<Object, Array<Object>>] array of attribute paths permitted
+    def select_permitted *attribute_paths
+      attribute_paths.select { |attribute_path| permitted?(attribute_path) }
     end
 
     # Rejects the attribute paths which are permitted. Opposite of select_permitted.
@@ -59,38 +64,27 @@ module StrongPresenter
     #
     # @param [Array] prefix_path
     #   namespace in which each of the given attribute paths are in
-    # @param [[Symbol, Array<Symbol,Object>]*] *attribute_paths
-    #   each attribute path is a symbol or array of symbols
-    # @return [Array<Symbol, Array<Symbol,Object>>] array of attribute paths remaining
-    def reject_permitted prefix_path, *attribute_paths
-      raw_reject_permitted Array(prefix_path), nested_array(attribute_paths)
+    # @param [[Object, Array<Object>]*] *attribute_paths
+    #   each attribute path is an object(string) or array
+    # @return [Array<Object, Array<Object>>] array of attribute paths remaining
+    def reject_permitted *attribute_paths
+      attribute_paths.reject { |attribute_path| permitted?(attribute_path) }
     end
 
     # Permits some attribute paths
     #
-    # @param [Array<Symbol>] prefix_path
+    # @param [Array] prefix_path
     #   path to prepend to each attribute path
-    # @param [[Symbol, Array<Symbol,Object>]*] *attribute_paths
-    def permit prefix_path, *attribute_paths
-      prefix_path = Array(prefix_path)
-      # don't permit if already permitted
-      raw_reject_permitted(prefix_path, nested_array(attribute_paths)).each do |attribute_path|
-        permitted_paths << prefix_path + attribute_path
+    # @param [[Object, Array]*] *attribute_paths
+    def permit *attribute_paths
+      copy_on_write!
+      attribute_paths = attribute_paths.map{|path|canonicalize(path).taint} # exact match
+      reject_permitted(*attribute_paths).each do |attribute_path| # don't permit if already permitted
+        permitted_paths << attribute_path # prefix_path = [] because of copy on write
       end
       self
     end
 
-    # Merges the permissions from another Permissions object
-    #
-    # @param [Permissions] permissions
-    # @param [Array<Symbol>] prefix
-    #   prefix to prepend to paths in permissions
-    # @return self
-    def merge permissions, prefix = []
-      permitted_paths.merge permissions.permitted_paths.map{|path| prefix+path} if permissions.is_a? self.class
-      self
-    end
-
     protected
 
     def permitted_paths
@@ -98,40 +92,49 @@ module StrongPresenter
     end
 
     private
-    # We trust path parameters are arrays
-    def raw_permitted? prefix_path, attribute_path = nil # const - does not alter arguments
-      return true if complete?
-      permitted_partial?([], prefix_path + Array(attribute_path))
+    # Is this still referencing another objects permissions?
+    def reference?
+      !@prefix_path.nil?
     end
 
-    def raw_reject_permitted prefix_path, attribute_paths # const - does not alter arguments
-      return [] if raw_permitted? prefix_path
-      attribute_paths.reject do |attribute_path|
-        permitted_partial? prefix_path.dup, attribute_path
+    # Make a copy if this still references something else, since we are planning on writing soon
+    def copy_on_write!
+      if prefix_path == []
+        @permitted_paths = permitted_paths.dup
+      elsif reference?
+        @permitted_paths, old_set = Set.new, permitted_paths
+        old_set.each do |path|
+          @permitted_paths << path[prefix_path.size...path.size] if path[0...prefix_path.size] == prefix_path
+        end
       end
+      @prefix_path = nil
     end
 
-    def raw_select_permitted prefix_path, attribute_paths # const - does not alter arguments
-      return attribute_paths if raw_permitted? prefix_path
-      attribute_paths.select do |attribute_path|
-        permitted_partial? prefix_path.dup, attribute_path
-      end
+    def path_tainted? attribute_path
+      attribute_path.tainted? or attribute_path.any? { |element| element.tainted? }
     end
 
