aegis 1.1.3

data/test/app_root/config/routes.rb

@@ -0,0 +1,4 @@
+ActionController::Routing::Routes.draw do |map|
+  map.connect ':controller/:action/:id'
+  map.connect ':controller/:action/:id.:format'
+end

data/test/app_root/db/migrate/20090408115228_create_users.rb

@@ -0,0 +1,14 @@
+class CreateUsers < ActiveRecord::Migration
+
+  def self.up
+    create_table :users do |t|
+      t.string "role_name"
+      t.timestamps
+    end
+  end
+
+  def self.down
+    drop_table :users
+  end
+  
+end

data/test/app_root/db/migrate/20090429075648_create_soldiers.rb

@@ -0,0 +1,16 @@
+class CreateSoldiers < ActiveRecord::Migration
+
+  def self.up
+  
+    create_table :soldiers do |t|
+      t.string :rank
+      t.timestamps
+    end
+    
+  end
+
+  def self.down
+    drop_table :soldiers
+  end
+  
+end

data/test/app_root/lib/console_with_fixtures.rb

@@ -0,0 +1,4 @@
+# Loads fixtures into the database when running the test app via the console
+(ENV['FIXTURES'] ? ENV['FIXTURES'].split(/,/) : Dir.glob(File.join(Rails.root, '../fixtures/*.{yml,csv}'))).each do |fixture_file|
+  Fixtures.create_fixtures(File.join(Rails.root, '../fixtures'), File.basename(fixture_file, '.*'))
+end

data/test/app_root/log/.gitignore

@@ -0,0 +1 @@
+*.log

data/test/app_root/script/console

@@ -0,0 +1,7 @@
+irb = RUBY_PLATFORM =~ /(:?mswin|mingw)/ ? 'irb.bat' : 'irb'
+libs =  " -r irb/completion"
+libs << " -r test/test_helper"
+libs << " -r console_app"
+libs << " -r console_with_helpers"
+libs << " -r console_with_fixtures"
+exec "#{irb} #{libs} --simple-prompt"

data/test/has_role_options_test.rb

@@ -0,0 +1,28 @@
+require "test/test_helper"
+
+class HasRoleOptionsTest < ActiveSupport::TestCase
+
+  context "A record with a custom role field" do
+
+    setup do 
+      @soldier = Soldier.new
+    end
+    
+    should "allow its role to be written and read" do
+      @soldier.role = "guest"
+      assert "guest", @soldier.role.name
+    end
+    
+    should "store the role name in the custom field" do
+      assert "guest", @soldier.rank
+    end
+    
+    should "still work with permissions" do
+      @soldier.role = "guest"
+      assert @soldier.may_hug?
+      assert !@soldier.may_update_users?
+    end
+    
+  end
+
+end

data/test/has_role_test.rb

@@ -0,0 +1,39 @@
+require "test/test_helper"
+
+class HasRoleTest < ActiveSupport::TestCase
+
+  context "Objects that have an aegis role" do
+
+    setup do 
+      @guest = User.new(:role_name => "guest")
+      @student = User.new(:role_name => "student")
+      @admin = User.new(:role_name => "admin")
+    end
+    
+    should "know their role" do
+      assert :guest, @guest.role.name
+      assert :student, @student.role.name
+      assert :admin, @admin.role.name
+    end
+    
+    should "know if they belong to a role" do
+      assert @guest.guest?
+      assert !@guest.student?
+      assert !@guest.admin?
+      assert !@student.guest?
+      assert @student.student?
+      assert !@student.admin?
+      assert !@admin.guest?
+      assert !@admin.student?
+      assert @admin.admin?
+    end
+    
+    should "still behave as usual when a method ending in a '?' does not map to a role query" do
+      assert_raise NoMethodError do
+        @guest.nonexisting_method?
+      end
+    end
+    
+  end
+
+end

