strongbolt 0.3.12 → 0.3.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop.yml +56 -0
- data/.rubocop_todo.yml +91 -0
- data/Gemfile +1 -1
- data/Gemfile.lock +18 -2
- data/Rakefile +1 -1
- data/app/controllers/strongbolt/capabilities_controller.rb +36 -45
- data/app/controllers/strongbolt/roles_controller.rb +39 -47
- data/app/controllers/strongbolt/security_controller.rb +2 -3
- data/app/controllers/strongbolt/user_groups_controller.rb +48 -54
- data/app/controllers/strongbolt/user_groups_users_controller.rb +2 -4
- data/app/controllers/strongbolt_controller.rb +1 -1
- data/circle.yml +13 -0
- data/lib/generators/strongbolt/fix_generator.rb +5 -6
- data/lib/generators/strongbolt/fix_unique_group_members_generator.rb +2 -3
- data/lib/generators/strongbolt/indexes_generator.rb +3 -4
- data/lib/generators/strongbolt/install_generator.rb +8 -9
- data/lib/generators/strongbolt/templates/fix_unique_group_members.rb +1 -1
- data/lib/generators/strongbolt/templates/indexes.rb +1 -1
- data/lib/generators/strongbolt/templates/migration.rb +11 -12
- data/lib/generators/strongbolt/templates/strongbolt.rb +1 -1
- data/lib/generators/strongbolt/views_generator.rb +4 -4
- data/lib/strongbolt.rb +51 -54
- data/lib/strongbolt/base.rb +1 -1
- data/lib/strongbolt/bolted.rb +12 -13
- data/lib/strongbolt/bolted_controller.rb +46 -57
- data/lib/strongbolt/capabilities_role.rb +5 -5
- data/lib/strongbolt/capability.rb +32 -31
- data/lib/strongbolt/configuration.rb +18 -19
- data/lib/strongbolt/controllers/url_helpers.rb +5 -5
- data/lib/strongbolt/engine.rb +9 -9
- data/lib/strongbolt/errors.rb +4 -4
- data/lib/strongbolt/generators/migration.rb +4 -6
- data/lib/strongbolt/helpers.rb +5 -7
- data/lib/strongbolt/rails/routes.rb +4 -4
- data/lib/strongbolt/role.rb +11 -12
- data/lib/strongbolt/roles_user_group.rb +5 -5
- data/lib/strongbolt/rspec.rb +2 -2
- data/lib/strongbolt/rspec/user.rb +13 -15
- data/lib/strongbolt/tenantable.rb +78 -80
- data/lib/strongbolt/user_abilities.rb +44 -54
- data/lib/strongbolt/user_group.rb +8 -10
- data/lib/strongbolt/user_groups_user.rb +6 -6
- data/lib/strongbolt/version.rb +1 -1
- data/lib/tasks/strongbolt_tasks.rake +4 -4
- data/spec/controllers/strongbolt/capabilities_controller_spec.rb +28 -45
- data/spec/controllers/strongbolt/roles_controller_spec.rb +39 -72
- data/spec/controllers/strongbolt/user_groups_controller_spec.rb +34 -65
- data/spec/controllers/strongbolt/user_groups_users_controller_spec.rb +11 -19
- data/spec/controllers/without_authorization_controller_spec.rb +5 -5
- data/spec/dummy/app/controllers/posts_controller.rb +2 -2
- data/spec/dummy/app/controllers/test_controller.rb +1 -1
- data/spec/dummy/app/controllers/without_authorization_controller.rb +1 -1
- data/spec/dummy/bin/rails +1 -1
- data/spec/dummy/config.ru +1 -1
- data/spec/dummy/config/application.rb +4 -5
- data/spec/dummy/config/initializers/cookies_serializer.rb +1 -1
- data/spec/dummy/config/initializers/strongbolt.rb +2 -2
- data/spec/dummy/config/routes.rb +1 -3
- data/spec/dummy/db/migrate/20150630212236_create_strongbolt_tables.rb +9 -10
- data/spec/dummy/db/migrate/20150630212251_create_strongbolt_tables_indexes.rb +2 -2
- data/spec/dummy/db/migrate/20160531110509_fix_unique_group_members.rb +1 -1
- data/spec/fabricators/capability_fabricator.rb +4 -4
- data/spec/fabricators/role_fabricator.rb +3 -3
- data/spec/fabricators/user_fabricator.rb +2 -2
- data/spec/fabricators/user_group_fabricator.rb +3 -3
- data/spec/fixtures/application.rb +6 -3
- data/spec/fixtures/controllers.rb +1 -1
- data/spec/spec_helper.rb +7 -8
- data/spec/strongbolt/bolted_controller_spec.rb +110 -208
- data/spec/strongbolt/bolted_spec.rb +26 -40
