-
-
Notifications
You must be signed in to change notification settings - Fork 90
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added with_context
qualifier to have_authorized_scope
matcher
#260
Added with_context
qualifier to have_authorized_scope
matcher
#260
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
Left some comments, please, take a look.
lib/action_policy/testing.rb
Outdated
policy_class == policy.class && | ||
type == actual_type && | ||
name == actual_name && | ||
actual_scope_options === scope_options | ||
actual_scope_options === scope_options && | ||
actual_context.all? { |key, value| context[key] == value } |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should use the same logic here as for authorization calls:
action_policy/lib/action_policy/testing.rb
Lines 29 to 33 in 8e69239
def context_matches?(context, actual) | |
return true unless context | |
context === actual || actual >= context | |
end |
It covers subsets and RSpec composable matchers.
|
||
def initialize(type) | ||
@type = type | ||
@name = :default | ||
@scope_options = nil | ||
@context = {} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The default MUST be nil
(meaning that we don't want to verify context)
lib/action_policy/testing.rb
Outdated
|
||
def initialize(policy, target, type, name, scope_options) | ||
@policy = policy | ||
@target = target | ||
@type = type | ||
@name = name | ||
@scope_options = scope_options | ||
@context = policy.authorization_context |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We already have policy
in the state, no need to extract context into its own instance variable.
docs/testing.md
Outdated
def favorite | ||
authorized_scope(User.all, context: {favorite: true}) | ||
end |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A context is usually a record (it's an acting subject); it's unlikely a bool. Let's change this example:
def favorite | |
authorized_scope(User.all, context: {favorite: true}) | |
end | |
def for_user | |
user = User.find(params[:id]) | |
authorized_scope(User.all, context: {user:}) | |
end |
docs/testing.md
Outdated
expect { get :favorite }.to have_authorized_scope(:scope) | ||
.with_scope_options(matching(with_deleted: a_falsey_value)) | ||
.with_context(favorite: true) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
expect { get :favorite }.to have_authorized_scope(:scope) | |
.with_scope_options(matching(with_deleted: a_falsey_value)) | |
.with_context(favorite: true) | |
expect { get :for_user, params: {id: user.id} }.to have_authorized_scope(:scope) | |
.with_scope_options(matching(with_deleted: a_falsey_value)) | |
.with_context(a_hash_including(user:)) |
Thanks for your comments. Corrected. Please check it. |
Hi @palkan. Have you seen my latest fixes? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
@@ -105,7 +104,7 @@ def scope_options_message | |||
end | |||
|
|||
def context_message | |||
context.empty? ? "without context" : "with context: #{context}" | |||
context.blank? ? "without context" : "with context: #{context}" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We cannot use #blank?
here, we have no dependency on Active Support core extensions (I'll fix it).
Hi @palkan. I added
with_context
qualifier tohave_authorized_scope
matcherDiscussed in #258
PR checklist: