spec/dsl_base_spec.rb in be9-acl9-0.9.3 vs spec/dsl_base_spec.rb in be9-acl9-0.9.4

- old
+ new

@@ -1,5 +1,6 @@ +require 'ostruct' require File.join(File.dirname(__FILE__), 'spec_helper') require File.join(File.dirname(__FILE__), '..', 'lib', 'acl9', 'controller_extensions', 'dsl_base') class FakeUser def initialize @@ -52,30 +53,35 @@ def check_allowance(subject, *args) @_subject = subject @_current_action = (args[0] || 'index').to_s @_objects = args.last.is_a?(Hash) ? args.last : {} + @_callable = @_objects.delete(:call) instance_eval(allowance_expression) end def _subject_ref "@_subject" end def _object_ref(object) - "@_objects[:#{object.to_s}]" + "@_objects[:#{object}]" end def _action_ref "@_current_action" end + + def _method_ref(method) + "@_callable.send(:#{method})" + end end describe Acl9::Dsl::Base do - class Foo; end - class Bar; end + class ThatFoo; end + class ThatBar; end def arg_err(&block) lambda do acl(&block) end.should raise_error(ArgumentError) @@ -95,13 +101,13 @@ before do @user = FakeUser.new @user2 = FakeUser.new @user3 = FakeUser.new - @foo = Foo.new - @foo2 = Foo.new - @foo3 = Foo.new + @foo = ThatFoo.new + @foo2 = ThatFoo.new + @foo3 = ThatFoo.new end describe "default" do it "should set default action to deny if none specified" do acl do end.default_action.should == :deny @@ -366,11 +372,11 @@ acl do allow :manager, prep => :foo end. permit(@user, :foo => @foo). forbid(@user, :foo => @foo2). - forbid(@user, :foo => Foo). + forbid(@user, :foo => ThatFoo). forbid(nil, :foo => @foo). forbid(@user2, :foo => @foo) end it "#allow with invalid value for preposition should raise an ArgumentError" do @@ -379,14 +385,14 @@ end end end it "#allow with a class role should verify this role against a class" do - @user << [:owner, Foo] + @user << [:owner, ThatFoo] acl do - allow :owner, :of => Foo + allow :owner, :of => ThatFoo end.permit(@user).forbid(nil).forbid(@user2) end [:of, :for, :in, :on, :at, :by].each do |prep| it "#deny with object role (:#{prep}) should check controller's ivar" do @@ -396,11 +402,11 @@ default :allow deny :bastard, prep => :foo end. forbid(@user, :foo => @foo). permit(@user, :foo => @foo2). - permit(@user, :foo => Foo). + permit(@user, :foo => ThatFoo). permit(nil, :foo => @foo). permit(@user2, :foo => @foo) end it "#deny with invalid value for preposition should raise an ArgumentError" do @@ -409,15 +415,15 @@ end end end it "#deny with a class role should verify this role against a class" do - @user << [:ignorant, Foo] + @user << [:ignorant, ThatFoo] acl do default :allow - deny :ignorant, :of => Foo + deny :ignorant, :of => ThatFoo end.forbid(@user).permit(nil).permit(@user2) end it "#allow with several prepositions should raise an ArgumentError" do arg_err do @@ -475,10 +481,55 @@ end end end end + describe "conditions" do + [:if, :unless].each do |cond| + it "should raise ArgumentError when #{cond} is not a Symbol" do + arg_err do + allow nil, cond => 123 + end + end + end + + it "allow ... :if" do + acl do + allow nil, :if => :meth + end. + permit(nil, :call => OpenStruct.new(:meth => true)). + forbid(nil, :call => OpenStruct.new(:meth => false)) + end + + it "allow ... :unless" do + acl do + allow nil, :unless => :meth + end. + permit(nil, :call => OpenStruct.new(:meth => false)). + forbid(nil, :call => OpenStruct.new(:meth => true)) + end + + it "deny ... :if" do + acl do + default :allow + deny nil, :if => :meth + end. + permit(nil, :call => OpenStruct.new(:meth => false)). + forbid(nil, :call => OpenStruct.new(:meth => true)) + end + + it "deny ... :unless" do + acl do + default :allow + deny nil, :unless => :meth + end. + permit(nil, :call => OpenStruct.new(:meth => true)). + forbid(nil, :call => OpenStruct.new(:meth => false)) + end + + end + describe "several roles as arguments" do it "#allow should be able to receive a role list (global roles)" do @user << :bzz @user2 << :whoa @@ -502,16 +553,16 @@ forbid(@user3, :foo => @foo2). forbid(nil) end it "#allow should be able to receive a role list (class roles)" do - @user << [:frooble, Foo] - @user2 << [:oombigle, Foo] + @user << [:frooble, ThatFoo] + @user2 << [:oombigle, ThatFoo] @user3 << :frooble acl do - allow :frooble, :oombigle, :by => Foo + allow :frooble, :oombigle, :by => ThatFoo end. permit(@user). permit(@user2). forbid(@user3). forbid(nil) @@ -544,17 +595,17 @@ permit(@user3, :foo => @foo2). permit(nil) end it "#deny should be able to receive a role list (class roles)" do - @user << [:frooble, Foo] - @user2 << [:oombigle, Foo] + @user << [:frooble, ThatFoo] + @user2 << [:oombigle, ThatFoo] @user3 << :frooble acl do default :allow - deny :frooble, :oombigle, :by => Foo + deny :frooble, :oombigle, :by => ThatFoo end. forbid(@user). forbid(@user2). permit(@user3). permit(nil) @@ -668,10 +719,10 @@ forbid(@user, :edit). permit(@user, :update) end it "#allow and #deny should work together inside actions block" do - @foo = Foo.new + @foo = ThatFoo.new @user << [:owner, @foo] @user2 << :hacker @user2 << :the_destroyer @user3 << [:owner, @foo] @user3 << :hacker