acl_system2 0.2.0 → 0.2.1

data/lib/acl_system2.rb

@@ -1,5 +1,3 @@
-require "#{ File.dirname(__FILE__) }/acl_system2/version"
-require "#{ File.dirname(__FILE__) }/acl_system2/caboose/logic_parser"
-require "#{ File.dirname(__FILE__) }/acl_system2/caboose/role_handler"
-require "#{ File.dirname(__FILE__) }/acl_system2/caboose/access_control"
-
+Dir[File.dirname(__FILE__) + '/acl_system2/*.rb'].each do |file|
+  require file
+end

data/lib/acl_system2/access_control.rb

@@ -0,0 +1,61 @@
+Dir[File.dirname(__FILE__) + '/access_control/*.rb'].each do |file|
+  require file
+end
+
+module ACLSystem2
+
+  module AccessControl
+    
+    def self.included(subject)
+      subject.extend(ClassMethods)
+      if subject.respond_to? :helper_method
+        subject.helper_method(:permit?)
+        subject.helper_method(:restrict_to)
+      end
+    end
+    
+    # return the active access handler, fallback to RoleHandler
+    # implement #retrieve_access_handler to return non-default handler
+    def access_handler
+      if respond_to?(:retrieve_access_handler)
+        @handler ||= retrieve_access_handler
+      else
+        @handler ||= RoleHandler.new
+      end
+    end
+
+    # the current access context; will be created if not setup
+    # will add current_user and merge any other elements of context
+    def access_context(context = {})     
+      default_access_context.merge(context)
+    end
+
+    def default_access_context
+      @default_access_context ||= {}
+      @default_access_context[:user] = send(:current_user) if respond_to?(:current_user)
+      @default_access_context 
+    end
+
+    def default_access_context=(defaults)
+      @default_access_context = defaults      
+    end
+
+    def permit?(logicstring, context = {})
+      access_handler.process(logicstring, access_context(context))
+    end
+  
+    # restrict_to "admin | moderator" do
+    #   link_to "foo"
+    # end   
+    def restrict_to(logicstring, context = {})
+      return false if current_user.nil?
+      result = ''    
+      if permit?(logicstring, context) 
+        result = yield if block_given?
+      end 
+      result
+    end    
+
+  end
+
+end

data/lib/acl_system2/access_control/access_sentry.rb

@@ -0,0 +1,25 @@
+module ACLSystem2
+  module AccessControl
+    class AccessSentry
+
+      def initialize(subject, actions={})
+        @actions = actions.inject({}) do |auth, current|
+          [current.first].flatten.each { |action| auth[action] = current.last }
+          auth
+        end 
+        @subject = subject
+      end 
+
+      def allowed?(action)
+        if @actions.has_key? action.to_sym
+          return @subject.access_handler.process(@actions[action.to_sym].dup, @subject.access_context)
+        elsif @actions.has_key? :DEFAULT
+          return @subject.access_handler.process(@actions[:DEFAULT].dup, @subject.access_context) 
+        else
+          return true
+        end  
+      end
+
+    end
+  end
+end

data/lib/acl_system2/access_control/class_methods.rb

@@ -0,0 +1,34 @@
+module ACLSystem2
+  module AccessControl
+    module ClassMethods
+      #  access_control [:create, :edit] => 'admin & !blacklist',
+      #                 :update => '(admin | moderator) & !blacklist',
+      #                 :list => '(admin | moderator | user) & !blacklist'
+      def access_control(actions = {})
+        # Add class-wide permission callback to before_filter
+        defaults = {}
+
+        if block_given?
+          yield defaults
+          default_block_given = true
+        end
+
+        before_filter do |c|
+          c.default_access_context = defaults if default_block_given
+          @access = AccessSentry.new(c, actions)
+
+          if @access.allowed?(c.action_name)
+             c.send(:permission_granted) if c.respond_to?:permission_granted
+          else
+            if c.respond_to?(:permission_denied)
+              c.send(:permission_denied)
+            else
+              c.send(:render, :text => "You have insuffient permissions to access #{ c.controller_name }/#{ c.action_name }")
+            end
+          end
+        end
+
+      end
+    end
+  end
+end

data/lib/acl_system2/access_handler.rb

@@ -0,0 +1,12 @@
+require "#{ File.dirname(__FILE__) }/logic_parser"
+
+module ACLSystem2
+  class AccessHandler   
+    include LogicParser
+
+    def check(key, context)
+      false
+    end
+  
+  end
+end

data/lib/acl_system2/{caboose/logic_parser.rb → logic_parser.rb}

@@ -1,4 +1,4 @@
-module Caboose
+module ACLSystem2
   
   module LogicParser
     # This module holds our recursive descent parser that take a logic string
@@ -45,4 +45,4 @@ module Caboose
     
   end # LogicParser
 
-end
+end

data/lib/acl_system2/{caboose/role_handler.rb → role_handler.rb}

@@ -1,20 +1,13 @@
-module Caboose
-  
-  class AccessHandler   
-    include LogicParser
+require "#{ File.dirname(__FILE__) }/access_handler"
+
+module ACLSystem2
 
