acts_as_privilege 1.2.0

data.tar.gz.sig

@@ -0,0 +1,2 @@
+����cp�#]罒D[H�oT-��ㅎp�2�����o�lw��蒤b�R.�NW���;'�k�ݜ
+a���:p�k��XJ���˙{8g+�L��F�z&��m������Q�?�%YgV���y͙Z��n��A5����7��@Ahl?�����t����Ly++���g�%U�R��>�Y��#?��@�P�e��q�G<�E�t@F�����]7 <�e��2�����s��)#���i��+�zn

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2009 Cyril Wack
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Manifest

@@ -0,0 +1,13 @@
+MIT-LICENSE
+README.rdoc
+Rakefile
+VERSION.yml
+generators/acts_as_privilege/USAGE
+generators/acts_as_privilege/acts_as_privilege_generator.rb
+generators/acts_as_privilege/templates/migration.rb
+init.rb
+lib/ability.rb
+lib/acts_as_privilege.rb
+lib/entity.rb
+lib/privileges_helper.rb
+Manifest

data/README.rdoc

@@ -0,0 +1,48 @@
+= Acts as privilege
+
+"Acts as" extension which provides the capabilities to restrict system access to authorized users.  This ACL-based security model is designed as a role-based access control, where each role can be a group of users.
+
+== Install
+
+To install as a plugin:
+
+  script/plugin install git://github.com/cyril/acts_as_privilege.git
+
+Generate and apply the migration:
+
+  script/generate acts_as_privilege model
+  rake db:migrate
+
+Then you can populate Ability and Entity models using something like that:
+
+  rest_actions = %w[index show new create edit update destroy]
+  controllers = {
+    :groups => rest_actions,
+    :users => rest_actions,
+    :articles => rest_actions,
+    :comments => rest_actions }
+
+  controllers.each_pair do |controller, actions|
+    entity = Entity.create(:name => controller.to_s)
+    actions.each do |action|
+      Ability.create(:name => action, :entity_id => entity.id)
+    end
+  end
+
+== Example
+
+  script/generate acts_as_privilege Group
+  rake db:migrate
+
+  class Group < ActiveRecord::Base
+    acts_as_privilege
+    has_many :users
+  end
+
+  # Check the current user capability to destroy articles:
+  current_user.group.has_privilege?('articles', 'destroy')
+
+  # Form helper that generate field to manage group privileges:
+  <%= privileges_field(@group, :group) %>
+
+Copyright (c) 2009 Cyril Wack, released under the MIT license

data/Rakefile

@@ -0,0 +1,12 @@
+require 'rubygems'
+require 'rake'
+require 'echoe'
+
+Echoe.new('acts_as_privilege', '1.2.0') do |p|
+  p.description    = "Simple Rails plugin to restrict system access to authorized users."
+  p.url            = "http://github.com/cyril/acts_as_privilege"
+  p.author         = "Cyril Wack"
+  p.email          = "cyril.wack@gmail.com"
+  p.ignore_pattern = ["tmp/*", "script/*"]
+  p.development_dependencies = []
+end

data/VERSION.yml

@@ -0,0 +1,4 @@
+---
+:major: 1
+:minor: 2
+:patch: 0

data/acts_as_privilege.gemspec

@@ -0,0 +1,32 @@
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{acts_as_privilege}
+  s.version = "1.2.0"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Cyril Wack"]
+  s.cert_chain = ["/Users/cyril/gem-public_cert.pem"]
+  s.date = %q{2010-04-12}
+  s.description = %q{Simple Rails plugin to restrict system access to authorized users.}
+  s.email = %q{cyril.wack@gmail.com}
+  s.extra_rdoc_files = ["README.rdoc", "lib/ability.rb", "lib/acts_as_privilege.rb", "lib/entity.rb", "lib/privileges_helper.rb"]
+  s.files = ["MIT-LICENSE", "README.rdoc", "Rakefile", "VERSION.yml", "generators/acts_as_privilege/USAGE", "generators/acts_as_privilege/acts_as_privilege_generator.rb", "generators/acts_as_privilege/templates/migration.rb", "init.rb", "lib/ability.rb", "lib/acts_as_privilege.rb", "lib/entity.rb", "lib/privileges_helper.rb", "Manifest", "acts_as_privilege.gemspec"]
+  s.homepage = %q{http://github.com/cyril/acts_as_privilege}
+  s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Acts_as_privilege", "--main", "README.rdoc"]
+  s.require_paths = ["lib"]
+  s.rubyforge_project = %q{acts_as_privilege}
+  s.rubygems_version = %q{1.3.6}
+  s.signing_key = %q{/Users/cyril/gem-private_key.pem}
+  s.summary = %q{Simple Rails plugin to restrict system access to authorized users.}
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+    else
+    end
+  else
+  end
+end

data/generators/acts_as_privilege/USAGE

@@ -0,0 +1,17 @@
+Description:
+    Creates Entity (representing controllers) and Ability (representing
+    controller actions) models, and then links them with any roles that your
+    application users might need.
+
+Usage:
+    Pass the name of the model that you want to apply privileges.
+
+Examples:
+    script/generate acts_as_privilege Role
+
+        Will expand roles with privileges.  Then you can manage user roles
+        and attributed privileges for each one.
+
+    script/generate acts_as_privilege Group
+
+        Same, with the Group model.