- data/spec/strongbolt/capability_spec.rb +72 -86
- data/spec/strongbolt/configuration_spec.rb +33 -46
- data/spec/strongbolt/controllers/url_helpers_spec.rb +7 -9
- data/spec/strongbolt/helpers_spec.rb +14 -16
- data/spec/strongbolt/role_spec.rb +32 -35
- data/spec/strongbolt/tenantable_spec.rb +88 -86
- data/spec/strongbolt/user_abilities_multiple_tenants_spec.rb +29 -34
- data/spec/strongbolt/user_abilities_spec.rb +142 -188
- data/spec/strongbolt/user_group_spec.rb +14 -14
- data/spec/strongbolt/users_tenant_spec.rb +10 -12
- data/spec/strongbolt_spec.rb +53 -73
- data/spec/support/controller_macros.rb +1 -3
- data/spec/support/db_setup.rb +31 -25
- data/spec/support/helpers.rb +12 -12
- data/spec/support/transactional_specs.rb +1 -3
- data/strongbolt.gemspec +14 -12
- metadata +20 -3
@@ -16,6 +16,6 @@ class CreateStrongboltTablesIndexes < ActiveRecord::Migration
|
|
16
16
|
add_index :strongbolt_users_tenants, :user_id
|
17
17
|
add_index :strongbolt_users_tenants, :tenant_id
|
18
18
|
add_index :strongbolt_users_tenants, :type
|
19
|
-
add_index :strongbolt_users_tenants, [
|
19
|
+
add_index :strongbolt_users_tenants, %i[tenant_id type]
|
20
20
|
end
|
21
|
-
end
|
21
|
+
end
|
@@ -1,5 +1,5 @@
|
|
1
1
|
class FixUniqueGroupMembers < ActiveRecord::Migration
|
2
2
|
def change
|
3
|
-
add_index :strongbolt_user_groups_users, [
|
3
|
+
add_index :strongbolt_user_groups_users, %i[user_group_id user_id], unique: true, name: :index_strongbolt_user_groups_users_unique
|
4
4
|
end
|
5
5
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
Fabricator(:capability, class_name:
|
2
|
-
model
|
3
|
-
action
|
4
|
-
end
|
1
|
+
Fabricator(:capability, class_name: 'Strongbolt::Capability') do
|
2
|
+
model 'User'
|
3
|
+
action 'find'
|
4
|
+
end
|
@@ -1,9 +1,9 @@
|
|
1
|
-
Fabricator(:role, class_name:
|
2
|
-
name
|
1
|
+
Fabricator(:role, class_name: 'Strongbolt::Role') do
|
2
|
+
name { sequence(:name) { |i| "Role #{i}" } }
|
3
3
|
end
|
4
4
|
|
5
5
|
Fabricator(:role_with_user_groups, from: :role) do
|
6
6
|
after_build do |role|
|
7
7
|
role.user_groups << Fabricate(:user_group)
|
8
8
|
end
|
9
|
-
end
|
9
|
+
end
|
@@ -1,3 +1,3 @@
|
|
1
1
|
Fabricator :user do
|
2
|
-
username
|
3
|
-
end
|
2
|
+
username 'USER'
|
3
|
+
end
|
@@ -1,9 +1,9 @@
|
|
1
|
-
Fabricator(:user_group, class_name:
|
2
|
-
name
|
1
|
+
Fabricator(:user_group, class_name: 'Strongbolt::UserGroup') do
|
2
|
+
name { sequence(:name) { |i| "User Group #{i}" } }
|
3
3
|
end
|
4
4
|
|
5
5
|
Fabricator(:user_group_with_roles, from: :user_group) do
|
6
6
|
after_build do |user_group|
|
7
7
|
user_group.roles << Fabricate(:role)
|
8
8
|
end
|
9
|
-
end
|
9
|
+
end
|
@@ -4,7 +4,10 @@ require 'action_dispatch'
|
|
4
4
|
|
5
5
|
module Rails
|
6
6
|
class App
|
7
|
-
def env_config
|
7
|
+
def env_config
|
8
|
+
{}
|
9
|
+
end
|
10
|
+
|
8
11
|
def routes
|
9
12
|
return @routes if defined?(@routes)
|
10
13
|
@routes = ActionDispatch::Routing::RouteSet.new
|
@@ -23,6 +26,6 @@ module Rails
|
|
23
26
|
end
|
24
27
|
|
25
28
|
def self.env
|
26
|
-
|
29
|
+
'test'
|
27
30
|
end
|
28
|
-
end
|
31
|
+
end
|
data/spec/spec_helper.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
ENV[
|
1
|
+
ENV['RAILS_ENV'] ||= 'test'
|
2
2
|
|
3
3
|
RSpec.configure do |config|
|
4
4
|
# rspec-expectations config goes here. You can use an alternate
|
@@ -26,7 +26,7 @@ RSpec.configure do |config|
|
|
26
26
|
end
|
27
27
|
|
28
28
|
# The dummy application
|
29
|
-
require File.expand_path(
|
29
|
+
require File.expand_path('../dummy/config/environment', __FILE__)
|
30
30
|
|
31
31
|
# require 'fixtures/application'
|
32
32
|
# require 'fixtures/controllers'
|
@@ -40,7 +40,7 @@ require 'database_cleaner'
