Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Run tests in random order and fix one

  • Loading branch information...
commit 83bfa6aff8467803b2917aa8ce038d164ff3d2e7 1 parent 955c7ba
@nathanl authored
View
18 lib/authority.rb
@@ -31,16 +31,20 @@ def self.adjectives
# @raise [SecurityViolation] if user is not allowed to perform action on resource
# @return [Model] resource instance
def self.enforce(action, resource, user, *options)
- action_authorized = if options.empty?
- user.send("can_#{action}?", resource)
- else
- user.send("can_#{action}?", resource, Hash[*options])
- end
- raise SecurityViolation.new(user, action, resource) unless action_authorized
-
+ unless action_authorized?(action, resource, user, *options)
+ raise SecurityViolation.new(user, action, resource)
+ end
resource
end
+ def self.action_authorized?(action, resource, user, *options)
+ if options.empty?
+ user.send("can_#{action}?", resource)
+ else
+ user.send("can_#{action}?", resource, Hash[*options])
+ end
+ end
+
class << self
attr_accessor :configuration
end
View
5 spec/authority/controller_spec.rb
@@ -91,6 +91,11 @@
end
it "checks authorization on the model specified" do
+ # TODO - rethink this test and/or the test structure of this file.
+ # Stubbing here is a code smell; it really reflects that
+ # `run_authorization_check` is meant to be a before_filter, added
+ # after some setup has been done by `authorize_actions_for`
+ ExampleController.stub(:authority_resource).and_return(ExampleModel)
@controller.should_receive(:authorize_action_for).with(ExampleModel)
@controller.send(:run_authorization_check)
end
View
1  spec/spec_helper.rb
@@ -6,4 +6,5 @@
RSpec.configure do |config|
config.mock_with :rspec
+ config.order = :random
end
Please sign in to comment.
Something went wrong with that request. Please try again.