-    # For internal use, checks if permitted explicitly by a subpath of [prefix_path, attribute_partial+]
-    # where attribute_partial is a prefix of at least one symbol from attribute_part
-    # Caution: Will mutate prefix_path
-    def permitted_partial? prefix_path, attribute_path
-      !!Array(attribute_path).detect do |attr|
-        break unless attr.is_a? Symbol
-        prefix_path << attr
-        permitted_paths.include? prefix_path
+    # Caution: Will mutate path
+    def permitted_by_wildcard? path
+      unless path.empty?
+        path[-1] = :*
+        return true if permitted_paths.include? path
+      end
+      until path.empty?
+        path[-1] = :**
+        return true if permitted_paths.include? path
+        path.pop
       end
+      false
     end
 
-    # Ensures that every array element is an array
-    def nested_array array
-      array.map{|e|Array(e)}
+    # Converts symbols to strings (except for wildcard symbol)
+    def canonicalize array
+      array = Array(array)
+      canonical_array = array.map{|e|e.is_a?(Symbol) ? e.to_s : e}
+      canonical_array[-1] = array.last if [:*, :**].include? array.last
+      canonical_array.taint if array.tainted?
+      canonical_array
     end
 
   end

data/lib/strong_presenter/presenter.rb

@@ -84,6 +84,7 @@ module StrongPresenter
     #
     def presents *attributes
       select_permitted(*attributes).map do |args|
+        args = Array(args)
         obj = self # drill into associations
         while (args.size > 1) && self.class.send(:presenter_associations).include?(args[0]) do
           obj = obj.public_send args.slice!(0)
@@ -146,7 +147,7 @@ module StrongPresenter
 
       def set_presenter_collection
         collection_presenter = get_collection_presenter
-        const_set "Collection", collection_presenter unless const_defined?("Collection")
+        const_set "Collection", collection_presenter # will overwrite if constant only defined in superclass
       end
 
       private
@@ -174,8 +175,6 @@ module StrongPresenter
       # Checks whether this presenter class has a corresponding {object_class}.
       def object_class?
         !!(@object_class ||= Inferrer.new(name).chomp("Presenter").inferred_class)
-      rescue NameError
-        false
       end
 
       # Sets the model presented by the class

data/lib/strong_presenter/presenter_helper_constructor.rb

@@ -54,7 +54,7 @@ module StrongPresenter
 
     # wrap model with presenter and return
     def wrapped_object(controller)
-      factory.wrap(controller.send :instance_variable_get, @object) { |presenter| self.instance_exec presenter, &block }
+      factory.wrap(controller.send :instance_variable_get, @object) { |presenter| self.instance_exec presenter, &block unless block.nil? }
     end
   end
 end

data/lib/strong_presenter/version.rb

@@ -1,3 +1,3 @@
 module StrongPresenter
-  VERSION = "0.1.0"
+  VERSION = "0.2.0"
 end

data/spec/dummy/app/controllers/posts_controller.rb

@@ -1,7 +1,7 @@
 class PostsController < ApplicationController
   presents :post, :with => StrongPresenter::Presenter, :only => :show
   presents :post, :with => PostPresenter, :only => :show do |presenter|
-    presenter.permit(:permit_to_present, :peek_a_boo)
+    presenter.permit!(:permit_to_present, :peek_a_boo)
   end
   presents :post, :with => StrongPresenter::Presenter, :only => [:index]
   presents :post, :with => StrongPresenter::Presenter, :except => [:show, :new]

data/spec/dummy/app/mailers/post_mailer.rb

@@ -6,7 +6,7 @@ class PostMailer < ApplicationMailer
   helper :application
 
   def presented_email(post)
-    @post = PostPresenter.new(post).permit!
+    @post = PostPresenter.new(post).permit_all!
     mail to: "to@example.com", subject: "A presented post"
   end
 