|
|
40
40
|
|
41
41
|
# Requires supporting files with custom matchers and macros, etc,
|
42
42
|
# in ./support/ and its subdirectories.
|
43
|
-
Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}
|
43
|
+
Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
|
44
44
|
|
45
45
|
RSpec.configure do |config|
|
46
46
|
# Remove this line if you're not using ActiveRecord or ActiveRecord fixtures
|
@@ -89,10 +89,9 @@ RSpec.configure do |config|
|
|
89
89
|
TestsMigrations.new.migrate :down
|
90
90
|
end
|
91
91
|
|
92
|
-
Fabrication.configure do |
|
93
|
-
|
94
|
-
|
92
|
+
Fabrication.configure do |fabrication_config|
|
93
|
+
fabrication_config.fabricator_path = 'spec/fabricators'
|
94
|
+
fabrication_config.path_prefix = File.expand_path('../..', __FILE__)
|
95
95
|
end
|
96
|
-
puts File.expand_path(
|
97
|
-
|
96
|
+
puts File.expand_path('../..', __FILE__)
|
98
97
|
end
|
@@ -1,19 +1,14 @@
|
|
1
|
-
require
|
1
|
+
require 'spec_helper'
|
2
2
|
|
3
3
|
# We're testing BoltedController module through this one
|
4
|
-
describe PostsController, :
|
5
|
-
|
4
|
+
describe PostsController, type: :controller do
|
6
5
|
before(:all) do
|
7
|
-
define_model
|
6
|
+
define_model 'Post'
|
8
7
|
@user = User.create!
|
9
8
|
end
|
10
9
|
|
11
10
|
let(:user) { @user }
|
12
11
|
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
12
|
#
|
18
13
|
# Setup a current user
|
19
14
|
#
|
@@ -24,7 +19,7 @@ describe PostsController, :type => :controller do
|
|
24
19
|
#
|
25
20
|
# Performs the right query given the action
|
26
21
|
#
|
27
|
-
def perform
|
22
|
+
def perform(action)
|
28
23
|
case action
|
29
24
|
when :index, :new then get action
|
30
25
|
when :show, :edit then get action, id: 1
|
@@ -34,52 +29,40 @@ describe PostsController, :type => :controller do
|
|
34
29
|
end
|
35
30
|
end
|
36
31
|
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
32
|
#
|
42
33
|
# Helpers
|
43
34
|
#
|
44
|
-
describe
|
35
|
+
describe 'helpers' do
|
45
36
|
before { Strongbolt.current_user = User.create! }
|
46
37
|
after { Strongbolt.current_user = nil }
|
47
38
|
|
48
|
-
describe
|
49
|
-
it
|
39
|
+
describe 'can?' do
|
40
|
+
it 'should respond to can?' do
|
50
41
|
expect(PostsController.new).to respond_to :can?
|
51
42
|
end
|
52
43
|
|
53
|
-
it
|
44
|
+
it 'should call can? on current_user' do
|
54
45
|
expect(Strongbolt.current_user).to receive(:can?).with :find, User
|
55
46
|
PostsController.new.can? :find, User
|
56
47
|
end
|
57
48
|
end
|
58
49
|
|
59
|
-
describe
|
60
|
-
it
|
50
|
+
describe 'cannot?' do
|
51
|
+
it 'should respond to cannot?' do
|
61
52
|
expect(PostsController.new).to respond_to :cannot?
