commit
e63a245f42
11 changed files with 124 additions and 34 deletions
1
Gemfile
1
Gemfile
|
@ -96,3 +96,4 @@ gem 'airbrake'
|
||||||
|
|
||||||
gem 'bootstrap-sass', '~> 3.3.5'
|
gem 'bootstrap-sass', '~> 3.3.5'
|
||||||
gem 'react-rails'
|
gem 'react-rails'
|
||||||
|
gem 'rolify'
|
||||||
|
|
|
@ -223,6 +223,7 @@ GEM
|
||||||
http-cookie (>= 1.0.2, < 2.0)
|
http-cookie (>= 1.0.2, < 2.0)
|
||||||
mime-types (>= 1.16, < 3.0)
|
mime-types (>= 1.16, < 3.0)
|
||||||
netrc (~> 0.7)
|
netrc (~> 0.7)
|
||||||
|
rolify (5.1.0)
|
||||||
rspec-core (3.3.2)
|
rspec-core (3.3.2)
|
||||||
rspec-support (~> 3.3.0)
|
rspec-support (~> 3.3.0)
|
||||||
rspec-expectations (3.3.1)
|
rspec-expectations (3.3.1)
|
||||||
|
@ -326,6 +327,7 @@ DEPENDENCIES
|
||||||
purecss-rails
|
purecss-rails
|
||||||
rails (= 4.2.4)
|
rails (= 4.2.4)
|
||||||
react-rails
|
react-rails
|
||||||
|
rolify
|
||||||
rspec-rails
|
rspec-rails
|
||||||
sass-rails (~> 5.0)
|
sass-rails (~> 5.0)
|
||||||
sdoc (~> 0.4.0)
|
sdoc (~> 0.4.0)
|
||||||
|
|
|
@ -10,6 +10,7 @@
|
||||||
#
|
#
|
||||||
|
|
||||||
class Client < ActiveRecord::Base
|
class Client < ActiveRecord::Base
|
||||||
|
rolify
|
||||||
has_many :issued_transactions, as: :issuer, class_name: 'Transaction'
|
has_many :issued_transactions, as: :issuer, class_name: 'Transaction'
|
||||||
before_create :generate_key
|
before_create :generate_key
|
||||||
|
|
||||||
|
|
|
@ -3,6 +3,8 @@ class ClientAbility
|
||||||
|
|
||||||
def initialize(client)
|
def initialize(client)
|
||||||
client ||= Client.new # guest user (not logged in)
|
client ||= Client.new # guest user (not logged in)
|
||||||
can :manage, :all
|
|
||||||
|
can :create, Transaction if client.has_role? :create_transactions
|
||||||
|
can :create, Request
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
12
app/models/role.rb
Normal file
12
app/models/role.rb
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
class Role < ActiveRecord::Base
|
||||||
|
has_and_belongs_to_many :clients, join_table: :clients_roles
|
||||||
|
|
||||||
|
belongs_to :resource,
|
||||||
|
polymorphic: true
|
||||||
|
|
||||||
|
validates :resource_type,
|
||||||
|
inclusion: { in: Rolify.resource_types },
|
||||||
|
allow_nil: true
|
||||||
|
|
||||||
|
scopify
|
||||||
|
end
|
7
config/initializers/rolify.rb
Normal file
7
config/initializers/rolify.rb
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
Rolify.configure do |config|
|
||||||
|
# By default ORM adapter is ActiveRecord. uncomment to use mongoid
|
||||||
|
# config.use_mongoid
|
||||||
|
|
||||||
|
# Dynamic shortcuts for User class (user.is_admin? like methods). Default is: false
|
||||||
|
# config.use_dynamic_shortcuts
|
||||||
|
end
|
19
db/migrate/20170123151219_rolify_create_roles.rb
Normal file
19
db/migrate/20170123151219_rolify_create_roles.rb
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
class RolifyCreateRoles < ActiveRecord::Migration
|
||||||
|
def change
|
||||||
|
create_table(:roles) do |t|
|
||||||
|
t.string :name
|
||||||
|
t.references :resource, polymorphic: true
|
||||||
|
|
||||||
|
t.timestamps
|
||||||
|
end
|
||||||
|
|
||||||
|
create_table(:clients_roles, id: false) do |t|
|
||||||
|
t.references :client
|
||||||
|
t.references :role
|
||||||
|
end
|
||||||
|
|
||||||
|
add_index(:roles, :name)
|
||||||
|
add_index(:roles, [ :name, :resource_type, :resource_id ])
|
||||||
|
add_index(:clients_roles, [ :client_id, :role_id ])
