Permalink
Browse files

Clean up constants littered through tests

  • Loading branch information...
1 parent 4c46054 commit f8629abad89a9f3e6f38b96d6400afe3d905fa3e @nathanl committed Dec 8, 2012
View
53 spec/authority/abilities_spec.rb
@@ -3,42 +3,43 @@
describe Authority::Abilities do
- let(:user) { User.new }
+ let(:user) { ExampleUser.new }
+ let(:resource_class) { ExampleResource }
describe "instance methods" do
describe "authorizer_name" do
it "has a class attribute getter for authorizer_name" do
- expect(ExampleModel).to respond_to(:authorizer_name)
+ expect(resource_class).to respond_to(:authorizer_name)
end
it "has a class attribute setter for authorizer_name" do
- expect(ExampleModel).to respond_to(:authorizer_name=)
+ expect(resource_class).to respond_to(:authorizer_name=)
end
it "has a default authorizer_name of 'ApplicationAuthorizer'" do
- expect(ExampleModel.authorizer_name).to eq("ApplicationAuthorizer")
+ expect(resource_class.authorizer_name).to eq("ApplicationAuthorizer")
end
end
describe "authorizer" do
it "constantizes the authorizer name as the authorizer" do
- ExampleModel.instance_variable_set(:@authorizer, nil)
- ExampleModel.authorizer_name.should_receive(:constantize)
- ExampleModel.authorizer
+ resource_class.instance_variable_set(:@authorizer, nil)
+ resource_class.authorizer_name.should_receive(:constantize)
+ resource_class.authorizer
end
it "memoizes the authorizer to avoid reconstantizing" do
- ExampleModel.authorizer
- ExampleModel.authorizer_name.should_not_receive(:constantize)
- ExampleModel.authorizer
+ resource_class.authorizer
+ resource_class.authorizer_name.should_not_receive(:constantize)
+ resource_class.authorizer
end
it "raises a friendly error if the authorizer doesn't exist" do
- class NoAuthorizerModel < ExampleModel; end ;
+ class NoAuthorizerModel < resource_class; end ;
NoAuthorizerModel.instance_variable_set(:@authorizer, nil)
NoAuthorizerModel.authorizer_name = 'NonExistentAuthorizer'
expect { NoAuthorizerModel.authorizer }.to raise_error(Authority::NoAuthorizerError)
@@ -54,25 +55,25 @@ class NoAuthorizerModel < ExampleModel; end ;
method_name = "#{adjective}_by?"
it "responds to `#{method_name}`" do
- expect(ExampleModel).to respond_to(method_name)
+ expect(resource_class).to respond_to(method_name)
end
describe "#{method_name}" do
context "when given an options hash" do
it "delegates `#{method_name}` to its authorizer class, passing the options" do
- ExampleModel.authorizer.should_receive(method_name).with(user, :lacking => 'nothing')
- ExampleModel.send(method_name, user, :lacking => 'nothing')
+ resource_class.authorizer.should_receive(method_name).with(user, :lacking => 'nothing')
+ resource_class.send(method_name, user, :lacking => 'nothing')
end
end
context "when not given an options hash" do
it "delegates `#{method_name}` to its authorizer class, passing no options" do
- ExampleModel.authorizer.should_receive(method_name).with(user)
- ExampleModel.send(method_name, user)
+ resource_class.authorizer.should_receive(method_name).with(user)
+ resource_class.send(method_name, user)
end
end
@@ -85,37 +86,37 @@ class NoAuthorizerModel < ExampleModel; end ;
describe "instance methods" do
- let(:example_model) { ExampleModel.new }
+ let(:resource_instance) { resource_class.new }
before :each do
- @authorizer = ExampleModel.authorizer.new(example_model)
+ @authorizer = resource_class.authorizer.new(resource_instance)
end
Authority.adjectives.each do |adjective|
method_name = "#{adjective}_by?"
it "responds to `#{method_name}`" do
- expect(example_model).to respond_to(method_name)
+ expect(resource_instance).to respond_to(method_name)
end
describe "#{method_name}" do
context "when given an options hash" do
it "delegates `#{method_name}` to a new authorizer instance, passing the options" do
- ExampleModel.authorizer.stub(:new).and_return(@authorizer)
+ resource_class.authorizer.stub(:new).and_return(@authorizer)
@authorizer.should_receive(method_name).with(user, :with => 'mayo')
- example_model.send(method_name, user, :with => 'mayo')
+ resource_instance.send(method_name, user, :with => 'mayo')
end
end
context "when not given an options hash" do
it "delegates `#{method_name}` to a new authorizer instance, passing no options" do
- ExampleModel.authorizer.stub(:new).and_return(@authorizer)
+ resource_class.authorizer.stub(:new).and_return(@authorizer)
@authorizer.should_receive(method_name).with(user)
- example_model.send(method_name, user)
+ resource_instance.send(method_name, user)
end
end
@@ -125,15 +126,15 @@ class NoAuthorizerModel < ExampleModel; end ;
end
it "provides an accessor for its authorizer" do
- expect(example_model).to respond_to(:authorizer)
+ expect(resource_instance).to respond_to(:authorizer)