|
62
53
|
end
|
63
54
|
|
64
|
-
it
|
55
|
+
it 'should call can? on current_user' do
|
65
56
|
expect(Strongbolt.current_user).to receive(:cannot?).with :find, User
|
66
57
|
PostsController.new.cannot? :find, User
|
67
58
|
end
|
68
59
|
end
|
69
60
|
end
|
70
61
|
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
62
|
#
|
79
63
|
# Before Filter, set current user
|
80
64
|
#
|
81
65
|
describe 'before_action' do
|
82
|
-
|
83
66
|
before do
|
84
67
|
PostsController.skip_after_action :unset_current_user
|
85
68
|
PostsController.skip_before_action :check_authorization
|
@@ -96,16 +79,16 @@ describe PostsController, :type => :controller do
|
|
96
79
|
get :index
|
97
80
|
end
|
98
81
|
|
99
|
-
it
|
82
|
+
it 'should set nil user' do
|
100
83
|
expect(Strongbolt.current_user).to be_nil
|
101
84
|
end
|
102
85
|
|
103
|
-
it
|
86
|
+
it 'should have set $request' do
|
104
87
|
expect($request).to be_present
|
105
88
|
end
|
106
89
|
end
|
107
90
|
|
108
|
-
context
|
91
|
+
context 'when user' do
|
109
92
|
let(:user) { User.new }
|
110
93
|
|
111
94
|
before do
|
@@ -113,18 +96,16 @@ describe PostsController, :type => :controller do
|
|
113
96
|
get :index
|
114
97
|
end
|
115
98
|
|
116
|
-
it
|
99
|
+
it 'should set the user' do
|
117
100
|
expect(Strongbolt.current_user).to eq user
|
118
101
|
end
|
119
102
|
end
|
120
|
-
|
121
103
|
end
|
122
104
|
|
123
105
|
#
|
124
106
|
# After filter, unset current user
|
125
107
|
#
|
126
108
|
describe 'after_action' do
|
127
|
-
|
128
109
|
before do
|
129
110
|
PostsController.skip_before_action :check_authorization
|
130
111
|
end
|
@@ -132,45 +113,43 @@ describe PostsController, :type => :controller do
|
|
132
113
|
PostsController.before_action :check_authorization
|
133
114
|
end
|
134
115
|
|
135
|
-
context
|
136
|
-
|
116
|
+
context 'when a user is set' do
|
137
117
|
before do
|
138
118
|
expect_any_instance_of(PostsController).to receive(:current_user)
|
139
119
|
.and_return @user
|
140
120
|
get :index
|
141
121
|
end
|
142
122
|
|
143
|
-
it
|
123
|
+
it 'should have unsetted the user' do
|
144
124
|
expect(Strongbolt.current_user).to be_nil
|
145
125
|
end
|
146
126
|
end
|
147
|
-
|
148
127
|
end
|
149
128
|
|
150
129
|
#
|
151
130
|
# Catching Grant::Error and Strongbolt::Unauthorized
|
152
131
|
#
|
153
132
|
describe 'catching Grant::Error' do
|
154
|
-
context
|
133
|
+
context 'when unauthorized method exists' do
|
155
134
|
before do
|
156
135
|
allow(controller).to receive :unauthorized
|
157
136
|
expect_any_instance_of(PostsController).to receive(:index)
|
158
137
|
.and_raise Strongbolt::Unauthorized
|
159
138
|
end
|
160
139
|
|
161
|
-
it
|
140
|
+
it 'should call unauthorized' do
|
162
141
|
expect_any_instance_of(PostsController).to receive(:unauthorized)
|
163
142
|
get :index
|
164
143
|
end
|
165
144
|
end
|
166
145
|
|
167
|
-
context
|
146
|
+
context 'when no unauthorized method' do
|
168
147
|
before do
|
169
148
|
expect_any_instance_of(PostsController).to receive(:index)
|
170
|
-
.and_raise Grant::Error.new
|
149
|
+
.and_raise Grant::Error.new 'Error'
|
171
150
|
end
|
172
151
|
|
173
|
-
it
|
152
|
+
it 'should call raise Strongbolt::Unauthorized' do
|
174
153
|
expect do
|
175
154
|
get :index
|
176
155
|
end.to raise_error Strongbolt::Unauthorized
|
@@ -178,28 +157,19 @@ describe PostsController, :type => :controller do
|
|
178
157
|
end
|
179
158
|
end
|
180
159
|
|
181
|
-
|
182
|
-
|
183
|
-
|
184
|
-
|
185
|
-
|
186
|
-
|
187
|
-
|
188
160
|
#
|
189
161
|
# Checking authorization on a high level
|
190
162
|
#
|
191
|
-
describe
|
192
|
-
|
163
|
+
describe 'checking authorization' do
|
193
164
|
#
|
194
165
|
# When no authorization unrelated errors
|
195
166
|
#
|
196
167
|
|
197
|
-
context
|
198
|
-
|
168
|
+
context 'when no error' do
|
199
169
|
before(:all) do
|
200
170
|
# Model linked to the controller
|
201
|
-
