will/cancan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

improving inline documentation

Browse Source
This commit is contained in:
Ryan Bates
2010-05-21 13:41:24 -07:00
parent 7543eedd6a
commit dfd84a10ed
16 changed files with 254 additions and 238 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
spec/cancan/ability_spec.rb
View File

@@ -5,17 +5,17 @@ describe CanCan::Ability do
@ability = Object.new
@ability.extend(CanCan::Ability)
end
it "should be able to :read anything" do
@ability.can :read, :all
@ability.can?(:read, String).should be_true
@ability.can?(:read, 123).should be_true
end
it "should not have permission to do something it doesn't know about" do
@ability.can?(:foodfight, String).should be_false
end
it "should return what block returns on a can call" do
@ability.can :read, :all
@ability.can :read, Symbol do |sym|
@@ -24,21 +24,21 @@ describe CanCan::Ability do
@ability.can?(:read, Symbol).should be_nil
@ability.can?(:read, :some_symbol).should == :some_symbol
end
it "should pass class with object if :all objects are accepted" do
@ability.can :preview, :all do |object_class, object|
[object_class, object]
end
@ability.can?(:preview, 123).should == [Fixnum, 123]
end
it "should pass class with no object if :all objects are accepted and class is passed directly" do
@ability.can :preview, :all do |object_class, object|
[object_class, object]
end
@ability.can?(:preview, Hash).should == [Hash, nil]
end
it "should pass action and object for global manage actions" do
@ability.can :manage, Array do |action, object|
[action, object]
@@ -46,14 +46,14 @@ describe CanCan::Ability do
@ability.can?(:stuff, [1, 2]).should == [:stuff, [1, 2]]
@ability.can?(:stuff, Array).should == [:stuff, nil]
end
it "should alias update or destroy actions to modify action" do
@ability.alias_action :update, :destroy, :to => :modify
@ability.can(:modify, :all) { :modify_called }
@ability.can?(:update, 123).should == :modify_called
@ability.can?(:destroy, 123).should == :modify_called
end
it "should return block result for action, object_class, and object for any action" do
@ability.can :manage, :all do |action, object_class, object|
[action, object_class, object]
@@ -61,56 +61,56 @@ describe CanCan::Ability do
@ability.can?(:foo, 123).should == [:foo, Fixnum, 123]
@ability.can?(:bar, Fixnum).should == [:bar, Fixnum, nil]
end
it "should automatically alias index and show into read calls" do
@ability.can :read, :all
@ability.can?(:index, 123).should be_true
@ability.can?(:show, 123).should be_true
end
it "should automatically alias new and edit into create and update respectively" do
@ability.can(:create, :all) { :create_called }
@ability.can(:update, :all) { :update_called }
@ability.can?(:new, 123).should == :create_called
@ability.can?(:edit, 123).should == :update_called
end
it "should not respond to prepare (now using initialize)" do
@ability.should_not respond_to(:prepare)
end
it "should offer cannot? method which is simply invert of can?" do
@ability.cannot?(:tie, String).should be_true
end
it "should be able to specify multiple actions and match any" do
@ability.can [:read, :update], :all
@ability.can?(:read, 123).should be_true
@ability.can?(:update, 123).should be_true
@ability.can?(:count, 123).should be_false
end
it "should be able to specify multiple classes and match any" do
@ability.can :update, [String, Array]
@ability.can?(:update, "foo").should be_true
@ability.can?(:update, []).should be_true
@ability.can?(:update, 123).should be_false
end
it "should support custom objects in the can definition" do
@ability.can :read, :stats
@ability.can?(:read, :stats).should be_true
@ability.can?(:update, :stats).should be_false
@ability.can?(:read, :nonstats).should be_false
end
it "should support 'cannot' method to define what user cannot do" do
@ability.can :read, :all
@ability.cannot :read, Integer
@ability.can?(:read, "foo").should be_true
@ability.can?(:read, 123).should be_false
end
it "should support block on 'cannot' method" do
@ability.can :read, :all
@ability.cannot :read, Integer do |int|
@@ -120,19 +120,19 @@ describe CanCan::Ability do
@ability.can?(:read, 3).should be_true
@ability.can?(:read, 123).should be_false
end
it "should append aliased actions" do
@ability.alias_action :update, :to => :modify
@ability.alias_action :destroy, :to => :modify
@ability.aliased_actions[:modify].should == [:update, :destroy]
end
it "should clear aliased actions" do
@ability.alias_action :update, :to => :modify
@ability.clear_aliased_actions
@ability.aliased_actions[:modify].should be_nil
end
it "should pass additional arguments to block from can?" do
@ability.can :read, Integer do |int, x|
int > x
@@ -140,61 +140,61 @@ describe CanCan::Ability do
@ability.can?(:read, 2, 1).should be_true
@ability.can?(:read, 2, 3).should be_false
end
it "should use conditions as third parameter and determine abilities from it" do
@ability.can :read, Array, :first => 1, :last => 3
@ability.can?(:read, [1, 2, 3]).should be_true
@ability.can?(:read, [1, 2, 3, 4]).should be_false
@ability.can?(:read, Array).should be_true
end
it "should allow an array of options in conditions hash" do
@ability.can :read, Array, :first => [1, 3, 5]
@ability.can?(:read, [1, 2, 3]).should be_true
@ability.can?(:read, [2, 3]).should be_false
@ability.can?(:read, [3, 4]).should be_true
end
it "should allow a range of options in conditions hash" do
@ability.can :read, Array, :first => 1..3
@ability.can?(:read, [1, 2, 3]).should be_true
@ability.can?(:read, [3, 4]).should be_true
@ability.can?(:read, [4, 5]).should be_false
end
it "should allow nested hashes in conditions hash" do
@ability.can :read, Array, :first => { :length => 5 }
@ability.can?(:read, ["foo", "bar"]).should be_false
@ability.can?(:read, ["test1", "foo"]).should be_true
end
it "should allow nested hash of arrays and match any element" do
@ability.can :read, Array, :first => { :to_i => 3 }
@ability.can?(:read, [[1, 2, 3]]).should be_true
@ability.can?(:read, [[4, 5, 6]]).should be_false
end
it "should return conditions for a given ability" do
@ability.can :read, Array, :first => 1, :last => 3
@ability.conditions(:show, Array).should == {:first => 1, :last => 3}
end
it "should raise an exception when a block is used on condition" do
@ability.can :read, Array do |a|
true
end
lambda { @ability.conditions(:show, Array) }.should raise_error(CanCan::Error, "Cannot determine ability conditions from block for :show Array")
end
it "should return an empty hash for conditions when there are no conditions" do
@ability.can :read, Array
@ability.conditions(:show, Array).should == {}
end
it "should return false when performed on an action which isn't defined" do
@ability.conditions(:foo, Array).should == false
end
it "should has eated cheezburger" do
lambda {
@ability.can? :has, :cheezburger