data/test/permissions_test.rb

@@ -0,0 +1,92 @@
+require "test/test_helper"
+
+class PermissionsTest < ActiveSupport::TestCase
+
+  context "Aegis permissions" do
+
+    setup do 
+      @guest = User.new(:role_name => "guest")
+      @student = User.new(:role_name => "student")
+      @admin = User.new(:role_name => "admin")
+    end
+    
+    should "use the default permission for actions without any allow or grant directives" do
+      assert !@guest.may_use_empty?
+      assert !@student.may_use_empty?
+      assert @admin.may_use_empty?
+    end
+    
+    should "understand simple allow and deny directives" do
+      assert !@guest.may_use_simple?
+      assert @student.may_use_simple?
+      assert !@admin.may_use_simple?
+    end
+    
+    should 'raise exceptions when a denied action is queried with an exclamation mark' do
+      assert_raise Aegis::PermissionError do
+        @guest.may_use_simple!
+      end
+      assert_raise Aegis::PermissionError do
+        @admin.may_use_simple!
+      end
+    end
+    
+    should 'do nothing if an allowed action is queried with an exclamation mark' do
+      assert_nothing_raised do
+        @student.may_use_simple!
+      end
+    end
+    
+    should "implicate the singular form of an action described in plural form" do
+      assert !@guest.may_update_users?
+      assert !@guest.may_update_user?("foo")
+      assert @student.may_update_users?
+      assert @student.may_update_user?("foo")
+      assert !@admin.may_update_users?
+      assert !@admin.may_update_user?("foo")
+    end
+    
+    should 'implicate create, read, update and destroy forms for actions named "crud_..."' do
+      assert @student.may_create_projects?
+      assert @student.may_read_projects?
+      assert @student.may_update_projects?
+      assert @student.may_destroy_projects?
+    end
+    
+    should 'perform normalization of CRUD verbs (e.g. "edit" and "update")' do
+      assert !@guest.may_edit_drinks?
+      assert @student.may_edit_drinks?
+      assert !@admin.may_edit_drinks?
+      assert !@guest.may_update_drinks?
+      assert @student.may_update_drinks?
+      assert !@admin.may_update_drinks?
+    end
+    
+    should "be able to grant or deny actions to all roles using :everyone" do
+      assert @guest.may_hug?
+      assert @student.may_hug?
+      assert @admin.may_hug?
+    end
+    
+    should "allow the definition of parametrized actions" do
+      assert !@guest.may_divide?(10, 2)
+      assert @student.may_divide?(10, 2)
+      assert !@student.may_divide?(10, 0)
+      assert @admin.may_divide?(10, 2)
+      assert @admin.may_divide?(10, 0)
+    end
+    
+    should 'use default permissions for undefined actions' do
+      !@student.may_do_undefined_stuff?("foo")
+      @admin.may_do_undefined_stuff?("foo")
+    end
+    
+    should 'overshadow previous action definitions with the same name' do
+      assert @guest.may_draw?
+      assert !@student.may_draw?
+      assert !@admin.may_draw?
+    end
+    
+  end
+
+end

data/test/test_helper.rb

@@ -0,0 +1,23 @@
+# Set the default environment to sqlite3's in_memory database
+ENV['RAILS_ENV'] ||= 'in_memory'
+
+# Load the Rails environment and testing framework
+require "#{File.dirname(__FILE__)}/app_root/config/environment"
+require "#{File.dirname(__FILE__)}/../lib/aegis"
+require 'test_help'
+require 'action_view/test_case' # Load additional test classes not done automatically by < Rails 2.2.2
+
+require "shoulda"
+
+# Undo changes to RAILS_ENV
+silence_warnings {RAILS_ENV = ENV['RAILS_ENV']}
+
+# Run the migrations
+ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate")
+
+# Set default fixture loading properties
+ActiveSupport::TestCase.class_eval do
+  self.use_transactional_fixtures = true
+  self.use_instantiated_fixtures = false
+  self.fixture_path = "#{File.dirname(__FILE__)}/fixtures"
+end

