thelinuxlich-aegis 1.1.7

data/test/app_root/config/database.yml

@@ -0,0 +1,21 @@
+in_memory:
+  adapter: sqlite3
+  database: ":memory:"
+  verbosity: quiet
+sqlite:
+  adapter: sqlite
+  dbfile: plugin_test.sqlite.db
+sqlite3:
+  adapter: sqlite3
+  dbfile: plugin_test.sqlite3.db
+postgresql:
+  adapter: postgresql
+  username: postgres
+  password: postgres
+  database: plugin_test
+mysql:
+  adapter: mysql
+  host: localhost
+  username: root
+  password:
+  database: plugin_test

data/test/app_root/config/environment.rb

@@ -0,0 +1,14 @@
+require File.join(File.dirname(__FILE__), 'boot')
+
+Rails::Initializer.run do |config|
+  config.cache_classes = false
+  config.whiny_nils = true
+  config.action_controller.session = { :key => "_myapp_session", :secret => "gwirofjweroijger8924rt2zfwehfuiwehb1378rifowenfoqwphf23" }
+  config.plugin_locators.unshift(
+    Class.new(Rails::Plugin::Locator) do
+      def plugins
+        [Rails::Plugin.new(File.expand_path('.'))]
+      end
+    end
+  ) unless defined?(PluginTestHelper::PluginLocator)
+end

data/test/app_root/config/routes.rb

@@ -0,0 +1,4 @@
+ActionController::Routing::Routes.draw do |map|
+  map.connect ':controller/:action/:id'
+  map.connect ':controller/:action/:id.:format'
+end

data/test/app_root/db/migrate/20090408115228_create_users.rb

@@ -0,0 +1,14 @@
+class CreateUsers < ActiveRecord::Migration
+
+  def self.up
+    create_table :users do |t|
+      t.string :role_name
+      t.timestamps
+    end
+  end
+
+  def self.down
+    drop_table :users
+  end
+  
+end

data/test/app_root/db/migrate/20090429075648_create_soldiers.rb

@@ -0,0 +1,14 @@
+class CreateSoldiers < ActiveRecord::Migration
+
+  def self.up
+    create_table :soldiers do |t|
+      t.string :rank
+      t.timestamps
+    end
+  end
+
+  def self.down
+    drop_table :soldiers
+  end
+  
+end

data/test/app_root/db/migrate/20091110075648_create_veteran_soldiers.rb

@@ -0,0 +1,14 @@
+class CreateVeteranSoldiers < ActiveRecord::Migration
+
+  def self.up
+    create_table :veteran_soldiers do |t|
+      t.string :rank
+      t.timestamps
+    end
+  end
+
+  def self.down
+    drop_table :veteran_soldiers
+  end
+  
+end

data/test/app_root/db/migrate/20091110075649_create_trust_fund_kids.rb

@@ -0,0 +1,15 @@
+class CreateTrustFundKids < ActiveRecord::Migration
+
+  def self.up
+    create_table :trust_fund_kids do |t|
+      t.string :role_name
+      t.integer :account_balance
+      t.timestamps
+    end
+  end
+
+  def self.down
+    drop_table :trust_fund_kids
+  end
+  
+end

data/test/app_root/lib/console_with_fixtures.rb

@@ -0,0 +1,4 @@
+# Loads fixtures into the database when running the test app via the console
+(ENV['FIXTURES'] ? ENV['FIXTURES'].split(/,/) : Dir.glob(File.join(Rails.root, '../fixtures/*.{yml,csv}'))).each do |fixture_file|
+  Fixtures.create_fixtures(File.join(Rails.root, '../fixtures'), File.basename(fixture_file, '.*'))
+end

data/test/app_root/log/.gitignore

@@ -0,0 +1 @@
+*.log

data/test/app_root/script/console

@@ -0,0 +1,7 @@
+irb = RUBY_PLATFORM =~ /(:?mswin|mingw)/ ? 'irb.bat' : 'irb'
+libs =  " -r irb/completion"
+libs << " -r test/test_helper"
+libs << " -r console_app"
+libs << " -r console_with_helpers"
+libs << " -r console_with_fixtures"
+exec "#{irb} #{libs} --simple-prompt"

