Skip to content

Commit

Permalink
new be_allowed_to matcher, specs for matchers
Browse files Browse the repository at this point in the history
  • Loading branch information
@triskweline
triskweline committed Sep 1, 2010
1 parent 8faa162 commit 2c038b5
Show file tree
Hide file tree
Showing 9 changed files with 128 additions and 91 deletions.
1 change: 1 addition & 0 deletions README.rdoc
View file
Expand Up @@ -64,6 +64,7 @@ There is an awesome {documentation wiki}[http://wiki.github.com/makandra/aegis/]
* {Handling denied permissions in your controllers}[http://wiki.github.com/makandra/aegis/handling-denied-permissions-in-your-controllers]
* {Changing behavior when a permission is undefined}[http://wiki.github.com/makandra/aegis/changing-behavior-when-a-permission-is-undefined]
* {Multiple roles per user}[http://wiki.github.com/makandra/aegis/multiple-roles-per-user]
* {Testing permissions}[http://wiki.github.com/makandra/aegis/testing-permissions]
* {Upgrading to Aegis 2}[http://wiki.github.com/makandra/aegis/upgrading-to-aegis-2]


Expand Down
88 changes: 3 additions & 85 deletions lib/aegis/spec.rb
View file
@@ -1,86 +1,4 @@
module Aegis
module Matchers
# Support aegis/spec for old code.
# Maybe remove this some day.
require 'aegis/spec/matchers'

class CheckPermissions

def initialize(expected_resource, expected_options = {})
@expected_resource = expected_resource
@expected_options = expected_options
end

def matches?(controller)
@controller_class = controller.class
@actual_resource = @controller_class.instance_variable_get('@aegis_permissions_resource')
@actual_options = @controller_class.instance_variable_get('@aegis_permissions_options')
@actual_resource == @expected_resource && @actual_options == @expected_options
end

def failure_message
if @actual_resource != @expected_resource
"expected #{@controller_class} to check permissions against resource #{@expected_resource.inspect}, but it checked against #{@actual_resource.inspect}"
else
"expected #{@controller_class} to check permissions with options #{@expected_options.inspect}, but options were #{@actual_options.inspect}"
end
end

def negative_failure_message
if @actual_resource == @expected_resource
"expected #{@controller_class} to not check permissions against resource #{@expected_resource.inspect}"
else
"expected #{@controller_class} to not check permissions with options #{@expected_options.inspect}"
end
end

def description
description = "check permissions against resource #{@expected_resource.inspect}"
description << " with options #{@expected_options.inspect}" if @expected_options.any?
description
end

end

def check_permissions(*args)
CheckPermissions.new(*args)
end

end
end


ActiveSupport::TestCase.send :include, Aegis::Matchers

#Spec::Rails::Example::ControllerExampleGroup.extend Aegis::ControllerSpecMacros


# def it_should_allow_access_for(*allowed_roles, &block)
#
# denied_roles = Permissions.roles.collect(&:name) - allowed_roles
#
# describe 'permissions' do
#
# before :each do
# sign_out
# end
#
# it "should deny access when no user is signed in" do
# expect { instance_eval(&block) }.to raise_error(Aegis::AccessDenied)
# end
#
# allowed_roles.each do |role|
# it "should allow access for an authenticated #{role}" do
# sign_in User.new(:role_name => role)
# expect { instance_eval(&block) }.to_not raise_error
# response.code.should == '200'
# end
# end
#
# denied_roles.each do |role|
# it "should deny access for an authenticated #{role}" do
# sign_in User.new(:role_name => role)
# expect { instance_eval(&block) }.to raise_error(Aegis::AccessDenied)
# end
# end
#
# end
#
# end
63 changes: 63 additions & 0 deletions lib/aegis/spec/matchers.rb
View file
@@ -0,0 +1,63 @@
module Aegis
module Spec
module Matchers

class CheckPermissions

def initialize(expected_resource, expected_options = {})
@expected_resource = expected_resource
@expected_options = expected_options
end

def matches?(controller)
@controller_class = controller.class
@actual_resource = @controller_class.instance_variable_get('@aegis_permissions_resource')
@actual_options = @controller_class.instance_variable_get('@aegis_permissions_options')
@actual_resource == @expected_resource && @actual_options == @expected_options
end