data/generators/acts_as_privilege/acts_as_privilege_generator.rb

@@ -0,0 +1,34 @@
+class ActsAsPrivilegeGenerator < Rails::Generator::NamedBase
+  def manifest
+    record do |m|
+      m.migration_template 'migration.rb', "db/migrate", {:assigns => privileges_local_assigns, :migration_file_name => "create_privileges_for_#{plural_name}"}
+    end
+  end
+
+  def class_name
+    name.camelize
+  end
+
+  def plural_name
+    custom_name = class_name.underscore.downcase
+    custom_name = custom_name.pluralize if ActiveRecord::Base.pluralize_table_names
+    custom_name
+  end
+
+  def plural_class_name
+    plural_name.camelize
+  end
+
+  def singular_name
+    class_name.underscore.downcase
+  end
+
+  private
+
+  def privileges_local_assigns
+    returning(assigns = {}) do
+      assigns[:class_name] = "create_privileges_for_#{plural_name}"
+      assigns[:table_name] = plural_name
+    end
+  end
+end

data/generators/acts_as_privilege/templates/migration.rb

@@ -0,0 +1,28 @@
+class CreatePrivilegesFor<%= plural_class_name %> < ActiveRecord::Migration
+  def self.up
+    create_table :abilities do |t|
+      t.integer :entity_id, :null => false
+
+      t.string :name, :limit => 255, :null => false
+    end
+
+    add_index(:abilities, [:entity_id, :name])
+
+    create_table :entities do |t|
+      t.string :name, :limit => 255, :null => false
+    end
+
+    add_index(:entities, :name, { :unique => true })
+
+    create_table :<%= ['abilities', plural_name].sort.join('_') %>, :id => false, :force => true do |t|
+      t.integer :ability_id, :null => false
+      t.integer :<%= "#{singular_name}_id" %>, :null => false
+    end
+  end
+
+  def self.down
+    drop_table :<%= ['abilities', plural_name].sort.join('_') %>
+    drop_table :entities
+    drop_table :abilities
+  end
+end

data/init.rb

@@ -0,0 +1 @@
+require 'acts_as_privilege'

data/lib/ability.rb

@@ -0,0 +1,12 @@
+class Ability < ActiveRecord::Base
+  # security
+  attr_readonly :name, :entity_id
+
+  # relations
+  belongs_to :entity
+  has_and_belongs_to_many :groups
+
+  # validates
+  validates_format_of :name, :with => /^[a-z0-9_]+$/, :allow_nil => false
+  validates_uniqueness_of :name, :case_sensitive => false, :scope => :entity_id
+end

data/lib/acts_as_privilege.rb

@@ -0,0 +1,31 @@
+require 'active_record/base'
+
+module ActsAsPrivilege
+  def self.included(base)
+    base.extend(ClassMethods)
+  end
+
+  module ClassMethods
+    def acts_as_privilege
+      has_and_belongs_to_many :abilities
+
+      class_eval <<-EOV
+        include ActsAsPrivilege::InstanceMethods
+      EOV
+    end
+  end
+
+  module InstanceMethods
+    def has_privilege?(controller, action)
+      self.abilities.each do |ability|
+        if ability.name == action
+          return true if ability.entity.name == controller
+        end
+      end
+      false
+    end
+  end
+end
+
+ActiveRecord::Base.class_eval { include ActsAsPrivilege }
+ActionController::Base.helper PrivilegesHelper

data/lib/entity.rb

@@ -0,0 +1,11 @@
+class Entity < ActiveRecord::Base
+  # security
+  attr_readonly :name
+
+  # relations
+  has_many :abilities, :dependent => :destroy
+
+  # validates
+  validates_format_of :name, :with => /^[a-z0-9_]+$/, :allow_nil => false
+  validates_uniqueness_of :name, :case_sensitive => false
+end

