active_access 0.1.0

data/.rspec

@@ -0,0 +1 @@
+--color

data/Gemfile

@@ -0,0 +1,12 @@
+
+source "http://rubygems.org"
+
+gem "activesupport"
+gem "activemodel"
+
+group :development do
+  gem "rspec"
+  gem "rdoc"
+  gem "jeweler"
+end
+

data/LICENSE.txt

@@ -0,0 +1,20 @@
+Copyright (c) 2012 Riley Lynch, Teleological Software, LLC
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,67 @@
+= active_access
+
+The ActiveAccess mixin makes it easy to limit access to ActiveModel
+and ActiveRecord attributes by declaring generated attribute accessor
+methods private.
+
+Mixing the <tt>ActiveAcess::AttributeMethods</tt> into a class that mixes
+in ActiveModel::AttributeMethods or is derived from ActiveRecord::Base
+adds the <tt>attr_private</tt> and <tt>attr_private_writer</tt> macros.
+
+These macros change the behavior of +define_attribute_methods+ to declare
+generated attribute accessors private: +attr_private+ declares all
+accessors for an attribute private; +attr_private_writer+ declares only
+writer methods private.
+
+ActiveAccess recognizes the following attribute reader method name
+patterns:
+
+  #name
+  #name?
+  #name_before_type_cast
+  #name_changed?
+  #name_change
+  #name_was
+  #_name
+
+ActiveAccess recognizes the following attribute writer method name
+patterns:
+
+  #name=
+  #name_will_change
+  #reset_name!
+
+== Example
+  
+  class Widget < ActiveRecord::Base
+  
+    include ActiveAccess::AttributeMethods
+  
+    attr_private_writer :read_me
+  
+    attr_private :secret
+  
+  end
+  
+  Widget.new.respond_to? :read_me  # => true
+  Widget.new.read_me = "new value" # raises NoMethodError
+  
+  Widget.new.respond_to? :secret   # => false
+  Widget.new.secret = "new value"  # raises NoMethodError
+  
+== Limitations
+
+ActiveAccess only restricts access to named attribute accessors. Unnamed
+accessors such as ActiveRecord +read_attribute+ and +write_attribute+ as
+well as hash-style access are not restricted. Attribute aliases are also
+unrestricted.
+
+ActiveRecord does not allow attributes with private writers to be
+initialized (i.e. passed as parameters to +new+) or mass-assigned
+(passed as parameters to +assign_attributes+ or +attributes=+).
+
+== Copyright
+
+Copyright (c) 2012 Riley Lynch, Teleological Software, LLC.
+See LICENSE.txt for further details.
+

data/Rakefile

@@ -0,0 +1,44 @@
+# encoding: utf-8
+
+require 'rubygems'
+require 'bundler'
+begin
+  Bundler.setup(:default, :development)
+rescue Bundler::BundlerError => e
+  $stderr.puts e.message
+  $stderr.puts "Run `bundle install` to install missing gems"
+  exit e.status_code
+end
+require 'rake'
+
+require 'jeweler'
+Jeweler::Tasks.new do |gem|
+  gem.name = "active_access"
+  gem.homepage = "http://github.com/teleological/active_access"
+  gem.license = "MIT"
+  gem.summary =
+    %Q{Access control for ActiveModel/ActiveRecord attributes}
+  gem.description = 
+    %Q{Access control for ActiveModel/ActiveRecord attributes}
+  gem.authors = ["Riley Lynch"]
+end
+Jeweler::RubygemsDotOrgTasks.new
+
+require 'rspec/core'
+require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new(:spec) do |spec|
+  spec.pattern = FileList['spec/**/*_spec.rb']
+end
+
+task :default => :spec
+
+require 'rdoc/task'
+Rake::RDocTask.new do |rdoc|
+  version = File.exist?('VERSION') ? File.read('VERSION') : ""
+  rdoc.main = "README.rdoc"
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.rdoc_files.include('README*')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+  rdoc.title = "active_access #{version}"
+end
+

data/lib/active_access.rb

@@ -0,0 +1,9 @@
+
+require 'active_support'
+
+module ActiveAccess
+  extend ActiveSupport::Autoload
+  autoload :AttributeMethods
+  autoload :AttributeConventions
+end
+

