aegis 1.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (39) hide show
  1. data/.gitignore +3 -0
  2. data/MIT-LICENSE +20 -0
  3. data/README.rdoc +176 -0
  4. data/Rakefile +37 -0
  5. data/VERSION +1 -0
  6. data/aegis.gemspec +92 -0
  7. data/lib/aegis.rb +9 -0
  8. data/lib/aegis/constants.rb +6 -0
  9. data/lib/aegis/has_role.rb +77 -0
  10. data/lib/aegis/normalization.rb +26 -0
  11. data/lib/aegis/permission_error.rb +5 -0
  12. data/lib/aegis/permission_evaluator.rb +34 -0
  13. data/lib/aegis/permissions.rb +108 -0
  14. data/lib/aegis/role.rb +55 -0
  15. data/lib/rails/active_record.rb +5 -0
  16. data/test/app_root/app/controllers/application_controller.rb +2 -0
  17. data/test/app_root/app/models/permissions.rb +49 -0
  18. data/test/app_root/app/models/soldier.rb +5 -0
  19. data/test/app_root/app/models/user.rb +6 -0
  20. data/test/app_root/config/boot.rb +114 -0
  21. data/test/app_root/config/database.yml +21 -0
  22. data/test/app_root/config/environment.rb +14 -0
  23. data/test/app_root/config/environments/in_memory.rb +0 -0
  24. data/test/app_root/config/environments/mysql.rb +0 -0
  25. data/test/app_root/config/environments/postgresql.rb +0 -0
  26. data/test/app_root/config/environments/sqlite.rb +0 -0
  27. data/test/app_root/config/environments/sqlite3.rb +0 -0
  28. data/test/app_root/config/routes.rb +4 -0
  29. data/test/app_root/db/migrate/20090408115228_create_users.rb +14 -0
  30. data/test/app_root/db/migrate/20090429075648_create_soldiers.rb +16 -0
  31. data/test/app_root/lib/console_with_fixtures.rb +4 -0
  32. data/test/app_root/log/.gitignore +1 -0
  33. data/test/app_root/script/console +7 -0
  34. data/test/has_role_options_test.rb +28 -0
  35. data/test/has_role_test.rb +39 -0
  36. data/test/permissions_test.rb +92 -0
  37. data/test/test_helper.rb +23 -0
  38. data/test/validation_test.rb +49 -0
  39. metadata +111 -0
File without changes
File without changes
@@ -0,0 +1,4 @@
1
+ ActionController::Routing::Routes.draw do |map|
2
+ map.connect ':controller/:action/:id'
3
+ map.connect ':controller/:action/:id.:format'
4
+ end
@@ -0,0 +1,14 @@
1
+ class CreateUsers < ActiveRecord::Migration
2
+
3
+ def self.up
4
+ create_table :users do |t|
5
+ t.string "role_name"
6
+ t.timestamps
7
+ end
8
+ end
9
+
10
+ def self.down
11
+ drop_table :users
12
+ end
13
+
14
+ end
@@ -0,0 +1,16 @@
1
+ class CreateSoldiers < ActiveRecord::Migration
2
+
3
+ def self.up
4
+
5
+ create_table :soldiers do |t|
6
+ t.string :rank
7
+ t.timestamps
8
+ end
9
+
10
+ end
11
+
12
+ def self.down
13
+ drop_table :soldiers
14
+ end
15
+
16
+ end
@@ -0,0 +1,4 @@
1
+ # Loads fixtures into the database when running the test app via the console
2
+ (ENV['FIXTURES'] ? ENV['FIXTURES'].split(/,/) : Dir.glob(File.join(Rails.root, '../fixtures/*.{yml,csv}'))).each do |fixture_file|
3
+ Fixtures.create_fixtures(File.join(Rails.root, '../fixtures'), File.basename(fixture_file, '.*'))
4
+ end
@@ -0,0 +1 @@
1
+ *.log
@@ -0,0 +1,7 @@
1
+ irb = RUBY_PLATFORM =~ /(:?mswin|mingw)/ ? 'irb.bat' : 'irb'
2
+ libs = " -r irb/completion"
3
+ libs << " -r test/test_helper"
4
+ libs << " -r console_app"
5
+ libs << " -r console_with_helpers"
6
+ libs << " -r console_with_fixtures"
7
+ exec "#{irb} #{libs} --simple-prompt"
@@ -0,0 +1,28 @@
1
+ require "test/test_helper"
2
+
3
+ class HasRoleOptionsTest < ActiveSupport::TestCase
4
+
5
+ context "A record with a custom role field" do
6
+
7
+ setup do
8
+ @soldier = Soldier.new
9
+ end
10
+
11
+ should "allow its role to be written and read" do
12
+ @soldier.role = "guest"
13
+ assert "guest", @soldier.role.name
14
+ end
15
+
16
+ should "store the role name in the custom field" do
17
+ assert "guest", @soldier.rank
18
+ end
19
+
20
+ should "still work with permissions" do
21
+ @soldier.role = "guest"
22
+ assert @soldier.may_hug?
