strongbolt 0.3.6

data/spec/strongbolt/user_group_spec.rb

@@ -0,0 +1,37 @@
+require "spec_helper"
+
+module Strongbolt
+
+  describe UserGroup do
+    
+    let(:user_group) { UserGroup.new name: "PCCC" }
+
+    subject { user_group }
+
+    it { is_expected.to be_valid }
+
+    it { is_expected.to validate_presence_of :name }
+
+    it { is_expected.to have_many(:user_groups_users).class_name("Strongbolt::UserGroupsUser")
+      .dependent :restrict_with_exception }
+    it { is_expected.to have_many(:users).through :user_groups_users }
+
+    it { is_expected.to have_many(:roles_user_groups).class_name("Strongbolt::RolesUserGroup")
+      .dependent :delete_all }
+    it { is_expected.to have_many(:roles).through :roles_user_groups }
+    
+    it { is_expected.to have_many(:capabilities).through :roles }
+
+    context "when there are users linked to it" do
+      before { user_group.users << User.create! }
+
+      it "cannot delete" do
+        expect do
+          user_group.destroy
+        end.to raise_error ActiveRecord::DeleteRestrictionError
+      end
+    end
+
+  end
+
+end

data/spec/strongbolt/users_tenant_spec.rb

@@ -0,0 +1,36 @@
+require "spec_helper"
+
+describe Strongbolt::UsersTenant do
+
+  before(:all) do
+    define_model "TenantModel" do
+      self.table_name = "models"
+
+      tenant
+    end
+    define_model "Model" do
+      self.table_name = "models"
+    end
+  end
+  
+  let(:user)          { User.create! }
+  let(:tenant)        { TenantModel.create! }
+
+  let(:users_tenant)  { Strongbolt::UsersTenantModel.new user: user, tenant_model: tenant }
+
+  subject { users_tenant }
+
+  it { is_expected.to belong_to :user }
+  it { is_expected.to belong_to(:tenant_model).class_name("TenantModel") }
+
+  it { is_expected.to be_valid }
+  it { is_expected.to validate_presence_of :user }
+  it { is_expected.to validate_presence_of :tenant_model }
+
+  it "should ensure tenant is a Tenant" do
+    expect do
+      users_tenant = Strongbolt::UsersTenantModel.new user: user, tenant_model: Model.create!
+    end.to raise_error ActiveRecord::AssociationTypeMismatch
+  end
+
+end

