acts_as_authoritah 2.0.2 → 2.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.rvmrc +4 -0
- data/lib/acts_as_authoritah/access_control_list.rb +6 -1
- data/lib/acts_as_authoritah/acl_loader.rb +23 -0
- data/lib/acts_as_authoritah/core.rb +14 -5
- data/lib/acts_as_authoritah/errors.rb +3 -0
- data/lib/acts_as_authoritah/version.rb +1 -1
- data/lib/acts_as_authoritah.rb +2 -0
- data/spec/acts_as_authoritah/access_control_list_spec.rb +23 -0
- data/spec/acts_as_authoritah/acl_loader_spec.rb +21 -0
- data/spec/acts_as_authoritah/core_spec.rb +28 -8
- data/spec/acts_as_authoritah/identifier_parser_spec.rb +0 -64
- data/spec/data/archived.xls +0 -0
- data/spec/data/default.xls +0 -0
- data/spec/data/unpublished.xls +0 -0
- metadata +15 -6
data/.rvmrc
ADDED
@@ -6,7 +6,7 @@ require "acts_as_authoritah/matchers/scope_matcher.rb"
|
|
6
6
|
class ActsAsAuthoritah::AccessControlList
|
7
7
|
include ActsAsAuthoritah::Matchers
|
8
8
|
|
9
|
-
|
9
|
+
attr_accessor :store
|
10
10
|
|
11
11
|
def initialize(access_rules)
|
12
12
|
@store = {}
|
@@ -29,4 +29,9 @@ class ActsAsAuthoritah::AccessControlList
|
|
29
29
|
match(identifier) || {}
|
30
30
|
end
|
31
31
|
|
32
|
+
def merge!(other_access_control_list)
|
33
|
+
store.merge!(other_access_control_list.store)
|
34
|
+
self
|
35
|
+
end
|
36
|
+
|
32
37
|
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
class ActsAsAuthoritah::AclLoader
|
2
|
+
attr_reader :contexts, :acls
|
3
|
+
|
4
|
+
def initialize(path)
|
5
|
+
@path = path
|
6
|
+
@files = []
|
7
|
+
@contexts = []
|
8
|
+
Dir.glob(File.join(@path,"*.xls")).each{ |x|
|
9
|
+
@files << x
|
10
|
+
@contexts << File.split(x).last.split('.').first
|
11
|
+
}
|
12
|
+
@acls = {}
|
13
|
+
end
|
14
|
+
|
15
|
+
def load
|
16
|
+
@files.each_with_index do |file, i|
|
17
|
+
context = @contexts[i]
|
18
|
+
rules = ActsAsAuthoritah::SpreadsheetWrapper.new(file).to_access_rules
|
19
|
+
@acls[context.to_sym] = ActsAsAuthoritah::AccessControlList.new(rules)
|
20
|
+
end
|
21
|
+
@acls
|
22
|
+
end
|
23
|
+
end
|
@@ -13,20 +13,29 @@ module ActsAsAuthoritah
|
|
13
13
|
module InstanceMethods
|
14
14
|
def can?(identifier, options={})
|
15
15
|
klass = self.class
|
16
|
-
|
16
|
+
context = (options[:context] && options[:context] != '') ? options[:context] : 'default'
|
17
|
+
raise ActsAsAuthoritah::InvalidContextError, "'#{context}' is not a valid context" unless klass.valid_contexts.include?(context)
|
18
|
+
h = klass.send(:get_acl, context.to_sym).match_identifier(identifier)
|
17
19
|
h.empty? ? !klass.send(:whitelist) : h[self.usertype(options)]
|
18
20
|
end
|
19
21
|
end
|
20
22
|
|
21
23
|
module ClassMethods
|
22
24
|
def acts_as_authoritah(path, options={})
|
23
|
-
rules = ActsAsAuthoritah::SpreadsheetWrapper.new(path).to_access_rules
|
24
25
|
@@whitelist = options[:whitelist] ||= false
|
25
|
-
|
26
|
+
loader = ActsAsAuthoritah::AclLoader.new(path)
|
27
|
+
@@contexts = loader.contexts
|
28
|
+
@@acls = loader.load
|
26
29
|
end
|
27
30
|
|
28
|
-
def
|
29
|
-
@@
|
31
|
+
def valid_contexts
|
32
|
+
@@contexts
|
33
|
+
end
|
34
|
+
|
35
|
+
def get_acl(key = :default)
|
36
|
+
h = @@acls[key]
|
37
