require 'test_helper' class DSLReaderTest < Test::Unit::TestCase def test_privileges reader = Authorization::Reader::DSLReader.new reader.parse %{ privileges do privilege :test_priv do includes :lower_priv end end } assert_equal 2, reader.privileges_reader.privileges.length assert_equal [[:lower_priv, nil]], reader.privileges_reader.privilege_hierarchy[:test_priv] end def test_privileges_with_context reader = Authorization::Reader::DSLReader.new reader.parse %{ privileges do privilege :test_priv, :test_context do includes :lower_priv end end } assert_equal [[:lower_priv, :test_context]], reader.privileges_reader.privilege_hierarchy[:test_priv] end def test_privileges_one_line reader = Authorization::Reader::DSLReader.new reader.parse %{ privileges do privilege :test_priv, :test_context, :includes => :lower_priv privilege :test_priv_2, :test_context, :includes => [:lower_priv] privilege :test_priv_3, :includes => [:lower_priv] end } assert_equal [[:lower_priv, :test_context]], reader.privileges_reader.privilege_hierarchy[:test_priv] assert_equal [[:lower_priv, :test_context]], reader.privileges_reader.privilege_hierarchy[:test_priv_2] assert_equal [[:lower_priv, nil]], reader.privileges_reader.privilege_hierarchy[:test_priv_3] end def test_auth_role reader = Authorization::Reader::DSLReader.new reader.parse %{ authorization do role :test_role do includes :lesser_role has_permission_on :items, :to => :read end end } assert_equal 1, reader.auth_rules_reader.roles.length assert_equal [:lesser_role], reader.auth_rules_reader.role_hierarchy[:test_role] assert_equal 1, reader.auth_rules_reader.auth_rules.length end def test_auth_role_permit_on reader = Authorization::Reader::DSLReader.new reader.parse %| authorization do role :test_role do has_permission_on :test_context do to :test_perm, :manage if_attribute :test_attr => is { user.test_attr } end end end | assert_equal 1, reader.auth_rules_reader.roles.length assert_equal 1, reader.auth_rules_reader.auth_rules.length assert reader.auth_rules_reader.auth_rules[0].matches?(:test_role, [:test_perm], :test_context) assert reader.auth_rules_reader.auth_rules[0].matches?(:test_role, [:manage], :test_context) end def test_permit_block reader = Authorization::Reader::DSLReader.new reader.parse %| authorization do role :test_role do has_permission_on :perms, :to => :test do if_attribute :test_attr => is { user.test_attr } if_attribute :test_attr_2 => is_not { user.test_attr } if_attribute :test_attr_3 => contains { user.test_attr } if_attribute :test_attr_4 => does_not_contain { user.test_attr } if_attribute :test_attr_5 => is_in { user.test_attr } if_attribute :test_attr_5 => is_not_in { user.test_attr } if_attribute :test_attr_6 => lt { user.test_attr } if_attribute :test_attr_6 => lte { user.test_attr } if_attribute :test_attr_6 => gt { user.test_attr } if_attribute :test_attr_6 => gte { user.test_attr } end end end | assert_equal 1, reader.auth_rules_reader.roles.length assert_equal 1, reader.auth_rules_reader.auth_rules.length assert reader.auth_rules_reader.auth_rules[0].matches?(:test_role, [:test], :perms) end def test_has_permission_to_with_context reader = Authorization::Reader::DSLReader.new reader.parse %| authorization do role :test_role do has_permission_on :perms, :to => :test end end | assert_equal 1, reader.auth_rules_reader.roles.length assert_equal 1, reader.auth_rules_reader.auth_rules.length assert reader.auth_rules_reader.auth_rules[0].matches?(:test_role, [:test], :perms) end def test_context reader = Authorization::Reader::DSLReader.new reader.parse %{ contexts do context :high_level_context do includes :low_level_context_1, :low_level_context_2 end end } end def test_dsl_error reader = Authorization::Reader::DSLReader.new assert_raise(Authorization::Reader::DSLError) do reader.parse %{ authorization do includes :lesser_role end } end end def test_syntax_error reader = Authorization::Reader::DSLReader.new assert_raise(Authorization::Reader::DSLSyntaxError) do reader.parse %{ authorizations do end } end end def test_syntax_error_2 reader = Authorization::Reader::DSLReader.new assert_raise(Authorization::Reader::DSLSyntaxError) do reader.parse %{ authorizations end } end end def test_factory_returns_self reader = Authorization::Reader::DSLReader.new assert_equal(Authorization::Reader::DSLReader.factory(reader).object_id, reader.object_id) end def test_factory_loads_file reader = Authorization::Reader::DSLReader.factory((DA_ROOT + "authorization_rules.dist.rb").to_s) assert_equal(Authorization::Reader::DSLReader, reader.class) end def test_load_file_not_found assert_raise(Authorization::Reader::DSLFileNotFoundError) do Authorization::Reader::DSLReader.new.load!("nonexistent_file.rb") end end end