23
+ assert !@soldier.may_update_users?
24
+ end
25
+
26
+ end
27
+
28
+ end
@@ -0,0 +1,39 @@
1
+ require "test/test_helper"
2
+
3
+ class HasRoleTest < ActiveSupport::TestCase
4
+
5
+ context "Objects that have an aegis role" do
6
+
7
+ setup do
8
+ @guest = User.new(:role_name => "guest")
9
+ @student = User.new(:role_name => "student")
10
+ @admin = User.new(:role_name => "admin")
11
+ end
12
+
13
+ should "know their role" do
14
+ assert :guest, @guest.role.name
15
+ assert :student, @student.role.name
16
+ assert :admin, @admin.role.name
17
+ end
18
+
19
+ should "know if they belong to a role" do
20
+ assert @guest.guest?
21
+ assert !@guest.student?
22
+ assert !@guest.admin?
23
+ assert !@student.guest?
24
+ assert @student.student?
25
+ assert !@student.admin?
26
+ assert !@admin.guest?
27
+ assert !@admin.student?
28
+ assert @admin.admin?
29
+ end
30
+
31
+ should "still behave as usual when a method ending in a '?' does not map to a role query" do
32
+ assert_raise NoMethodError do
33
+ @guest.nonexisting_method?
34
+ end
35
+ end
36
+
37
+ end
38
+
39
+ end
@@ -0,0 +1,92 @@
1
+ require "test/test_helper"
2
+
3
+ class PermissionsTest < ActiveSupport::TestCase
4
+
5
+ context "Aegis permissions" do
6
+
7
+ setup do
8
+ @guest = User.new(:role_name => "guest")
9
+ @student = User.new(:role_name => "student")
10
+ @admin = User.new(:role_name => "admin")
11
+ end
12
+
13
+ should "use the default permission for actions without any allow or grant directives" do
14
+ assert !@guest.may_use_empty?
15
+ assert !@student.may_use_empty?
16
+ assert @admin.may_use_empty?
17
+ end
18
+
19
+ should "understand simple allow and deny directives" do
20
+ assert !@guest.may_use_simple?
21
+ assert @student.may_use_simple?
22
+ assert !@admin.may_use_simple?
23
+ end
24
+
25
+ should 'raise exceptions when a denied action is queried with an exclamation mark' do
26
+ assert_raise Aegis::PermissionError do
27
+ @guest.may_use_simple!
28
+ end
29
+ assert_raise Aegis::PermissionError do
30
+ @admin.may_use_simple!
31
+ end
32
+ end
33
+
34
+ should 'do nothing if an allowed action is queried with an exclamation mark' do
35
+ assert_nothing_raised do
36
+ @student.may_use_simple!
37
+ end
38
+ end
39
+
40
+ should "implicate the singular form of an action described in plural form" do
41
+ assert !@guest.may_update_users?
42
+ assert !@guest.may_update_user?("foo")
43
+ assert @student.may_update_users?
44
+ assert @student.may_update_user?("foo")
45
+ assert !@admin.may_update_users?
46
+ assert !@admin.may_update_user?("foo")
47
+ end
48
+
49
+ should 'implicate create, read, update and destroy forms for actions named "crud_..."' do
50
+ assert @student.may_create_projects?
51
+ assert @student.may_read_projects?
52
+ assert @student.may_update_projects?
53
+ assert @student.may_destroy_projects?
54
+ end
55
+
56
+ should 'perform normalization of CRUD verbs (e.g. "edit" and "update")' do
57
+ assert !@guest.may_edit_drinks?
58
+ assert @student.may_edit_drinks?
59
+ assert !@admin.may_edit_drinks?
60
+ assert !@guest.may_update_drinks?
61
+ assert @student.may_update_drinks?
62
+ assert !@admin.may_update_drinks?
63
+ end
64
+
65
+ should "be able to grant or deny actions to all roles using :everyone" do
66
+ assert @guest.may_hug?
67
+ assert @student.may_hug?
68
+ assert @admin.may_hug?