|
+
h = @@acls[:default].clone.merge!(@@acls[key]) unless key.eql?(:default)
|
38
|
+
h
|
30
39
|
end
|
31
40
|
|
32
41
|
def whitelist
|
data/lib/acts_as_authoritah.rb
CHANGED
@@ -9,7 +9,9 @@ require "acts_as_authoritah/core"
|
|
9
9
|
|
10
10
|
require "acts_as_authoritah/access_rule"
|
11
11
|
require "acts_as_authoritah/access_control_list"
|
12
|
+
require "acts_as_authoritah/acl_loader"
|
12
13
|
require "acts_as_authoritah/identifier_parser"
|
14
|
+
require "acts_as_authoritah/errors.rb"
|
13
15
|
|
14
16
|
require 'spreadsheet'
|
15
17
|
Spreadsheet.client_encoding = 'UTF-8'
|
@@ -75,4 +75,27 @@ describe ActsAsAuthoritah::AccessControlList do
|
|
75
75
|
@acl.match_identifier("Admin::ProjectsController#create").should eq "c"
|
76
76
|
end
|
77
77
|
end
|
78
|
+
|
79
|
+
context "merge" do
|
80
|
+
before :each do
|
81
|
+
rules = [
|
82
|
+
ActsAsAuthoritah::AccessRule.new("Admin", nil, nil, "c"),
|
83
|
+
ActsAsAuthoritah::AccessRule.new("Admin", "Projects", nil, "d"),
|
84
|
+
]
|
85
|
+
@acl1 = ActsAsAuthoritah::AccessControlList.new(rules)
|
86
|
+
|
87
|
+
rules = [
|
88
|
+
ActsAsAuthoritah::AccessRule.new("Admin", nil, nil, "C")
|
89
|
+
]
|
90
|
+
@acl2 = ActsAsAuthoritah::AccessControlList.new(rules)
|
91
|
+
end
|
92
|
+
|
93
|
+
it "should merge two @acl2 into @acl1 overriding common rule using the one from @acl2" do
|
94
|
+
@acl1.store.should eq({"Admin"=>"c", "Admin::ProjectsController"=>"d"})
|
95
|
+
@acl2.store.should eq({"Admin"=>"C"})
|
96
|
+
@acl1.merge!(@acl2).store.should eq({"Admin"=>"C", "Admin::ProjectsController"=>"d"})
|
97
|
+
@acl1.store.should eq({"Admin"=>"C", "Admin::ProjectsController"=>"d"})
|
98
|
+
@acl2.store.should eq({"Admin"=>"C"})
|
99
|
+
end
|
100
|
+
end
|
78
101
|
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe ActsAsAuthoritah::AclLoader do
|
4
|
+
before :each do
|
5
|
+
@acl_loader = ActsAsAuthoritah::AclLoader.new("spec/data/")
|
6
|
+
@acl_loader.load
|
7
|
+
end
|
8
|
+
|
9
|
+
it "should be able to get the list of contexts" do
|
10
|
+
@acl_loader.contexts.should eq ["archived", "default", "unpublished"]
|
11
|
+
end
|
12
|
+
|
13
|
+
it "should load the rules of 'archived' context" do
|
14
|
+
archived_rules = {"scope1::scope2::DummyController#edit"=>{"admin"=>true, "anonymous"=>false, "super_admin"=>true}, "scope3::scope4::AnotherController#update"=>{"admin"=>true, "anonymous"=>true, "super_admin"=>true}}
|
15
|
+
@acl_loader.acls[:archived].store.should eq archived_rules
|
16
|
+
end
|
17
|
+
|
18
|
+
it "should load all contexts" do
|
19
|
+
@acl_loader.acls.keys.size.should eq 3
|
20
|
+
end
|
21
|
+
end
|
@@ -4,7 +4,7 @@ describe ActsAsAuthoritah::Core do
|
|
4
4
|
before :each do
|
5
5
|
class Foo
|
6
6
|
include ActsAsAuthoritah::Core
|
7
|
-
acts_as_authoritah "spec/data
|
7
|
+
acts_as_authoritah "spec/data"
|
8
8
|
|
9
9
|
def usertype(options)
|
10
10
|
"admin"
|
@@ -12,26 +12,46 @@ describe ActsAsAuthoritah::Core do
|
|
12
12
|
end
|
13
13
|
end
|
14
14
|
|
15
|
-
it "should work" do
|
16
|
-
end
|
17
|
-
|
18
15
|
it "should be able to use 'can?' on instance of Foo class" do
|
19
16
|
Foo.new.should respond_to('can?')