data/test/has_role_options_test.rb

@@ -0,0 +1,64 @@
+require "test/test_helper"
+
+class HasRoleOptionsTest < ActiveSupport::TestCase
+
+  context "A record with a custom role field" do
+
+    setup do 
+      @soldier = Soldier.new
+    end
+    
+    should "allow its role to be written and read" do
+      @soldier.role = "guest"
+      assert_equal :guest, @soldier.role.name
+    end
+    
+    should "store the role name in the custom field" do
+      @soldier.role = "guest"
+      assert_equal "guest", @soldier.rank
+    end
+    
+    should "still work with permissions" do
+      @soldier.role = "guest"
+      assert @soldier.may_hug?
+      assert !@soldier.may_update_users?
+    end
+    
+  end
+
+  context "A record wiring up its role using legacy parameter names" do
+
+    setup do 
+      @vetaran_soldier = VeteranSoldier.new
+    end
+    
+    should "allow its role to be written and read" do
+      @vetaran_soldier.role = "guest"
+      assert_equal :guest, @vetaran_soldier.role.name
+    end
+    
+  end
+  
+  context "A record with a default role" do
+  
+    should "create new instances with that role" do
+      assert_equal :admin, TrustFundKid.new.role.name
+    end
+    
+    should "set that role if the initial role name is blank" do
+      assert_equal :admin, TrustFundKid.new(:role_name => "").role.name
+    end
+  
+    should "ignore the default if another role is given" do
+      assert_equal :student, TrustFundKid.new(:role_name => "student").role.name
+    end
+    
+    should "not update existing records with the default role" do
+      kid = TrustFundKid.create!(:role_name => "student")
+      kid.update_attributes(:account_balance => 10_000_000)
+      assert_equal :student, kid.reload.role.name
+    end
+  
+  end
+
+end

data/test/has_role_test.rb

@@ -0,0 +1,54 @@
+require "test/test_helper"
+
+class HasRoleTest < ActiveSupport::TestCase
+
+  context "Objects that have an aegis role" do
+
+    setup do 
+      @guest = User.new(:role_name => "guest")
+      @student = User.new(:role_name => "student")
+      @student_subclass = UserSubclass.new(:role_name => "student")
+      @admin = User.new(:role_name => "admin")
+    end
+    
+    should "know their role" do
+      assert_equal :guest, @guest.role.name
+      assert_equal :student, @student.role.name
+      assert_equal :student, @student_subclass.role.name
+      assert_equal :admin, @admin.role.name
+    end
+    
+    should "know if they belong to a role" do
+      assert @guest.guest?
+      assert !@guest.student?
+      assert !@guest.admin?
+      assert !@student.guest?
+      assert !@student_subclass.guest?
+      assert @student.student?
+      assert @student_subclass.student?
+      assert !@student.admin?
+      assert !@student_subclass.admin?
+      assert !@admin.guest?
+      assert !@admin.student?
+      assert @admin.admin?
+    end
+    
+    should "still behave as usual when a method ending in a '?' does not map to a role query" do
+      assert_raise NoMethodError do
+        @guest.nonexisting_method?
+      end
+    end
+    
+    should "know that they respond to permission methods" do
+      assert @guest.respond_to?(:may_foo?)
+      assert @guest.respond_to?(:may_foo!)
+    end
+    
+    should "retain the usual respond_to behaviour for non-permission methods" do
+      assert !@guest.respond_to?(:nonexisting_method)
+      assert @guest.respond_to?(:to_s)
+    end
+    
+  end
+
+end