end
# When checking instance methods, we want to ensure that every check uses a new
# instance of the authorizer. Otherwise, you might check, make a change to the
# model instance, check again, and get an outdated answer.
it "always creates a new authorizer instance when accessing the authorizer" do
- example_model.class.authorizer.should_receive(:new).with(example_model).twice
- 2.times { example_model.authorizer }
+ resource_instance.class.authorizer.should_receive(:new).with(resource_instance).twice
+ 2.times { resource_instance.authorizer }
end
end
View
4 spec/authority/authorizer_spec.rb
@@ -3,9 +3,9 @@
describe Authority::Authorizer do
- let(:model_instance) { ExampleModel.new }
+ let(:model_instance) { ExampleResource.new }
let(:authorizer) { model_instance.authorizer }
- let(:user) { User.new }
+ let(:user) { ExampleUser.new }
it "takes a resource instance in its initializer" do
expect(authorizer.resource).to eq(model_instance)
View
22 spec/authority/controller_spec.rb
@@ -39,6 +39,8 @@ def self.before_filter(*args) ; end
end
end
+ let(:resource_class) { ExampleResource }
+
describe "the security violation callback" do
it "calls whatever method on the controller that the configuration specifies" do
@@ -86,21 +88,21 @@ def self.before_filter(*args) ; end
describe "authorize_actions_for" do
it "allows specifying the model to protect" do
- controller_class.authorize_actions_for(ExampleModel)
- expect(controller_class.authority_resource).to eq(ExampleModel)
+ controller_class.authorize_actions_for(resource_class)
+ expect(controller_class.authority_resource).to eq(resource_class)
end
it "sets up a before_filter, passing the options it was given" do
filter_options = {:only => [:show, :edit, :update]}
controller_class.should_receive(:before_filter).with(:run_authorization_check, filter_options)
- controller_class.authorize_actions_for(ExampleModel, filter_options)
+ controller_class.authorize_actions_for(resource_class, filter_options)
end
it "passes the action hash to the `authority_action` method" do
child_controller = Class.new(controller_class)
new_actions = {:synthesize => :create, :annihilate => 'delete'}
child_controller.should_receive(:authority_actions).with(new_actions)
- child_controller.authorize_actions_for(ExampleModel, :actions => new_actions)
+ child_controller.authorize_actions_for(resource_class, :actions => new_actions)
end
end
@@ -130,7 +132,7 @@ def self.before_filter(*args) ; end
let(:controller_class) do
Class.new(ExampleController).tap do |c|
c.send(:include, Authority::Controller)
- c.authorize_actions_for(ExampleModel)
+ c.authorize_actions_for(resource_class)
end
end
@@ -140,12 +142,12 @@ def self.before_filter(*args) ; end
end
end
- let(:user) { User.new }
+ let(:user) { ExampleUser.new }
describe "run_authorization_check (used as a before_filter)" do
it "checks authorization on the model specified" do
- controller_instance.should_receive(:authorize_action_for).with(ExampleModel)
+ controller_instance.should_receive(:authorize_action_for).with(resource_class)
controller_instance.send(:run_authorization_check)
end
@@ -164,13 +166,13 @@ def self.before_filter(*args) ; end
it "calls Authority.enforce to authorize the action" do
Authority.should_receive(:enforce)
- controller_instance.send(:authorize_action_for, ExampleModel)
+ controller_instance.send(:authorize_action_for, resource_class)
end
it "passes along any options it was given" do
options = {:for => 'insolence'}
- Authority.should_receive(:enforce).with('delete', ExampleModel, user, options)
- controller_instance.send(:authorize_action_for, ExampleModel, options)
+ Authority.should_receive(:enforce).with('delete', resource_class, user, options)
+ controller_instance.send(:authorize_action_for, resource_class, options)
end
end
View
21 spec/authority/integration_spec.rb
@@ -3,8 +3,9 @@
describe "integration from user through model to authorizer" do
- let(:user) { User.new }
- let(:model_instance) { ExampleModel.new }
+ let(:user) { ExampleUser.new }
+ let(:resource_class) { ExampleResource }
+ let(:resource_instance) { resource_class.new }
describe "class methods" do
@@ -18,17 +19,17 @@
describe "if given an options hash" do
it "delegates `#{adjective_method}` to its authorizer class, passing the options" do
- ExampleModel.authorizer.should_receive(adjective_method).with(user, :lacking => 'nothing')
- user.send(verb_method, ExampleModel, :lacking => 'nothing')