|
20
17
|
end
|
21
18
|
|
22
|
-
it "should be able to add '
|
23
|
-
Foo.should respond_to('
|
19
|
+
it "should be able to add 'get_acl' method to Foo class" do
|
20
|
+
Foo.should respond_to('get_acl')
|
21
|
+
end
|
22
|
+
|
23
|
+
it "should be able to get the default acl" do
|
24
|
+
Foo.get_acl(:default).should_not be_nil
|
24
25
|
end
|
25
26
|
|
26
27
|
it "should be able to use 'can?' on Foo to check access rights - case1" do
|
27
28
|
Foo.new.can?("scope1::scope2::DummyController#edit").should eq true
|
28
29
|
end
|
29
30
|
|
31
|
+
it "should be able to use 'can?' on Foo to check access rights - case2" do
|
32
|
+
Foo.new.can?("scope3::scope4::AnotherController#update").should eq false
|
33
|
+
end
|
34
|
+
|
35
|
+
it "should be able to use 'can?' with a context on Foo to check access rights - case3" do
|
36
|
+
Foo.new.can?("scope3::scope4::AnotherController#update", :context => 'archived').should eq true
|
37
|
+
end
|
38
|
+
|
39
|
+
it "should know the valid contexts" do
|
40
|
+
Foo.should respond_to('valid_contexts')
|
41
|
+
Foo.valid_contexts.should eq ["archived", "default", "unpublished"]
|
42
|
+
end
|
43
|
+
|
44
|
+
it "should raise 'InvalidContextError' if an invalid context is passed" do
|
45
|
+
lambda{
|
46
|
+
Foo.new.can?("scope3::scope4::AnotherController#update", :context => 'foobar')
|
47
|
+
}.should raise_error(ActsAsAuthoritah::InvalidContextError, "'foobar' is not a valid context")
|
48
|
+
end
|
49
|
+
|
30
50
|
context "whitelist=false" do
|
31
51
|
before :each do
|
32
52
|
class Foo
|
33
53
|
include ActsAsAuthoritah::Core
|
34
|
-
acts_as_authoritah "spec/data
|
54
|
+
acts_as_authoritah "spec/data", :whitelist => false
|
35
55
|
|
36
56
|
def usertype(options)
|
37
57
|
"admin"
|
@@ -48,7 +68,7 @@ describe ActsAsAuthoritah::Core do
|
|
48
68
|
before :each do
|
49
69
|
class Foo
|
50
70
|
include ActsAsAuthoritah::Core
|
51
|
-
acts_as_authoritah "spec/data
|
71
|
+
acts_as_authoritah "spec/data", :whitelist => true
|
52
72
|
|
53
73
|
def usertype(options)
|
54
74
|
"admin"
|
@@ -44,68 +44,4 @@ describe ActsAsAuthoritah::IdentifierParser do
|
|
44
44
|
end
|
45
45
|
end
|
46
46
|
|
47
|
-
# context "controller" do
|
48
|
-
# it "should return nil if identifier is empty" do
|
49
|
-
# identifier_parser = ActsAsAuthoritah::IdentifierParser.new("", "edit a blog post",{:admin => true, :anonymous => false})
|
50
|
-
# identifier_parser.controller.should be_nil
|
51
|
-
# end
|
52
|
-
#
|
53
|
-
# it "should return nil if identifier is nil" do
|
54
|
-
# identifier_parser = ActsAsAuthoritah::IdentifierParser.new(nil, "edit a blog post",{:admin => true, :anonymous => false})
|
55
|
-
# identifier_parser.controller.should be_nil
|
56
|
-
# end
|
57
|
-
#
|
58
|
-
# it "should return controller name if only controller is present" do
|
59
|
-
# identifier_parser = ActsAsAuthoritah::IdentifierParser.new("BlogPosts", "edit a blog post",{:admin => true, :anonymous => false})
|
60
|
-
# identifier_parser.controller.should eq "BlogPosts"
|
61
|
-
# end
|
62
|
-
#
|
63
|
-
# it "should return controller name if controller and action are present" do
|
64
|
-
# identifier_parser = ActsAsAuthoritah::IdentifierParser.new("BlogPosts#edit", "edit a blog post",{:admin => true, :anonymous => false})
|