-    def check(key, context)
-      false
-    end
-  
-  end
-   
   class RoleHandler < AccessHandler 
     
     def check(key, context)  
       context[:user].roles.map{ |role| role.title.downcase}.include? key.downcase
     end
         
-  end # End RoleHandler
+  end
 
-end
+end

data/lib/acl_system2/version.rb

@@ -1,3 +1,3 @@
 module ACLSystem2
-  VERSION = "0.2.0"
+  VERSION = '0.2.1'
 end

data/rails/init.rb

@@ -1,5 +1,5 @@
 require "#{ File.dirname(__FILE__) }/../lib/acl_system2"
 
-ActionController::Base.send :include, Caboose
-ActionController::Base.send :include, Caboose::AccessControl
+ActionController::Base.send :include, ACLSystem2
+ActionController::Base.send :include, ACLSystem2::AccessControl
 

data/test/access_control_test.rb

@@ -1,90 +1,10 @@
-require 'test/unit'
 require File.dirname(__FILE__) + '/test_helper'
-require 'ostruct'
 
-# mock objects
-
-class User
-  
-  attr_accessor :name
-  
-  def name
-    @name ||= 'anon'
-    @name
-  end
-  
-  def roles
-    [OpenStruct.new(:title => 'admin'), OpenStruct.new(:title => 'user')]
-  end  
-
-end      
-
-class ControllerProxy
-
-  attr_accessor :action_name
-  
-  class << self
-  
-    attr_reader :before_block
-  
-    def before_filter(&block)
-      @before_block = block if block_given?
-    end
-  
-  end
-  
-  def before_action
-    self.class.before_block.call(self)
-  end
-    
-  include Caboose::AccessControl
-  
-  access_control([:create, :edit] => 'admin & !blacklist',
-      :update => '(admin | moderator) & !blacklist',
-      :list => '(admin | moderator | user) & !blacklist',
-      :private => 'vip') do |context|
-         context[:variable] = 'value'
-         context[:login_time] = Time.new
-      end
-  
-  def permission_granted
-    true
-  end
-  
-  def permission_denied
-    false
-  end
-  
-  def current_user
-    User.new
-  end
-  
-end
-
-class FabOnlyHandler < Caboose::AccessHandler 
-    
-  def check(key, context)
-    (context[:user].name.downcase == 'fabien' and context[:user].roles.map{ |role| role.title.downcase}.include?(key))
-  end
-      
-end
-
-class ControllerProxyWithFabHandler < ControllerProxy
-  
-  def retrieve_access_handler
-    FabOnlyHandler.new
-  end
-  
-end
-
-
-# tests         
 class AccessControlTest  < Test::Unit::TestCase
   
-
   def test_first
     context = { :user => User.new }
-    @handler = Caboose::RoleHandler.new
+    @handler = ACLSystem2::RoleHandler.new
     assert @handler.process("(admin | moderator) & !blacklist", context)  
     assert @handler.process("(user | moderator) & !blacklist", context)  
     assert @handler.process("(user | moderator | user) & !blacklist", context)  
@@ -159,4 +79,4 @@ class AccessControlTest  < Test::Unit::TestCase
     assert controller.access_context.include?(:login_time)
   end
     