|
||||||
|
end
|
||||||
|
end
|
20
db/schema.rb
20
db/schema.rb
|
@ -11,7 +11,7 @@
|
||||||
#
|
#
|
||||||
# It's strongly recommended that you check this file into your version control system.
|
# It's strongly recommended that you check this file into your version control system.
|
||||||
|
|
||||||
ActiveRecord::Schema.define(version: 20170109150245) do
|
ActiveRecord::Schema.define(version: 20170123151219) do
|
||||||
|
|
||||||
create_table "clients", force: :cascade do |t|
|
create_table "clients", force: :cascade do |t|
|
||||||
t.string "name", null: false
|
t.string "name", null: false
|
||||||
|
@ -23,6 +23,13 @@ ActiveRecord::Schema.define(version: 20170109150245) do
|
||||||
add_index "clients", ["key"], name: "index_clients_on_key"
|
add_index "clients", ["key"], name: "index_clients_on_key"
|
||||||
add_index "clients", ["name"], name: "index_clients_on_name"
|
add_index "clients", ["name"], name: "index_clients_on_name"
|
||||||
|
|
||||||
|
create_table "clients_roles", id: false, force: :cascade do |t|
|
||||||
|
t.integer "client_id"
|
||||||
|
t.integer "role_id"
|
||||||
|
end
|
||||||
|
|
||||||
|
add_index "clients_roles", ["client_id", "role_id"], name: "index_clients_roles_on_client_id_and_role_id"
|
||||||
|
|
||||||
create_table "notifications", force: :cascade do |t|
|
create_table "notifications", force: :cascade do |t|
|
||||||
t.integer "user_id", null: false
|
t.integer "user_id", null: false
|
||||||
t.string "message"
|
t.string "message"
|
||||||
|
@ -49,6 +56,17 @@ ActiveRecord::Schema.define(version: 20170109150245) do
|
||||||
add_index "requests", ["debtor_id"], name: "index_requests_on_debtor_id"
|
add_index "requests", ["debtor_id"], name: "index_requests_on_debtor_id"
|
||||||
add_index "requests", ["issuer_type", "issuer_id"], name: "index_requests_on_issuer_type_and_issuer_id"
|
add_index "requests", ["issuer_type", "issuer_id"], name: "index_requests_on_issuer_type_and_issuer_id"
|
||||||
|
|
||||||
|
create_table "roles", force: :cascade do |t|
|
||||||
|
t.string "name"
|
||||||
|
t.integer "resource_id"
|
||||||
|
t.string "resource_type"
|
||||||
|
t.datetime "created_at"
|
||||||
|
t.datetime "updated_at"
|
||||||
|
end
|
||||||
|
|
||||||
|
add_index "roles", ["name", "resource_type", "resource_id"], name: "index_roles_on_name_and_resource_type_and_resource_id"
|
||||||
|
add_index "roles", ["name"], name: "index_roles_on_name"
|
||||||
|
|
||||||
create_table "transactions", force: :cascade do |t|
|
create_table "transactions", force: :cascade do |t|
|
||||||
t.integer "debtor_id", null: false
|
t.integer "debtor_id", null: false
|
||||||
t.integer "creditor_id", null: false
|
t.integer "creditor_id", null: false
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
describe TransactionsController, type: :api do
|
describe TransactionsController, type: :api do
|
||||||
|
def post_transaction(extra_attributes = {})
|
||||||
|
post '/transactions', { transaction: @api_attributes.merge(extra_attributes) },
|
||||||
|
{ 'HTTP_ACCEPT' => "application/json", "HTTP_AUTHORIZATION" => "Token token=#{@key}" }
|
||||||
|
end
|
||||||
|
|
||||||
before :each do
|
before :each do
|
||||||
@debtor = create :user
|
@debtor = create :user
|
||||||
@creditor = create :user
|
@creditor = create :user
|
||||||
|
@ -14,43 +19,55 @@ describe TransactionsController, type: :api do
|
||||||
@key = @client.key
|
@key = @client.key
|
||||||
end
|
end
|
||||||
|
|
||||||
def post_transaction(extra_attributes = {})
|
describe 'with key' do
|
||||||
