Merge branch 'master' into 1.0.0

Author: zeiv

gemfiles/4.1.gemfile

@@ -0,0 +1,7 @@
+source 'https://rubygems.org'
+
+gem 'rails', '~> 4.1.0'
+gem 'sqlite3'
+gem 'ruby_parser'
+gem 'rdoc'
+gemspec :path => '..'

lib/declarative_authorization/authorization.rb

@@ -164,7 +164,7 @@ def permit! (privilege, options = {})
       # Example: permit!( :edit, :object => user.posts )
       #
       if Authorization.is_a_association_proxy?(options[:object]) && options[:object].respond_to?(:new)
-        options[:object] = (Rails.version < "3.0" ? options[:object] : options[:object].scoped).new
+        options[:object] = (Rails.version < "3.0" ? options[:object] : options[:object].where(nil)).new
       end
 
       options[:context] ||= options[:object] && (
@@ -625,7 +625,13 @@ def to_long_s (hash = nil)
     protected
     def object_attribute_value (object, attr)
       begin
-        object.respond_to?(:proxy_association) ? object.shift.send(attr) : object.send(attr)
+        if object.respond_to?(:proxy_association)
+          first = object.first
+          object.delete(first)
+          first.send(attr)
+        else
+          object.send(attr)
+        end
       rescue ArgumentError, NoMethodError => e
         raise AuthorizationUsageError, "Error occurred while validating attribute ##{attr} on #{object.inspect}: #{e}.\n" +
           "Please check your authorization rules and ensure the attribute is correctly spelled and \n" +

lib/declarative_authorization/in_model.rb

@@ -105,7 +105,7 @@ def self.with_permissions_to (*args)
             privilege = (args[0] || :read).to_sym
             privileges = [privilege]
 
-            parent_scope = scoped
+            parent_scope = where(nil)
             context =
                 if options[:context]
                   options[:context]

lib/declarative_authorization/obligation_scope.rb

@@ -55,9 +55,12 @@ def initialize (model, options)
     def scope
       if Rails.version < "3"
         self
-      else
+      elsif Rails.version < "4"
         # for Rails < 3: scope, after setting proxy_options
         self.klass.scoped(@finder_options)
+      else
+        # TODO Refactor this.  There is certainly a better way.
+        self.klass.joins(@finder_options[:joins]).includes(@finder_options[:include]).where(@finder_options[:conditions])
       end
     end
 

test/model_test.rb

@@ -17,14 +17,27 @@ class TestModel < ActiveRecord::Base
   has_many :test_attrs
   has_many :test_another_attrs, :class_name => "TestAttr", :foreign_key => :test_another_model_id
   has_many :test_attr_throughs, :through => :test_attrs
-  has_many :test_attrs_with_attr, :class_name => "TestAttr", :conditions => {:attr => 1}
-  has_many :test_attr_throughs_with_attr, :through => :test_attrs, 
-    :class_name => "TestAttrThrough", :source => :test_attr_throughs,
-    :conditions => "test_attrs.attr = 1"
   has_one :test_attr_has_one, :class_name => "TestAttr"
-  has_one :test_attr_throughs_with_attr_and_has_one, :through => :test_attrs,
-    :class_name => "TestAttrThrough", :source => :test_attr_throughs,
-    :conditions => "test_attrs.attr = 1"
+  has_many :branches
+
+  # :conditions is deprecated in Rails 4.1
+  if Rails.version >= '4'
+    has_many :test_attrs_with_attr, lambda { where(:attr => 1) }, :class_name => "TestAttr"
+    has_many :test_attr_throughs_with_attr, lambda { where("test_attrs.attr = 1") }, :through => :test_attrs, 
+      :class_name => "TestAttrThrough", :source => :test_attr_throughs
+
+    has_one :test_attr_throughs_with_attr_and_has_one, lambda { where("test_attrs.attr = 1") }, :through => :test_attrs,
+      :class_name => "TestAttrThrough", :source => :test_attr_throughs
+  else    
+    has_many :test_attrs_with_attr, :class_name => "TestAttr", :conditions => {:attr => 1}
+    has_many :test_attr_throughs_with_attr, :through => :test_attrs, 
+      :class_name => "TestAttrThrough", :source => :test_attr_throughs,
+      :conditions => "test_attrs.attr = 1"
+
+    has_one :test_attr_throughs_with_attr_and_has_one, :through => :test_attrs,
+      :class_name => "TestAttrThrough", :source => :test_attr_throughs,
+      :conditions => "test_attrs.attr = 1"
+  end
 
   if Rails.version < '4'
     attr_accessible :content, :test_attr_through_id, :country_id
@@ -38,8 +51,10 @@ class TestModel < ActiveRecord::Base
 
   if Rails.version < "3"
     named_scope :with_content, :conditions => "test_models.content IS NOT NULL"
-  else
+  elsif Rails.version < "4"
     scope :with_content, :conditions => "test_models.content IS NOT NULL"
+  else
+    scope :with_content, lambda { where("test_models.content IS NOT NULL") }
   end
 