6
spec/cancan/active_record_additions_spec.rb
View File

@@ -8,18 +8,18 @@ describe CanCan::ActiveRecordAdditions do
@ability = Object.new
@ability.extend(CanCan::Ability)
end
it "should call where(:id => nil) when no ability is defined so no records are found" do
stub(@model_class).where(:id => nil).stub!.joins(nil) { :no_where }
@model_class.accessible_by(@ability, :read).should == :no_where
end
it "should call where with matching ability conditions" do
@ability.can :read, @model_class, :foo => {:bar => 1}
stub(@model_class).where(:foos => { :bar => 1 }).stub!.joins([:foo]) { :found_records }
@model_class.accessible_by(@ability, :read).should == :found_records
end
it "should default to :read ability and use scoped when where isn't available" do
@ability.can :read, @model_class, :foo => {:bar => 1}
stub(@model_class).scoped(:conditions => {:foos => {:bar => 1}}, :joins => [:foo]) { :found_records }

6
spec/cancan/can_definition_spec.rb
View File

@@ -5,7 +5,7 @@ describe CanCan::CanDefinition do
@conditions = {}
@can = CanCan::CanDefinition.new(true, :read, Integer, @conditions, nil)
end
it "should return no association joins if none exist" do
@can.association_joins.should be_nil
end
@@ -30,13 +30,13 @@ describe CanCan::CanDefinition do
@conditions[:foo] = {:bar => {1 => 2}}
@can.association_joins.should == [{:foo => [:bar]}]
end
it "should return table names in conditions for association joins" do
@conditions[:foo] = {:bar => 1}
@conditions[:test] = 1
@can.conditions(:tableize => true).should == { :foos => { :bar => 1}, :test => 1 }
end
it "should return no association joins if conditions is nil" do
can = CanCan::CanDefinition.new(true, :read, Integer, nil, nil)
can.association_joins.should be_nil

