spec/guard_spec.rb in ixtlan-guard-0.1.0 vs spec/guard_spec.rb in ixtlan-guard-0.4.0

@@ -2,19 +2,27 @@
 require 'ixtlan/guard'
 
 describe Ixtlan::Guard do
 
   before :all do
-    @guard = Ixtlan::Guard.new(Logger.new(STDOUT), 
-                               :root, 
-                               File.join(File.dirname(__FILE__), "guards") )
+    @guard = Ixtlan::Guard::Guard.new(:guard_dir => File.join(File.dirname(__FILE__), "guards") )
 
     @guard.setup
     @current_user = Object.new
     def @current_user.groups(g = nil)
-      @g = g if g
-      @g || []
+      if g
+        @groups = g.collect do |gg|
+          group = Object.new
+          def group.name(name =nil)
+            @name = name if name
+            @name
+          end
+          group.name(gg)
+          group
+        end
+      end
+      @groups || []
     end
 
     @controller = Object.new
     def @controller.current_user(u = nil)
       @u = u if u
@@ -22,24 +30,22 @@
     end
     @controller.current_user( @current_user )
   end
 
   it 'should fail with missing guard dir' do
-    lambda {Ixtlan::Guard.new(Logger.new(STDOUT), 
-                              :root, 
-                              "does_not_exists").setup }.should raise_error(Ixtlan::GuardException)
+    lambda {Ixtlan::Guard::Guard.new(:guard_dir => "does_not_exists").setup }.should raise_error(Ixtlan::Guard::GuardException)
   end
 
   it 'should initialize' do
     @guard.should_not be_nil
   end
 
-  it 'should pass check without user' do
+  it 'should fail check without current user' do
     controller = Object.new
     def controller.current_user
     end
-    @guard.check(controller, :none, :something).should be_true
+    @guard.check(controller, :none, :something).should be_false
   end
 
   it 'should pass check with user being root' do
     @current_user.groups([:root])
     @guard.check(@controller, :users, :show).should be_true
@@ -63,10 +69,40 @@
   it 'should pass check with user' do
     @current_user.groups([:users])
     @guard.check(@controller, :users, :update).should be_true
   end
 
+  it 'should not pass check with user when in blocked group' do
+    @current_user.groups([:users])
+    @guard.block_groups([:users])
+    begin
+      @guard.check(@controller, :users, :update).should be_false
+    ensure
+      @guard.block_groups([])
+    end
+  end
+
+  it 'should pass check with user when not in blocked group' do
+    @current_user.groups([:users])
+    @guard.block_groups([:accounts])
+    begin
+      @guard.check(@controller, :users, :update).should be_true
+    ensure
+      @guard.block_groups([])
+    end
+  end
+
+  it 'should pass check with root-user when not in blocked group' do
+    @current_user.groups([:root])
+    @guard.block_groups([:root])
+    begin
+      @guard.check(@controller, :users, :update).should be_true
+    ensure
+      @guard.block_groups([])
+    end
+  end
+
   it 'should not pass check with user' do
     @current_user.groups([:accounts])
     @guard.check(@controller, :users, :update).should be_false
   end
 
@@ -83,12 +119,12 @@
       false
     end.should be_false
   end
 
   it 'should raise exception on unknown action' do
-    lambda {@guard.check(@controller, :users, :unknown_action) }.should raise_error(Ixtlan::GuardException)
+    lambda {@guard.check(@controller, :users, :unknown_action) }.should raise_error(Ixtlan::Guard::GuardException)
   end
 
   it 'should raise exception on unknown resource' do
-    lambda {@guard.check(@controller, :unknown_resource, :update) }.should raise_error(Ixtlan::GuardException)
+    lambda {@guard.check(@controller, :unknown_resource, :update) }.should raise_error(Ixtlan::Guard::GuardException)
   end
 end