data/spec/strong_presenter/associable_spec.rb

@@ -7,12 +7,10 @@ module StrongPresenter
       protect_class ProductPresenter
 
       before(:each) do
-        class Manufacturer < Model
-          def name; "Factory"; end
-        end
-        class ManufacturerPresenter < StrongPresenter::Presenter
-          def name(*args); "Presented #{object.name}#{(args+[""])[0]}"; end
-        end
+        stub_const('Manufacturer', Class.new(Model))
+        Manufacturer.send(:define_method, :name) {"Factory"}
+        stub_const('ManufacturerPresenter', Class.new(StrongPresenter::Presenter))
+        ManufacturerPresenter.send(:define_method, :name) { |*args| "Presented #{object.name}#{(args+[""])[0]}" }
         Product.send(:define_method, :manufacturer) { @manufacturer ||= Manufacturer.new }
         Product.send(:define_method, :name) { "Product" }
         ProductPresenter.presents_association :manufacturer
@@ -25,10 +23,10 @@ module StrongPresenter
         expect(@product_presenter.manufacturer.name).to eq "Presented Factory"
       end
 
-      it 'does not allow presenting without permit' do
+      it 'does not allow presenting without permit!' do
         expect(@product_presenter.presents :manufacturer).to be_empty
         expect(@product_presenter.presents [:manufacturer, :name]).to be_empty
-        @product_presenter.permit :name
+        @product_presenter.permit! :name
         expect(@product_presenter.presents [:manufacturer, :name]).to be_empty
       end
 
@@ -36,21 +34,23 @@ module StrongPresenter
         expect(@product_presenter.manufacturer.presents :name).to be_empty
       end
 
-      context 'with association permitted' do
+      context 'with association methods permitted' do
         before(:each) do
-          @product_presenter.permit :manufacturer
+          @product_presenter.permit! [:manufacturer, :*]
         end
 
-        it 'allows presenting association' do
+        it 'allows presenting association if exact match' do
+          expect(@product_presenter.present(:manufacturer)).to be_nil
+          @product_presenter.permit! :manufacturer
           expect(@product_presenter.present(:manufacturer).class).to be ManufacturerPresenter
         end
 
-        it 'allows presenting association attributes' do
+        it 'allows presenting association methods' do
           expect(@product_presenter.present [:manufacturer, :name]).to eq "Presented Factory"
         end
 
-        it 'allows presenting association attributes with arguments' do
-          expect(@product_presenter.present [:manufacturer, :name, " arg"]).to eq "Presented Factory arg"
+        it 'cannot present method with arguments' do
+          expect(@product_presenter.present [:manufacturer, :name, " arg"]).to be_nil
         end
 
         it 'allows presenting from association' do
@@ -59,19 +59,41 @@ module StrongPresenter
       end
 
       it 'rejects full path from association' do
-        @product_presenter.permit [:manufacturer, :name]
+        @product_presenter.permit! [:manufacturer, :name]
         expect(@product_presenter.manufacturer.presents [:manufacturer, :name]).to be_empty
       end
     end
 
+    context 'with missing constants' do
+      protect_class Product
+      protect_class ProductPresenter
+
+      it 'can declare association without ActiveRecord' do
+        hide_const('ActiveRecord')
+        Product.send(:define_method, :inverse) { @inverse ||= Product.new }
+        ProductPresenter.presents_association :inverse
+        @product_presenter = ProductPresenter.new(Product.new)
+        expect(@product_presenter.inverse.class).to be ProductPresenter
+      end
+
+      it 'can declare association with empty ActiveRecord' do
+        stub_const('ActiveRecord', Module.new)
+        Product.send(:define_method, :inverse) { @inverse ||= Product.new }
+        ProductPresenter.presents_association :inverse
+        @product_presenter = ProductPresenter.new(Product.new)
+        expect(@product_presenter.inverse.class).to be ProductPresenter
+      end
+    end
+
     context 'with CollectionPresenter' do
       protect_class Product
       protect_class ProductPresenter
       before(:each) do
+        stub_const('ProductList', Class.new(Model))
         Product.send(:define_method, :initialize) { |name| @name = name }
         Product.send(:attr_reader, :name)
         ProductPresenter.send(:define_method, :name) { object.name }
-        class ProductList < Model
+        class ProductList
           attr_accessor :products
           def initialize; @products = [Product.new("X"), Product.new("Y"), Product.new("Z")]; end
         end
@@ -104,19 +126,176 @@ module StrongPresenter
         expect(presenter.wheels.class).to be WheelPresenter::Collection
       end
 