define_model
|
202
|
-
self.table_name =
|
171
|
+
define_model 'Post' do
|
172
|
+
self.table_name = 'models'
|
203
173
|
end
|
204
174
|
end
|
205
175
|
|
@@ -209,21 +179,20 @@ describe PostsController, :type => :controller do
|
|
209
179
|
.and_return user
|
210
180
|
end
|
211
181
|
|
212
|
-
|
213
182
|
#
|
214
183
|
# Call the right CRUD operation
|
215
184
|
#
|
216
|
-
describe
|
185
|
+
describe 'calling the CRUD operations' do
|
217
186
|
{
|
218
|
-
:
|
219
|
-
:
|
220
|
-
:
|
221
|
-
:
|
222
|
-
:
|
223
|
-
:
|
187
|
+
index: :find,
|
188
|
+
show: :find,
|
189
|
+
edit: :update,
|
190
|
+
update: :update,
|
191
|
+
new: :create,
|
192
|
+
create: :create
|
224
193
|
}.each do |action, operation|
|
225
194
|
context "when calling #{action}" do
|
226
|
-
it
|
195
|
+
it 'should call the operation' do
|
227
196
|
expect(user).to receive(:can?).with(operation, Post).and_return true
|
228
197
|
perform action
|
229
198
|
end
|
@@ -231,31 +200,27 @@ describe PostsController, :type => :controller do
|
|
231
200
|
end # End checking calling right can
|
232
201
|
end
|
233
202
|
|
234
|
-
|
235
203
|
#
|
236
204
|
# When calling a custom action without CRUD associated
|
237
205
|
#
|
238
|
-
context
|
239
|
-
|
240
|
-
it "should raise ActionNotConfigured" do
|
206
|
+
context 'when calling unmapped action' do
|
207
|
+
it 'should raise ActionNotConfigured' do
|
241
208
|
expect do
|
242
209
|
get :custom
|
243
210
|
end.to raise_error Strongbolt::ActionNotConfigured
|
244
211
|
end
|
245
|
-
|
246
212
|
end
|
247
213
|
|
248
|
-
|
249
214
|
#
|
250
215
|
# When not authorized
|
251
216
|
#
|
252
|
-
context
|
217
|
+
context 'when not authorized' do
|
253
218
|
before do
|
254
219
|
expect(Strongbolt).to receive(:access_denied)
|
255
220
|
expect(user).to receive(:can?).and_return false
|
256
221
|
end
|
257
222
|
|
258
|
-
it
|
223
|
+
it 'should raise Strongbolt::Unauthorized' do
|
259
224
|
expect do
|
260
225
|
get :index
|
261
226
|
end.to raise_error Strongbolt::Unauthorized
|
@@ -265,85 +230,81 @@ describe PostsController, :type => :controller do
|
|
265
230
|
#
|
266
231
|
# When authorized
|
267
232
|
#
|
268
|
-
context
|
233
|
+
context 'when authorized' do
|
269
234
|
before do
|
270
235
|
expect(user).to receive(:can?).and_return true
|
271
236
|
end
|
272
237
|
|
273
|
-
it
|
238
|
+
it 'should not raise error' do
|
274
239
|
expect do
|
275
240
|
get :index
|
276
241
|
end.not_to raise_error
|
277
242
|
end
|
278
243
|
end
|
279
|
-
|
280
244
|
end # End when no error
|
281
245
|
|
282
|
-
|
283
|
-
|
284
246
|
#
|
285
247
|
# Getting model name from controller name
|
286
248
|
#
|
287
|
-
describe
|
288
|
-
|
249
|
+
describe 'model_for_authorization' do
|
289
250
|
after do
|
290
|
-
undefine
|
291
|
-
|
251
|
+
undefine 'ItemsController', 'Item', 'Namespace::Item',
|
252
|
+
'Namespace::ItemsController'
|
292
253
|
end
|
293
254
|
|
294
|
-
context
|
255
|
+
context 'when no module' do
|
295
256
|
before do
|
296
|
-
define_controller
|
297
|
-
define_model
|
257
|
+
define_controller 'ItemsController'
|
258
|
+
define_model 'Item'
|
298
259
|
end
|
299
260
|
|
300
|
-
it
|
261
|
+
it 'should return the right model' do
|
301
262
|
expect(ItemsController.model_for_authorization).to eq Item
|
302
263
|
end
|
303
264
|
end
|
304
265
|
|
305
|
-
context
|
266
|
+
context 'when both have modules' do
|
306
267
|
before do
|
307
|
-
define_controller
|
308
|
-
define_model
|
268
|
+
define_controller 'Namespace::ItemsController'
|
269
|
+
define_model 'Namespace::Item'
|
309
270
|
end
|
310
271
|
|
311
|
-
it
|
272
|
+
it 'should return the right model' do
|
312
273
|
expect(Namespace::ItemsController.model_for_authorization).to eq Namespace::Item
|
313
274
|
end
|
314
275
|
end
|
315
276
|
|
316
|
-
context
|
277
|
+
context 'when only controller has module' do
|
317
278
|
before do
|
318
|
-
define_controller
|
