removing unauthorized! in favor of authorize! and including more information in AccessDenied exception - closes #40

spec/cancan/controller_additions_spec.rb

@@ -5,29 +5,48 @@ describe CanCan::ControllerAdditions do
     @controller_class = Class.new
     @controller = @controller_class.new
     stub(@controller).params { {} }
+    stub(@controller).current_user { :current_user }
     mock(@controller_class).helper_method(:can?, :cannot?)
     @controller_class.send(:include, CanCan::ControllerAdditions)
   end
   
-  it "should raise access denied with default message when calling unauthorized!" do
-    lambda {
-      @controller.unauthorized!
-    }.should raise_error(CanCan::AccessDenied, "You are not authorized to access this page.")
+  it "should raise ImplementationRemoved when attempting to call 'unauthorized!' on a controller" do
+    lambda { @controller.unauthorized! }.should raise_error(CanCan::ImplementationRemoved)
   end
   
-  it "should raise access denied with custom message when calling unauthorized!" do
-    lambda {
-      @controller.unauthorized! "Access denied!"
-    }.should raise_error(CanCan::AccessDenied, "Access denied!")
+  it "should raise access denied exception if ability us unauthorized to perform a certain action" do
+    begin
+      @controller.authorize! :read, :foo, 1, 2, 3, :message => "Access denied!"
+    rescue CanCan::AccessDenied => e
+      e.message.should == "Access denied!"
+      e.action.should == :read
+      e.subject.should == :foo
+    else
+      fail "Expected CanCan::AccessDenied exception to be raised"
+    end
+  end
+  
+  it "should not raise access denied exception if ability is authorized to perform an action" do
+    @controller.current_ability.can :read, :foo
+    lambda { @controller.authorize!(:read, :foo) }.should_not raise_error
+  end
+  
+  it "should raise access denied exception with default message if not specified" do
+    begin
+      @controller.authorize! :read, :foo
+    rescue CanCan::AccessDenied => e
+      e.default_message = "Access denied!"
+      e.message.should == "Access denied!"
+    else
+      fail "Expected CanCan::AccessDenied exception to be raised"
+    end
   end
   
   it "should have a current_ability method which generates an ability for the current user" do
-    stub(@controller).current_user { :current_user }
     @controller.current_ability.should be_kind_of(Ability)
   end
   
   it "should provide a can? and cannot? methods which go through the current ability" do
-    stub(@controller).current_user { :current_user }
     @controller.current_ability.should be_kind_of(Ability)
     @controller.can?(:foo, :bar).should be_false
     @controller.cannot?(:foo, :bar).should be_true

spec/cancan/controller_resource_spec.rb

@@ -54,6 +54,6 @@ describe CanCan::ControllerResource do
   it "should raise an exception when specifying :class option since it is no longer used" do
     lambda {
       CanCan::ControllerResource.new(@controller, :ability, nil, :class => Person)
-    }.should raise_error(CanCan::Error)
+    }.should raise_error(CanCan::ImplementationRemoved)
   end
 end

spec/cancan/exceptions_spec.rb

@@ -0,0 +1,35 @@
+require "spec_helper"
+
+describe CanCan::AccessDenied do
+  describe "with action and subject" do
+    before(:each) do
+      @exception = CanCan::AccessDenied.new(nil, :some_action, :some_subject)
+    end
+    
+    it "should have action and subject accessors" do
+      @exception.action.should == :some_action
+      @exception.subject.should == :some_subject
+    end
+    
+    it "should have a changable default message" do
+      @exception.message.should == "You are not authorized to access this page."
+      @exception.default_message = "Unauthorized!"
+      @exception.message.should == "Unauthorized!"
+    end
+  end
+  
+  describe "with only a message" do
+    before(:each) do
+      @exception = CanCan::AccessDenied.new("Access denied!")
+    end
+    
+    it "should have nil action and subject" do
+      @exception.action.should be_nil
+      @exception.subject.should be_nil
+    end
+    
+    it "should have passed message" do
+      @exception.message.should == "Access denied!"
+    end
+  end
+end

spec/cancan/resource_authorization_spec.rb

@@ -3,7 +3,6 @@ require "spec_helper"
 describe CanCan::ResourceAuthorization do
   before(:each) do
     @controller = Object.new # simple stub for now
-    stub(@controller).unauthorized! { raise CanCan::AccessDenied }
   end
   
   it "should load the resource into an instance variable if params[:id] is specified" do
@@ -49,19 +48,15 @@ describe CanCan::ResourceAuthorization do
   
   it "should perform authorization using controller action and loaded model" do
     @controller.instance_variable_set(:@ability, :some_resource)
-    stub(@controller).cannot?(:show, :some_resource) { true }
+    stub(@controller).authorize!(:show, :some_resource) { raise CanCan::AccessDenied }
     authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "show")
-    lambda {
-      authorization.authorize_resource
-    }.should raise_error(CanCan::AccessDenied)
+    lambda { authorization.authorize_resource }.should raise_error(CanCan::AccessDenied)
   end
   
   it "should perform authorization using controller action and non loaded model" do
-    stub(@controller).cannot?(:show, Ability) { true }
+    stub(@controller).authorize!(:show, Ability) { raise CanCan::AccessDenied }
     authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "show")
-    lambda {
-      authorization.authorize_resource
-    }.should raise_error(CanCan::AccessDenied)
+    lambda { authorization.authorize_resource }.should raise_error(CanCan::AccessDenied)
   end
   
   it "should call load_resource and authorize_resource for load_and_authorize_resource" do