18
spec/cancan/controller_additions_spec.rb
View File

@@ -9,11 +9,11 @@ describe CanCan::ControllerAdditions do
mock(@controller_class).helper_method(:can?, :cannot?)
@controller_class.send(:include, CanCan::ControllerAdditions)
end
it "should raise ImplementationRemoved when attempting to call 'unauthorized!' on a controller" do
lambda { @controller.unauthorized! }.should raise_error(CanCan::ImplementationRemoved)
end
it "should raise access denied exception if ability us unauthorized to perform a certain action" do
begin
@controller.authorize! :read, :foo, 1, 2, 3, :message => "Access denied!"
@@ -25,12 +25,12 @@ describe CanCan::ControllerAdditions do
fail "Expected CanCan::AccessDenied exception to be raised"
end
end
it "should not raise access denied exception if ability is authorized to perform an action" do
@controller.current_ability.can :read, :foo
lambda { @controller.authorize!(:read, :foo) }.should_not raise_error
end
it "should raise access denied exception with default message if not specified" do
begin
@controller.authorize! :read, :foo
@@ -41,29 +41,29 @@ describe CanCan::ControllerAdditions do
fail "Expected CanCan::AccessDenied exception to be raised"
end
end
it "should have a current_ability method which generates an ability for the current user" do
@controller.current_ability.should be_kind_of(Ability)
end
it "should provide a can? and cannot? methods which go through the current ability" do
@controller.current_ability.should be_kind_of(Ability)
@controller.can?(:foo, :bar).should be_false
@controller.cannot?(:foo, :bar).should be_true
end
it "load_and_authorize_resource should setup a before filter which passes call to ResourceAuthorization" do
stub(CanCan::ResourceAuthorization).new(@controller, @controller.params, :foo => :bar).mock!.load_and_authorize_resource
mock(@controller_class).before_filter({}) { |options, block| block.call(@controller) }
@controller_class.load_and_authorize_resource :foo => :bar
end
it "authorize_resource should setup a before filter which passes call to ResourceAuthorization" do
stub(CanCan::ResourceAuthorization).new(@controller, @controller.params, :foo => :bar).mock!.authorize_resource
mock(@controller_class).before_filter(:except => :show) { |options, block| block.call(@controller) }
@controller_class.authorize_resource :foo => :bar, :except => :show
end
it "load_resource should setup a before filter which passes call to ResourceAuthorization" do
stub(CanCan::ResourceAuthorization).new(@controller, @controller.params, :foo => :bar).mock!.load_resource
mock(@controller_class).before_filter(:only => [:show, :index]) { |options, block| block.call(@controller) }

18
spec/cancan/controller_resource_spec.rb
View File

@@ -4,53 +4,53 @@ describe CanCan::ControllerResource do
before(:each) do
@controller = Object.new
end
it "should determine model class by constantizing give name" do
CanCan::ControllerResource.new(@controller, :ability).model_class.should == Ability
end
it "should fetch model through model class and assign it to the instance" do
stub(Ability).find(123) { :some_ability }
CanCan::ControllerResource.new(@controller, :ability).find(123)
@controller.instance_variable_get(:@ability).should == :some_ability
end
it "should fetch model through parent and assign it to the instance" do
parent = Object.new
stub(parent).model_instance.stub!.abilities.stub!.find(123) { :some_ability }
CanCan::ControllerResource.new(@controller, :ability, parent).find(123)
@controller.instance_variable_get(:@ability).should == :some_ability
end
it "should build model through model class and assign it to the instance" do
stub(Ability).new(123) { :some_ability }
CanCan::ControllerResource.new(@controller, :ability).build(123)
@controller.instance_variable_get(:@ability).should == :some_ability
end
it "should build model through parent and assign it to the instance" do
parent = Object.new
stub(parent).model_instance.stub!.abilities.stub!.build(123) { :some_ability }
CanCan::ControllerResource.new(@controller, :ability, parent).build(123)
@controller.instance_variable_get(:@ability).should == :some_ability
end
it "should not load resource if instance variable is already provided" do
@controller.instance_variable_set(:@ability, :some_ability)
CanCan::ControllerResource.new(@controller, :ability).find(123)
@controller.instance_variable_get(:@ability).should == :some_ability
end
it "should use the model class option if provided" do
stub(Person).find(123) { :some_resource }
CanCan::ControllerResource.new(@controller, :ability, nil, :resource => Person).find(123)
@controller.instance_variable_get(:@ability).should == :some_resource
end
it "should convert string to constant for resource" do
CanCan::ControllerResource.new(@controller, :ability, nil, :resource => "Person").model_class.should == Person
end
it "should raise an exception when specifying :class option since it is no longer used" do
lambda {
CanCan::ControllerResource.new(@controller, :ability, nil, :class => Person)

10
spec/cancan/exceptions_spec.rb
View File

@@ -5,29 +5,29 @@ describe CanCan::AccessDenied do
before(:each) do
@exception = CanCan::AccessDenied.new(nil, :some_action, :some_subject)
end
it "should have action and subject accessors" do
@exception.action.should == :some_action
@exception.subject.should == :some_subject
end
it "should have a changable default message" do
@exception.message.should == "You are not authorized to access this page."
@exception.default_message = "Unauthorized!"
@exception.message.should == "Unauthorized!"
end
end
describe "with only a message" do
before(:each) do
@exception = CanCan::AccessDenied.new("Access denied!")
end
it "should have nil action and subject" do
@exception.action.should be_nil
@exception.subject.should be_nil
end
it "should have passed message" do
@exception.message.should == "Access denied!"
end