data/spec/strongbolt_spec.rb

@@ -0,0 +1,274 @@
+require "spec_helper"
+
+describe Strongbolt do
+  
+  #
+  # Important included modules
+  #
+  it "should have included Grant::Grantable in ActiveRecord::Base" do
+    expect(ActiveRecord::Base.included_modules).to include Grant::Grantable  
+  end
+
+  it "should have included Bolted in ActiveRecord::Base" do
+    expect(ActiveRecord::Base.included_modules).to include Strongbolt::Bolted
+  end
+
+  it "should have included tentable" do
+    expect(ActiveRecord::Base.included_modules).to include Strongbolt::Tenantable
+  end
+
+  #
+  # Setting up
+  #
+
+  describe "it should include module" do
+    before do
+      define_model "UserModel"
+      Strongbolt.setup do |config|
+        config.user_class = "UserModel"
+      end
+    end
+    after do
+      Strongbolt.setup do |config|
+        config.user_class = "User"
+      end
+    end
+
+    it "should include UserAbilities" do
+      expect(UserModel.included_modules).to include Strongbolt::UserAbilities
+    end
+
+
+  end
+
+  #
+  # Access denied
+  #
+  describe "access denied" do
+    
+    before do
+      block = double('block', :call => nil)
+      expect(block).to receive(:call).with 'user', 'instance', 'action', 'request_path'
+      Strongbolt::Configuration.access_denied do |user, instance, action, request_path|
+        block.call user, instance, action, request_path
+      end
+    end
+    after { Strongbolt::Configuration.access_denied {} }
+
+    it "should call configuration's block" do
+      Strongbolt.access_denied 'user', 'instance', 'action', 'request_path'
+    end
+
+  end
+
+
+
+  #
+  # Without authorization
+  #
+  describe "without_authorization" do
+    it "should not perform authorization" do
+      Strongbolt.without_authorization do
+        expect(Grant::Status.grant_disabled?).to eq true
+      end
+    end
+
+    describe "perform action" do
+      before do
+        @user = User.create!
+        Strongbolt.current_user = User.create!
+      end
+      after { Strongbolt.current_user = nil }
+
+      let(:user) { @user }
+
+      context 'with authorization' do
+        it "should call user can? when normal" do
+          expect_any_instance_of(User).to receive(:can?)
+            .with(:find, user).and_return true
+          User.find user.id
+        end
+      end
+
+      context "when without_authorization" do
+        it "should not call can?" do
+          Strongbolt.without_authorization do
+            expect_any_instance_of(User).not_to receive(:can?)
+            expect(User.find user.id).to eq user
+          end
+        end
+      end
+    end
+  end
+
+
+  #
+  # Perform without authorization
+  #
+  describe "perform_without_authorization" do
+    before do
+      define("AnyClass", Object) do
+        def method arg1, arg2, &block
+          raise StandardError if Grant::Status.grant_enabled?
+        end
+      end
+    end
+
+    context "when not skipped" do
+      it "should raise error" do
+        expect do
+          AnyClass.new.method("ok", "ok2") {}
+        end.to raise_error
+      end
+    end
+
+    context "when skipped" do
+      before { AnyClass.perform_without_authorization :method }
+      
+      it "should skip authorization" do
+        expect do
+          AnyClass.new.method("ok", "ok2") {}
+        end.not_to raise_error
+      end
+    end
+  end
+
+
+  #
+  # Disable, enable
+  #
+  describe "disable/enable" do
+    before { Strongbolt.disable_authorization }
+    after { Strongbolt.enable_authorization }
+
+    context "disabling" do
+      it "should disable Grant" do
+        expect(Grant::Status.grant_enabled?).to eq false
+        expect(Strongbolt.enabled?).to eq false
+      end
+    end
+
+    context "enabling" do
+      it "should enable Grant" do
+        Strongbolt.enable_authorization
+        expect(Grant::Status.grant_disabled?).to eq false
+        expect(Strongbolt.disabled?).to eq false
+      end
+    end
+  end
+
+
+
+  #
+  # Setting the Grant user
+  #
+  describe 'setting the current user' do
+
+    context "when it is from the same class then defined (or default)" do
+
+      context "when the model doesn't have the module UserAbilities included" do
+        before do
+          define_model "UserWithout" do
+            self.table_name = 'users'
+          end
+          
+          # We configure the user class
+          Strongbolt::Configuration.user_class = 'UserWithout'
+        end
+        after { undefine_model "UserWithout" }
+
+        let(:user) { UserWithout.new }
+
+        it "should have included the module" do
+          Strongbolt.current_user = user
+          expect(UserWithout.included_modules).to include Strongbolt::UserAbilities
+        end
+
+        it "should set the current user" do
+          Strongbolt.current_user = user
+          expect(Strongbolt.current_user).to eq user
+          expect(Grant::User.current_user).to eq user
+        end
+      end # End when User Class doesn't have the UserAbilities included
+      
+      context 'when the model has the UserAbilities module included' do
+        
+        before do
+          define_model "UserWithAbilities" do
+            include Strongbolt::UserAbilities
+            self.table_name = 'users'
+          end
+          
+          # We configure the user class
+          Strongbolt::Configuration.user_class = 'UserWithAbilities'
+        end
+        after { undefine_model "UserWithAbilities" }
+        
+        let(:user) { UserWithAbilities.new }
+
+        it "should set the current user" do
+          Strongbolt.current_user = user
+          expect(Strongbolt.current_user).to eq user
+          expect(Grant::User.current_user).to eq user
+        end
+
+      end # End when User class has Abilities
+
+      context "when the user model is the base class of a STI" do
+        before do
+          define_model "BaseUser" do
+            self.table_name = 'users'
+          end
+          define "UserWithSTI", BaseUser do
+          end
+          Strongbolt::Configuration.user_class = 'BaseUser'
+        end
+
+        let(:user) { UserWithSTI.new }
+
+        it "should allow setting as user a subclass" do
+          Strongbolt.current_user = user
+          expect(Strongbolt.current_user).to eq user
+        end
+      end #/ end when user model is the base class of a STI
+
+      context "when the user model is a subclass of a STI" do
+        before do
+          define_model "BaseUser" do
+            self.table_name = 'users'
+          end
+          define "UserWithSTI", BaseUser do
+          end
+          Strongbolt::Configuration.user_class = "UserWithSTI"
+        end
+
+        let(:user) { UserWithSTI.new }
+
+        it "should allow setting as user a subclass" do
+          Strongbolt.current_user = user
+          expect(Strongbolt.current_user).to eq user
+        end
+
+        it "should not allos the base class" do
+          expect do
+            Strongbolt.current_user = BaseUser.new
+          end.to raise_error Strongbolt::WrongUserClass
+        end
+      end #/ end when user model is the base class of a STI
+
+    end # End when user given is the right class
+
+    context "when the model isn't from the user class" do
+      
+      it "should raise error" do
+        Strongbolt::Configuration.user_class = 'User'
+        expect do
+          Strongbolt.current_user = Model.new
+        end.to raise_error Strongbolt::WrongUserClass
+      end
+
+    end
+
+  end
+
+end