65
|
-
# identifier_parser.controller.should eq "BlogPosts"
|
66
|
-
# end
|
67
|
-
#
|
68
|
-
# it "should return controller name if controller, one level scope and action are present" do
|
69
|
-
# identifier_parser = ActsAsAuthoritah::IdentifierParser.new("Projects::BlogPosts#edit", "edit a blog post",{:admin => true, :anonymous => false})
|
70
|
-
# identifier_parser.controller.should eq "Projects::BlogPosts"
|
71
|
-
# end
|
72
|
-
#
|
73
|
-
# it "should return controller name if controller, two level scopes and action are present" do
|
74
|
-
# identifier_parser = ActsAsAuthoritah::IdentifierParser.new("Admin::Projects::BlogPosts#edit", "edit a blog post",{:admin => true, :anonymous => false})
|
75
|
-
# identifier_parser.controller.should eq "Admin::Projects::BlogPosts"
|
76
|
-
# end
|
77
|
-
#
|
78
|
-
# it "should return controller name if controller and '#' are present" do
|
79
|
-
# identifier_parser = ActsAsAuthoritah::IdentifierParser.new("BlogPosts#", "edit a blog post",{:admin => true, :anonymous => false})
|
80
|
-
# identifier_parser.controller.should eq "BlogPosts"
|
81
|
-
# end
|
82
|
-
# end
|
83
|
-
#
|
84
|
-
# context "scopes" do
|
85
|
-
# it "should return nil if identifier is empty" do
|
86
|
-
# identifier_parser = ActsAsAuthoritah::IdentifierParser.new("", "edit a blog post",{:admin => true, :anonymous => false})
|
87
|
-
# identifier_parser.scopes.should eq []
|
88
|
-
# end
|
89
|
-
#
|
90
|
-
# it "should return nil if identifier is nil" do
|
91
|
-
# identifier_parser = ActsAsAuthoritah::IdentifierParser.new(nil, "edit a blog post",{:admin => true, :anonymous => false})
|
92
|
-
# identifier_parser.scopes.should eq []
|
93
|
-
# end
|
94
|
-
#
|
95
|
-
# it "should return [] if only controller is present" do
|
96
|
-
# identifier_parser = ActsAsAuthoritah::IdentifierParser.new("BlogPosts", "edit a blog post",{:admin => true, :anonymous => false})
|
97
|
-
# identifier_parser.scopes.should eq []
|
98
|
-
# end
|
99
|
-
#
|
100
|
-
# it "should return scope array if controller and level one scope is present" do
|
101
|
-
# identifier_parser = ActsAsAuthoritah::IdentifierParser.new("Projects::BlogPosts", "edit a blog post",{:admin => true, :anonymous => false})
|
102
|
-
# identifier_parser.scopes.should eq ["Projects"]
|
103
|
-
# end
|
104
|
-
#
|
105
|
-
# it "should return scope array if controller and level two scope is present" do
|
106
|
-
# identifier_parser = ActsAsAuthoritah::IdentifierParser.new("Admin::Projects::BlogPosts", "edit a blog post",{:admin => true, :anonymous => false})
|
107
|
-
# identifier_parser.scopes.should eq ["Admin","Projects"]
|
108
|
-
# end
|
109
|
-
# end
|
110
|
-
|
111
47
|
end
|
Binary file
|
data/spec/data/default.xls
CHANGED
Binary file
|
Binary file
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: acts_as_authoritah
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.3
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,11 +9,11 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2012-04-
|
12
|
+
date: 2012-04-16 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: rspec
|
16
|
-
requirement: &
|
16
|
+
requirement: &2152579320 !ruby/object:Gem::Requirement
