Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Accept method names as strings for allows/denies

  • Loading branch information...
commit 768c51fe116a9a5eaac3b69d3db55d628c1c78c4 1 parent 4f9b23c
Andrew Haines authored

Showing 2 changed files with 43 additions and 21 deletions. Show diff stats Hide diff stats

  1. +4 4 lib/draper/security.rb
  2. +39 17 spec/draper/security_spec.rb
8 lib/draper/security.rb
@@ -6,9 +6,9 @@ def initialize
6 6 end
7 7
8 8 def denies(*methods)
9   - raise ArgumentError, "Specify at least one method (as a symbol) to exclude when using denies" if methods.empty?
  9 + raise ArgumentError, "Specify at least one method to blacklist when using denies" if methods.empty?
10 10 self.strategy = :denies
11   - @denied += methods
  11 + @denied += methods.map(&:to_sym)
12 12 end
13 13
14 14 def denies_all
@@ -16,9 +16,9 @@ def denies_all
16 16 end
17 17
18 18 def allows(*methods)
19   - raise ArgumentError, "Specify at least one method (as a symbol) to allow when using allows" if methods.empty?
  19 + raise ArgumentError, "Specify at least one method to whitelist when using allows" if methods.empty?
20 20 self.strategy = :allows
21   - @allowed += methods
  21 + @allowed += methods.map(&:to_sym)
22 22 end
23 23
24 24 def allow?(method)
56 spec/draper/security_spec.rb
... ... @@ -1,11 +1,17 @@
1 1 require 'spec_helper'
2 2
  3 +RSpec::Matchers.define :allow do |method|
  4 + match do |subject|
  5 + subject.allow?(method)
  6 + end
  7 +end
  8 +
3 9 describe Draper::Security do
4 10 subject(:security) { Draper::Security.new }
5 11
6 12 context "when newly initialized" do
7 13 it "allows any method" do
8   - security.allow?(:foo).should be_true
  14 + security.should allow :foo
9 15 end
10 16 end
11 17
@@ -19,12 +25,12 @@
19 25 before { security.denies :foo, :bar }
20 26
21 27 it "denies the listed methods" do
22   - security.allow?(:foo).should be_false
23   - security.allow?(:bar).should be_false
  28 + security.should_not allow :foo
  29 + security.should_not allow :bar
24 30 end
25 31
26 32 it "allows other methods" do
27   - security.allow?(:baz).should be_true
  33 + security.should allow :baz
28 34 end
29 35
30 36 it "accepts multiple denies" do
@@ -43,16 +49,24 @@
43 49 before { security.denies :baz }
44 50
45 51 it "still denies the original methods" do
46   - security.allow?(:foo).should be_false
47   - security.allow?(:bar).should be_false
  52 + security.should_not allow :foo
  53 + security.should_not allow :bar
48 54 end
49 55
50 56 it "denies the additional methods" do
51   - security.allow?(:baz).should be_false
  57 + security.should_not allow :baz
52 58 end
53 59
54 60 it "allows other methods" do
55   - security.allow?(:qux).should be_true
  61 + security.should allow :qux
  62 + end
  63 + end
  64 +
  65 + context "with strings" do
  66 + before { security.denies "baz" }
  67 +
  68 + it "denies the method" do
  69 + security.should_not allow :baz
56 70 end
57 71 end
58 72 end
@@ -61,7 +75,7 @@
61 75 before { security.denies_all }
62 76
63 77 it "denies all methods" do
64   - security.allow?(:foo).should be_false
  78 + security.should_not allow :foo
65 79 end
66 80
67 81 it "accepts multiple denies_all" do
@@ -80,7 +94,7 @@
80 94 before { security.denies_all }
81 95
82 96 it "still denies all methods" do
83   - security.allow?(:foo).should be_false
  97 + security.should_not allow :foo
84 98 end
85 99 end
86 100 end
@@ -95,12 +109,12 @@
95 109 before { security.allows :foo, :bar }
96 110
97 111 it "allows the listed methods" do
98   - security.allow?(:foo).should be_true
99   - security.allow?(:bar).should be_true
  112 + security.should allow :foo
  113 + security.should allow :bar
100 114 end
101 115
102 116 it "denies other methods" do
103   - security.allow?(:baz).should be_false
  117 + security.should_not allow :baz
104 118 end
105 119
106 120 it "accepts multiple allows" do
@@ -119,16 +133,24 @@
119 133 before { security.allows :baz }
120 134
121 135 it "still allows the original methods" do
122   - security.allow?(:foo).should be_true
123   - security.allow?(:bar).should be_true
  136 + security.should allow :foo
  137 + security.should allow :bar
124 138 end
125 139
126 140 it "allows the additional methods" do
127   - security.allow?(:baz).should be_true
  141 + security.should allow :baz
128 142 end
129 143
130 144 it "denies other methods" do
131   - security.allow?(:qux).should be_false
  145 + security.should_not allow :qux
  146 + end
  147 + end
  148 +
  149 + context "with strings" do
  150 + before { security.allows "baz" }
  151 +
  152 + it "allows the method" do
  153 + security.should allow :baz
132 154 end
133 155 end
134 156 end

0 comments on commit 768c51f

Please sign in to comment.
Something went wrong with that request. Please try again.