   # Primary key test
@@ -121,9 +136,10 @@ class TestModelSecurityModelWithFind < ActiveRecord::Base
 class Branch < ActiveRecord::Base
   has_many :test_attrs
   belongs_to :company
+  belongs_to :test_model
 
   if Rails.version < '4'
-    attr_accessible :name, :company
+    attr_accessible :name, :company, :test_model
   end
 end
 class Company < ActiveRecord::Base
@@ -170,7 +186,12 @@ def test_multiple_deep_ored_belongs_to
                       :test_another_model_id => test_model_2.id
 
     user = MockUser.new(:test_role, :id => test_attr_1)
-    assert_equal 1, TestAttr.with_permissions_to(:read, :user => user).length
+    if Rails.version >= '4'
+      assert_equal 1, TestAttr.with_permissions_to(:read, :user => user).references(:test_attrs, :test_attrs_test_models, :test_attrs_test_models_2).length
+    else
+      assert_equal 1, TestAttr.with_permissions_to(:read, :user => user).length
+    end
+
     TestAttr.delete_all
     TestModel.delete_all
   end
@@ -802,7 +823,11 @@ def test_with_contains
     user = MockUser.new(:test_role,
                         :id => test_model_1.test_attrs.first.id)
     assert_equal 1, TestModel.with_permissions_to(:read, :user => user).length
-    assert_equal 1, TestModel.with_permissions_to(:read, :user => user).find(:all, :conditions => {:id => test_model_1.id}).length
+    if Rails.version < '3'
+    assert_equal 1, TestModel.with_permissions_to(:read, :user => user).find(:all, :conditions => {:id => test_model_1.id} ).length
+    else
+      assert_equal 1, TestModel.with_permissions_to(:read, :user => user).where(:id => test_model_1.id).length
+    end
 
     TestModel.delete_all
     TestAttr.delete_all
@@ -1185,7 +1210,11 @@ def test_with_anded_if_permitted_to
     assert Authorization::Engine.instance.permit?(:read, :object => test_model_1.test_attrs.first, :user => user_with_both_roles)
     assert Authorization::Engine.instance.permit?(:read, :object => test_model_for_second_role.test_attrs.first, :user => user_with_both_roles)
     #p Authorization::Engine.instance.obligations(:read, :user => user_with_both_roles, :context => :test_attrs)
-    assert_equal 2, TestAttr.with_permissions_to(:read, :user => user_with_both_roles).length
+    if Rails.version >= '4'
+      assert_equal 2, TestAttr.with_permissions_to(:read, :user => user_with_both_roles).references(:test_attrs, :test_models).length
+    else
+      assert_equal 1, TestAttr.with_permissions_to(:read, :user => user).length
+    end
 
     TestModel.delete_all
     TestAttr.delete_all
@@ -1446,7 +1475,11 @@ def test_with_ored_rules_and_reoccuring_tables
     test_attr_2.test_model.test_attrs.create!
 
     user = MockUser.new(:test_role, :test_attr => test_attr_2.test_model.test_attrs.last)
-    assert_equal 2, TestAttr.with_permissions_to(:read, :user => user).length
+    if Rails.version >= '4'
+      assert_equal 2, TestAttr.with_permissions_to(:read, :user => user).references(:test_attrs, :test_models, :test_models_test_attrs, :test_attrs_test_models).length
+    else
+      assert_equal 2, TestAttr.with_permissions_to(:read, :user => user).length
+    end
     TestModel.delete_all
     TestAttr.delete_all
   end
@@ -1483,7 +1516,11 @@ def test_with_many_ored_rules_and_reoccuring_tables
 
     user = MockUser.new(:test_role, :test_model => country.test_models.first)
 
-    assert_equal 2, TestAttr.with_permissions_to(:read, :user => user).length
+    if Rails.version >= '4'
+      assert_equal 2, TestAttr.with_permissions_to(:read, :user => user).references(:test_attrs, :test_models, :test_models_countries).length
+    else
+      assert_equal 2, TestAttr.with_permissions_to(:read, :user => user).length
+    end
     TestModel.delete_all
     TestAttr.delete_all
   end
@@ -1822,12 +1859,43 @@ def test_authorization_permit_association_proxy
     test_model = TestModel.create(:content => "content")
     assert engine.permit?(:read, :object => test_model.test_attrs,
                           :user => MockUser.new(:test_role))
-    assert test_model.test_attrs.empty?
     assert !engine.permit?(:read, :object => TestAttr.new,
                           :user => MockUser.new(:test_role))
     TestModel.delete_all
   end
 