-end  
+end  

data/test/mocks.rb

@@ -0,0 +1,5 @@
+require 'ostruct'
+
+Dir[File.dirname(__FILE__) + '/mocks/*.rb'].each do |file|
+  require file
+end

data/test/mocks/controller_proxy.rb

@@ -0,0 +1,43 @@
+require "#{ File.dirname(__FILE__) }/user"
+
+class ControllerProxy
+
+  attr_accessor :action_name
+
+  class << self
+
+    attr_reader :before_block
+
+    def before_filter(&block)
+      @before_block = block if block_given?
+    end
+
+  end
+
+  def before_action
+    self.class.before_block.call(self)
+  end
+
+  include ACLSystem2::AccessControl
+
+  access_control([:create, :edit] => 'admin & !blacklist',
+      :update => '(admin | moderator) & !blacklist',
+      :list => '(admin | moderator | user) & !blacklist',
+      :private => 'vip') do |context|
+         context[:variable] = 'value'
+         context[:login_time] = Time.new
+      end
+
+  def permission_granted
+    true
+  end
+
+  def permission_denied
+    false
+  end
+  
+  def current_user
+    User.new
+  end
+
+end

data/test/mocks/controller_proxy_with_fab_handler.rb

@@ -0,0 +1,10 @@
+require "#{ File.dirname(__FILE__) }/controller_proxy"
+require "#{ File.dirname(__FILE__) }/fab_only_handler"
+
+class ControllerProxyWithFabHandler < ControllerProxy
+  
+  def retrieve_access_handler
+    FabOnlyHandler.new
+  end
+  
+end

data/test/mocks/fab_only_handler.rb

@@ -0,0 +1,8 @@
+class FabOnlyHandler < ACLSystem2::AccessHandler
+
+  def check(key, context)
+    (context[:user].name.downcase == 'fabien' && context[:user].roles.map{ |role| role.title.downcase }.include?(key))
+  end
+      
+end
+

data/test/mocks/user.rb

@@ -0,0 +1,13 @@
+class User
+
+  attr_accessor :name
+
+  def name
+    @name ||= 'anon'
+  end
+
+  def roles
+    [OpenStruct.new(:title => 'admin'), OpenStruct.new(:title => 'user')]
+  end
+
+end

data/test/test_helper.rb

@@ -1,3 +1,4 @@
+require 'test/unit'
 require 'turn'
 
 Turn.config do |c|
@@ -5,4 +6,4 @@ Turn.config do |c|
 end
 
 require "#{ File.dirname(__FILE__) }/../lib/acl_system2"
-
+require "#{ File.dirname(__FILE__) }/mocks"

metadata

@@ -1,76 +1,74 @@
---- !ruby/object:Gem::Specification 
+--- !ruby/object:Gem::Specification
 name: acl_system2
-version: !ruby/object:Gem::Version 
-  hash: 23
+version: !ruby/object:Gem::Version
+  version: 0.2.1
   prerelease: 
-  segments: 
-  - 0
-  - 2
-  - 0
-  version: 0.2.0
 platform: ruby
-authors: 
+authors:
 - Ezra Zygmuntowicz
 - Fabien Franzen
 - Gareth Rees
 autorequire: 
 bindir: bin
 cert_chain: []
-
-date: 2013-01-29 00:00:00 Z
-dependencies: 
-- !ruby/object:Gem::Dependency 
+date: 2013-03-06 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
   name: minitest
-  prerelease: false
-  requirement: &id001 !ruby/object:Gem::Requirement 
+  requirement: !ruby/object:Gem::Requirement
     none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 0
-        version: "0"
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :development
-  version_requirements: *id001
-- !ruby/object:Gem::Dependency 
-  name: turn
   prerelease: false
-  requirement: &id002 !ruby/object:Gem::Requirement 
+  version_requirements: !ruby/object:Gem::Requirement
     none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 0
-        version: "0"
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: turn
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :development
-  version_requirements: *id002
-- !ruby/object:Gem::Dependency 
-  name: rake
   prerelease: false
-  requirement: &id003 !ruby/object:Gem::Requirement 
+  version_requirements: !ruby/object:Gem::Requirement
     none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 0
-        version: "0"
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :development
-  version_requirements: *id003
-description: An access control gem for Rails. A flexible declarative way of protecting your various controller actions using roles.
-email: 
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: An access control gem for Rails. A flexible declarative way of protecting
+  your various controller actions using roles.
+email:
 - gareth@garethrees.co.uk
 executables: []
-
 extensions: []
-
 extra_rdoc_files: []
-
-files: 
+files:
 - .gitignore
 - Gemfile
 - LICENSE.txt
@@ -78,46 +76,50 @@ files:
 - Rakefile
 - acl_system2.gemspec
 - lib/acl_system2.rb
-- lib/acl_system2/caboose/access_control.rb
-- lib/acl_system2/caboose/logic_parser.rb
-- lib/acl_system2/caboose/role_handler.rb
+- lib/acl_system2/access_control.rb
+- lib/acl_system2/access_control/access_sentry.rb
+- lib/acl_system2/access_control/class_methods.rb
+- lib/acl_system2/access_handler.rb
+- lib/acl_system2/logic_parser.rb
+- lib/acl_system2/role_handler.rb
 - lib/acl_system2/version.rb
 - rails/init.rb
 - test/access_control_test.rb
+- test/mocks.rb
+- test/mocks/controller_proxy.rb
+- test/mocks/controller_proxy_with_fab_handler.rb
+- test/mocks/fab_only_handler.rb
+- test/mocks/user.rb
 - test/test_helper.rb
 homepage: https://github.com/boxuk/acl_system2
 licenses: []
-
 post_install_message: 
 rdoc_options: []
-
-require_paths: 
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement 
+required_ruby_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
-      - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
-      - 0
-      version: "0"
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
-
 rubyforge_project: 
 rubygems_version: 1.8.23
 signing_key: 
 specification_version: 3
 summary: An access control gem for Rails
-test_files: 
+test_files:
 - test/access_control_test.rb
+- test/mocks.rb
+- test/mocks/controller_proxy.rb
+- test/mocks/controller_proxy_with_fab_handler.rb
+- test/mocks/fab_only_handler.rb
+- test/mocks/user.rb
 - test/test_helper.rb