-      it 'infers presenter of polymorphic association repeatedly' do
+      it 'cannot infer without presenter' do
+        hide_const('WheelPresenter')
+        CarPresenter.presents_association :wheels
+
+        car = Car.new
+        car.wheels << Wheel.new
+        presenter = CarPresenter.new(car)
+        expect(presenter.wheels.class).to be StrongPresenter::CollectionPresenter
+        expect{presenter.wheels[0]}.to raise_error StrongPresenter::UninferrablePresenterError
+      end
+
+      it 'infers collection presenter on factory construction' do
+        hide_const('WheelPresenter')
+        stub_const('WheelsPresenter', Class.new(StrongPresenter::CollectionPresenter))
+        WheelsPresenter.send(:define_method, :number_of){object.size}
+        CarPresenter.presents_association :wheels
+
+        car = Car.new
+        car.wheels = [Wheel.new, Wheel.new, Wheel.new]
+        presenter = CarPresenter.new(car)
+        expect(presenter.wheels.class).to be WheelsPresenter
+        expect(presenter.wheels.number_of).to be 3
+      end
+
+      it 'infers presenter of polymorphic association' do
         WheelPresenter.presents_association :vehicle
 
         wheel = Wheel.new
         wheel.vehicle = Car.new
         presenter = WheelPresenter.new(wheel)
         expect(presenter.vehicle.class).to be CarPresenter
+      end
 
