strongbolt 0.3.12 → 0.3.13

data/spec/strongbolt/user_abilities_multiple_tenants_spec.rb

@@ -1,21 +1,20 @@
-require "spec_helper"
+require 'spec_helper'
 
 describe Strongbolt::UserAbilities do
-
   before(:all) do
-    define_model "TenantA" do
-      self.table_name = "tenant_a"
+    define_model 'TenantA' do
+      self.table_name = 'tenant_a'
 
       has_many :model_with_tenant
     end
-    define_model "TenantB" do
-      self.table_name = "tenant_b"
+    define_model 'TenantB' do
+      self.table_name = 'tenant_b'
 
       has_many :model_with_tenant
     end
 
-    define_model "ModelWithTenant" do
-      self.table_name = "model_with_tenants"
+    define_model 'ModelWithTenant' do
+      self.table_name = 'model_with_tenants'
 
       belongs_to :tenant_a
       belongs_to :tenant_b
@@ -30,7 +29,6 @@ describe Strongbolt::UserAbilities do
     Strongbolt::Configuration.tenants = []
   end
 
-
   #
   # Creates some fixtures for the tests here
   #
@@ -50,44 +48,41 @@ describe Strongbolt::UserAbilities do
     @tenanted_model2 = ModelWithTenant.create! tenant_a: @tenant_a
     @tenanted_model3 = ModelWithTenant.create! tenant_b: @tenant_b
 
-    @group = Strongbolt::UserGroup.create! name: "Normal"
+    @group = Strongbolt::UserGroup.create! name: 'Normal'
     @group.users << @user1
     @group.users << @user2
     @group.users << @user3
 
-    @role = @group.roles.create! name: "Normal"
-    @role.capabilities.create! model: "User", action: "update", require_ownership: true
-    @role.capabilities.create! model: "ModelWithTenant", action: "find", require_tenant_access: true
+    @role = @group.roles.create! name: 'Normal'
+    @role.capabilities.create! model: 'User', action: 'update', require_ownership: true
+    @role.capabilities.create! model: 'ModelWithTenant', action: 'find', require_tenant_access: true
   end
 
-
-
   #
   # Has access to tenants?
   #
-  describe "has_access_to_tenants?" do
+  describe 'has_access_to_tenants?' do
     before { create_fixtures }
 
-    it "should be true when model is tenant" do
-      expect(@user1.send :has_access_to_tenants?, @tenant_a).to eq true
-      expect(@user1.send :has_access_to_tenants?, @tenant_b).to eq true
-      expect(@user2.send :has_access_to_tenants?, @tenant_a).to eq true
-      expect(@user2.send :has_access_to_tenants?, @tenant_b).to eq false
-      expect(@user3.send :has_access_to_tenants?, @tenant_a).to eq false
-      expect(@user3.send :has_access_to_tenants?, @tenant_b).to eq true
+    it 'should be true when model is tenant' do
+      expect(@user1.send(:has_access_to_tenants?, @tenant_a)).to eq true
+      expect(@user1.send(:has_access_to_tenants?, @tenant_b)).to eq true
+      expect(@user2.send(:has_access_to_tenants?, @tenant_a)).to eq true
+      expect(@user2.send(:has_access_to_tenants?, @tenant_b)).to eq false
+      expect(@user3.send(:has_access_to_tenants?, @tenant_a)).to eq false
+      expect(@user3.send(:has_access_to_tenants?, @tenant_b)).to eq true
     end
 
