RSpec::Authorization
RSpec matcher for declarative_authorization. A neat way of asserting declarative_authorization's rules inside controller using RSpec matcher.
Installation
Add this line to your application's Gemfile:
gem 'rspec-authorization', group: :test, require: false
Add this to spec_helper.rb
:
require 'rspec/authorization'
And then execute:
bundle
Or install it yourself as:
gem install rspec-authorization
Requirement
Current development focus is as follows, future development may support other dependencies, following are requirements for this gem:
- declarative_authorization 1.0.0.pre
- rails 4.x
- rspec-rails 3.1.x
Usage
In your controller spec:
describe ArticlesController do
it { is_expected.to have_permission_for(:a_role).to(:restful_action_name) }
it { is_expected.to have_permission_for(:writer).to(:index) }
it { is_expected.to have_permission_for(:writer).to(:show) }
it { is_expected.to have_permission_for(:writer).to(:new) }
it { is_expected.to have_permission_for(:writer).to(:create) }
it { is_expected.not_to have_permission_for(:writer).to(:edit) }
it { is_expected.not_to have_permission_for(:writer).to(:update) }
it { is_expected.not_to have_permission_for(:writer).to(:destroy) }
end
You can also use convenience restful helper methods:
describe ArticlesController do
it { is_expected.to have_permission_for(:user).to_read }
it { is_expected.not_to have_permission_for(:user).to_create }
it { is_expected.not_to have_permission_for(:user).to_update }
it { is_expected.not_to have_permission_for(:user).to_delete }
it { is_expected.to have_permission_for(:writer).to_read }
it { is_expected.to have_permission_for(:writer).to_create }
it { is_expected.to have_permission_for(:writer).to_update }
it { is_expected.not_to have_permission_for(:writer).to_delete }
it { is_expected.to have_permission_for(:editor).to_manage }
end
Or you can also use the focused restful helper method as follows:
describe ArticlesController do
it { is_expected.to have_permision_for(:user).only_to_read }
it { is_expected.to have_permision_for(:writer).except_to_delete }
end
History
See {file:HISTORY.md} for history of changes.
License
rspec-authorization © 2014 by Hendra Uzia. rspec-authorization is licensed under the MIT license except for some files which come from the RDoc/Ruby distributions. Please see the {file:LICENSE.txt} documents for more information.
Contributing
- Fork it ( https://github.com/hendrauzia/rspec-authorization/fork )
- Create your feature branch (
git checkout -b my-new-feature
) - Setup rails test app (
bundle exec rake setup
) - Test your changes (
bundle exec rake spec
) - Commit your changes (
git commit -am 'Add some feature'
) - Push to the branch (
git push origin my-new-feature
) - Create a new Pull Request
Prepare for Release
- Add changelog to history. (
git changelog -l >> HISTORY.md
) - Increase version number in
lib/rspec/authorization/version.rb
. -
bundle exec appraisal update
. -
git commit -am "Prepare for release x.y.z"
.
How To Release
bundle exec appraisal rake spec
-
git push origin master
(wait for travis build to pass) bundle exec rake release