spec/access_rules_spec.rb in tuersteher-1.0.1 vs spec/access_rules_spec.rb in tuersteher-1.0.2
- old
+ new
@@ -10,166 +10,165 @@
PathAccessRule.new('/'),
PathAccessRule.new('/admin').role(:admin),
PathAccessRule.new('/images').method(:get),
PathAccessRule.new('/status').method(:get).role(:system)
]
- AccessRulesStorage.instance.stub(:path_rules).and_return(rules)
- @user = double('user')
+ expect(AccessRulesStorage.instance).to receive(:path_rules).at_least(:once){ rules }
+ @login_context = double('login_context')
end
- context "User with role :user" do
- before do
- @user.stub(:has_role?){|role| role==:user}
- end
+ context "LoginContext with role :user" do
it "should be true for this paths" do
- AccessRules.path_access?(@user, '/', :get).should be_truthy
- AccessRules.path_access?(@user, '/', :post).should be_truthy
- AccessRules.path_access?(@user, '/images', :get).should be_truthy
+ expect(AccessRules.path_access?(@login_context, '/', :get)).to be_truthy
+ expect(AccessRules.path_access?(@login_context, '/', :post)).to be_truthy
+ expect(AccessRules.path_access?(@login_context, '/images', :get)).to be_truthy
end
it "should not be true for this paths" do
- AccessRules.path_access?(@user, '/admin', :get).should_not be_truthy
- AccessRules.path_access?(@user, '/images', :post).should_not be_truthy
- AccessRules.path_access?(@user, '/status', :get).should_not be_truthy
+ expect(@login_context).to receive(:has_role?){|role| role==:user}.at_least(:once)
+ expect(AccessRules.path_access?(@login_context, '/admin', :get)).to_not be_truthy
+ expect(AccessRules.path_access?(@login_context, '/images', :post)).to_not be_truthy
+ expect(AccessRules.path_access?(@login_context, '/status', :get)).to_not be_truthy
end
end
- context "User with role :admin" do
+ context "LoginContext with role :admin" do
before do
- @user.stub(:has_role?){|role| role==:admin}
+ expect(@login_context).to receive(:has_role?){|role| role==:admin}.at_least(:once)
end
it "should be true for this paths" do
- AccessRules.path_access?(@user, '/', :get).should be_truthy
- AccessRules.path_access?(@user, '/admin', :post).should be_truthy
- AccessRules.path_access?(@user, '/images', :get).should be_truthy
+ expect(AccessRules.path_access?(@login_context, '/', :get)).to be_truthy
+ expect(AccessRules.path_access?(@login_context, '/admin', :post)).to be_truthy
+ expect(AccessRules.path_access?(@login_context, '/images', :get)).to be_truthy
end
it "should not be true for this paths" do
- AccessRules.path_access?(@user, '/xyz', :get).should_not be_truthy
- AccessRules.path_access?(@user, '/images', :post).should_not be_truthy
- AccessRules.path_access?(@user, '/status', :get).should_not be_truthy
+ expect(AccessRules.path_access?(@login_context, '/xyz', :get)).to_not be_truthy
+ expect(AccessRules.path_access?(@login_context, '/images', :post)).to_not be_truthy
+ expect(AccessRules.path_access?(@login_context, '/status', :get)).to_not be_truthy
end
end
- context "User with role :system" do
+ context "LoginContext with role :system" do
before do
- @user.stub(:has_role?){|role| role==:system}
+ expect(@login_context).to receive(:has_role?){|role| role==:system}.at_least(:once)
end
it "should be true for this paths" do
- AccessRules.path_access?(@user, '/', :get).should be_truthy
- AccessRules.path_access?(@user, '/status', :get).should be_truthy
+ expect(AccessRules.path_access?(@login_context, '/', :get)).to be_truthy
+ expect(AccessRules.path_access?(@login_context, '/status', :get)).to be_truthy
end
it "should not be true for this paths" do
- AccessRules.path_access?(@user, '/xyz', :get).should_not be_truthy
- AccessRules.path_access?(@user, '/admin', :post).should_not be_truthy
+ expect(AccessRules.path_access?(@login_context, '/xyz', :get)).to_not be_truthy
+ expect(AccessRules.path_access?(@login_context, '/admin', :post)).to_not be_truthy
end
end
context "without user" do
it "should be true for this paths" do
- AccessRules.path_access?(nil, '/', :get).should be_truthy
+ expect(AccessRules.path_access?(nil, '/', :get)).to be_truthy
end
it "should not be true for this paths" do
- AccessRules.path_access?(nil, '/xyz', :get).should_not be_truthy
- AccessRules.path_access?(nil, '/admin', :post).should_not be_truthy
+ expect(AccessRules.path_access?(nil, '/xyz', :get)).to_not be_truthy
+ expect(AccessRules.path_access?(nil, '/admin', :post)).to_not be_truthy
end
end
end
context 'model_access?' do
class SampleModel1; end
- class SampleModel2; end
+ class SampleModel2; def owner?(user); false; end; end
+
before do
rules = [
ModelAccessRule.new(:all).grant.role(:sysadmin),
ModelAccessRule.new(SampleModel1).grant.method(:all),
ModelAccessRule.new(SampleModel2).grant.method(:read),
ModelAccessRule.new(SampleModel2).grant.method(:update).role(:user).extension(:owner?),
ModelAccessRule.new(SampleModel2).deny.method(:create),
ModelAccessRule.new(SampleModel2).grant.method(:all).role(:admin),
]
- AccessRulesStorage.instance.stub(:model_rules).and_return(rules)
- @user = double('user')
+ expect(AccessRulesStorage.instance).to receive(:model_rules).at_least(:once){ rules }
+ @login_context = double('login_context')
