1
0
Fork 0
mirror of https://github.com/varvet/pundit.git synced 2022-11-09 12:30:11 -05:00
Commit graph

9 commits

Author SHA1 Message Date
Chris Legault
0e85e0cdb7 - Updated gemspec to use RSpec 3
- Updated tests to match new expect syntax
2014-02-08 08:19:24 -04:00
Tim Cooper
26e3706719 Allow policies and scopes to be injected into controllers.
In controller specs instead of relying on Pundit to instantiate the correct
policy object allow it to be injected into the controller. More often than not
a double is used in controller specs which means the policy cannot be
inferred. This also allows us to double the policy to ensure that on a unit
level the rights methods are being called on callaborators.

class PostsController < ApplicationController
  attr_writer :post
  helper_method :post

  def create
    authorize post

    post.save
    respond_with post
  end

  private

  def post
    @post ||= Post.new post_attributes
  end
end

describe PagesController do
  let(:policy) { double 'SomePolicy', create?: true }

  before do
    controller.policy = policy
  end

  it 'delegates authorization to policy' do
    expect(policy).to have_received(:create?)
  end
end

Add spec for injecting policy.

Use `or` instead of ternary operator.

Allow policy_scope to be injected for controller tests.
2013-09-02 11:32:30 +02:00
Thomas Klemm
91b3681900 Use RSpec double syntax over stub to fix deprecation warning 2013-08-26 10:04:15 +02:00
Philip Vieira
d7ef22bb97 Custom pundit user 2013-07-13 05:42:34 +02:00
Thomas Klemm
e918f7c3c4 Add ActiveSupport dependency in specs for Rails 4 to make them green again 2013-06-18 01:13:07 +02:00
Brendon Murphy
7be0a890a6 Add #verify_policy_scoped for controller usage.
See the readme changes for an example.  In short, this behaves
like verify_authorized but is useful for actions that find a
collection (like index) and don't authorize instances.
2013-04-17 22:05:24 -07:00
Jason Daly
e65159f26b Improvements on .policy_class support
The `BlogPolicy -> "BlogPolicy" -> "Blog" -> "BlogPolicy" -> BlogPolicy`
issue @jnicklas pointed out has been resolved. For example, given

```ruby
class BlogPolicy < Struct.new(:user, :blog); end
class Blog; end
class ArtificialBlog < Blog
  def self.policy_class
    BlogPolicy
  end
end
```

The above string manipulation/casting is prevented; the `BlogPolicy`
class will be immediately returned to `policy` and on to be evaluated.

Anonymous classes are now supported too. For example, given

```ruby
class BlogPolicy < Struct.new(:user, :blog); end
class Blog; end
class ArtificialBlog < Blog
  def self.policy_class
    Struct.new(:user, :blog) do
      def create?
        true
      end
    end
  end
end
```

The `Struct` will be returned and evaluated as any other policy.
2012-12-13 18:20:12 -05:00
Jason Daly
4fc13620ee Adds support for policy_class model instance/class for custom Policy 2012-11-30 10:21:46 -05:00
Jonas Nicklas
b8fd37110a Add specs and dependencies 2012-11-19 13:02:42 +01:00