Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added with_context qualifier to have_authorized_scope matcher #260

Merged
merged 2 commits into from Apr 19, 2024
Merged

Added with_context qualifier to have_authorized_scope matcher #260

merged 2 commits into from Apr 19, 2024

Conversation

killondark
Copy link
Contributor

Hi @palkan. I added with_context qualifier to have_authorized_scope matcher
Discussed in #258

PR checklist:

  • Tests included
  • Documentation updated

@coveralls-official Coveralls Official
Copy link

coveralls-official bot commented Apr 5, 2024
edited

Coverage Status

coverage: 93.639% (+0.05%) from 93.587%
when pulling 86d553e on killondark:add-with_context-to-have_authorized_scope
into 8e69239 on palkan:master.

palkan
palkan requested changes Apr 5, 2024
View reviewed changes
Copy link
Owner

@palkan palkan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

Left some comments, please, take a look.

lib/action_policy/testing.rb Outdated
policy_class == policy.class &&
type == actual_type &&
name == actual_name &&
actual_scope_options === scope_options
actual_scope_options === scope_options &&
actual_context.all? { |key, value| context[key] == value }
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should use the same logic here as for authorization calls:

action_policy/lib/action_policy/testing.rb

Lines 29 to 33 in 8e69239

def context_matches?(context, actual)
return true unless context
context === actual || actual >= context
end

It covers subsets and RSpec composable matchers.

lib/action_policy/rspec/have_authorized_scope.rb Outdated

def initialize(type)
@type = type
@name = :default
@scope_options = nil
@context = {}
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The default MUST be nil (meaning that we don't want to verify context)

lib/action_policy/testing.rb Outdated

def initialize(policy, target, type, name, scope_options)
@policy = policy
@target = target
@type = type
@name = name
@scope_options = scope_options
@context = policy.authorization_context
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We already have policy in the state, no need to extract context into its own instance variable.

docs/testing.md Outdated
Comment on lines 327 to 329
def favorite
authorized_scope(User.all, context: {favorite: true})
end
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A context is usually a record (it's an acting subject); it's unlikely a bool. Let's change this example:

Suggested change
def favorite
authorized_scope(User.all, context: {favorite: true})
end
def for_user
user = User.find(params[:id])
authorized_scope(User.all, context: {user:})
end

docs/testing.md Outdated
Comment on lines 418 to 420
expect { get :favorite }.to have_authorized_scope(:scope)
.with_scope_options(matching(with_deleted: a_falsey_value))
.with_context(favorite: true)
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
expect { get :favorite }.to have_authorized_scope(:scope)
.with_scope_options(matching(with_deleted: a_falsey_value))
.with_context(favorite: true)
expect { get :for_user, params: {id: user.id} }.to have_authorized_scope(:scope)
.with_scope_options(matching(with_deleted: a_falsey_value))
.with_context(a_hash_including(user:))

@killondark
Copy link
Contributor Author

Thanks for your comments. Corrected. Please check it.

@killondark
Copy link
Contributor Author

Hi @palkan. Have you seen my latest fixes?

palkan
palkan approved these changes Apr 19, 2024
View reviewed changes
Copy link
Owner

@palkan palkan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

lib/action_policy/rspec/have_authorized_scope.rb
@@ -105,7 +104,7 @@ def scope_options_message
end

def context_message
context.empty? ? "without context" : "with context: #{context}"
context.blank? ? "without context" : "with context: #{context}"
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We cannot use #blank? here, we have no dependency on Active Support core extensions (I'll fix it).

@palkan palkan merged commit 64edca8 into palkan:master Apr 19, 2024
11 of 13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@palkan palkan palkan approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@killondark @palkan