data/lib/active_access/attribute_conventions.rb

@@ -0,0 +1,40 @@
+
+require 'active_model'
+
+module ActiveAccess
+  class AttributeConventions
+
+    MethodMatcher = ActiveModel::AttributeMethods::ClassMethods::
+      AttributeMethodMatcher
+
+    READ_MATCHERS = [
+      MethodMatcher.new, # "plain" reader
+      MethodMatcher.new(suffix: '_changed?'),
+      MethodMatcher.new(suffix: '_change'),
+      MethodMatcher.new(suffix: '_was'),
+      MethodMatcher.new(suffix: '_before_type_cast'),
+      MethodMatcher.new(prefix: '_'),
+      MethodMatcher.new(prefix: '?')
+    ]
+
+    WRITE_MATCHERS = [
+      MethodMatcher.new(prefix: 'reset_', suffix: '!'),
+      MethodMatcher.new(suffix: '_will_change'),
+      MethodMatcher.new(suffix: '=')
+    ]
+
+    class << self
+
+      def reader_names(attr)
+        READ_MATCHERS.map { |matcher| matcher.method_name(attr) }
+      end
+
+      def writer_names(attr)
+        WRITE_MATCHERS.map { |matcher| matcher.method_name(attr) }
+      end
+
+    end
+
+  end
+end
+

data/lib/active_access/attribute_methods.rb

@@ -0,0 +1,78 @@
+
+require 'active_support/core_ext'
+
+module ActiveAccess
+  module AttributeMethods
+
+    extend ActiveSupport::Concern
+
+    included do
+      class_attribute :_attribute_access, :instance_writer => false
+      self._attribute_access = {}
+    end
+
+    module ClassMethods
+
+      def attr_private(*attrs)
+        update_attribute_method_access(:private, attrs)
+      end
+
+      def attr_private_writer(*attrs)
+        update_attribute_method_access(:readonly, attrs)
+      end
+
+      def define_attribute_methods(attrs=nil)
+        if defined?(ActiveRecord) && (self < ActiveRecord::AttributeMethods)
+          super() # takes no arguments
+          reset_attribute_method_access
+        else
+          super # takes a list of attribute names as arguments
+          reset_attribute_method_access(attrs)
+        end
+      end
+
+      private
+
+      def update_attribute_method_access(level, attrs)
+        self._attribute_access = self._attribute_access.dup
+        attrs.each do |attr|
+          self._attribute_access[attr.to_sym] = level
+        end
+        reset_attribute_method_access(attrs)
+      end
+
+      def reset_attribute_method_access(attrs=nil)
+
+        if attrs
+          attr_syms = attrs.map(&:to_sym)
+          attr_accesses = _attribute_access.slice(*attr_syms)
+        else
+          attr_accesses = _attribute_access
+        end
+
+        attr_accesses.each do |attr, access|
+          if [:private, :readonly].include?(access)
+            privatize_attribute_writers(attr)
+          end
+          privatize_attribute_readers(attr) if access == :private
+        end
+
+      end
+
+      def privatize_attribute_writers(attr)
+        AttributeConventions.writer_names(attr).each do |name|
+          private name if method_defined?(name)
+        end
+      end
+
+      def privatize_attribute_readers(attr)
+        AttributeConventions.reader_names(attr).each do |name|
+          private name if method_defined?(name)
+        end
+      end
+
+    end
+
+  end
+end
+