-        # if presenter.vehicle is cached, the next example will be incorrect
+      it 'infers new association after reload' do
+        WheelPresenter.presents_association :vehicle
+        wheel = Wheel.new
+        wheel.vehicle = Car.new
+        presenter = WheelPresenter.new(wheel)
+        presenter.vehicle
         wheel.vehicle = Wheel.new
+        expect(presenter.vehicle.class).to be CarPresenter
+        expect(presenter.reload!.vehicle.class).to be WheelPresenter
         expect(presenter.vehicle.class).to be WheelPresenter
       end
     end
+
+    describe 'without suitable presenter' do
+      protect_class Product
+      it 'throws uninferrable presenter' do
+        Product.send(:attr_accessor, :string)
+        ProductPresenter.presents_association :string
+        Product.send(:define_method, :initialize) { self.string = "String"}
+        
+        presenter = ProductPresenter.new(Product.new)
+        expect{presenter.string}.to raise_error(StrongPresenter::UninferrablePresenterError)
+      end
+    end
+
+    describe 'Permissible' do
+      protect_class Product
+      protect_class ProductPresenter
+      before (:each) do
+        Product.send(:attr_accessor, :name, :description, :price, :subproducts, :other)
+        Product.send(:define_method, :initialize) do |name, description = "Description", price = 1, subproducts = []|
+          self.name = name
+          self.description = description
+          self.price = price
+          self.subproducts = Array(subproducts)
+          self.other = Wheel.new
+        end
+        ProductPresenter.presents_association :subproducts
+        ProductPresenter.presents_association :other
+        ProductPresenter.delegate :name, :description, :price
+        @product = Product.new("Main", "I, Main", 4.2, [Product.new("Sub A", "Small", 8), Product.new("Component B")])
+        @product_presenter = ProductPresenter.new(@product)
+      end
+
+      it 'collection association inherits permissions' do
+        @product_presenter.permit! [:subproducts, :name]
+        expect(@product_presenter.subproducts.select_permitted(:name, :price)).to eq [:name]
+      end
+
+      it 'association inherits permissions' do
+        @product_presenter.permit! [:other, :stuff]
+        expect(@product_presenter.other.select_permitted(:other, :stuff)).to eq [:stuff]
+      end
+
+      it 'collection item inherits permissions' do
+        @product_presenter.permit! [:subproducts, :name]
+        expect(@product_presenter.subproducts[0].presents(:name, :price)).to eq ["Sub A"]
+      end
+
+      it 'forwards permit to associations' do
+        other_presenter = @product_presenter.other
+        @product_presenter.permit! [:other, :stuff]
+        expect(other_presenter.select_permitted(:other, :stuff)).to eq [:stuff]
+      end
+
+      it 'forwards permit to association collection items' do
+        subproduct_presenter = @product_presenter.subproducts[0]
+        @product_presenter.permit! [:subproducts, :name]
+        expect(subproduct_presenter.presents(:name, :price)).to eq ["Sub A"]
+      end
+
+      it 'does not feed permissions to siblings' do
+        @product_presenter.subproducts[0].permit! :name
+        expect(@product_presenter.subproducts[0].presents(:name, :price)).to eq ["Sub A"]
+        expect(@product_presenter.subproducts[1].presents(:name, :price)).to be_empty
+      end
+
+      it 'appears to clear permissions on reload' do
+        @product_presenter.subproducts[0].permit! :name
+        expect(@product_presenter.reload!.subproducts[0].presents(:name, :price)).to be_empty
+      end
+
+      it 'can add to association permissions' do
+        @product_presenter.permit! [:subproducts, :name]
+        @product_presenter.subproducts[0].permit! :price
+        expect(@product_presenter.subproducts[0].presents(:name, :price)).to eq ["Sub A", 8]
+      end
+
+      it 'can add to collection permissions' do
+        @product_presenter.permit! [:subproducts, :name]
+        @product_presenter.subproducts.permit! :description
+        expect(@product_presenter.subproducts[0].presents(:name, :price, :description)).to eq ["Sub A", "Small"]
+      end
+
+      it 'can add to item permissions' do
+        @product_presenter.subproducts.permit! :description
+        @product_presenter.subproducts[0].permit! :price
+        expect(@product_presenter.subproducts[0].presents(:name, :price, :description)).to eq [8, "Small"]
+        expect(@product_presenter.subproducts[1].presents(:name, :price, :description)).to eq ["Description"]
+      end
+
+      it 'adds propagated permissions' do
+        @product_presenter.subproducts[0].permit! :price
+        @product_presenter.permit! [:subproducts, :name]
+        expect(@product_presenter.subproducts[0].presents(:name, :price, :description)).to eq ["Sub A", 8]
+      end
+
+      it 'propagates double wildcard' do
+        @product_presenter.subproducts[0].permit! :price
+        @product_presenter.permit! :**
+        expect(@product_presenter.subproducts[0].presents(:name, "price", :description)).to eq ["Sub A", 8, "Small"]
+      end
+
+      it 'does not propagate single wildcard' do
+        @product_presenter.subproducts[0].permit! :price
+        @product_presenter.permit! :*
+        expect(@product_presenter.subproducts[0].presents(:name, :price, :description)).to eq [8]
+      end
+
+      it 'can propagate string path to collection' do
+        @product_presenter.subproducts.permit! :price
+        @product_presenter.permit! ["subproducts", "name"]
+        expect(@product_presenter.subproducts[0].presents(:name, :price, :description)).to eq ["Sub A", 8]
+      end
+
+      it 'propagates wildcard ending' do
+        @product_presenter.subproducts[0].permit! :price
+        @product_presenter.permit! [:subproducts, :*]
+        expect(@product_presenter.subproducts[0].presents(:name, "price", :description)).to eq ["Sub A", 8, "Small"]
+      end
+
+      it 'handles taint with mixture of wildcard and exact matches' do
+        @product_presenter.subproducts[0].permit! :price
+        @product_presenter.permit! [:subproducts, :*]
+        expect(@product_presenter.subproducts[0].presents(:name, "price".taint, "description".taint)).to eq ["Sub A", 8]
+      end
+    end
   end
 end