+  # def test_authorization_permit_nested_association_proxy
+  #   reader = Authorization::Reader::DSLReader.new
+  #   reader.parse %{
+  #     authorization do
+  #       role :test_role do
+  #         has_permission_on :branches, :to => :read do
+  #           if_attribute :test_model => { :test_attrs => {:attr => 1 } }
+  #         end
+  #       end
+  #     end
+  #   }
+  #   engine = Authorization::Engine.instance(reader)
+
+  #   test_model = TestModel.create!
+  #   test_model.test_attrs.create!(:attr => 0)
+  #   test_attr = test_model.test_attrs.create!(:attr => 1)
+  #   test_model.test_attrs.create!(:attr => 3)
+  #   test_branch = Branch.create!(:test_model => test_model)
+
+  #   test_model_2 = TestModel.create!
+  #   test_attr_2 = test_model_2.test_attrs.create!(:attr => 2)
+  #   test_branch_2 = Branch.create!(:test_model => test_model_2)
+
+  #   assert engine.permit?(:read, :object => test_branch,
+  #                         :user => MockUser.new(:test_role))
+  #   assert !engine.permit?(:read, :object => test_branch_2,
+  #                         :user => MockUser.new(:test_role))
+  #   TestModel.delete_all
+  #   Branch.delete_all
+  #   TestAttr.delete_all
+  # end
+
   def test_multiple_roles_with_has_many_through
     reader = Authorization::Reader::DSLReader.new
     reader.parse %{
@@ -1860,7 +1928,11 @@ def test_multiple_roles_with_has_many_through
     user = MockUser.new(:test_role_1, :test_role_2,
         :test_attr_through_id => test_model_1.test_attr_throughs.first.id,
         :test_attr_through_2_id => test_model_2.test_attr_throughs.first.id)
-    assert_equal 2, TestModel.with_permissions_to(:read, :user => user).length
+    if Rails.version >= '4'
+      assert_equal 2, TestModel.with_permissions_to(:read, :user => user).references(:test_models, :test_attr_throughs).length
+    else
+      assert_equal 2, TestModel.with_permissions_to(:read, :user => user).length
+    end
     TestModel.delete_all
     TestAttr.delete_all
     TestAttrThrough.delete_all

test/schema.sql

@@ -39,6 +39,7 @@ CREATE TABLE 'n_way_join_items' (
 CREATE TABLE 'branches' (
   'id' INTEGER PRIMARY KEY NOT NULL,
   'company_id' integer,
+  'test_model_id' integer,
   'name' text
 );
 

test/test_helper.rb

@@ -1,4 +1,3 @@
-require 'test/unit'
 require 'pathname'
 
 ENV['RAILS_ENV'] = 'test'
@@ -13,16 +12,22 @@
 end
 Bundler.require
 
+if Rails.version >= '4.1'
+  require 'minitest/autorun'
+  require 'test_support/minitest_compatibility'
+else
+  require 'test/unit'
+end
+
 # rails 2.3 and ruby 1.9.3 fix
 MissingSourceFile::REGEXPS.push([/^cannot load such file -- (.+)$/i, 1])
 
 # Silence Rails 4 deprecation warnings in test suite
 # TODO: Model.scoped is deprecated
 # TODO: Eager loading Post.includes(:comments).where("comments.title = 'foo'") becomes Post.includes(:comments).where("comments.title = 'foo'").references(:comments)
-# TODO: has_many conditions is deprecated for a scoped block
-if Rails.version >= '4'
-  ActiveSupport::Deprecation.silenced = true
-end
+# if Rails.version >= '4'
+#   ActiveSupport::Deprecation.silenced = true
+# end
 
 puts "Testing against rails #{Rails::VERSION::STRING}"
 
@@ -189,11 +194,42 @@ def setup
     end
   end
 
-else
+elsif Rails.version < '4.1'
   class Test::Unit::TestCase
     include Authorization::TestHelper
   end
 
+  class ActiveSupport::TestCase
+    include Authorization::TestHelper
+    
+    def request! (user, action, reader, params = {})
+      action = action.to_sym if action.is_a?(String)
+      @controller.current_user = user
+      @controller.authorization_engine = Authorization::Engine.new(reader)
+      
+      ((params.delete(:clear) || []) + [:@authorized]).each do |var|
+        @controller.instance_variable_set(var, nil)
+      end
+      get action, params
+    end
+
+    unless Rails.version < "3"
+      def setup
+        #@routes = Rails::Application.routes
+        @routes = Rails.application.routes
+      end
+    end
+  end
+else
+  module Test
+    module Unit
+    end
+  end
+
+  class Test::Unit::TestCase < Minitest::Test
+    include Authorization::TestHelper
+  end
+
   class ActiveSupport::TestCase
     include Authorization::TestHelper
 

test/test_support/minitest_compatibility.rb

@@ -0,0 +1,27 @@
+require 'minitest/assertions'
+
+module Minitest
+  module Assertions
+
+    # test/unit backwards compatibility methods
+    alias :assert_raise :assert_raises
+    alias :assert_not_empty :refute_empty
+    alias :assert_not_equal :refute_equal
+    alias :assert_not_in_delta :refute_in_delta
+    alias :assert_not_in_epsilon :refute_in_epsilon
+    alias :assert_not_includes :refute_includes
+    alias :assert_not_instance_of :refute_instance_of
+    alias :assert_not_kind_of :refute_kind_of
+    alias :assert_no_match :refute_match
+    alias :assert_not_nil :refute_nil
+    alias :assert_not_operator :refute_operator
+    alias :assert_not_predicate :refute_predicate
+    alias :assert_not_respond_to :refute_respond_to
+    alias :assert_not_same :refute_same
+
+  def assert_nothing_raised(*)
+    yield
+  end
+
+  end
+end