data/spec/active_access_spec.rb

@@ -0,0 +1,145 @@
+require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
+
+require 'active_model'
+
+describe "ActiveAccess::AttributeMethods" do
+
+  context "given an ActiveModel class" do
+
+    let(:abstract_base_class) do
+      Class.new(Struct.new(:foo, :bar, :baz)).tap do |klass|
+        klass.class_eval do
+
+          include ActiveModel::AttributeMethods
+          include ActiveAccess::AttributeMethods
+
+          def attributes
+            members.each_with_object({}) { |m, h| h[m.to_s] = self[m] }
+          end
+
+          alias_method :attribute, :[]
+
+        end
+      end
+    end
+
+    let(:model_instance) { model_class.new("fooh", "bhar", "bazh") }
+
+    let(:private_attribute)       { :bar   }
+    let(:private_attribute_value) { "bhar" }
+
+    let(:private_reader) { :"#{private_attribute}"  }
+    let(:private_writer) { :"#{private_attribute}=" }
+
+    shared_examples_for "any ActiveModel class with private attributes" do
+
+      it "prevents public reads with named reader on private attributes" do
+        lambda { model_instance.public_send(private_reader) }.
+          should raise_error(NoMethodError, /private/)
+      end
+
+      it "prevents public writes with named writer on private attributes" do
+        lambda { model_instance.public_send(private_writer,"changed") }.
+          should raise_error(NoMethodError, /private/)
+      end
+
+      it "allows private reads with named reader on private attributes" do
+        model_instance.send(private_reader).
+          should == private_attribute_value
+      end
+
+      it "allows private writes with named writer on private attributes" do
+        model_instance.send(private_writer, "changed")
+        model_instance.send(private_reader).should == "changed"
+      end
+
+      it "allows read access to private attributes via unnamed reader" do
+        model_instance[private_attribute].should == private_attribute_value
+      end
+
+      it "allows read access to private attributes via unnamed reader" do
+        model_instance[private_attribute] = "changed"
+        model_instance[private_attribute].should == "changed"
+      end
+
+    end
+
+    shared_examples_for "any ActiveModel class" do
+
+      it_should_behave_like "any ActiveModel class with private attributes"
+
+      it "allows public reads on public (default) attributes" do
+        model_instance.foo.should == "fooh"
+      end
+
+      it "allows public writes to public (default) attributes" do
+        model_instance.foo = "fhoo"
+        model_instance.foo.should == "fhoo"
+      end
+
+    end
+
+    context "when private attributes are declared before methods" do
+
+      let(:model_class) do
+        Class.new(abstract_base_class).tap do |klass|
+          klass.class_eval do
+            attr_private :bar
+            define_attribute_methods([:foo, :bar, :baz])
+          end
+        end
+      end
+
+      it_should_behave_like "any ActiveModel class"
+
+    end
+
+    context "when attribute methods are declared before privacy" do
+
+      let(:model_class) do
+        Class.new(abstract_base_class).tap do |klass|
+          klass.class_eval do
+            define_attribute_methods([:foo, :bar, :baz])
+            attr_private :bar
+          end
+        end
+      end
+
+      it_should_behave_like "any ActiveModel class"
+
+    end
+
+    context "when attributes are inherited " do
+
+      let(:base_class) do
+        Class.new(abstract_base_class).tap do |klass|
+          klass.class_eval do
+            define_attribute_methods([:foo, :bar])
+            attr_private :bar
+          end
+        end
+      end
+
+      let(:model_class) do
+        Class.new(base_class).tap do |klass|
+          klass.class_eval do
+            define_attribute_methods([:baz])
+            attr_private :baz
+          end
+        end
+      end
+
+      context "with inherited private attributes" do
+        it_should_behave_like "any ActiveModel class"
+      end
+
+      context "with derived private attributes" do
+        let(:private_attribute)       { :baz   }
+        let(:private_attribute_value) { "bazh" }
+        it_should_behave_like "any ActiveModel class"
+      end
+    end
+
+  end
+end
+

data/spec/spec_helper.rb

@@ -0,0 +1,14 @@
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+
+require 'rspec'
+
+require 'active_access'
+
+# Requires supporting files with custom matchers and macros, etc,
+# in ./support/ and its subdirectories.
+Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}
+
+RSpec.configure do |config|
+  
+end

metadata

@@ -0,0 +1,137 @@
+--- !ruby/object:Gem::Specification
+name: active_access
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+  prerelease: 
+platform: ruby
+authors:
+- Riley Lynch
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-06-23 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: activemodel
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rdoc
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: jeweler
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Access control for ActiveModel/ActiveRecord attributes
+email: 
+executables: []
+extensions: []
+extra_rdoc_files:
+- LICENSE.txt
+- README.rdoc
+files:
+- .rspec
+- Gemfile
+- LICENSE.txt
+- README.rdoc
+- Rakefile
+- lib/active_access.rb
+- lib/active_access/attribute_conventions.rb
+- lib/active_access/attribute_methods.rb
+- spec/active_access_spec.rb
+- spec/spec_helper.rb
+homepage: http://github.com/teleological/active_access
+licenses:
+- MIT
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.24
+signing_key: 
+specification_version: 3
+summary: Access control for ActiveModel/ActiveRecord attributes
+test_files: []