def failure_message
if @actual_resource != @expected_resource
"expected #{@controller_class} to check permissions against resource #{@expected_resource.inspect}, but it checked against #{@actual_resource.inspect}"
else
"expected #{@controller_class} to check permissions with options #{@expected_options.inspect}, but options were #{@actual_options.inspect}"
end
end

def negative_failure_message
if @actual_resource == @expected_resource
"expected #{@controller_class} to not check permissions against resource #{@expected_resource.inspect}"
else
"expected #{@controller_class} to not check permissions with options #{@expected_options.inspect}"
end
end

def description
description = "check permissions against resource #{@expected_resource.inspect}"
description << " with options #{@expected_options.inspect}" if @expected_options.any?
description
end

end

def check_permissions(*args)
CheckPermissions.new(*args)
end

def be_allowed_to(*args)
simple_matcher do |user, matcher|
action, *action_args = args
target = action.to_s + (action_args.present? ? " given #{action_args.inspect}" : "")
matcher.description = "be allowed to " + target
matcher.failure_message = "expected #{user.inspect} to be allowed to #{target}"
matcher.negative_failure_message = "expected #{user.inspect} to be denied to #{target}"
user.send("may_#{action}?", *action_args)
end
end

end
end
end

ActiveSupport::TestCase.send :include, Aegis::Spec::Matchers

4 changes: 2 additions & 2 deletions spec/action_controller_spec.rb → spec/aegis/action_controller_spec.rb
View file
@@ -1,6 +1,6 @@
require File.dirname(__FILE__) + "/spec_helper"
require "spec_helper"

describe 'Aegis::ActionController' do
describe Aegis::ActionController do

before(:each) do

Expand Down
2 changes: 1 addition & 1 deletion spec/has_role_spec.rb → spec/aegis/has_role_spec.rb
View file
@@ -1,4 +1,4 @@
require File.dirname(__FILE__) + "/spec_helper"
require "spec_helper"

describe Aegis::HasRole do

Expand Down
2 changes: 1 addition & 1 deletion spec/loader_spec.rb → spec/aegis/loader_spec.rb
View file
@@ -1,4 +1,4 @@
require File.dirname(__FILE__) + "/spec_helper"
require "spec_helper"

describe Aegis::Loader do

Expand Down
2 changes: 1 addition & 1 deletion spec/permissions_spec.rb → spec/aegis/permissions_spec.rb
View file
@@ -1,4 +1,4 @@
require File.dirname(__FILE__) + "/spec_helper"
require "spec_helper"

describe Aegis::Permissions do

Expand Down
2 changes: 1 addition & 1 deletion spec/sieve_spec.rb → spec/aegis/sieve_spec.rb
View file
@@ -1,4 +1,4 @@
require File.dirname(__FILE__) + "/spec_helper"
require "spec_helper"

describe Aegis::Sieve do

Expand Down
55 changes: 55 additions & 0 deletions spec/aegis/spec/matchers_spec.rb
View file
@@ -0,0 +1,55 @@
require 'spec_helper'

describe Aegis::Spec::Matchers do

describe 'be_allowed_to' do

before(:each) do

permissions = @permissions = Class.new(Aegis::Permissions) do
role :user
resources :files do
allow :user do
object == 'allowed-file'
end
end
end

@user_class = Class.new(ActiveRecord::Base) do
set_table_name 'users'
has_role :permissions => permissions
end

@user = @user_class.new(:role_name => 'user')

end

it 'should match the positive case' do
@user.should be_allowed_to(:update_file, 'allowed-file')
end

it 'should match the negative case' do
@user.should_not be_allowed_to(:update_file, 'denied-file')
end

end

describe 'check_permissions' do

before(:each) do
@controller = Class.new(ActionController::Base) do
permissions :post
end.new
end

it 'should match the positive case' do
@controller.should check_permissions(:post)
end

it 'should match the negative case' do
@controller.should_not check_permissions(:reviews)
end

end

end

0 comments on commit 2c038b5

Please sign in to comment.