319
|
-
define_model
|
279
|
+
define_controller 'Namespace::ItemsController'
|
280
|
+
define_model 'Item'
|
320
281
|
end
|
321
282
|
|
322
|
-
it
|
283
|
+
it 'should return the right model' do
|
323
284
|
expect(Namespace::ItemsController.model_for_authorization).to eq Item
|
324
285
|
end
|
325
286
|
end
|
326
287
|
|
327
|
-
context
|
288
|
+
context 'when only model has module' do
|
328
289
|
before do
|
329
|
-
define_controller
|
330
|
-
define_model
|
290
|
+
define_controller 'ItemsController'
|
291
|
+
define_model 'Namespace::Item'
|
331
292
|
end
|
332
293
|
|
333
|
-
it
|
294
|
+
it 'should raise error' do
|
334
295
|
expect do
|
335
296
|
ItemsController.model_for_authorization
|
336
297
|
end.to raise_error Strongbolt::ModelNotFound
|
337
298
|
end
|
338
299
|
end
|
339
300
|
|
340
|
-
context
|
301
|
+
context 'when cannot find' do
|
341
302
|
before do
|
342
|
-
define_controller
|
343
|
-
undefine_model
|
303
|
+
define_controller 'ItemsController'
|
304
|
+
undefine_model 'Item'
|
344
305
|
end
|
345
306
|
|
346
|
-
it
|
307
|
+
it 'should return the right model' do
|
347
308
|
expect do
|
348
309
|
ItemsController.model_for_authorization
|
349
310
|
end.to raise_error Strongbolt::ModelNotFound
|
@@ -351,158 +312,125 @@ describe PostsController, :type => :controller do
|
|
351
312
|
end
|
352
313
|
end
|
353
314
|
|
354
|
-
|
355
|
-
|
356
315
|
#
|
357
316
|
# When the controller doesn't have any model associated
|
358
317
|
#
|
359
318
|
|
360
319
|
context "when controller doesn't have model" do
|
361
|
-
|
362
320
|
before do
|
363
|
-
undefine_model
|
321
|
+
undefine_model 'Post'
|
364
322
|
setup_session
|
365
323
|
end
|
366
324
|
|
367
|
-
it
|
325
|
+
it 'should raise error' do
|
368
326
|
expect do
|
369
327
|
get :index
|
370
328
|
end.to raise_error Strongbolt::ModelNotFound
|
371
329
|
end
|
372
|
-
|
373
330
|
end # End when no model associated
|
374
331
|
|
375
332
|
#
|
376
333
|
# When no current user
|
377
334
|
#
|
378
|
-
context
|
335
|
+
context 'when no current user' do
|
379
336
|
before do
|
380
337
|
expect(Strongbolt).to receive(:current_user).and_return nil
|
381
338
|
expect(Strongbolt).to receive(:logger).and_call_original
|
382
339
|
end
|
383
340
|
|
384
|
-
it
|
341
|
+
it 'should not raise error' do
|
385
342
|
get :index
|
386
343
|
end
|
387
344
|
end
|
388
|
-
|
389
345
|
end # End describe authorizations
|
390
346
|
|
391
|
-
|
392
|
-
|
393
|
-
|
394
|
-
|
395
|
-
|
396
|
-
|
397
347
|
#
|
398
348
|
# Setting a specific model for a controller
|
399
349
|
#
|
400
350
|
describe 'setting specific model' do
|
401
|
-
|
402
351
|
before do
|
403
|
-
define_model
|
404
|
-
self.table_name =
|
352
|
+
define_model 'Custom' do
|
353
|
+
self.table_name = 'models'
|
405
354
|
end
|
406
355
|
end
|
407
356
|
after { PostsController.model_for_authorization = nil }
|
408
357
|
|
409
|
-
context
|
410
|
-
|
411
|
-
|
412
|
-
it "should raise error" do
|
358
|
+
context 'when given as a string' do
|
359
|
+
context 'and not exists' do
|
360
|
+
it 'should raise error' do
|
413
361
|
expect do
|
414
|
-
PostsController.model_for_authorization =
|
362
|
+
PostsController.model_for_authorization = 'FEge'
|
415
363
|
end.to raise_error Strongbolt::ModelNotFound
|
416
364
|
end
|
417
365
|
end
|
418
366
|
|
419
367
|
context 'when exists' do
|
420
|
-
before { PostsController.model_for_authorization =
|
368
|
+
before { PostsController.model_for_authorization = 'Custom' }
|
421
369
|
|
422
|
-
it
|
370
|
+
it 'should set it' do
|
423
371
|
expect(PostsController.model_for_authorization).to eq Custom
|
424
372
|
end
|
425
373
|
end
|
426
|
-
|
427
374
|
end # End when given as a string
|
428
375
|
|
429
|
-
context
|
376
|
+
context 'when given as a model' do
|
430
377
|
before { PostsController.model_for_authorization = Custom }
|
431
378
|
|
432
|
-
it
|
379
|
+
it 'should set it' do