data/lib/privileges_helper.rb

@@ -0,0 +1,15 @@
+module PrivilegesHelper
+  def privileges_field(resource, object_name = params[:controller].singularize)
+    content_tag(:fieldset, :id => "#{object_name}_privileges") do
+      content_tag(:legend, "Privileges") +
+      content_tag(:p) do
+        label(object_name, :ability_ids) +
+        tag('br') + "\n" +
+        select(object_name, "ability_ids",
+          option_groups_from_collection_for_select(Entity.all, :abilities,
+          :name, :id, :name, resource.abilities.collect { |ability| ability.id }),
+          {}, {:multiple => 'multiple'})
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,106 @@
+--- !ruby/object:Gem::Specification 
+name: acts_as_privilege
+version: !ruby/object:Gem::Version 
+  prerelease: false
+  segments: 
+  - 1
+  - 2
+  - 0
+  version: 1.2.0
+platform: ruby
+authors: 
+- Cyril Wack
+autorequire: 
+bindir: bin
+cert_chain: 
+- |
+  -----BEGIN CERTIFICATE-----
+  MIIDNjCCAh6gAwIBAgIBADANBgkqhkiG9w0BAQUFADBBMRMwEQYDVQQDDApjeXJp
+  bC53YWNrMRUwEwYKCZImiZPyLGQBGRYFZ21haWwxEzARBgoJkiaJk/IsZAEZFgNj
+  b20wHhcNMTAwNDExMjI1OTI4WhcNMTEwNDExMjI1OTI4WjBBMRMwEQYDVQQDDApj
+  eXJpbC53YWNrMRUwEwYKCZImiZPyLGQBGRYFZ21haWwxEzARBgoJkiaJk/IsZAEZ
+  FgNjb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGJFqPSXGYdS6t
+  t+kXyFuLg7uIbQHToLhdbfpu5j7dl65EWAspRI37ZE/FIFosmwQ0DAGiJ35gVX7K
+  5/rj745EUW9vijemlNHZjTY40AQAP2avlcMd6DnA7pl/x8dxC9G2dW/IS0nmjH0E
+  +X7X0BZ8WIY7PBvLsq5ptpGaoaxpmqRjJDANolnODwyBjFWtUqpvOGeUWL24orZ3
+  xwcW6d1vl8hraZ3UUJtIVXFg85lHclyrP33DYxj5sstgRwovaCPrvUQ6ZZ+hX/iJ
+  MYaEFZsw74WVD4RLHl1bEz2RQGDgSwfFnOnrQ1gi2SaeqUN7uFThAEbbyiJK+rNL
+  xapWOFs9AgMBAAGjOTA3MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQW
+  BBSsO/YPzLP2/ZtBKQfWveZNRK3uKDANBgkqhkiG9w0BAQUFAAOCAQEAGaGpPlEc
+  Z8A7Jtfws1tpdLOlQrQQXfIgBrPvfjO18MxT2BVgnusYcMuJgrY1skbH6RDxhdia
+  EetICD0kvyGnbK+dHdhRwvmmiqc7ZOaiFb3RNLcW6jduxafH4zgKUeg23KpfJYy3
+  MOqVgHckM1hMZTWz7nmrXJBAjj/48jFOPrwtTed8kd6KpIjUz4e2oTwT+JIVnryF
+  sYFesvR4DywbXL88T29gq5biCHsAgbK89DW5DNx1Yg1HNLxCdJurJFrcQQS3XQco
+  h2svBTlG7Yg1wLZAGkVx4RSkrFujrxpgLsz5bfmdnbiEgKcF9njIOdVO4P4vwyoS
+  G4VzQZjAGxprTw==
+  -----END CERTIFICATE-----
+
+date: 2010-04-12 00:00:00 +02:00
+default_executable: 
+dependencies: []
+
+description: Simple Rails plugin to restrict system access to authorized users.
+email: cyril.wack@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- README.rdoc
+- lib/ability.rb
+- lib/acts_as_privilege.rb
+- lib/entity.rb
+- lib/privileges_helper.rb
+files: 
+- MIT-LICENSE
+- README.rdoc
+- Rakefile
+- VERSION.yml
+- generators/acts_as_privilege/USAGE
+- generators/acts_as_privilege/acts_as_privilege_generator.rb
+- generators/acts_as_privilege/templates/migration.rb
+- init.rb
+- lib/ability.rb
+- lib/acts_as_privilege.rb
+- lib/entity.rb
+- lib/privileges_helper.rb
+- Manifest
+- acts_as_privilege.gemspec
+has_rdoc: true
+homepage: http://github.com/cyril/acts_as_privilege
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --line-numbers
+- --inline-source
+- --title
+- Acts_as_privilege
+- --main
+- README.rdoc
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 1
+      - 2
+      version: "1.2"
+requirements: []
+
+rubyforge_project: acts_as_privilege
+rubygems_version: 1.3.6
+signing_key: 
+specification_version: 3
+summary: Simple Rails plugin to restrict system access to authorized users.
+test_files: []
+