32
spec/cancan/resource_authorization_spec.rb
View File

@@ -4,101 +4,101 @@ describe CanCan::ResourceAuthorization do
before(:each) do
@controller = Object.new # simple stub for now
end
it "should load the resource into an instance variable if params[:id] is specified" do
stub(Ability).find(123) { :some_resource }
authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "show", :id => 123)
authorization.load_resource
@controller.instance_variable_get(:@ability).should == :some_resource
end
it "should properly load resource for namespaced controller" do
stub(Ability).find(123) { :some_resource }
authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "admin/abilities", :action => "show", :id => 123)
authorization.load_resource
@controller.instance_variable_get(:@ability).should == :some_resource
end
it "should properly load resource for namespaced controller when using '::' for namespace" do
stub(Ability).find(123) { :some_resource }
authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "Admin::AbilitiesController", :action => "show", :id => 123)
authorization.load_resource
@controller.instance_variable_get(:@ability).should == :some_resource
end
it "should build a new resource with hash if params[:id] is not specified" do
stub(Ability).new(:foo => "bar") { :some_resource }
authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "create", :ability => {:foo => "bar"})
authorization.load_resource
@controller.instance_variable_get(:@ability).should == :some_resource
end
it "should build a new resource even if attribute hash isn't specified" do
stub(Ability).new(nil) { :some_resource }
authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "new")
authorization.load_resource
@controller.instance_variable_get(:@ability).should == :some_resource
end
it "should not build a resource when on index action" do
authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "index")
authorization.load_resource
@controller.instance_variable_get(:@ability).should be_nil
end
it "should perform authorization using controller action and loaded model" do
@controller.instance_variable_set(:@ability, :some_resource)
stub(@controller).authorize!(:show, :some_resource) { raise CanCan::AccessDenied }
authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "show")
lambda { authorization.authorize_resource }.should raise_error(CanCan::AccessDenied)
end
it "should perform authorization using controller action and non loaded model" do
stub(@controller).authorize!(:show, Ability) { raise CanCan::AccessDenied }
authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "show")
lambda { authorization.authorize_resource }.should raise_error(CanCan::AccessDenied)
end
it "should call load_resource and authorize_resource for load_and_authorize_resource" do
authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "show")
mock(authorization).load_resource
mock(authorization).authorize_resource
authorization.load_and_authorize_resource
end
it "should not build a resource when on custom collection action" do
authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "sort"}, {:collection => [:sort, :list]})
authorization.load_resource
@controller.instance_variable_get(:@ability).should be_nil
end
it "should build a resource when on custom new action even when params[:id] exists" do
stub(Ability).new(nil) { :some_resource }
authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "build", :id => 123}, {:new => :build})
authorization.load_resource
@controller.instance_variable_get(:@ability).should == :some_resource
end
it "should not try to load resource for other action if params[:id] is undefined" do
authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "list")
authorization.load_resource
@controller.instance_variable_get(:@ability).should be_nil
end
it "should load nested resource and fetch other resource through the association" do
stub(Person).find(456).stub!.abilities.stub!.find(123) { :some_ability }
authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "show", :id => 123, :person_id => 456}, {:nested => :person})
authorization.load_resource
@controller.instance_variable_get(:@ability).should == :some_ability
end
it "should load nested resource and build resource through a deep association" do
stub(Person).find(456).stub!.behaviors.stub!.find(789).stub!.abilities.stub!.build(nil) { :some_ability }
authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "new", :person_id => 456, :behavior_id => 789}, {:nested => [:person, :behavior]})
authorization.load_resource
@controller.instance_variable_get(:@ability).should == :some_ability
end
it "should not load nested resource and build through this if *_id param isn't specified" do
stub(Person).find(456) { :some_person }
stub(Ability).new(nil) { :some_ability }
@@ -107,7 +107,7 @@ describe CanCan::ResourceAuthorization do
@controller.instance_variable_get(:@person).should == :some_person
@controller.instance_variable_get(:@ability).should == :some_ability
end
it "should load the model using a custom class" do
stub(Person).find(123) { :some_resource }
authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "show", :id => 123}, {:resource => Person})

2
spec/spec_helper.rb
View File

@@ -13,7 +13,7 @@ end
class Ability
include CanCan::Ability
def initialize(user)
end
end