|
433
380
|
expect(PostsController.model_for_authorization).to eq Custom
|
434
381
|
end
|
435
382
|
end
|
436
|
-
|
437
383
|
end
|
438
384
|
|
439
|
-
|
440
|
-
|
441
|
-
|
442
|
-
|
443
385
|
#
|
444
386
|
# Fetching authorization model when not specified
|
445
387
|
#
|
446
|
-
describe
|
447
|
-
|
448
|
-
context "when model is infered from controller" do
|
388
|
+
describe 'model_for_authorization' do
|
389
|
+
context 'when model is infered from controller' do
|
449
390
|
before do
|
450
|
-
define_model
|
391
|
+
define_model 'Post'
|
451
392
|
get :index
|
452
393
|
end
|
453
394
|
|
454
|
-
it
|
395
|
+
it 'should return the model' do
|
455
396
|
expect(PostsController.model_for_authorization).to eq Post
|
456
397
|
end
|
457
398
|
end
|
458
399
|
|
459
|
-
context
|
400
|
+
context 'when model cannot be infered' do
|
460
401
|
before do
|
461
|
-
undefine_model
|
402
|
+
undefine_model 'Post'
|
462
403
|
end
|
463
404
|
|
464
|
-
it
|
405
|
+
it 'should raise ModelNotFound' do
|
465
406
|
expect do
|
466
407
|
PostsController.model_for_authorization
|
467
408
|
end.to raise_error Strongbolt::ModelNotFound
|
468
409
|
end
|
469
410
|
end
|
470
|
-
|
471
411
|
end
|
472
412
|
|
473
|
-
|
474
|
-
|
475
|
-
|
476
|
-
|
477
|
-
|
478
|
-
|
479
|
-
|
480
413
|
#
|
481
414
|
# Skipping controller authorization
|
482
415
|
#
|
483
416
|
describe 'skip_controller_authorization' do
|
484
|
-
|
485
417
|
after { PostsController.before_action :check_authorization }
|
486
418
|
|
487
|
-
context
|
488
|
-
|
419
|
+
context 'when no argument' do
|
489
420
|
before { PostsController.skip_controller_authorization }
|
490
421
|
|
491
422
|
RESTFUL_ACTIONS.each do |action|
|
492
|
-
it
|
423
|
+
it 'should not call check_authorization' do
|
493
424
|
expect_any_instance_of(PostsController).not_to receive(:check_authorization)
|
494
425
|
perform action
|
495
426
|
end
|
496
427
|
end
|
497
|
-
|
498
428
|
end
|
499
429
|
|
500
430
|
context 'with only argument' do
|
501
|
-
|
502
431
|
before { PostsController.skip_controller_authorization only: skipped_actions }
|
503
432
|
|
504
|
-
context
|
505
|
-
|
433
|
+
context 'when 1 action' do
|
506
434
|
let(:skipped_actions) { :index }
|
507
435
|
|
508
436
|
RESTFUL_ACTIONS.each do |action|
|
@@ -515,12 +443,10 @@ describe PostsController, :type => :controller do
|
|
515
443
|
perform action
|
516
444
|
end
|
517
445
|
end
|
518
|
-
|
519
446
|
end # End 1 action
|
520
447
|
|
521
|
-
context
|
522
|
-
|
523
|
-
let(:skipped_actions) { [:show, :index] }
|
448
|
+
context 'when several actions' do
|
449
|
+
let(:skipped_actions) { %i[show index] }
|
524
450
|
|
525
451
|
RESTFUL_ACTIONS.each do |action|
|
526
452
|
it "should skip the right ones - #{action}" do
|
@@ -532,17 +458,13 @@ describe PostsController, :type => :controller do
|
|
532
458
|
perform action
|
533
459
|
end
|
534
460
|
end
|
535
|
-
|
536
461
|
end # End several actions
|
537
|
-
|
538
462
|
end # End when only argument
|
539
463
|
|
540
|
-
context
|
541
|
-
|
464
|
+
context 'with except argument' do
|
542
465
|
before { PostsController.skip_controller_authorization except: preserved_actions }
|
543
466
|
|
544
|
-
context
|
545
|
-
|
467
|
+
context 'when 1 action' do
|
546
468
|
let(:preserved_actions) { :index }
|
547
469
|
|
548
470
|
RESTFUL_ACTIONS.each do |action|
|
@@ -555,12 +477,10 @@ describe PostsController, :type => :controller do
|
|
555
477
|
perform action
|
556
478
|
end
|
557
479
|
end
|
558
|
-
|
559
480
|
end # End 1 action
|
560
481
|
|
561
|
-
context
|
562
|
-
|
563
|
-
let(:preserved_actions) { [:show, :index] }
|
482
|
+
context 'when several actions' do
|
483
|
+
let(:preserved_actions) { %i[show index] }
|
564
484
|
|
565
485
|
RESTFUL_ACTIONS.each do |action|
|
566
486
|
it "should preserve the right ones - #{action}" do
|
@@ -572,20 +492,14 @@ describe PostsController, :type => :controller do