@model1 = SampleModel1.new
@model2 = SampleModel2.new
- @model2.stub(:owner?).and_return(false)
+ @model2.stub(:owner?){ false }
end
- context "User with role :user" do
+ context "LoginContext with role :user" do
before do
- @user.stub(:has_role?){|role| role==:user}
+ @login_context.stub(:has_role?){|role| role==:user}
end
- it "should be true for this" do
- AccessRules.model_access?(@user, @model1, :xyz).should be_truthy
- @model2.stub(:owner?).and_return true
- AccessRules.model_access?(@user, @model2, :read).should be_truthy
- AccessRules.model_access?(@user, @model2, :update).should be_truthy
+ it "should be true for this rules" do
+ expect(AccessRules.model_access?(@login_context, @model1, :xyz)).to be_truthy
+ @model2.stub(:owner?){ true }
+ expect(AccessRules.model_access?(@login_context, @model2, :read)).to be_truthy
+ expect(AccessRules.model_access?(@login_context, @model2, :update)).to be_truthy
end
it "should not be true for this" do
- AccessRules.model_access?(@user, @model2, :update).should_not be_truthy
- AccessRules.model_access?(@user, @model2, :delete).should_not be_truthy
+ expect(AccessRules.model_access?(@login_context, @model2, :update)).to be_falsy
+ expect(AccessRules.model_access?(@login_context, @model2, :delete)).to be_falsy
end
end
- context "User with role :admin" do
+ context "LoginContext with role :admin" do
before do
- @user.stub(:has_role?){|role| role==:admin}
+ @login_context.stub(:has_role?){|role| role==:admin}
end
it "should be true for this" do
- AccessRules.model_access?(@user, @model1, :xyz).should be_truthy
- AccessRules.model_access?(@user, @model2, :read).should be_truthy
- AccessRules.model_access?(@user, @model2, :update).should be_truthy
- AccessRules.model_access?(@user, @model2, :delete).should be_truthy
+ expect(AccessRules.model_access?(@login_context, @model1, :xyz)).to be_truthy
+ expect(AccessRules.model_access?(@login_context, @model2, :read)).to be_truthy
+ expect(AccessRules.model_access?(@login_context, @model2, :update)).to be_truthy
+ expect(AccessRules.model_access?(@login_context, @model2, :delete)).to be_truthy
end
it "should not be true for this" do
- AccessRules.model_access?(@user, @model2, :create).should_not be_truthy
+ expect(AccessRules.model_access?(@login_context, @model2, :create)).to be_falsy
end
end
- context "User with role :sysadmin" do
+ context "LoginContext with role :sysadmin" do
before do
- @user.stub(:has_role?){|role| role==:sysadmin}
+ @login_context.stub(:has_role?){|role| role==:sysadmin}
end
it "should be true for this" do
- AccessRules.model_access?(@user, "test", :xyz).should be_truthy
- AccessRules.model_access?(@user, @model1, :xyz).should be_truthy
- AccessRules.model_access?(@user, @model2, :read).should be_truthy
- AccessRules.model_access?(@user, @model2, :update).should be_truthy
- AccessRules.model_access?(@user, @model2, :delete).should be_truthy
- AccessRules.model_access?(@user, @model2, :create).should be_truthy
+ expect(AccessRules.model_access?(@login_context, "test", :xyz)).to be_truthy
+ expect(AccessRules.model_access?(@login_context, @model1, :xyz)).to be_truthy
+ expect(AccessRules.model_access?(@login_context, @model2, :read)).to be_truthy
+ expect(AccessRules.model_access?(@login_context, @model2, :update)).to be_truthy
+ expect(AccessRules.model_access?(@login_context, @model2, :delete)).to be_truthy
+ expect(AccessRules.model_access?(@login_context, @model2, :create)).to be_truthy
end
end
context "without user" do
it "should be true for this models" do
- AccessRules.model_access?(nil, @model1, :xyz).should be_truthy
- AccessRules.model_access?(nil, @model2, :read).should be_truthy
+ expect(AccessRules.model_access?(nil, @model1, :xyz)).to be_truthy
+ expect(AccessRules.model_access?(nil, @model2, :read)).to be_truthy
end
it "should not be true for this models" do
- AccessRules.model_access?(nil, @model2, :update).should_not be_truthy
+ expect(AccessRules.model_access?(nil, @model2, :update)).to be_falsy
end
end
end # of context 'model_access?'
@@ -184,25 +183,25 @@
rules = [
ModelAccessRule.new(SampleModel).method(:update).role(:admin),
ModelAccessRule.new(SampleModel).method(:update).role(:user).extension(:owner?),
]
AccessRulesStorage.instance.stub(:model_rules).and_return(rules)
- @user = double('user')
+ @login_context = double('user')
@model1 = SampleModel.new
@model2 = SampleModel.new
@model3 = SampleModel.new
@model3.stub(:owner?).and_return(true)
@collection = [@model1, @model2, @model3]
end
it "Should return [@model3] for user with role=:user" do
- @user.stub(:has_role?){|role| role==:user}
- AccessRules.purge_collection(@user, @collection, :update).should == [@model3]
+ @login_context.stub(:has_role?){|role| role==:user}
+ expect(AccessRules.purge_collection(@login_context, @collection, :update)).to eq [@model3]
end
it "Should return all for user with role=:admin" do
- @user.stub(:has_role?){|role| role==:admin}
- AccessRules.purge_collection(@user, @collection, :update).should == @collection
+ @login_context.stub(:has_role?){|role| role==:admin}
+ expect(AccessRules.purge_collection(@login_context, @collection, :update)).to eq @collection
end
end
end
end