post '/transactions', { transaction: @api_attributes.merge(extra_attributes) },
|
before :each do
|
||||||
{ 'HTTP_ACCEPT' => "application/json", "HTTP_AUTHORIZATION" => "Token token=#{@key}" }
|
@client.add_role :create_transactions
|
||||||
end
|
|
||||||
|
|
||||||
describe "Authentication" do
|
|
||||||
it "should require a client authentication key" do
|
|
||||||
post '/transactions'
|
|
||||||
expect(last_response.status).to eq(302)
|
|
||||||
end
|
end
|
||||||
|
|
||||||
it "should work with valid key" do
|
def post_transaction(extra_attributes = {})
|
||||||
post_transaction
|
post '/transactions', { transaction: @api_attributes.merge(extra_attributes) },
|
||||||
expect(last_response.status).to eq(201)
|
{ 'HTTP_ACCEPT' => "application/json", "HTTP_AUTHORIZATION" => "Token token=#{@key}" }
|
||||||
|
end
|
||||||
|
|
||||||
|
describe "Authentication" do
|
||||||
|
it "should require a client authentication key" do
|
||||||
|
post '/transactions'
|
||||||
|
expect(last_response.status).to eq(302)
|
||||||
|
end
|
||||||
|
|
||||||
|
it "should work with valid key" do
|
||||||
|
post_transaction
|
||||||
|
expect(last_response.status).to eq(201)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe "successfull creating transaction" do
|
||||||
|
it "should create a transaction" do
|
||||||
|
expect { post_transaction }.to change { Transaction.count }.by(1)
|
||||||
|
end
|
||||||
|
|
||||||
|
it "should set issuer" do
|
||||||
|
post_transaction
|
||||||
|
@transaction = Transaction.last
|
||||||
|
expect(@transaction.issuer).to eq(@client)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe "failed creating transaction" do
|
||||||
|
# it "should create a transaction" do
|
||||||
|
# expect { post_transaction(euros: -5) }.to change { Transaction.count }.by(0)
|
||||||
|
# end
|
||||||
|
|
||||||
|
# it "should give 422 status" do
|
||||||
|
# post_transaction(euros: -4)
|
||||||
|
# expect(last_response.status).to eq(422)
|
||||||
|
# end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "successfull creating transaction" do
|
describe 'without key' do
|
||||||
it "should create a transaction" do
|
it "should not create a transaction" do
|
||||||
expect { post_transaction }.to change { Transaction.count }.by(1)
|
expect { post_transaction }.to_not change { Transaction.count }
|
||||||
end
|
end
|
||||||
|
|
||||||
it "should set issuer" do
|
|
||||||
post_transaction
|
|
||||||
@transaction = Transaction.last
|
|
||||||
expect(@transaction.issuer).to eq(@client)
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
describe "failed creating transaction" do
|
|
||||||
# it "should create a transaction" do
|
|
||||||
# expect { post_transaction(euros: -5) }.to change { Transaction.count }.by(0)
|
|
||||||
# end
|
|
||||||
|
|
||||||
# it "should give 422 status" do
|
|
||||||
# post_transaction(euros: -4)
|
|
||||||
# expect(last_response.status).to eq(422)
|
|
||||||
# end
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
6
spec/factories/roles.rb
Normal file
6
spec/factories/roles.rb
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
FactoryGirl.define do
|
||||||
|
factory :role do
|
||||||
|
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
5
spec/models/role_spec.rb
Normal file
5
spec/models/role_spec.rb
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
require 'rails_helper'
|
||||||
|
|
||||||
|
RSpec.describe Role, type: :model do
|
||||||
|
pending "add some examples to (or delete) #{__FILE__}"
|
||||||
|
end
|
Loading…
Reference in a new issue