No commit activity in last 3 years
No release in over 3 years
A neat way of asserting declarative_authorization's rules inside controller using RSpec matcher.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

~> 1.7
~> 4.0
~> 10.0

Runtime

 Project Readme

RSpec::Authorization

GitHub Documentation License

Gem Version Build Status Code Climate Test Coverage Dependency Status security Inline docs

RSpec matcher for declarative_authorization. A neat way of asserting declarative_authorization's rules inside controller using RSpec matcher.

Installation

Add this line to your application's Gemfile:

gem 'rspec-authorization', group: :test, require: false

Add this to spec_helper.rb:

require 'rspec/authorization'

And then execute:

bundle

Or install it yourself as:

gem install rspec-authorization

Requirement

Current development focus is as follows, future development may support other dependencies, following are requirements for this gem:

  • declarative_authorization 1.0.0.pre
  • rails 4.x
  • rspec-rails 3.1.x

Usage

In your controller spec:

describe ArticlesController do
  it { is_expected.to have_permission_for(:a_role).to(:restful_action_name) }

  it { is_expected.to have_permission_for(:writer).to(:index) }
  it { is_expected.to have_permission_for(:writer).to(:show) }
  it { is_expected.to have_permission_for(:writer).to(:new) }
  it { is_expected.to have_permission_for(:writer).to(:create) }
  it { is_expected.not_to have_permission_for(:writer).to(:edit) }
  it { is_expected.not_to have_permission_for(:writer).to(:update) }
  it { is_expected.not_to have_permission_for(:writer).to(:destroy) }
end

You can also use convenience restful helper methods:

describe ArticlesController do
  it { is_expected.to have_permission_for(:user).to_read }
  it { is_expected.not_to have_permission_for(:user).to_create }
  it { is_expected.not_to have_permission_for(:user).to_update }
  it { is_expected.not_to have_permission_for(:user).to_delete }

  it { is_expected.to have_permission_for(:writer).to_read }
  it { is_expected.to have_permission_for(:writer).to_create }
  it { is_expected.to have_permission_for(:writer).to_update }
  it { is_expected.not_to have_permission_for(:writer).to_delete }

  it { is_expected.to have_permission_for(:editor).to_manage }
end

Or you can also use the focused restful helper method as follows:

describe ArticlesController do
  it { is_expected.to have_permision_for(:user).only_to_read }
  it { is_expected.to have_permision_for(:writer).except_to_delete }
end

History

See {file:HISTORY.md} for history of changes.

License

rspec-authorization © 2014 by Hendra Uzia. rspec-authorization is licensed under the MIT license except for some files which come from the RDoc/Ruby distributions. Please see the {file:LICENSE.txt} documents for more information.

Contributing

  1. Fork it ( https://github.com/hendrauzia/rspec-authorization/fork )
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Setup rails test app (bundle exec rake setup)
  4. Test your changes (bundle exec rake spec)
  5. Commit your changes (git commit -am 'Add some feature')
  6. Push to the branch (git push origin my-new-feature)
  7. Create a new Pull Request

Prepare for Release

  1. Add changelog to history. (git changelog -l >> HISTORY.md)
  2. Increase version number in lib/rspec/authorization/version.rb.
  3. bundle exec appraisal update.
  4. git commit -am "Prepare for release x.y.z".

How To Release

  1. bundle exec appraisal rake spec
  2. git push origin master (wait for travis build to pass)
  3. bundle exec rake release