Permalink
Browse files

developer Help, disallow destroying standard roles

  • Loading branch information...
1 parent 48b5cfe commit a6328557e125cb4289e463100f3317cd175df2b8 @saturnflyer saturnflyer committed Jan 22, 2009
Showing with 37 additions and 6 deletions.
  1. +18 −0 HELP_developer.md
  2. +1 −1 app/controllers/admin/roles_controller.rb
  3. +18 −5 spec/controllers/admin/roles_controller_spec.rb
View
@@ -0,0 +1,18 @@
+With RBAC Base you can develop extensions that require their own roles.
+
+## Developing for RBAC Base
+To create an extension that uses it's own role, simply add fields to the
+database:
+
+ Role.create(:role_name => 'Finance', :allow_empty => false, :description => 'Only users in the Finance role may view financial data')
+
+Then, your extension will automatically be able to use `current_user.finance?`
+to return a boolean value based on the user being in that role.
+
+By setting `allow_empty` to `false`, the role management interface will
+not allow the last user to be removed from your role.
+
+Once you have the role you need, you can even set the visibility of any
+tabs that you create in your extension with your new role:
+
+ admin.tabs.add "Finance", "/admin/finance", :after => "Pages", :visibility => [:finance]
@@ -33,7 +33,7 @@ def create
def destroy
@role = Role.find(params[:id])
- @role.destroy
+ @role.destroy unless Role::RADIANT_STANDARDS.include?(@role.role_name)
redirect_to admin_roles_path()
rescue ActiveRecord::RecordNotFound
flash[:error] = 'The specified Role could not be found.'
@@ -2,13 +2,11 @@
describe Admin::RolesController do
before do
+ @current_user = mock_model(User)
controller.stub!(:current_user).and_return(mock_model(User))
+ controller.current_user.stub!(:admin?).and_return(true)
end
describe 'GET index' do
- before do
- @user = mock_model(User)
- controller.stub!(:current_user).and_return(@user)
- end
it "should assign all roles as @roles" do
@roles = []
Role.should_receive(:find).with(:all).and_return(@roles)
@@ -63,7 +61,7 @@
end
describe 'DELETE destroy' do
before do
- @role = mock_model(Role)
+ @role = mock_model(Role, :role_name => 'Test')
@role.stub!(:destroy)
Role.stub!(:find).and_return(@role)
end
@@ -83,6 +81,21 @@
it "should redirect to the roles index" do
Role.should_receive(:find).with('1').and_raise(ActiveRecord::RecordNotFound.new(@role))
delete :destroy, :id => '1'
+ response.should redirect_to(admin_roles_path)
+ end
+ end
+ describe "for a standard Radiant role" do
+ before do
+ @role = mock_model(Role, :role_name => Role::RADIANT_STANDARDS.first)
+ Role.stub!(:find).and_return(@role)
+ end
+ it "should redirect to the roles index" do
+ delete :destroy, :id => '1'
+ response.should redirect_to(admin_roles_path)
+ end
+ it "should not delete the role" do
+ @role.should_not_receive(:destroy)
+ delete :destroy, :id => '1'
end
end
end

0 comments on commit a632855

Please sign in to comment.