Class: ActionPolicy::RSpec::HaveAuthorizedScope

Inherits:

RSpec::Matchers::BuiltIn::BaseMatcher

• Object
• RSpec::Matchers::BuiltIn::BaseMatcher
• ActionPolicy::RSpec::HaveAuthorizedScope

Defined in:

lib/action_policy/rspec/have_authorized_scope.rb

Overview

Implements ‘have_authorized_scope` matcher.

Verifies that a block of code applies authorization scoping using specific policy.

Example:

# in controller/request specs
subject { get :index }

it "has authorized scope" do
  expect { subject }
    .to have_authorized_scope(:active_record_relation)
    .with(ProductPolicy)
end

Instance Attribute Summary

• #actual_scopes ⇒ Object readonly

  Returns the value of attribute actual_scopes.

• #name ⇒ Object readonly

  Returns the value of attribute name.

• #policy ⇒ Object readonly

  Returns the value of attribute policy.

• #scope_options ⇒ Object readonly

  Returns the value of attribute scope_options.

• #target_expectations ⇒ Object readonly

  Returns the value of attribute target_expectations.

• #type ⇒ Object readonly

  Returns the value of attribute type.

Instance Method Summary

• #actual_scopes_message ⇒ Object
• #as(name) ⇒ Object
• #does_not_match? ⇒ Boolean
• #failure_message ⇒ Object
• #formatted_scopings ⇒ Object
• #initialize(type) ⇒ HaveAuthorizedScope constructor

  A new instance of HaveAuthorizedScope.

• #match(_expected, actual) ⇒ Object
• #scope_options_message ⇒ Object
• #supports_block_expectations? ⇒ Boolean
• #with(policy) ⇒ Object
• #with_scope_options(scope_options) ⇒ Object
• #with_target(&block) ⇒ Object

Constructor Details

#initialize(type) ⇒ HaveAuthorizedScope

Returns a new instance of HaveAuthorizedScope.

# File 'lib/action_policy/rspec/have_authorized_scope.rb', line 26

def initialize(type)
  @type = type
  @name = :default
  @scope_options = nil
end

Instance Attribute Details

#actual_scopes ⇒ Object (readonly)

Returns the value of attribute actual_scopes.

# File 'lib/action_policy/rspec/have_authorized_scope.rb', line 23

def actual_scopes
  @actual_scopes
end

#name ⇒ Object (readonly)

Returns the value of attribute name.

# File 'lib/action_policy/rspec/have_authorized_scope.rb', line 23

def name
  @name
end

#policy ⇒ Object (readonly)

Returns the value of attribute policy.

# File 'lib/action_policy/rspec/have_authorized_scope.rb', line 23

def policy
  @policy
end

#scope_options ⇒ Object (readonly)

Returns the value of attribute scope_options.

# File 'lib/action_policy/rspec/have_authorized_scope.rb', line 23

def scope_options
  @scope_options
end

#target_expectations ⇒ Object (readonly)

Returns the value of attribute target_expectations.

# File 'lib/action_policy/rspec/have_authorized_scope.rb', line 23

def target_expectations
  @target_expectations
end

#type ⇒ Object (readonly)

Returns the value of attribute type.

# File 'lib/action_policy/rspec/have_authorized_scope.rb', line 23

def type
  @type
end

Instance Method Details

#actual_scopes_message ⇒ Object

# File 'lib/action_policy/rspec/have_authorized_scope.rb', line 100

def actual_scopes_message
  if actual_scopes.empty?
    "no scopings have been made"
  else
    "the following scopings were encountered:\n" \
    "#{formatted_scopings}"
  end
end

#as(name) ⇒ Object

# File 'lib/action_policy/rspec/have_authorized_scope.rb', line 37

def as(name)
  @name = name
  self
end

#does_not_match? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/action_policy/rspec/have_authorized_scope.rb', line 74

def does_not_match?(*)
  raise "This matcher doesn't support negation"
end

#failure_message ⇒ Object

# File 'lib/action_policy/rspec/have_authorized_scope.rb', line 80

def failure_message
  "expected a scoping named :#{name} for type :#{type} " \
  "#{scope_options_message} " \
  "from #{policy} to have been applied, " \
  "but #{actual_scopes_message}"
end

#formatted_scopings ⇒ Object

# File 'lib/action_policy/rspec/have_authorized_scope.rb', line 109

def formatted_scopings
  actual_scopes.map do
    " - #{_1.inspect}"
  end.join("\n")
end

#match(_expected, actual) ⇒ Object

# File 'lib/action_policy/rspec/have_authorized_scope.rb', line 52

def match(_expected, actual)
  raise "This matcher only supports block expectations" unless actual.is_a?(Proc)

  ActionPolicy::Testing::AuthorizeTracker.tracking { actual.call }

  @actual_scopes = ActionPolicy::Testing::AuthorizeTracker.scopings

  matching_scopes = actual_scopes.select { _1.matches?(policy, type, name, scope_options) }

  return false if matching_scopes.empty?

  return true unless target_expectations

  if matching_scopes.size > 1
    raise "Too many matching scopings (#{matching_scopes.size}), " \
          "you can run `.with_target` only when there is the only one match"
  end

  target_expectations.call(matching_scopes.first.target)
  true
end

#scope_options_message ⇒ Object

# File 'lib/action_policy/rspec/have_authorized_scope.rb', line 87

def scope_options_message
  if scope_options
    if defined?(::RSpec::Matchers::Composable) &&
        scope_options.is_a?(::RSpec::Matchers::Composable)
      "with scope options #{scope_options.description}"
    else
      "with scope options #{scope_options}"
    end
  else
    "without scope options"
  end
end

#supports_block_expectations? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/action_policy/rspec/have_authorized_scope.rb', line 78

def supports_block_expectations?() = true

#with(policy) ⇒ Object

# File 'lib/action_policy/rspec/have_authorized_scope.rb', line 32

def with(policy)
  @policy = policy
  self
end

#with_scope_options(scope_options) ⇒ Object

# File 'lib/action_policy/rspec/have_authorized_scope.rb', line 42

def with_scope_options(scope_options)
  @scope_options = scope_options
  self
end

#with_target(&block) ⇒ Object

# File 'lib/action_policy/rspec/have_authorized_scope.rb', line 47

def with_target(&block)
  @target_expectations = block
  self
end