data/test/validation_test.rb

@@ -0,0 +1,49 @@
+require "test/test_helper"
+
+class ValidationTest < ActiveSupport::TestCase
+
+  context "A model that has and validates its role" do
+
+    setup do 
+      @user = User.new()
+    end
+    
+    context "that has a role_name mapping to a role" do
+      
+      setup do
+        @user.role_name = "admin"
+      end
+      
+      should "be valid" do
+        assert @user.valid?
+      end
+      
+    end
+    
+    context "that has a blank role_name" do
+      
+      setup do
+        @user.role_name = ""
+      end
+      
+      should "not be valid" do
+        assert !@user.valid?
+      end
+      
+    end
+    
+    context "that has a role_name not mapping to a role" do
+      
+      setup do
+        @user.role_name = "nonexisting_role_name"
+      end
+      
+      should "not be valid" do
+        assert !@user.valid?
+      end
+      
+    end
+    
+  end
+
+end

metadata

@@ -0,0 +1,111 @@
+--- !ruby/object:Gem::Specification 
+name: aegis
+version: !ruby/object:Gem::Version 
+  version: 1.1.3
+platform: ruby
+authors: 
+- Henning Koch
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-10-15 00:00:00 +02:00
+default_executable: 
+dependencies: []
+
+description: Aegis is a role-based permission system, where all users are given a role. It is possible to define detailed and complex permissions for each role very easily.
+email: github@makandra.de
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- README.rdoc
+files: 
+- .gitignore
+- MIT-LICENSE
+- README.rdoc
+- Rakefile
+- VERSION
+- aegis.gemspec
+- lib/aegis.rb
+- lib/aegis/constants.rb
+- lib/aegis/has_role.rb
+- lib/aegis/normalization.rb
+- lib/aegis/permission_error.rb
+- lib/aegis/permission_evaluator.rb
+- lib/aegis/permissions.rb
+- lib/aegis/role.rb
+- lib/rails/active_record.rb
+- test/app_root/app/controllers/application_controller.rb
+- test/app_root/app/models/permissions.rb
+- test/app_root/app/models/soldier.rb
+- test/app_root/app/models/user.rb
+- test/app_root/config/boot.rb
+- test/app_root/config/database.yml
+- test/app_root/config/environment.rb
+- test/app_root/config/environments/in_memory.rb
+- test/app_root/config/environments/mysql.rb
+- test/app_root/config/environments/postgresql.rb
+- test/app_root/config/environments/sqlite.rb
+- test/app_root/config/environments/sqlite3.rb
+- test/app_root/config/routes.rb
+- test/app_root/db/migrate/20090408115228_create_users.rb
+- test/app_root/db/migrate/20090429075648_create_soldiers.rb
+- test/app_root/lib/console_with_fixtures.rb
+- test/app_root/log/.gitignore
+- test/app_root/script/console
+- test/has_role_options_test.rb
+- test/has_role_test.rb
+- test/permissions_test.rb
+- test/test_helper.rb
+- test/validation_test.rb
+has_rdoc: true
+homepage: http://github.com/makandra/aegis
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.5
+signing_key: 
+specification_version: 3
+summary: Role-based permissions for your user models.
+test_files: 
+- test/app_root/app/models/permissions.rb
+- test/app_root/app/models/soldier.rb
+- test/app_root/app/models/user.rb
+- test/app_root/app/controllers/application_controller.rb
+- test/app_root/config/environment.rb
+- test/app_root/config/environments/mysql.rb
+- test/app_root/config/environments/postgresql.rb
+- test/app_root/config/environments/sqlite3.rb
+- test/app_root/config/environments/in_memory.rb
+- test/app_root/config/environments/sqlite.rb
+- test/app_root/config/boot.rb
+- test/app_root/config/routes.rb
+- test/app_root/db/migrate/20090429075648_create_soldiers.rb
+- test/app_root/db/migrate/20090408115228_create_users.rb
+- test/app_root/lib/console_with_fixtures.rb
+- test/validation_test.rb
+- test/test_helper.rb
+- test/has_role_options_test.rb
+- test/has_role_test.rb
+- test/permissions_test.rb