RubyGems - access_rules - Versions diffs - 0.1.0 - Mend

access_rules 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

data/Gemfile +4 -0
data/LICENSE.txt +22 -0
data/README.md +29 -0
data/Rakefile +1 -0
data/lib/access_rules.rb +13 -0
data/lib/access_rules/checking.rb +38 -0
data/lib/access_rules/defining.rb +28 -0
data/lib/access_rules/rules.rb +112 -0
data/lib/access_rules/version.rb +3 -0
data/test/access_rules_test.rb +9 -0
metadata +56 -0

data/Gemfile ADDED

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+# Specify your gem's dependencies in access_rules.gemspec
+gemspec

data/LICENSE.txt ADDED

@@ -0,0 +1,22 @@
+Copyright (c) 2013 TODO: Write your name
+MIT License
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md ADDED

@@ -0,0 +1,29 @@
+# AccessRules
+TODO: Write a gem description
+## Installation
+Add this line to your application's Gemfile:
+    gem 'access_rules'
+And then execute:
+    $ bundle
+Or install it yourself as:
+    $ gem install access_rules
+## Usage
+TODO: Write usage instructions here
+## Contributing
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile ADDED

	@@ -0,0 +1 @@
1	+ require "bundler/gem_tasks"

data/lib/access_rules.rb ADDED

@@ -0,0 +1,13 @@
+require "access_rules/version"
+require "access_rules/rules"
+require "access_rules/defining"
+require "access_rules/checking"
+module AccessRules
+  # Your code goes here...
+end
+ActiveRecord::Base.send( :include, AccessRules::Defining )
+ActionController::Base.send( :include, AccessRules::Checking::ControllerMethods )
+# TODO: this should not be included in Object
+Object.send( :include, AccessRules::Checking::InstanceMethods )

data/lib/access_rules/checking.rb ADDED

@@ -0,0 +1,38 @@
+module AccessRules
+  module Checking
+    module ControllerMethods
+      def self.included(klass)
+        klass.class_eval do
+          helper_method :check_action_rules, :check_current_action_rules
+        end
+      end
+      # We assume controller here
+      def check_current_action_rules( object, user, site = nil )
+        check_action_rules( params[:action], object, user, site )
+      end
+      # Controller need to respond to action_rules method
+      def check_action_rules( action, object, user, site = nil )
+        rule = action_rules[action.to_sym] || action_rules[:default]
+        if rule
+          result = rule.check( object, user, site )
+          return result
+        else
+          return true
+        end
+      end
+    end
+    module InstanceMethods
+      def rule( rule_name )
+        return Rules::Base.new( rule_name )
+      end
+    end
+  end
+end

data/lib/access_rules/defining.rb ADDED

@@ -0,0 +1,28 @@
+module AccessRules
+  module Defining
+    def self.included(klass)
+      klass.class_eval do
+        class_attribute :rules
+        self.rules = {}
+      end
+      klass.extend( ClassMethods )
+    end
+    module ClassMethods
+      # Defines rules one by one
+      def define_rule( name, rule )
+        # class_attribute requires that the var is reassigned to make it override the inherited one
+        self.rules = self.rules.merge( name.to_sym => rule )
+      end
+      # Defines all rules at once
+      def define_rules( rules )
+        self.rules = rules
+      end
+    end
+  end
+end

