mirror of
https://github.com/drapergem/draper
synced 2023-03-27 23:21:17 -04:00
Accept method names as strings for allows/denies
This commit is contained in:
parent
4f9b23c077
commit
768c51fe11
2 changed files with 43 additions and 21 deletions
|
@ -6,9 +6,9 @@ module Draper
|
|||
end
|
||||
|
||||
def denies(*methods)
|
||||
raise ArgumentError, "Specify at least one method (as a symbol) to exclude when using denies" if methods.empty?
|
||||
raise ArgumentError, "Specify at least one method to blacklist when using denies" if methods.empty?
|
||||
self.strategy = :denies
|
||||
@denied += methods
|
||||
@denied += methods.map(&:to_sym)
|
||||
end
|
||||
|
||||
def denies_all
|
||||
|
@ -16,9 +16,9 @@ module Draper
|
|||
end
|
||||
|
||||
def allows(*methods)
|
||||
raise ArgumentError, "Specify at least one method (as a symbol) to allow when using allows" if methods.empty?
|
||||
raise ArgumentError, "Specify at least one method to whitelist when using allows" if methods.empty?
|
||||
self.strategy = :allows
|
||||
@allowed += methods
|
||||
@allowed += methods.map(&:to_sym)
|
||||
end
|
||||
|
||||
def allow?(method)
|
||||
|
|
|
@ -1,11 +1,17 @@
|
|||
require 'spec_helper'
|
||||
|
||||
RSpec::Matchers.define :allow do |method|
|
||||
match do |subject|
|
||||
subject.allow?(method)
|
||||
end
|
||||
end
|
||||
|
||||
describe Draper::Security do
|
||||
subject(:security) { Draper::Security.new }
|
||||
|
||||
context "when newly initialized" do
|
||||
it "allows any method" do
|
||||
security.allow?(:foo).should be_true
|
||||
security.should allow :foo
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -19,12 +25,12 @@ describe Draper::Security do
|
|||
before { security.denies :foo, :bar }
|
||||
|
||||
it "denies the listed methods" do
|
||||
security.allow?(:foo).should be_false
|
||||
security.allow?(:bar).should be_false
|
||||
security.should_not allow :foo
|
||||
security.should_not allow :bar
|
||||
end
|
||||
|
||||
it "allows other methods" do
|
||||
security.allow?(:baz).should be_true
|
||||
security.should allow :baz
|
||||
end
|
||||
|
||||
it "accepts multiple denies" do
|
||||
|
@ -43,16 +49,24 @@ describe Draper::Security do
|
|||
before { security.denies :baz }
|
||||
|
||||
it "still denies the original methods" do
|
||||
security.allow?(:foo).should be_false
|
||||
security.allow?(:bar).should be_false
|
||||
security.should_not allow :foo
|
||||
security.should_not allow :bar
|
||||
end
|
||||
|
||||
it "denies the additional methods" do
|
||||
security.allow?(:baz).should be_false
|
||||
security.should_not allow :baz
|
||||
end
|
||||
|
||||
it "allows other methods" do
|
||||
security.allow?(:qux).should be_true
|
||||
security.should allow :qux
|
||||
end
|
||||
end
|
||||
|
||||
context "with strings" do
|
||||
before { security.denies "baz" }
|
||||
|
||||
it "denies the method" do
|
||||
security.should_not allow :baz
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -61,7 +75,7 @@ describe Draper::Security do
|
|||
before { security.denies_all }
|
||||
|
||||
it "denies all methods" do
|
||||
security.allow?(:foo).should be_false
|
||||
security.should_not allow :foo
|
||||
end
|
||||
|
||||
it "accepts multiple denies_all" do
|
||||
|
@ -80,7 +94,7 @@ describe Draper::Security do
|
|||
before { security.denies_all }
|
||||
|
||||
it "still denies all methods" do
|
||||
security.allow?(:foo).should be_false
|
||||
security.should_not allow :foo
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -95,12 +109,12 @@ describe Draper::Security do
|
|||
before { security.allows :foo, :bar }
|
||||
|
||||
it "allows the listed methods" do
|
||||
security.allow?(:foo).should be_true
|
||||
security.allow?(:bar).should be_true
|
||||
security.should allow :foo
|
||||
security.should allow :bar
|
||||
end
|
||||
|
||||
it "denies other methods" do
|
||||
security.allow?(:baz).should be_false
|
||||
security.should_not allow :baz
|
||||
end
|
||||
|
||||
it "accepts multiple allows" do
|
||||
|
@ -119,16 +133,24 @@ describe Draper::Security do
|
|||
before { security.allows :baz }
|
||||
|
||||
it "still allows the original methods" do
|
||||
security.allow?(:foo).should be_true
|
||||
security.allow?(:bar).should be_true
|
||||
security.should allow :foo
|
||||
security.should allow :bar
|
||||
end
|
||||
|
||||
it "allows the additional methods" do
|
||||
security.allow?(:baz).should be_true
|
||||
security.should allow :baz
|
||||
end
|
||||
|
||||
it "denies other methods" do
|
||||
security.allow?(:qux).should be_false
|
||||
security.should_not allow :qux
|
||||
end
|
||||
end
|
||||
|
||||
context "with strings" do
|
||||
before { security.allows "baz" }
|
||||
|
||||
it "allows the method" do
|
||||
security.should allow :baz
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in a new issue