|
17
17
|
none: false
|
18
18
|
requirements:
|
19
19
|
- - ! '>='
|
@@ -21,10 +21,10 @@ dependencies:
|
|
21
21
|
version: '0'
|
22
22
|
type: :development
|
23
23
|
prerelease: false
|
24
|
-
version_requirements: *
|
24
|
+
version_requirements: *2152579320
|
25
25
|
- !ruby/object:Gem::Dependency
|
26
26
|
name: rake
|
27
|
-
requirement: &
|
27
|
+
requirement: &2152578820 !ruby/object:Gem::Requirement
|
28
28
|
none: false
|
29
29
|
requirements:
|
30
30
|
- - ! '>='
|
@@ -32,7 +32,7 @@ dependencies:
|
|
32
32
|
version: '0'
|
33
33
|
type: :development
|
34
34
|
prerelease: false
|
35
|
-
version_requirements: *
|
35
|
+
version_requirements: *2152578820
|
36
36
|
description: Define user capabilities in your app
|
37
37
|
email:
|
38
38
|
- unni.tallman@gmail.com
|
@@ -42,6 +42,7 @@ extra_rdoc_files: []
|
|
42
42
|
files:
|
43
43
|
- .gitignore
|
44
44
|
- .rspec
|
45
|
+
- .rvmrc
|
45
46
|
- Gemfile
|
46
47
|
- LICENSE
|
47
48
|
- README.md
|
@@ -50,7 +51,9 @@ files:
|
|
50
51
|
- lib/acts_as_authoritah.rb
|
51
52
|
- lib/acts_as_authoritah/access_control_list.rb
|
52
53
|
- lib/acts_as_authoritah/access_rule.rb
|
54
|
+
- lib/acts_as_authoritah/acl_loader.rb
|
53
55
|
- lib/acts_as_authoritah/core.rb
|
56
|
+
- lib/acts_as_authoritah/errors.rb
|
54
57
|
- lib/acts_as_authoritah/identifier_parser.rb
|
55
58
|
- lib/acts_as_authoritah/matchers/controller_matcher.rb
|
56
59
|
- lib/acts_as_authoritah/matchers/direct_matcher.rb
|
@@ -63,6 +66,7 @@ files:
|
|
63
66
|
- lib/acts_as_authoritah/version.rb
|
64
67
|
- spec/acts_as_authoritah/access_control_list_spec.rb
|
65
68
|
- spec/acts_as_authoritah/access_rule_spec.rb
|
69
|
+
- spec/acts_as_authoritah/acl_loader_spec.rb
|
66
70
|
- spec/acts_as_authoritah/core_spec.rb
|
67
71
|
- spec/acts_as_authoritah/identifier_parser_spec.rb
|
68
72
|
- spec/acts_as_authoritah/matchers/controller_matcher_spec.rb
|
@@ -73,7 +77,9 @@ files:
|
|
73
77
|
- spec/acts_as_authoritah/spreadsheets/spreadsheet_reader_spec.rb
|
74
78
|
- spec/acts_as_authoritah/spreadsheets/spreadsheet_row_parser_spec.rb
|
75
79
|
- spec/acts_as_authoritah/spreadsheets/spreadsheet_wrapper_spec.rb
|
80
|
+
- spec/data/archived.xls
|
76
81
|
- spec/data/default.xls
|
82
|
+
- spec/data/unpublished.xls
|
77
83
|
- spec/spec_helper.rb
|
78
84
|
homepage: ''
|
79
85
|
licenses: []
|
@@ -102,6 +108,7 @@ summary: Define user capabilities in your app
|
|
102
108
|
test_files:
|
103
109
|
- spec/acts_as_authoritah/access_control_list_spec.rb
|
104
110
|
- spec/acts_as_authoritah/access_rule_spec.rb
|
111
|
+
- spec/acts_as_authoritah/acl_loader_spec.rb
|
105
112
|
- spec/acts_as_authoritah/core_spec.rb
|
106
113
|
- spec/acts_as_authoritah/identifier_parser_spec.rb
|
107
114
|
- spec/acts_as_authoritah/matchers/controller_matcher_spec.rb
|
@@ -112,5 +119,7 @@ test_files:
|
|
112
119
|
- spec/acts_as_authoritah/spreadsheets/spreadsheet_reader_spec.rb
|
113
120
|
- spec/acts_as_authoritah/spreadsheets/spreadsheet_row_parser_spec.rb
|
114
121
|
- spec/acts_as_authoritah/spreadsheets/spreadsheet_wrapper_spec.rb
|
122
|
+
- spec/data/archived.xls
|
115
123
|
- spec/data/default.xls
|
124
|
+
- spec/data/unpublished.xls
|
116
125
|
- spec/spec_helper.rb
|