+ resource_class.authorizer.should_receive(adjective_method).with(user, :lacking => 'nothing')
+ user.send(verb_method, resource_class, :lacking => 'nothing')
end
end
describe "if not given an options hash" do
it "delegates `#{adjective_method}` to its authorizer class, passing no options" do
- ExampleModel.authorizer.should_receive(adjective_method).with(user)
- user.send(verb_method, model_instance)
+ resource_class.authorizer.should_receive(adjective_method).with(user)
+ user.send(verb_method, resource_instance)
end
end
@@ -41,10 +42,10 @@
describe "instance methods" do
- let!(:authorizer_instance) { ExampleModel.authorizer.new(model_instance) }
+ let!(:authorizer_instance) { resource_class.authorizer.new(resource_instance) }
before :each do
- ExampleModel.authorizer.stub(:new).and_return(authorizer_instance)
+ resource_class.authorizer.stub(:new).and_return(authorizer_instance)
end
Authority.verbs.each do |verb|
@@ -58,7 +59,7 @@
it "delegates `#{adjective_method}` to a new authorizer instance, passing the options" do
authorizer_instance.should_receive(adjective_method).with(user, :consistency => 'mushy')
- user.send(verb_method, model_instance, :consistency => 'mushy')
+ user.send(verb_method, resource_instance, :consistency => 'mushy')
end
end
@@ -67,7 +68,7 @@
it "delegates `#{adjective_method}` to a new authorizer instance, passing no options" do
authorizer_instance.should_receive(adjective_method).with(user)
- user.send(verb_method, model_instance)
+ user.send(verb_method, resource_instance)
end
end
View
12 spec/authority/user_abilities_spec.rb
@@ -3,8 +3,8 @@
describe Authority::UserAbilities do
- let(:model_instance) { ExampleModel.new }
- let(:user) { User.new }
+ let(:resource_instance) { ExampleResource.new }
+ let(:user) { ExampleUser.new }
describe "using `can_{verb}?` methods to check permissions on a resource" do
@@ -18,17 +18,17 @@
describe "if given options" do
it "delegates the authorization check to the resource, passing the options" do
- model_instance.should_receive("#{Authority.abilities[verb]}_by?").with(user, :size => 'wee')
- user.send(method_name, model_instance, :size => 'wee')
+ resource_instance.should_receive("#{Authority.abilities[verb]}_by?").with(user, :size => 'wee')
+ user.send(method_name, resource_instance, :size => 'wee')
end
end
describe "if not given options" do
it "delegates the authorization check to the resource, passing no options" do
- model_instance.should_receive("#{Authority.abilities[verb]}_by?").with(user)
- user.send(method_name, model_instance)
+ resource_instance.should_receive("#{Authority.abilities[verb]}_by?").with(user)
+ user.send(method_name, resource_instance)
end
end
View
15 spec/authority_spec.rb
@@ -39,33 +39,34 @@
describe "enforcement" do
- let(:user) { User.new }
+ let(:user) { ExampleUser.new }
+ let(:resource_class) { ExampleResource }
describe "if given options" do
it "checks the user's authorization, passing along the options" do
options = { :for => 'context' }
- user.should_receive(:can_delete?).with(ExampleModel, options).and_return(true)
- Authority.enforce(:delete, ExampleModel, user, options)
+ user.should_receive(:can_delete?).with(resource_class, options).and_return(true)
+ Authority.enforce(:delete, resource_class, user, options)
end
end
describe "if not given options" do
it "checks the user's authorization, passing no options" do
- user.should_receive(:can_delete?).with(ExampleModel).and_return(true)
- Authority.enforce(:delete, ExampleModel, user)
+ user.should_receive(:can_delete?).with(resource_class).and_return(true)
+ Authority.enforce(:delete, resource_class, user)
end
end
it "raises a SecurityViolation if the action is unauthorized" do
- expect { Authority.enforce(:update, ExampleModel, user) }.to raise_error(Authority::SecurityViolation)
+ expect { Authority.enforce(:update, resource_class, user) }.to raise_error(Authority::SecurityViolation)
end
it "doesn't raise a SecurityViolation if the action is authorized" do
- expect { Authority.enforce(:read, ExampleModel, user) }.not_to raise_error(Authority::SecurityViolation)
+ expect { Authority.enforce(:read, resource_class, user) }.not_to raise_error(Authority::SecurityViolation)
end
end
View
4 spec/support/example_classes.rb
@@ -1,8 +1,8 @@
-class User
+class ExampleUser
include Authority::UserAbilities
end
-class ExampleModel
+class ExampleResource
include Authority::Abilities
end

0 comments on commit f8629ab

Please sign in to comment.