data/lib/access_rules/rules.rb ADDED

@@ -0,0 +1,112 @@
+module AccessRules::Rules
+  class Base
+    # Creates a rule given its name. Name is a dot-separated string, eg:
+    # forum_post.forum_thread.forum.group.member
+    # where
+    # forum_post - name of initial object class
+    # forum_thread.forum.group - associations to traverse: last one is supposed
+    # to contain the rule itself. Associations may be omitted - in this case
+    # initial object should contain the rule
+    # member - name of rule. This may be a rule defined using define_rule(s) or
+    # just a name of method in rule class. If it's a method it must accept:
+    # TODO: disregard that, now only no-arg methods work
+    # 2 arguments - user, site
+    # 1 arguments - user
+    # 0 arguments
+    # and return true/false indicating whether the rules succeeded
+    def initialize( rule_name )
+      @rule_name = rule_name
+      elems = rule_name.split( '.' )
+      klass = elems.shift.classify.constantize
+      proc_or_method = elems.pop
+      @associations = elems.dup
+      @associations.each do |assoc|
+        reflection = klass.reflect_on_association( assoc.to_sym )
+        raise "No rule named #{rule_name}, failed token: #{assoc}" unless reflection
+        klass = reflection.class_name.constantize
+      end
+      @proc = klass.rules[proc_or_method.to_sym]
+      unless @proc
+        @method_name = proc_or_method
+        # TODO: method_defined? fails for attribute accessors
+        #raise "No rule named #{rule_name}, failed token: #{@method_name}" unless klass.method_defined?( @method_name )
+      end
+    end
+    def check( object, user, site = nil )
+      # XXX: we assume has_one or belongs_to association here
+      object_to_check = @associations.inject( object ) { |obj, assoc| obj.send( assoc ) }
+      if @proc
+        result = @proc.call( object_to_check, user, site )
+      else
+        # TODO: check if object.class matches klass (from initialize)
+        result = object_to_check.send( @method_name )
+        # TODO: the code below fails eg. for forum.public?
+        #method = object_to_check.method( @method_name )
+        #result = case method.arity
+        #when 0
+        #  method.call
+        #when 1
+        #  method.call( user )
+        #when 2
+        #  method.call( user, site )
+        #else
+        #  raise "Can't use method #{@method_name} on #{object_to_check} with arity #{method.arity} for access rule #{@rule_name} (arity out of (0..2) range)"
+        #end
+      end
+      Rails.logger.debug( "----------access rule check: #{@rule_name}: #{result}" )
+      return result
+    end
+    # AND rule
+    def & (rule)
+      return And.new( self, rule )
+    end
+    # OR rule
+    def | (rule)
+      return Or.new( self, rule )
+    end
+    # NOT rule
+    def ~
+      Not.new( @rule_name )
+    end
+  end
+  class And < Base
+    def initialize( *rules )
+      @rules = rules
+    end
+    def check( object, user, site = nil )
+      @rules.all? { |rule| rule.check( object, user, site ) }
+    end
+  end
+  class Or < Base
+    def initialize( *rules )
+      @rules = rules
+    end
+    def check( object, user, site = nil )
+      @rules.any? { |rule| rule.check( object, user, site ) }
+    end
+  end
+  class Not < Base
+    def check( object, user, site = nil )
+      ! super
+    end
+  end
+end

data/lib/access_rules/version.rb ADDED

@@ -0,0 +1,3 @@
+module AccessRules
+  VERSION = "0.1.0"
+end

data/test/access_rules_test.rb ADDED

@@ -0,0 +1,9 @@
+# -*- encoding : utf-8 -*-
+require 'test/unit'
+class AccessRulesTest < Test::Unit::TestCase
+  # Replace this with your real tests.
+  def test_this_plugin
+    flunk
+  end
+end

metadata ADDED

@@ -0,0 +1,56 @@
+--- !ruby/object:Gem::Specification
+name: access_rules
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+  prerelease:
+platform: ruby
+authors:
+- Marek Janukowicz
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2013-01-07 00:00:00.000000000 Z
+dependencies: []
+description: Authorization for Rails
+email:
+- marek@janukowicz.net
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/access_rules/checking.rb
+- lib/access_rules/version.rb
+- lib/access_rules/defining.rb
+- lib/access_rules/rules.rb
+- lib/access_rules.rb
+- Gemfile
+- LICENSE.txt
+- Rakefile
+- README.md
+- test/access_rules_test.rb
+homepage: ''
+licenses: []
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 1.8.24
+signing_key:
+specification_version: 3
+summary: ''
+test_files:
+- test/access_rules_test.rb