data/spec/support/controller_macros.rb

@@ -0,0 +1,11 @@
+module ControllerMacros
+
+  def login_user
+    before(:each) do
+      @user = Fabricate :user
+      sign_in @user
+    end
+    let(:current_user) { @user }
+  end
+
+end

data/spec/support/db_setup.rb

@@ -0,0 +1,134 @@
+require 'active_support/core_ext'
+require 'active_record'
+
+tmpdir = File.join(File.dirname(__FILE__), '..', '..', 'tmp')
+FileUtils.mkdir(tmpdir) unless File.exist?(tmpdir)
+test_db = File.join(tmpdir, 'test.db')
+
+connection_spec = {
+  :adapter => 'sqlite3',
+  :database => test_db
+}
+
+# Delete any existing instance of the test database
+FileUtils.rm test_db, :force => true
+
+# Create a new test database
+ActiveRecord::Base.establish_connection(connection_spec)
+
+# Models used during the tests
+
+class TestsMigrations < ActiveRecord::Migration
+  def change
+    create_table :users, :force => true do |t|
+      t.string :username
+
+      t.timestamps
+    end
+
+    create_table :models, :force => true do |t|
+      t.string :name
+      t.string :value
+      t.integer :user_id
+      t.integer :parent_id
+
+      t.timestamps
+    end
+
+    create_table :child_models, :force => true do |t|
+      t.integer :model_id
+      t.string  :model_type
+      t.integer :parent_id
+
+      t.timestamps
+    end
+
+    create_table :unowned_models, :force => true do |t|
+      t.string :name
+      t.string :value
+
+      t.timestamps
+    end
+
+    create_table :model_models, :force => true do |t|
+      t.integer :parent_id
+      t.integer :child_id
+    end
+
+    create_table :strongbolt_capabilities, :force => true do |t|
+      t.string   :name
+      t.string   :description
+      t.string   :model
+      t.string   :action
+      t.string   :attr
+      t.boolean  :require_ownership, :default => false, :null => false
+      t.boolean  :require_tenant_access, :default => true, :null => false
+
+      t.timestamps
+    end
+
+    create_table :strongbolt_roles, :force => true do |t|
+      t.string   :name
+      t.integer  :parent_id
+      t.integer  :lft
+      t.integer  :rgt
+      t.string   :description
+
+      t.timestamps
+    end
+
+    create_table :strongbolt_user_groups, :force => true do |t|
+      t.string :name
+      t.text :description
+
+      t.timestamps
+    end
+
+    create_table :strongbolt_user_groups_users, :force => true do |t|
+      t.integer :user_group_id
+      t.integer :user_id
+    end
+
+    create_table :strongbolt_roles_user_groups, :force => true do |t|
+      t.integer :user_group_id
+      t.integer :role_id
+    end
+
+    create_table :strongbolt_capabilities_roles, :force => true do |t|
+      t.integer  :role_id
+      t.integer  :capability_id
+    end
+
+    create_table :strongbolt_users_tenants, :force => true do |t|
+      t.integer  :user_id
+      t.integer  :tenant_id
+      t.string   :type
+    end
+
+    # Indexes
+    add_index :strongbolt_roles, :parent_id
+    add_index :strongbolt_roles, :lft
+    add_index :strongbolt_roles, :rgt
+
+    add_index :strongbolt_user_groups_users, :user_group_id
+    add_index :strongbolt_user_groups_users, :user_id
+
+    add_index :strongbolt_roles_user_groups, :user_group_id
+    add_index :strongbolt_roles_user_groups, :role_id
+
+    add_index :strongbolt_capabilities_roles, :role_id
+    add_index :strongbolt_capabilities_roles, :capability_id
+
+    add_index :strongbolt_users_tenants, :user_id
+    add_index :strongbolt_users_tenants, :tenant_id
+    add_index :strongbolt_users_tenants, :type
+    add_index :strongbolt_users_tenants, [:tenant_id, :type]
+  end
+end
+
+class User < ActiveRecord::Base; end
+class Model < ActiveRecord::Base; end
+class UnownedModel < ActiveRecord::Base; end
+
+
+