access_schema 0.6.0 → 0.6.1
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/access_schema/schema.rb +37 -12
- data/lib/access_schema/version.rb +1 -1
- data/spec/access_schema/schema_spec.rb +15 -0
- metadata +4 -4
data/lib/access_schema/schema.rb
CHANGED
@@ -37,27 +37,47 @@ module AccessSchema
|
|
37
37
|
|
38
38
|
def normalize_args(args)
|
39
39
|
|
40
|
-
options = args.last.is_a?(Hash) ? args.pop : {}
|
41
40
|
privilege = args[1].to_s
|
42
|
-
|
41
|
+
options = args.last.is_a?(Hash) ? args.pop : {}
|
43
42
|
|
44
|
-
|
45
|
-
|
46
|
-
resource = args[0].to_s
|
47
|
-
else
|
48
|
-
resource = args[0].class.name.to_s
|
49
|
-
options.merge!(:subject => args[0])
|
43
|
+
if !subject_by_name?(args[0]) && options[:subject].nil?
|
44
|
+
options.merge! :subject => args[0]
|
50
45
|
end
|
51
46
|
|
52
|
-
roles = calculate_roles(
|
47
|
+
roles = calculate_roles(args[2], options)
|
53
48
|
|
54
49
|
if (self.roles & roles).empty?
|
55
50
|
raise InvalidRolesError.new(:roles => roles)
|
56
51
|
end
|
57
52
|
|
58
|
-
|
53
|
+
[
|
54
|
+
resource_name(args[0]),
|
55
|
+
privilege,
|
56
|
+
sort_roles(roles),
|
57
|
+
options
|
58
|
+
]
|
59
|
+
end
|
59
60
|
|
60
|
-
|
61
|
+
def resource_name(obj)
|
62
|
+
if subject_by_name?(obj)
|
63
|
+
obj.to_s
|
64
|
+
else
|
65
|
+
klass = obj.class
|
66
|
+
if klass.respond_to?(:model_name)
|
67
|
+
klass.model_name
|
68
|
+
else
|
69
|
+
klass.name
|
70
|
+
end
|
71
|
+
end
|
72
|
+
end
|
73
|
+
|
74
|
+
def subject_by_name?(obj)
|
75
|
+
case obj
|
76
|
+
when String, Symbol
|
77
|
+
true
|
78
|
+
else
|
79
|
+
false
|
80
|
+
end
|
61
81
|
end
|
62
82
|
|
63
83
|
def calculate_roles(roles, check_options)
|
@@ -105,9 +125,14 @@ module AccessSchema
|
|
105
125
|
|
106
126
|
roles_checks = roles.map do |role|
|
107
127
|
privilege.allow?([role]) do |expectation|
|
108
|
-
|
128
|
+
|
129
|
+
assert = @asserts[expectation.name]
|
130
|
+
check_options = expectation.options.merge(options)
|
131
|
+
|
132
|
+
assert.check?(check_options).tap do |result|
|
109
133
|
failed_asserts[role] << expectation.name unless result
|
110
134
|
end
|
135
|
+
|
111
136
|
end
|
112
137
|
end
|
113
138
|
|
@@ -107,6 +107,21 @@ describe AccessSchema::Schema do
|
|
107
107
|
|
108
108
|
end
|
109
109
|
|
110
|
+
it "uses subject from options hash if present" do
|
111
|
+
|
112
|
+
@passed_options = nil
|
113
|
+
roles_calculator = proc do |options|
|
114
|
+
@passed_options = options
|
115
|
+
[:admin]
|
116
|
+
end
|
117
|
+
subject = Review.new
|
118
|
+
subject_new = Review.new
|
119
|
+
@schema.allow? subject, :update, roles_calculator, :subject => subject_new
|
120
|
+
@passed_options.should be
|
121
|
+
@passed_options[:subject].should == subject_new
|
122
|
+
|
123
|
+
end
|
124
|
+
|
110
125
|
it "passes a copy of options hash" do
|
111
126
|
|
112
127
|
@passed_options = {:option1 => :value1}
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: access_schema
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.6.
|
4
|
+
version: 0.6.1
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2012-
|
12
|
+
date: 2012-05-29 00:00:00.000000000 Z
|
13
13
|
dependencies: []
|
14
14
|
description: AccessSchema is a tool for ACL or tariff plans schema definition and
|
15
15
|
checks
|
@@ -70,7 +70,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
70
70
|
version: '0'
|
71
71
|
segments:
|
72
72
|
- 0
|
73
|
-
hash: -
|
73
|
+
hash: -3365791648219455708
|
74
74
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
75
75
|
none: false
|
76
76
|
requirements:
|
@@ -79,7 +79,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
79
79
|
version: '0'
|
80
80
|
segments:
|
81
81
|
- 0
|
82
|
-
hash: -
|
82
|
+
hash: -3365791648219455708
|
83
83
|
requirements: []
|
84
84
|
rubyforge_project: access_schema
|
85
85
|
rubygems_version: 1.8.16
|