|
|
572
492
|
perform action
|
573
493
|
end
|
574
494
|
end
|
575
|
-
|
576
495
|
end # End several actions
|
577
|
-
|
578
496
|
end # End except argument
|
579
|
-
|
580
497
|
end # End skipping controller authorization
|
581
498
|
|
582
|
-
|
583
|
-
|
584
|
-
|
585
499
|
#
|
586
500
|
# Skip all authorizations checking
|
587
501
|
#
|
588
|
-
describe
|
502
|
+
describe 'skip_all_authorization' do
|
589
503
|
#
|
590
504
|
# The controller raiser error if grant enabled
|
591
505
|
#
|
@@ -602,20 +516,20 @@ describe PostsController, :type => :controller do
|
|
602
516
|
end
|
603
517
|
end
|
604
518
|
|
605
|
-
it
|
519
|
+
it 'should raise an error' do
|
606
520
|
expect do
|
607
521
|
get :index
|
608
522
|
end.to raise_error Strongbolt::Unauthorized
|
609
523
|
end
|
610
524
|
|
611
|
-
context
|
525
|
+
context 'when skipping' do
|
612
526
|
before { PostsController.skip_all_authorization only: :index }
|
613
527
|
after do
|
614
528
|
PostsController.before_action :check_authorization
|
615
529
|
PostsController.skip_around_action :disable_authorization
|
616
530
|
end
|
617
531
|
|
618
|
-
it
|
532
|
+
it 'should not raise error' do
|
619
533
|
expect do
|
620
534
|
get :index
|
621
535
|
end.not_to raise_error
|
@@ -623,84 +537,72 @@ describe PostsController, :type => :controller do
|
|
623
537
|
end
|
624
538
|
end # End skipping all authorization
|
625
539
|
|
626
|
-
|
627
|
-
|
628
|
-
|
629
|
-
|
630
540
|
#
|
631
541
|
# Mapping custom action to CRUD operation
|
632
542
|
#
|
633
|
-
describe
|
543
|
+
describe 'authorize_as_' do
|
634
544
|
before do
|
635
545
|
setup_session
|
636
|
-
define_model
|
546
|
+
define_model 'Post'
|
637
547
|
end
|
638
548
|
|
639
|
-
[
|
549
|
+
%i[find update create destroy].each do |operation|
|
640
550
|
context "authorize_as_#{operation}" do
|
641
551
|
before do
|
642
552
|
PostsController.send "authorize_as_#{operation}", :custom, :other
|
643
553
|
end
|
644
554
|
|
645
|
-
it
|
555
|
+
it 'should respond_to' do
|
646
556
|
expect(PostsController).to respond_to "authorize_as_#{operation}"
|
647
557
|
end
|
648
558
|
|
649
|
-
it
|
559
|
+
it 'should call the proper operation' do
|
650
560
|
expect(user).to receive(:can?).with(operation, Post).and_return true
|
651
561
|
get :custom
|
652
562
|
end
|
653
|
-
|
654
563
|
end
|
655
564
|
end
|
656
565
|
end
|
657
566
|
|
658
|
-
|
659
|
-
|
660
|
-
|
661
567
|
#
|
662
568
|
# Render without authorization
|
663
569
|
#
|
664
|
-
describe
|
665
|
-
|
570
|
+
describe 'render_without_authorization' do
|
666
571
|
after { PostsController.render_with_authorization }
|
667
572
|
|
668
|
-
it
|
573
|
+
it 'should have aliased render' do
|
669
574
|
expect(PostsController.new).to respond_to :_render
|
670
575
|
end
|
671
576
|
|
672
|
-
context
|
577
|
+
context 'when no arg' do
|
673
578
|
before do
|
674
579
|
PostsController.render_without_authorization
|
675
580
|
expect(Strongbolt).not_to receive(:without_authorization)
|
676
581
|
end
|
677
582
|
|
678
|
-
it
|
583
|
+
it 'should perform without auth when index' do
|
679
584
|
get :index
|
680
585
|
end
|
681
586
|
|
682
|
-
it
|
587
|
+
it 'should perform without auth when show' do
|
683
588
|
get :show, id: 1
|
684
589
|
end
|
685
590
|
end
|
686
591
|
|
687
|
-
context
|
592
|
+
context 'when 1 arg' do
|
688
593
|
before do
|
689
594
|
PostsController.render_without_authorization :index
|
690
595
|
end
|
691
596
|
|
692
|
-
it
|
597
|
+
it 'should perform without auth when index' do
|
693
598
|
expect(Strongbolt).to receive(:without_authorization)
|
694
599
|
get :index
|
695
600
|
end
|
696
601
|
|
697
|
-
it
|
602
|
+
it 'should not perform without auth when show' do
|
698
603
|
expect(Strongbolt).not_to receive(:without_authorization)
|
699
604
|
get :show, id: 1
|
700
605
|
end
|
701
606
|
end
|
702
|
-
|
703
607
|
end
|
704
|
-
|
705
|
-
|
706
608
|
end
|