data/lib/acl_system2/caboose/access_control.rb

@@ -1,112 +0,0 @@
-
-module Caboose
-
-  module AccessControl
-    
-    def self.included(subject)
-      subject.extend(ClassMethods)
-      if subject.respond_to? :helper_method
-        subject.helper_method(:permit?)
-        subject.helper_method(:restrict_to)
-      end
-    end
-    
-    module ClassMethods  
-      #  access_control [:create, :edit] => 'admin & !blacklist',
-      #                 :update => '(admin | moderator) & !blacklist',
-      #                 :list => '(admin | moderator | user) & !blacklist'
-      def access_control(actions={})
-        # Add class-wide permission callback to before_filter
-        defaults = {}  
-        if block_given?
-          yield defaults 
-          default_block_given = true  
-        end        
-        before_filter do |c|
-          c.default_access_context = defaults if default_block_given
-          @access = AccessSentry.new(c, actions)
-          if @access.allowed?(c.action_name)
-             c.send(:permission_granted)  if c.respond_to?:permission_granted
-          else    
-            if c.respond_to?:permission_denied
-              c.send(:permission_denied)
-            else  
-              c.send(:render, :text => "You have insuffient permissions to access #{c.controller_name}/#{c.action_name}")
-            end
-          end
-        end
-      end 
-    end # ClassMethods 
-
-    # return the active access handler, fallback to RoleHandler
-    # implement #retrieve_access_handler to return non-default handler
-    def access_handler
-      if respond_to?(:retrieve_access_handler)
-        @handler ||= retrieve_access_handler
-      else
-        @handler ||= RoleHandler.new
-      end
-    end
-
-    # the current access context; will be created if not setup
-    # will add current_user and merge any other elements of context
-    def access_context(context = {})     
-      default_access_context.merge(context)
-    end
-
-    def default_access_context
-      @default_access_context ||= {}
-      @default_access_context[:user] = send(:current_user) if respond_to?(:current_user)
-      @default_access_context 
-    end
-
-    def default_access_context=(defaults)
-      @default_access_context = defaults      
-    end
-
-    def permit?(logicstring, context = {})
-      access_handler.process(logicstring, access_context(context))
-    end
-  
-    # restrict_to "admin | moderator" do
-    #   link_to "foo"
-    # end   
-    def restrict_to(logicstring, context = {})
-      return false if current_user.nil?
-      result = ''    
-      if permit?(logicstring, context) 
-        result = yield if block_given?
-      end 
-      result
-    end    
-      
-    class AccessSentry
-     
-      def initialize(subject, actions={})
-        @actions = actions.inject({}) do |auth, current|
-          [current.first].flatten.each { |action| auth[action] = current.last }
-          auth
-        end 
-        @subject = subject
-      end 
-     
-      def allowed?(action)
-        if @actions.has_key? action.to_sym
-          return @subject.access_handler.process(@actions[action.to_sym].dup, @subject.access_context)
-        elsif @actions.has_key? :DEFAULT
-          return @subject.access_handler.process(@actions[:DEFAULT].dup, @subject.access_context) 
-        else
-          return true
-        end  
-      end
-   
-    end # AccessSentry
-  
-  end # AccessControl  
-  
-end # Caboose    
-
-
-
-
-