data/test/permissions_test.rb

@@ -0,0 +1,109 @@
+require "test/test_helper"
+
+class PermissionsTest < ActiveSupport::TestCase
+
+  context "Aegis permissions" do
+
+    setup do 
+      @guest = User.new(:role_name => "guest")
+      @student = User.new(:role_name => "student")
+      @student_subclass = UserSubclass.new(:role_name => "student")
+      @admin = User.new(:role_name => "admin")
+    end
+    
+    should "use the default permission for actions without any allow or grant directives" do
+      assert !@guest.may_use_empty?
+      assert !@student.may_use_empty?
+      assert !@student_subclass.may_use_empty?
+      assert @admin.may_use_empty?
+    end
+    
+    should "understand simple allow and deny directives" do
+      assert !@guest.may_use_simple?
+      assert @student.may_use_simple?
+      assert @student_subclass.may_use_simple?
+      assert !@admin.may_use_simple?
+    end
+    
+    should 'raise exceptions when a denied action is queried with an exclamation mark' do
+      assert_raise Aegis::PermissionError do
+        @guest.may_use_simple!
+      end
+      assert_raise Aegis::PermissionError do
+        @admin.may_use_simple!
+      end
+    end
+    
+    should 'do nothing if an allowed action is queried with an exclamation mark' do
+      assert_nothing_raised do
+        @student.may_use_simple!
+        @student_subclass.may_use_simple!
+      end
+    end
+    
+    should "implicate the singular form of an action described in plural form" do
+      assert !@guest.may_update_users?
+      assert !@guest.may_update_user?("foo")
+      assert @student.may_update_users?
+      assert @student_subclass.may_update_users?
+      assert @student.may_update_user?("foo")
+      assert @student_subclass.may_update_user?("foo")
+      assert !@admin.may_update_users?
+      assert !@admin.may_update_user?("foo")
+    end
+    
+    should 'implicate create, read, update and destroy forms for actions named "crud_..."' do
+      assert @student.may_create_projects?
+      assert @student_subclass.may_create_projects?
+      assert @student.may_read_projects?
+      assert @student_subclass.may_read_projects?
+      assert @student.may_update_projects?
+      assert @student_subclass.may_update_projects?
+      assert @student.may_destroy_projects?
+      assert @student_subclass.may_destroy_projects?
+    end
+    
+    should 'perform normalization of CRUD verbs (e.g. "edit" and "update")' do
+      assert !@guest.may_edit_drinks?
+      assert @student.may_edit_drinks?
+      assert @student_subclass.may_edit_drinks?
+      assert !@admin.may_edit_drinks?
+      assert !@guest.may_update_drinks?
+      assert @student.may_update_drinks?
+      assert @student_subclass.may_update_drinks?
+      assert !@admin.may_update_drinks?
+    end
+    
+    should "be able to grant or deny actions to all roles using :everyone" do
+      assert @guest.may_hug?
+      assert @student.may_hug?
+      assert @student_subclass.may_hug?
+      assert @admin.may_hug?
+    end
+    
+    should "allow the definition of parametrized actions" do
+      assert !@guest.may_divide?(10, 2)
+      assert @student.may_divide?(10, 2)
+      assert @student_subclass.may_divide?(10, 2)
+      assert !@student.may_divide?(10, 0)
+      assert !@student_subclass.may_divide?(10, 0)
+      assert @admin.may_divide?(10, 2)
+      assert @admin.may_divide?(10, 0)
+    end
+    
+    should 'use default permissions for undefined actions' do
+      !@student.may_do_undefined_stuff?("foo")
+      !@student_subclass.may_do_undefined_stuff?("foo")
+      @admin.may_do_undefined_stuff?("foo")
+    end
+    
+    should 'overshadow previous action definitions with the same name' do
+      assert @guest.may_draw?
+      assert !@student.may_draw?
+      assert !@student_subclass.may_draw?
+      assert !@admin.may_draw?
+    end
+    
+  end
+
+end

data/test/test_helper.rb

@@ -0,0 +1,23 @@
+# Set the default environment to sqlite3's in_memory database
+ENV['RAILS_ENV'] ||= 'in_memory'
+
+# Load the Rails environment and testing framework
+require "#{File.dirname(__FILE__)}/app_root/config/environment"
+require "#{File.dirname(__FILE__)}/../lib/aegis"
+require 'test_help'
+require 'action_view/test_case' # Load additional test classes not done automatically by < Rails 2.2.2
+
+require "shoulda"
+
+# Undo changes to RAILS_ENV
+silence_warnings {RAILS_ENV = ENV['RAILS_ENV']}
+
+# Run the migrations
+ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate")
+
+# Set default fixture loading properties
+ActiveSupport::TestCase.class_eval do
+  self.use_transactional_fixtures = true
+  self.use_instantiated_fixtures = false
+  self.fixture_path = "#{File.dirname(__FILE__)}/fixtures"
+end

data/test/validation_test.rb

@@ -0,0 +1,55 @@
+require "test/test_helper"
+
+class ValidationTest < ActiveSupport::TestCase
+
+  context "A model that has and validates its role" do
+
+    setup do 
+      @user = User.new()
+    end
+    
+    context "that has a role_name mapping to a role" do
+      
+      setup do
+        @user.role_name = "admin"
+      end
+      
+      should "be valid" do
+        assert @user.valid?
+      end
+      
+    end
+    
+    context "that has a blank role_name" do
+      
+      setup do
+        @user.role_name = ""
+      end
+      
+      should "not be valid" do
+        assert !@user.valid?
+      end
+      
+    end
+    
+    context "that has a role_name not mapping to a role" do
+      
+      setup do
+        @user.role_name = "nonexisting_role_name"
+      end
+      
+      should "not be valid" do
+        assert !@user.valid?
+      end
+      
+    end
+    
+    should "use add the default inclusion error message on role_name" do
+      @user.role_name = ""
+      @user.valid?
+      assert_equal I18n.translate('activerecord.errors.messages.inclusion'), @user.errors.on(:role_name)
+    end
+    
+  end
+
+end