Commit 7018f3aad24d40c09dd58b39ab391afbf6c72ce7
1 parent
1a167fcf
Exists in
master
and in
25 other branches
Allow more than one permission when define access control with 'protect'
Showing
3 changed files
with
20 additions
and
3 deletions
Show diff stats
vendor/plugins/access_control/lib/permission_check.rb
| @@ -19,7 +19,7 @@ module PermissionCheck | @@ -19,7 +19,7 @@ module PermissionCheck | ||
| 19 | before_filter actions do |c| | 19 | before_filter actions do |c| |
| 20 | target = target_method.kind_of?(Symbol) ? c.send(target_method) : target_method | 20 | target = target_method.kind_of?(Symbol) ? c.send(target_method) : target_method |
| 21 | accessor = accessor_method.kind_of?(Symbol) ? c.send(accessor_method) : accessor_method | 21 | accessor = accessor_method.kind_of?(Symbol) ? c.send(accessor_method) : accessor_method |
| 22 | - unless accessor && accessor.has_permission?(permission.to_s, target) | 22 | + unless Array.wrap(permission).map {|p| accessor && accessor.has_permission?(p.to_s, target)}.any? |
| 23 | c.class.render_access_denied(c) && false | 23 | c.class.render_access_denied(c) && false |
| 24 | end | 24 | end |
| 25 | end | 25 | end |
vendor/plugins/access_control/test/permission_check_test.rb
| @@ -28,9 +28,20 @@ class PermissionCheckTest < ActionController::TestCase | @@ -28,9 +28,20 @@ class PermissionCheckTest < ActionController::TestCase | ||
| 28 | end | 28 | end |
| 29 | 29 | ||
| 30 | def test_try_render_shared_access_denied_view | 30 | def test_try_render_shared_access_denied_view |
| 31 | - File.expects(:exists?).with(File.join(Rails.root, 'app', 'views', 'access_control', 'access_denied.rhtml')) | ||
| 32 | - File.expects(:exists?).with(File.join(Rails.root, 'app', 'views', 'shared', 'access_denied.rhtml')) | 31 | + File.expects(:exists?).with(File.join(Rails.root, 'app', 'views', 'access_control', 'access_denied.html.erb')) |
| 32 | + File.expects(:exists?).with(File.join(Rails.root, 'app', 'views', 'shared', 'access_denied.html.erb')) | ||
| 33 | AccessControlTestController.access_denied_template_path | 33 | AccessControlTestController.access_denied_template_path |
| 34 | end | 34 | end |
| 35 | 35 | ||
| 36 | + def test_allow_access_to_user_with_one_of_multiple_permissions | ||
| 37 | + user = AccessControlTestAccessor.create!(:name => 'other_user') | ||
| 38 | + role = Role.create!(:name => 'other_role', :permissions => ['permission1']) | ||
| 39 | + resource = AccessControlTestResource.create!(:name => 'some_resource') | ||
| 40 | + assert user.add_role(role, resource) | ||
| 41 | + assert user.has_permission?('permission1', resource) | ||
| 42 | + | ||
| 43 | + get :stuff_with_multiple_permission, :user => user.id, :resource => resource.id | ||
| 44 | + assert_response :success | ||
| 45 | + end | ||
| 46 | + | ||
| 36 | end | 47 | end |
vendor/plugins/access_control/test/test_helper.rb
| @@ -41,6 +41,8 @@ class AccessControlTestController < ApplicationController | @@ -41,6 +41,8 @@ class AccessControlTestController < ApplicationController | ||
| 41 | include PermissionCheck | 41 | include PermissionCheck |
| 42 | protect 'see_index', 'global', :user, :only => :index | 42 | protect 'see_index', 'global', :user, :only => :index |
| 43 | protect 'do_some_stuff', :resource, :user, :only => :other_stuff | 43 | protect 'do_some_stuff', :resource, :user, :only => :other_stuff |
| 44 | + protect ['permission1', 'permission2'], :resource, :user, :only => :stuff_with_multiple_permission | ||
| 45 | + | ||
| 44 | def index | 46 | def index |
| 45 | render :text => 'test controller' | 47 | render :text => 'test controller' |
| 46 | end | 48 | end |
| @@ -49,6 +51,10 @@ class AccessControlTestController < ApplicationController | @@ -49,6 +51,10 @@ class AccessControlTestController < ApplicationController | ||
| 49 | render :text => 'test stuff' | 51 | render :text => 'test stuff' |
| 50 | end | 52 | end |
| 51 | 53 | ||
| 54 | + def stuff_with_multiple_permission | ||
| 55 | + render :text => 'multiple permission' | ||
| 56 | + end | ||
| 57 | + | ||
| 52 | protected | 58 | protected |
| 53 | def user | 59 | def user |
| 54 | AccessControlTestAccessor.find(params[:user]) if params[:user] | 60 | AccessControlTestAccessor.find(params[:user]) if params[:user] |