-    it "should be true when model is first child" do
-      expect(@user1.send :has_access_to_tenants?, @tenanted_model1).to eq true
-      expect(@user1.send :has_access_to_tenants?, @tenanted_model2).to eq true
-      expect(@user1.send :has_access_to_tenants?, @tenanted_model3).to eq true
-      expect(@user2.send :has_access_to_tenants?, @tenanted_model1).to eq true
-      expect(@user2.send :has_access_to_tenants?, @tenanted_model2).to eq true
-      expect(@user2.send :has_access_to_tenants?, @tenanted_model3).to eq false
-      expect(@user3.send :has_access_to_tenants?, @tenanted_model1).to eq true
-      expect(@user3.send :has_access_to_tenants?, @tenanted_model2).to eq false
-      expect(@user3.send :has_access_to_tenants?, @tenanted_model3).to eq true
+    it 'should be true when model is first child' do
+      expect(@user1.send(:has_access_to_tenants?, @tenanted_model1)).to eq true
+      expect(@user1.send(:has_access_to_tenants?, @tenanted_model2)).to eq true
+      expect(@user1.send(:has_access_to_tenants?, @tenanted_model3)).to eq true
+      expect(@user2.send(:has_access_to_tenants?, @tenanted_model1)).to eq true
+      expect(@user2.send(:has_access_to_tenants?, @tenanted_model2)).to eq true
+      expect(@user2.send(:has_access_to_tenants?, @tenanted_model3)).to eq false
+      expect(@user3.send(:has_access_to_tenants?, @tenanted_model1)).to eq true
+      expect(@user3.send(:has_access_to_tenants?, @tenanted_model2)).to eq false
+      expect(@user3.send(:has_access_to_tenants?, @tenanted_model3)).to eq true
     end
   end
-
 end

data/spec/strongbolt/user_abilities_spec.rb

@@ -1,21 +1,20 @@
-require "spec_helper"
+require 'spec_helper'
 
 describe Strongbolt::UserAbilities do
-
   before(:all) do
     #
     # This is a very basic schema that allows having a model,
     # ChildModel, being tenanted by Model
     #
-    define_model "TenantModel" do
-      self.table_name = "models"
+    define_model 'TenantModel' do
+      self.table_name = 'models'
 
       has_many :owned_models, foreign_key: :parent_id
       belongs_to :unowned_model, foreign_key: :parent_id
     end
 
-    define_model "OwnedModel" do
-      self.table_name = "child_models"
+    define_model 'OwnedModel' do
+      self.table_name = 'child_models'
 
       belongs_to :user, foreign_key: :model_id
       belongs_to :tenant_model, foreign_key: :parent_id
@@ -25,22 +24,22 @@ describe Strongbolt::UserAbilities do
       validates :tenant_model, presence: true
     end
 
-    define_model "ChildModel" do
-      self.table_name = "model_models"
+    define_model 'ChildModel' do
+      self.table_name = 'model_models'
 
       belongs_to :owned_model, foreign_key: :parent_id
     end
 
-    define_model "UnownedModel" do
-      self.table_name = "unowned_models"
+    define_model 'UnownedModel' do
+      self.table_name = 'unowned_models'
 
       has_many :tenant_models, foreign_key: :parent_id
     end
 
-    define_model "OtherModel" do
-      self.table_name = "models"
+    define_model 'OtherModel' do
+      self.table_name = 'models'
 
-      authorize_as "UnownedModel"
+      authorize_as 'UnownedModel'
     end
 
     Strongbolt::Configuration.add_tenant TenantModel
@@ -54,18 +53,19 @@ describe Strongbolt::UserAbilities do
 
   subject { user }
 
-  it { is_expected.to have_many(:user_groups_users).class_name("Strongbolt::UserGroupsUser")
-    .dependent :delete_all }
+  it {
+    is_expected.to have_many(:user_groups_users).class_name('Strongbolt::UserGroupsUser')
+                                                .dependent :delete_all
+  }
   it { is_expected.to have_many(:user_groups).through :user_groups_users }
   it { is_expected.to have_many(:roles).through :user_groups }
   it { is_expected.to respond_to(:capabilities) }
   it { is_expected.to have_many(:tenant_models) }
 
-  it "should let user find itself" do
-    expect(user.can? :find, user).to eq true
+  it 'should let user find itself' do
+    expect(user.can?(:find, user)).to eq true
   end
 
-
   #
   # Creates some fixtures for the tests here
   #
@@ -81,10 +81,10 @@ describe Strongbolt::UserAbilities do
     @other_user = User.create!
     # A owned model, owned
     @owned_model = OwnedModel.create! user: user,
-      tenant_model: @tenant_model
+                                      tenant_model: @tenant_model
     # An model not owned
     @unowned_model = OwnedModel.create! user: @other_user,
-      tenant_model: @tenant_model
+                                        tenant_model: @tenant_model
     # Other tenant model
     @unmanaged_model = OwnedModel.create! tenant_model: @other_tenant_model
     # An unownable model
@@ -94,52 +94,48 @@ describe Strongbolt::UserAbilities do
     @child_model = @owned_model.child_models.create!
 
     # The user belong to a group
-    @group = Strongbolt::UserGroup.create! name: "Normal"
+    @group = Strongbolt::UserGroup.create! name: 'Normal'
     @group.users << user
 
     # That has a role
-    @guest_role = Strongbolt::Role.create! name: "Guest"
-    @parent_role = Strongbolt::Role.create! name: "Basic", parent_id: @guest_role.id
-    @other_role = Strongbolt::Role.create! name: "Admin"
-    @role = @group.roles.create! name: "Normal", parent_id: @parent_role.id
+    @guest_role = Strongbolt::Role.create! name: 'Guest'
+    @parent_role = Strongbolt::Role.create! name: 'Basic', parent_id: @guest_role.id
+    @other_role = Strongbolt::Role.create! name: 'Admin'
+    @role = @group.roles.create! name: 'Normal', parent_id: @parent_role.id
 
     # Which has capabilities
 
     # User can update self
-    @parent_role.capabilities.create! model: "User", action: "update", require_ownership: true
+    @parent_role.capabilities.create! model: 'User', action: 'update', require_ownership: true
 
     # User can read all owned models
-    @parent_role.capabilities.create! model: "OwnedModel", action: "find"
+    @parent_role.capabilities.create! model: 'OwnedModel', action: 'find'
 
     # And create some
-    @role.capabilities.create! model: "OwnedModel", action: "create", require_ownership: true
+    @role.capabilities.create! model: 'OwnedModel', action: 'create', require_ownership: true
 
     # But can delete only owned models
-    @role.capabilities.create! model: "OwnedModel", action: "destroy", require_ownership: true
+    @role.capabilities.create! model: 'OwnedModel', action: 'destroy', require_ownership: true
 
     # User can read any unowned models
-    @guest_role.capabilities.create! model: "UnownedModel", action: "find"
+    @guest_role.capabilities.create! model: 'UnownedModel', action: 'find'
 
     # But can create setting only the attribute name
-    @role.capabilities.create! model: "UnownedModel", action: "create", attr: "name",
-      :require_tenant_access => false
+    @role.capabilities.create! model: 'UnownedModel', action: 'create', attr: 'name',
+                               require_tenant_access: false
 
     # Admin can do whatever
-    @other_role.capabilities.create! model: "UnownedModel", action: "create"
+    @other_role.capabilities.create! model: 'UnownedModel', action: 'create'
   end
 
-
-
-
   #
   # Adding a tenant to the user
   #
-  describe "add_tenant" do
-
+  describe 'add_tenant' do
     context 'when instance is from a tenant' do
       let(:model) { TenantModel.create! }
 
-      it "should create an association" do
+      it 'should create an association' do
         expect do
           user.add_tenant model
         end.to change(Strongbolt::UsersTenant, :count).by 1
@@ -151,136 +147,123 @@ describe Strongbolt::UserAbilities do
       end
     end
 
-    context "when instance is not from a tenant" do
+    context 'when instance is not from a tenant' do
       let(:model) { Model.create! }
 
-      it "should raise an error" do
+      it 'should raise an error' do
         expect do
           user.add_tenant model
         end.to raise_error NoMethodError
       end
     end
-
   end
 
-
-
   #
   # Has access to tenants?
   #
-  describe "has_access_to_tenants?" do
+  describe 'has_access_to_tenants?' do
     before { create_fixtures }
 
-    context "when same tenant" do
-
-      it "should be true when model is tenant" do
-        expect(user.send :has_access_to_tenants?, @tenant_model).to eq true
+    context 'when same tenant' do
+      it 'should be true when model is tenant' do
+        expect(user.send(:has_access_to_tenants?, @tenant_model)).to eq true
       end
 
-      it "should be true when model is first child" do
-        expect(user.send :has_access_to_tenants?, @unowned_model).to eq true
+      it 'should be true when model is first child' do
+        expect(user.send(:has_access_to_tenants?, @unowned_model)).to eq true
       end
 
-      it "should be true when grand child" do
-        expect(user.send :has_access_to_tenants?, @child_model).to eq true
+      it 'should be true when grand child' do
+        expect(user.send(:has_access_to_tenants?, @child_model)).to eq true
       end
 
