Created
December 12, 2011 04:02
-
-
Save steveklabnik/1464751 to your computer and use it in GitHub Desktop.
A spec for a filter
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class PrivacyFilter | |
| def self.filter(controller) | |
| [:first_article?, | |
| :authenticate_administrator!, | |
| :authenticate_user! | |
| ].find do |m| | |
| controller.send(m) | |
| end | |
| end | |
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require "app/models/privacy_filter" | |
| describe PrivacyFilter do | |
| let(:controller) do | |
| double(:first_article? => false, | |
| :authenticate_administrator! => false, | |
| :authenticate_user! => false) | |
| end | |
| it "allows access to the root article" do | |
| controller.should_receive(:first_article?).and_return(true) | |
| PrivacyFilter.filter(controller).should be_true | |
| end | |
| it "allows access for administrators" do | |
| controller.should_receive(:authenticate_administrator!).and_return(true) | |
| PrivacyFilter.filter(controller).should be_true | |
| end | |
| it "allows access to users" do | |
| controller.should_receive(:authenticate_user!).and_return(true) | |
| PrivacyFilter.filter(controller).should be_true | |
| end | |
| it "denies all others" do | |
| PrivacyFilter.filter(controller).should be_false | |
| end | |
| end |
@dennyabraham I don't think so. They're just standard Devise stuff. I think the bang is because they can redirect.
I'm torn between what's more readable, a one liner, or this.
Now that I'm thinking about it, that might mean that this won't even work, as a user will hit the admin filter, which will redirect to admin login...
I should really be using CanCan for this, I guess.
Late to the party, but I really want this to be AccessPolicy.has_access?(user, article). (Raptor will let you write exactly this and specify it directly in a route... some day. garybernhardt/raptor@3e1b48e ;)
Yeah, that seems like the right API. Rails makes it awkward.
For the app, I just ended up using cancan, which is the Right Way anywaay...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
do the !bang methods raise errors?
also, is it completely unacceptable to use a one liner? there's not a lot of inherent complexity to what this filter does right now, so is there a great need to add cognitive complexity to the code?