/crud_tests_with_access_controll.rb

## crud_tests_with_access_controll.rb
module CrudTestsWithAccessControl

  # creatable_rezource should be new (unsaved) instance of a model, with appropriate attributes for savability
  def _test_create( users_with_access, creatable_rezource, access_proc=nil)

    @resource   = creatable_rezource
    @klass      = @resource.class
    post_var    = resource_string @resource

    set_context :action => :create

    _test_access_for_all_users users_with_access do |should_have_access|

      assert_equal Authorization::Engine.instance.permit?(:create, :context => @controller.controller_name.to_sym), should_have_access, decl_auth_sync_msg(should_have_access)

      @before_count = @klass.count

      post :create, post_var => creatable_attributes

      if should_have_access
        if access_proc.is_a? Proc
          instance_eval &access_proc #evaluates block as if it were a 'method' of this instance, has access to methods and @instance vars of this instance, but not this local methods vars
        else
          assert_equal( @before_count + 1, @klass.count, "Resource not created for context: #{context}")
        end

      elsif current_user
        assert_forbidden
      else
        assert_redirected_to_signin
      end
    end

  end

end


## emails_controller.rb
class EmailsController < ApplicationController

  before_filter :get_resource, :except => []

  def index
    @search = Email.search(params[:search])
    @resources = @search.relation.order(:created_at).page(params[:page])
  end

  def show
  end

  def new
    make_default_upload_objs
  end

  def edit
    make_default_upload_objs
  end

  def create
    ap params
    ap @resource.uploads
    delete_unset_uploads_from_resource

    if @resource.save
      redirect_to(@resource, :notice => 'Email was successfully created.')
    else
      render :action => "new"
    end
  end

  def update
    delete_unset_uploads_from_params

    if @resource.update_attributes(params[:email])
      redirect_to(@resource, :notice => 'Email was successfully updated.')
    else
      make_default_upload_objs
      render :action => "edit"
    end
  end

  def destroy
    if @resource.destroy
      notice = 'Email was successfully removed.'
    else
      notice = @resource.errors[:before_destroy]
    end

    redirect_to emails_url, :notice => notice
  end

  private

  def delete_unset_uploads_from_resource
    @resource.uploads = @resource.uploads.select do |x|
      x if x.file_file_name.present?
    end
  end
  def delete_unset_uploads_from_params
    params[:email][:uploads_attributes] = params[:email][:uploads_attributes].values.select do |upload|
      upload if upload['file'] || upload['id']
    end
  end
  def make_default_upload_objs
    @uploads = []
    @resource.uploads.each {|x| @uploads << x } #fill first from existing
    (Email::Num_uploads_allowed - @uploads.size ).times { @uploads << @resource.uploads.build } #padd with empty ones
  end
end


## emails_controller_test.rb
require 'test_helper'

class EmailsControllerTest < ActionController::TestCase
  setup do
    @update_attributes    =  {'subject' => Seq.n.to_s }
    @creatable_attributes = creatable_resource.attributes.merge( {"uploads_attributes"=>[{"name"=>"", "member_id"=>"764", "file"=>File.new('Gemfile')}]} )

  end
  test "crud" do
    ap @creatable_attributes

    _test_create new_create_users, creatable_resource, Proc.new {
      assert_equal( @before_count + 1, @klass.count, "Resource not created for context: #{context}")
      assert assigns(:resource).uploads.any?, "Email did not get any uploads added for context: #{context}"
    }

    @controller.stubs(:delete_unset_uploads_from_params).returns(true) #stub out for update
    _test_action_update


  end

end
	module CrudTestsWithAccessControl

	# creatable_rezource should be new (unsaved) instance of a model, with appropriate attributes for savability
	def _test_create( users_with_access, creatable_rezource, access_proc=nil)

	@resource = creatable_rezource
	@klass = @resource.class
	post_var = resource_string @resource

	set_context :action => :create

	_test_access_for_all_users users_with_access do \|should_have_access\|

	assert_equal Authorization::Engine.instance.permit?(:create, :context => @controller.controller_name.to_sym), should_have_access, decl_auth_sync_msg(should_have_access)

	@before_count = @klass.count

	post :create, post_var => creatable_attributes

	if should_have_access
	if access_proc.is_a? Proc
	instance_eval &access_proc #evaluates block as if it were a 'method' of this instance, has access to methods and @instance vars of this instance, but not this local methods vars
	else
	assert_equal( @before_count + 1, @klass.count, "Resource not created for context: #{context}")
	end

	elsif current_user
	assert_forbidden
	else
	assert_redirected_to_signin
	end
	end

	end

	end
	class EmailsController < ApplicationController

	before_filter :get_resource, :except => []

	def index
	@search = Email.search(params[:search])
	@resources = @search.relation.order(:created_at).page(params[:page])
	end

	def show
	end

	def new
	make_default_upload_objs
	end

	def edit
	make_default_upload_objs
	end

	def create
	ap params
	ap @resource.uploads
	delete_unset_uploads_from_resource

	if @resource.save
	redirect_to(@resource, :notice => 'Email was successfully created.')
	else
	render :action => "new"
	end
	end

	def update
	delete_unset_uploads_from_params

	if @resource.update_attributes(params[:email])
	redirect_to(@resource, :notice => 'Email was successfully updated.')
	else
	make_default_upload_objs
	render :action => "edit"
	end
	end

	def destroy
	if @resource.destroy
	notice = 'Email was successfully removed.'
	else
	notice = @resource.errors[:before_destroy]
	end

	redirect_to emails_url, :notice => notice
	end

	private

	def delete_unset_uploads_from_resource
	@resource.uploads = @resource.uploads.select do \|x\|
	x if x.file_file_name.present?
	end
	end
	def delete_unset_uploads_from_params
	params[:email][:uploads_attributes] = params[:email][:uploads_attributes].values.select do \|upload\|
	upload if upload['file'] \|\| upload['id']
	end
	end
	def make_default_upload_objs
	@uploads = []
	@resource.uploads.each {\|x\| @uploads << x } #fill first from existing
	(Email::Num_uploads_allowed - @uploads.size ).times { @uploads << @resource.uploads.build } #padd with empty ones
	end
	end
	require 'test_helper'

	class EmailsControllerTest < ActionController::TestCase
	setup do
	@update_attributes = {'subject' => Seq.n.to_s }
	@creatable_attributes = creatable_resource.attributes.merge( {"uploads_attributes"=>[{"name"=>"", "member_id"=>"764", "file"=>File.new('Gemfile')}]} )

	end
	test "crud" do
	ap @creatable_attributes

	_test_create new_create_users, creatable_resource, Proc.new {
	assert_equal( @before_count + 1, @klass.count, "Resource not created for context: #{context}")
	assert assigns(:resource).uploads.any?, "Email did not get any uploads added for context: #{context}"
	}

	@controller.stubs(:delete_unset_uploads_from_params).returns(true) #stub out for update
	_test_action_update


	end

	end