-      it "should be true for a user defined association" do
-        expect(user.send :has_access_to_tenants?, @linked_to_tenant).to eq true
+      it 'should be true for a user defined association' do
+        expect(user.send(:has_access_to_tenants?, @linked_to_tenant)).to eq true
       end
-
     end
 
-    context "when different tenant" do
-      it "should be false when model is tenant" do
-        expect(user.send :has_access_to_tenants?, @other_tenant_model).to eq false
+    context 'when different tenant' do
+      it 'should be false when model is tenant' do
+        expect(user.send(:has_access_to_tenants?, @other_tenant_model)).to eq false
       end
 
-      it "should be false when model is first child" do
-        expect(user.send :has_access_to_tenants?, @unmanaged_model).to eq false
+      it 'should be false when model is first child' do
+        expect(user.send(:has_access_to_tenants?, @unmanaged_model)).to eq false
       end
     end
 
     context "when model doesn't have link to tenant" do
-      it "should return true" do
-        expect(user.send :has_access_to_tenants?, @model).to eq true
+      it 'should return true' do
+        expect(user.send(:has_access_to_tenants?, @model)).to eq true
       end
     end
   end
 
-
-
   #
   # All Capabilities
   #
   describe 'capabilities' do
-
     before { create_fixtures }
 
     let(:capabilities) { user.capabilities }
 
     subject { capabilities }
 
-    it "should have 6 capabilities" do
+    it 'should have 6 capabilities' do
       expect(capabilities.size).to eq 6
     end
-
   end
 
-
   #
   # CAN?
   #
 
-  describe "can?" do
-
+  describe 'can?' do
     before { create_fixtures }
 
-    describe "creating an owned model" do
-
-      context "when authorized" do
+    describe 'creating an owned model' do
+      context 'when authorized' do
         let(:tenant_model) { TenantModel.create! }
 
         before { user.tenant_models << tenant_model }
 
-        context "when same tenant" do
+        context 'when same tenant' do
           let(:instance) { OwnedModel.new tenant_model: tenant_model }
 
-          it "should return true when passing instance" do
-            expect(user.can? :create, instance).to eq true
+          it 'should return true when passing instance' do
+            expect(user.can?(:create, instance)).to eq true
           end
         end
 
-        context "when not same tenant" do
-
+        context 'when not same tenant' do
           let(:instance) { OwnedModel.new tenant_model: TenantModel.create! }
 
-          it "should return false when passing instance" do
-            expect(user.can? :create, instance).to eq false
+          it 'should return false when passing instance' do
+            expect(user.can?(:create, instance)).to eq false
           end
         end
 
-        it "should return true when passing class" do
-          expect(user.can? :create, OwnedModel).to eq true
+        it 'should return true when passing class' do
+          expect(user.can?(:create, OwnedModel)).to eq true
         end
       end
 
-      context "when not authorized" do
-        it "should return true when passing instance" do
-          expect(user.can? :create, User.new).to eq false
+      context 'when not authorized' do
+        it 'should return true when passing instance' do
+          expect(user.can?(:create, User.new)).to eq false
         end
 
-        it "should return true when passing class" do
-          expect(user.can? :create, User).to eq false
+        it 'should return true when passing class' do
+          expect(user.can?(:create, User)).to eq false
         end
       end
 
-      context "when default set of permissions" do
+      context 'when default set of permissions' do
         before do
           Strongbolt.setup do |config|
             config.default_capabilities = [
-              {:model => "OwnedModel", :require_ownership => true, :actions => :update},
-              {:model => "TenantModel", :require_tenant_access => false, :require_ownership => false, :actions => "find"}
+              { model: 'OwnedModel', require_ownership: true, actions: :update },
+              { model: 'TenantModel', require_tenant_access: false, require_ownership: false, actions: 'find' }
             ]
           end
         end
@@ -291,108 +274,99 @@ describe Strongbolt::UserAbilities do
         end
 
         let(:other_user) { User.create! }
-        let(:owned_model) { OwnedModel.create! :user => user, :tenant_model => TenantModel.create! }
-        let(:unowned_model) { OwnedModel.create! :user => other_user, :tenant_model => TenantModel.create! }
+        let(:owned_model) { OwnedModel.create! user: user, tenant_model: TenantModel.create! }
+        let(:unowned_model) { OwnedModel.create! user: other_user, tenant_model: TenantModel.create! }
 
