Permalink
Browse files

Accept method names as strings for allows/denies

  • Loading branch information...
1 parent 4f9b23c commit 768c51fe116a9a5eaac3b69d3db55d628c1c78c4 @haines committed Nov 13, 2012
Showing with 43 additions and 21 deletions.
  1. +4 −4 lib/draper/security.rb
  2. +39 −17 spec/draper/security_spec.rb
View
8 lib/draper/security.rb
@@ -6,19 +6,19 @@ def initialize
end
def denies(*methods)
- raise ArgumentError, "Specify at least one method (as a symbol) to exclude when using denies" if methods.empty?
+ raise ArgumentError, "Specify at least one method to blacklist when using denies" if methods.empty?
self.strategy = :denies
- @denied += methods
+ @denied += methods.map(&:to_sym)
end
def denies_all
self.strategy = :denies_all
end
def allows(*methods)
- raise ArgumentError, "Specify at least one method (as a symbol) to allow when using allows" if methods.empty?
+ raise ArgumentError, "Specify at least one method to whitelist when using allows" if methods.empty?
self.strategy = :allows
- @allowed += methods
+ @allowed += methods.map(&:to_sym)
end
def allow?(method)
View
56 spec/draper/security_spec.rb
@@ -1,11 +1,17 @@
require 'spec_helper'
+RSpec::Matchers.define :allow do |method|
+ match do |subject|
+ subject.allow?(method)
+ end
+end
+
describe Draper::Security do
subject(:security) { Draper::Security.new }
context "when newly initialized" do
it "allows any method" do
- security.allow?(:foo).should be_true
+ security.should allow :foo
end
end
@@ -19,12 +25,12 @@
before { security.denies :foo, :bar }
it "denies the listed methods" do
- security.allow?(:foo).should be_false
- security.allow?(:bar).should be_false
+ security.should_not allow :foo
+ security.should_not allow :bar
end
it "allows other methods" do
- security.allow?(:baz).should be_true
+ security.should allow :baz
end
it "accepts multiple denies" do
@@ -43,16 +49,24 @@
before { security.denies :baz }
it "still denies the original methods" do
- security.allow?(:foo).should be_false
- security.allow?(:bar).should be_false
+ security.should_not allow :foo
+ security.should_not allow :bar
end
it "denies the additional methods" do
- security.allow?(:baz).should be_false
+ security.should_not allow :baz
end
it "allows other methods" do
- security.allow?(:qux).should be_true
+ security.should allow :qux
+ end
+ end
+
+ context "with strings" do
+ before { security.denies "baz" }
+
+ it "denies the method" do
+ security.should_not allow :baz
end
end
end
@@ -61,7 +75,7 @@
before { security.denies_all }
it "denies all methods" do
- security.allow?(:foo).should be_false
+ security.should_not allow :foo
end
it "accepts multiple denies_all" do
@@ -80,7 +94,7 @@
before { security.denies_all }
it "still denies all methods" do
- security.allow?(:foo).should be_false
+ security.should_not allow :foo
end
end
end
@@ -95,12 +109,12 @@
before { security.allows :foo, :bar }
it "allows the listed methods" do
- security.allow?(:foo).should be_true
- security.allow?(:bar).should be_true
+ security.should allow :foo
+ security.should allow :bar
end
it "denies other methods" do
- security.allow?(:baz).should be_false
+ security.should_not allow :baz
end
it "accepts multiple allows" do
@@ -119,16 +133,24 @@
before { security.allows :baz }
it "still allows the original methods" do
- security.allow?(:foo).should be_true
- security.allow?(:bar).should be_true
+ security.should allow :foo
+ security.should allow :bar
end
it "allows the additional methods" do
- security.allow?(:baz).should be_true
+ security.should allow :baz
end
it "denies other methods" do
- security.allow?(:qux).should be_false
+ security.should_not allow :qux
+ end
+ end
+
+ context "with strings" do
+ before { security.allows "baz" }
+
+ it "allows the method" do
+ security.should allow :baz
end
end
end

0 comments on commit 768c51f

Please sign in to comment.