From 768c51fe116a9a5eaac3b69d3db55d628c1c78c4 Mon Sep 17 00:00:00 2001
From: Andrew Haines <andrew@haines.org.nz>
Date: Tue, 13 Nov 2012 20:57:20 +0000
Subject: [PATCH] Accept method names as strings for allows/denies

---
 lib/draper/security.rb       |  8 +++---
 spec/draper/security_spec.rb | 56 +++++++++++++++++++++++++-----------
 2 files changed, 43 insertions(+), 21 deletions(-)

diff --git a/lib/draper/security.rb b/lib/draper/security.rb
index e4b8c26..8a39d81 100644
--- a/lib/draper/security.rb
+++ b/lib/draper/security.rb
@@ -6,9 +6,9 @@ module Draper
     end
 
     def denies(*methods)
-      raise ArgumentError, "Specify at least one method (as a symbol) to exclude when using denies" if methods.empty?
+      raise ArgumentError, "Specify at least one method to blacklist when using denies" if methods.empty?
       self.strategy = :denies
-      @denied += methods
+      @denied += methods.map(&:to_sym)
     end
 
     def denies_all
@@ -16,9 +16,9 @@ module Draper
     end
 
     def allows(*methods)
-      raise ArgumentError, "Specify at least one method (as a symbol) to allow when using allows" if methods.empty?
+      raise ArgumentError, "Specify at least one method to whitelist when using allows" if methods.empty?
       self.strategy = :allows
-      @allowed += methods
+      @allowed += methods.map(&:to_sym)
     end
 
     def allow?(method)
diff --git a/spec/draper/security_spec.rb b/spec/draper/security_spec.rb
index 8269bad..3f4a110 100644
--- a/spec/draper/security_spec.rb
+++ b/spec/draper/security_spec.rb
@@ -1,11 +1,17 @@
 require 'spec_helper'
 
+RSpec::Matchers.define :allow do |method|
+  match do |subject|
+    subject.allow?(method)
+  end
+end
+
 describe Draper::Security do
   subject(:security) { Draper::Security.new }
 
   context "when newly initialized" do
     it "allows any method" do
-      security.allow?(:foo).should be_true
+      security.should allow :foo
     end
   end
 
@@ -19,12 +25,12 @@ describe Draper::Security do
     before { security.denies :foo, :bar }
 
     it "denies the listed methods" do
-      security.allow?(:foo).should be_false
-      security.allow?(:bar).should be_false
+      security.should_not allow :foo
+      security.should_not allow :bar
     end
 
     it "allows other methods" do
-      security.allow?(:baz).should be_true
+      security.should allow :baz
     end
 
     it "accepts multiple denies" do
@@ -43,16 +49,24 @@ describe Draper::Security do
       before { security.denies :baz }
 
       it "still denies the original methods" do
-        security.allow?(:foo).should be_false
-        security.allow?(:bar).should be_false
+        security.should_not allow :foo
+        security.should_not allow :bar
       end
 
       it "denies the additional methods" do
-        security.allow?(:baz).should be_false
+        security.should_not allow :baz
       end
 
       it "allows other methods" do
-        security.allow?(:qux).should be_true
+        security.should allow :qux
+      end
+    end
+
+    context "with strings" do
+      before { security.denies "baz" }
+
+      it "denies the method" do
+        security.should_not allow :baz
       end
     end
   end
@@ -61,7 +75,7 @@ describe Draper::Security do
     before { security.denies_all }
 
     it "denies all methods" do
-      security.allow?(:foo).should be_false
+      security.should_not allow :foo
     end
 
     it "accepts multiple denies_all" do
@@ -80,7 +94,7 @@ describe Draper::Security do
       before { security.denies_all }
 
       it "still denies all methods" do
-        security.allow?(:foo).should be_false
+        security.should_not allow :foo
       end
     end
   end
@@ -95,12 +109,12 @@ describe Draper::Security do
     before { security.allows :foo, :bar }
 
     it "allows the listed methods" do
-      security.allow?(:foo).should be_true
-      security.allow?(:bar).should be_true
+      security.should allow :foo
+      security.should allow :bar
     end
 
     it "denies other methods" do
-      security.allow?(:baz).should be_false
+      security.should_not allow :baz
     end
 
     it "accepts multiple allows" do
@@ -119,16 +133,24 @@ describe Draper::Security do
       before { security.allows :baz }
 
       it "still allows the original methods" do
-        security.allow?(:foo).should be_true
-        security.allow?(:bar).should be_true
+        security.should allow :foo
+        security.should allow :bar
       end
 
       it "allows the additional methods" do
-        security.allow?(:baz).should be_true
+        security.should allow :baz
       end
 
       it "denies other methods" do
-        security.allow?(:qux).should be_false
+        security.should_not allow :qux
+      end
+    end
+
+    context "with strings" do
+      before { security.allows "baz" }
+
+      it "allows the method" do
+        security.should allow :baz
       end
     end
   end