-        it "should let the user update an owned model" do
-          expect(user.can? :update, owned_model).to eq true
+        it 'should let the user update an owned model' do
+          expect(user.can?(:update, owned_model)).to eq true
         end
 
-        it "should not let the user update an owned model from another user" do
-          expect(user.can? :update, unowned_model).to eq false
+        it 'should not let the user update an owned model from another user' do
+          expect(user.can?(:update, unowned_model)).to eq false
         end
       end
-
     end # Creating an owned model
 
-    describe "updating an owned model" do
-      context "when owning model" do
-        it "should return true" do
-          expect(user.can? :update, user).to eq true
+    describe 'updating an owned model' do
+      context 'when owning model' do
+        it 'should return true' do
+          expect(user.can?(:update, user)).to eq true
         end
       end
 
-      context "when not owning model" do
-        it "should return false" do
-          expect(user.can? :update, @other_user).to eq false
+      context 'when not owning model' do
+        it 'should return false' do
+          expect(user.can?(:update, @other_user)).to eq false
         end
       end
     end # Updating an owned model
 
-    describe "creating a model with attribute restriction" do
-
-      context "when requiring all attributes" do
-        it "should return false" do
-          expect(user.can? :create, UnownedModel, :all).to eq false
+    describe 'creating a model with attribute restriction' do
+      context 'when requiring all attributes' do
+        it 'should return false' do
+          expect(user.can?(:create, UnownedModel, :all)).to eq false
         end
 
-        it "should return false for other model authorized as it" do
-          expect(user.can? :create, OtherModel, :all).to eq false
+        it 'should return false for other model authorized as it' do
+          expect(user.can?(:create, OtherModel, :all)).to eq false
         end
       end
 
-      context "when requiring any attribute" do
-        it "should return true" do
-          expect(user.can? :create, UnownedModel, :any).to eq true
+      context 'when requiring any attribute' do
+        it 'should return true' do
+          expect(user.can?(:create, UnownedModel, :any)).to eq true
         end
 
-        it "should return true for other model authorized as it" do
-          expect(user.can? :create, OtherModel, :any).to eq true
+        it 'should return true for other model authorized as it' do
+          expect(user.can?(:create, OtherModel, :any)).to eq true
         end
       end
-
     end # Creating a model with restricted attributes
 
-    describe "creating a non tenanted model" do
+    describe 'creating a non tenanted model' do
       let(:instance) { UnownedModel.new }
 
-      context "when user has the right" do
-        it "should return true" do
-          expect(user.can? :create, instance).to eq true
+      context 'when user has the right' do
+        it 'should return true' do
+          expect(user.can?(:create, instance)).to eq true
         end
       end
     end
 
     describe 'destroying an owned model' do
-      context "when owning" do
-        it "should be true" do
-          expect(user.can? :destroy, @owned_model).to eq true
+      context 'when owning' do
+        it 'should be true' do
+          expect(user.can?(:destroy, @owned_model)).to eq true
         end
       end
 
-      context "when not owning" do
-        it "should be false" do
-          expect(user.can? :destroy, @unowned_model).to eq false
+      context 'when not owning' do
+        it 'should be false' do
+          expect(user.can?(:destroy, @unowned_model)).to eq false
         end
       end
     end
 
-    describe "finding model" do
-      context "when same tenant" do
-        it "should be true" do
-          expect(user.can? :find, @unowned_model).to eq true
+    describe 'finding model' do
+      context 'when same tenant' do
+        it 'should be true' do
+          expect(user.can?(:find, @unowned_model)).to eq true
         end
       end
 
-      context "when not same tenant" do
-        it "should be false" do
-          expect(user.can? :find, @unmanaged_model).to eq false
+      context 'when not same tenant' do
+        it 'should be false' do
+          expect(user.can?(:find, @unmanaged_model)).to eq false
         end
       end
     end
-
   end # End can?
 
