1
0
Fork 0
mirror of https://github.com/drapergem/draper synced 2023-03-27 23:21:17 -04:00

Accept method names as strings for allows/denies

This commit is contained in:
Andrew Haines 2012-11-13 20:57:20 +00:00
parent 4f9b23c077
commit 768c51fe11
2 changed files with 43 additions and 21 deletions

View file

@ -6,9 +6,9 @@ module Draper
end
def denies(*methods)
raise ArgumentError, "Specify at least one method (as a symbol) to exclude when using denies" if methods.empty?
raise ArgumentError, "Specify at least one method to blacklist when using denies" if methods.empty?
self.strategy = :denies
@denied += methods
@denied += methods.map(&:to_sym)
end
def denies_all
@ -16,9 +16,9 @@ module Draper
end
def allows(*methods)
raise ArgumentError, "Specify at least one method (as a symbol) to allow when using allows" if methods.empty?
raise ArgumentError, "Specify at least one method to whitelist when using allows" if methods.empty?
self.strategy = :allows
@allowed += methods
@allowed += methods.map(&:to_sym)
end
def allow?(method)

View file

@ -1,11 +1,17 @@
require 'spec_helper'
RSpec::Matchers.define :allow do |method|
match do |subject|
subject.allow?(method)
end
end
describe Draper::Security do
subject(:security) { Draper::Security.new }
context "when newly initialized" do
it "allows any method" do
security.allow?(:foo).should be_true
security.should allow :foo
end
end
@ -19,12 +25,12 @@ describe Draper::Security do
before { security.denies :foo, :bar }
it "denies the listed methods" do
security.allow?(:foo).should be_false
security.allow?(:bar).should be_false
security.should_not allow :foo
security.should_not allow :bar
end
it "allows other methods" do
security.allow?(:baz).should be_true
security.should allow :baz
end
it "accepts multiple denies" do
@ -43,16 +49,24 @@ describe Draper::Security do
before { security.denies :baz }
it "still denies the original methods" do
security.allow?(:foo).should be_false
security.allow?(:bar).should be_false
security.should_not allow :foo
security.should_not allow :bar
end
it "denies the additional methods" do
security.allow?(:baz).should be_false
security.should_not allow :baz
end
it "allows other methods" do
security.allow?(:qux).should be_true
security.should allow :qux
end
end
context "with strings" do
before { security.denies "baz" }
it "denies the method" do
security.should_not allow :baz
end
end
end
@ -61,7 +75,7 @@ describe Draper::Security do
before { security.denies_all }
it "denies all methods" do
security.allow?(:foo).should be_false
security.should_not allow :foo
end
it "accepts multiple denies_all" do
@ -80,7 +94,7 @@ describe Draper::Security do
before { security.denies_all }
it "still denies all methods" do
security.allow?(:foo).should be_false
security.should_not allow :foo
end
end
end
@ -95,12 +109,12 @@ describe Draper::Security do
before { security.allows :foo, :bar }
it "allows the listed methods" do
security.allow?(:foo).should be_true
security.allow?(:bar).should be_true
security.should allow :foo
security.should allow :bar
end
it "denies other methods" do
security.allow?(:baz).should be_false
security.should_not allow :baz
end
it "accepts multiple allows" do
@ -119,16 +133,24 @@ describe Draper::Security do
before { security.allows :baz }
it "still allows the original methods" do
security.allow?(:foo).should be_true
security.allow?(:bar).should be_true
security.should allow :foo
security.should allow :bar
end
it "allows the additional methods" do
security.allow?(:baz).should be_true
security.should allow :baz
end
it "denies other methods" do
security.allow?(:qux).should be_false
security.should_not allow :qux
end
end
context "with strings" do
before { security.allows "baz" }
it "allows the method" do
security.should allow :baz
end
end
end