-
-
-
-
   #
   # Populate Capabilities Cache
   #
 
-  describe "Populate Capabilities Cache" do
-
+  describe 'Populate Capabilities Cache' do
     #
     # We create some fixtures for the population of cache to be tested
     #
@@ -402,108 +376,88 @@ describe Strongbolt::UserAbilities do
 
     subject { cache }
 
-    it "should have the right number of capabilities" do
+    it 'should have the right number of capabilities' do
       expect(cache.size).to eq 4 * 6 + 2
     end
 
     [
-      "updateUserall-any", "updateUserany-any", # "updateUserall-#{User.first.id}", "updateUserany-#{User.first.id}",
-      "findOwnedModelall-any", "findOwnedModelany-any", "findOwnedModelall-tenanted", "findOwnedModelany-tenanted",
-      "createOwnedModelall-any", "createOwnedModelany-any", "createOwnedModelall-owned", "createOwnedModelany-owned",
-      "destroyOwnedModelall-any", "destroyOwnedModelany-any", "destroyOwnedModelall-owned", "destroyOwnedModelany-owned",
-      "findUnownedModelall-any", "findUnownedModelany-any", "findUnownedModelall-tenanted", "findUnownedModelany-tenanted",
-      "createUnownedModelname-any", "createUnownedModelany-any", "createUnownedModelname-all", "createUnownedModelany-all"
+      'updateUserall-any', 'updateUserany-any', # "updateUserall-#{User.first.id}", "updateUserany-#{User.first.id}",
+      'findOwnedModelall-any', 'findOwnedModelany-any', 'findOwnedModelall-tenanted', 'findOwnedModelany-tenanted',
+      'createOwnedModelall-any', 'createOwnedModelany-any', 'createOwnedModelall-owned', 'createOwnedModelany-owned',
+      'destroyOwnedModelall-any', 'destroyOwnedModelany-any', 'destroyOwnedModelall-owned', 'destroyOwnedModelany-owned',
+      'findUnownedModelall-any', 'findUnownedModelany-any', 'findUnownedModelall-tenanted', 'findUnownedModelany-tenanted',
+      'createUnownedModelname-any', 'createUnownedModelany-any', 'createUnownedModelname-all', 'createUnownedModelany-all'
     ].each do |key|
       it "should have set true to #{key}" do
         expect(cache[key]).to eq true
       end
     end
-
   end
 
-
-
-
-
-
   #
   # OWNS?
   #
-  describe "owns?" do
-
+  describe 'owns?' do
     #
     # Another user
     #
-    context "when testing against a user" do
-
+    context 'when testing against a user' do
       context 'when other user' do
-
         let(:other_user) { User.create! }
 
-        it "should not own it" do
-          expect(user.owns? other_user).to eq false
+        it 'should not own it' do
+          expect(user.owns?(other_user)).to eq false
         end
-
       end
 
-      context "when same user" do
-        it "should own it" do
-          expect(user.owns? user).to eq true
+      context 'when same user' do
+        it 'should own it' do
+          expect(user.owns?(user)).to eq true
         end
       end
-
     end # End owning user
 
-
     #
     # Another object
     #
-    context "when testing against another model having user_id" do
-
-      context "when owning it" do
+    context 'when testing against another model having user_id' do
+      context 'when owning it' do
         let(:model) { Model.create! user_id: user.id }
 
-        it "should own it" do
-          expect(user.owns? model).to eq true
+        it 'should own it' do
+          expect(user.owns?(model)).to eq true
         end
       end
 
-      context "when not owning it" do
+      context 'when not owning it' do
         let(:model) { Model.create! user_id: 0 }
 
-        it "should own it" do
-          expect(user.owns? model).to eq false
+        it 'should own it' do
+          expect(user.owns?(model)).to eq false
         end
       end
-
     end # End testing against model having user id
-
   end
 
-
   #
   # Another object unowned
   #
-  context "when testing against a model not having user id" do
-
+  context 'when testing against a model not having user id' do
     let(:model) { UnownedModel.create! }
 
-    it "should not own it" do
-      expect(user.owns? model).to eq false
+    it 'should not own it' do
+      expect(user.owns?(model)).to eq false
     end
-
   end
 
-
   #
   # Wrong arguments
   #
-  context "when given something else than an object" do
-    it "should raise error" do
+  context 'when given something else than an object' do
+    it 'should raise error' do
       expect do
         user.owns? Model
       end.to raise_error ArgumentError
     end
   end
-
 end