69
+ end
70
+
71
+ should "allow the definition of parametrized actions" do
72
+ assert !@guest.may_divide?(10, 2)
73
+ assert @student.may_divide?(10, 2)
74
+ assert !@student.may_divide?(10, 0)
75
+ assert @admin.may_divide?(10, 2)
76
+ assert @admin.may_divide?(10, 0)
77
+ end
78
+
79
+ should 'use default permissions for undefined actions' do
80
+ !@student.may_do_undefined_stuff?("foo")
81
+ @admin.may_do_undefined_stuff?("foo")
82
+ end
83
+
84
+ should 'overshadow previous action definitions with the same name' do
85
+ assert @guest.may_draw?
86
+ assert !@student.may_draw?
87
+ assert !@admin.may_draw?
88
+ end
89
+
90
+ end
91
+
92
+ end
@@ -0,0 +1,23 @@
1
+ # Set the default environment to sqlite3's in_memory database
2
+ ENV['RAILS_ENV'] ||= 'in_memory'
3
+
4
+ # Load the Rails environment and testing framework
5
+ require "#{File.dirname(__FILE__)}/app_root/config/environment"
6
+ require "#{File.dirname(__FILE__)}/../lib/aegis"
7
+ require 'test_help'
8
+ require 'action_view/test_case' # Load additional test classes not done automatically by < Rails 2.2.2
9
+
10
+ require "shoulda"
11
+
12
+ # Undo changes to RAILS_ENV
13
+ silence_warnings {RAILS_ENV = ENV['RAILS_ENV']}
14
+
15
+ # Run the migrations
16
+ ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate")
17
+
18
+ # Set default fixture loading properties
19
+ ActiveSupport::TestCase.class_eval do
20
+ self.use_transactional_fixtures = true
21
+ self.use_instantiated_fixtures = false
22
+ self.fixture_path = "#{File.dirname(__FILE__)}/fixtures"
23
+ end
@@ -0,0 +1,49 @@
1
+ require "test/test_helper"
2
+
3
+ class ValidationTest < ActiveSupport::TestCase
4
+
5
+ context "A model that has and validates its role" do
6
+
7
+ setup do
8
+ @user = User.new()
9
+ end
10
+
11
+ context "that has a role_name mapping to a role" do
12
+
13
+ setup do
14
+ @user.role_name = "admin"
15
+ end
16
+
17
+ should "be valid" do
18
+ assert @user.valid?
19
+ end
20
+
21
+ end
22
+
23
+ context "that has a blank role_name" do
24
+
25
+ setup do
26
+ @user.role_name = ""
27
+ end
28
+
29
+ should "not be valid" do
30
+ assert !@user.valid?
31
+ end
32
+
33
+ end
34
+
35
+ context "that has a role_name not mapping to a role" do
36
+
37
+ setup do
38
+ @user.role_name = "nonexisting_role_name"
39
+ end
40
+
41
+ should "not be valid" do
42
+ assert !@user.valid?
43
+ end
44
+
45
+ end
46
+
47
+ end
48
+
49
+ end
metadata ADDED
@@ -0,0 +1,111 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: aegis
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.1.3
5
+ platform: ruby
6
+ authors:
7
+ - Henning Koch
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+
12
+ date: 2009-10-15 00:00:00 +02:00
13
+ default_executable:
14
+ dependencies: []
15
+
16
+ description: Aegis is a role-based permission system, where all users are given a role. It is possible to define detailed and complex permissions for each role very easily.
17
+ email: github@makandra.de
18
+ executables: []
19
+
20
+ extensions: []
21
+
22
+ extra_rdoc_files:
23
+ - README.rdoc
24
+ files:
25
+ - .gitignore
26
+ - MIT-LICENSE
27
+ - README.rdoc
28
+ - Rakefile
29
+ - VERSION
30
+ - aegis.gemspec
31
+ - lib/aegis.rb
32
+ - lib/aegis/constants.rb
33
+ - lib/aegis/has_role.rb
34
+ - lib/aegis/normalization.rb
35
+ - lib/aegis/permission_error.rb
36
+ - lib/aegis/permission_evaluator.rb
37
+ - lib/aegis/permissions.rb
38
+ - lib/aegis/role.rb
39
+ - lib/rails/active_record.rb
40
+ - test/app_root/app/controllers/application_controller.rb
41
+ - test/app_root/app/models/permissions.rb
42
+ - test/app_root/app/models/soldier.rb
43
+ - test/app_root/app/models/user.rb
44
+ - test/app_root/config/boot.rb
45
+ - test/app_root/config/database.yml
46
+ - test/app_root/config/environment.rb
47
+ - test/app_root/config/environments/in_memory.rb
48
+ - test/app_root/config/environments/mysql.rb
49
+ - test/app_root/config/environments/postgresql.rb
50
+ - test/app_root/config/environments/sqlite.rb
51
+ - test/app_root/config/environments/sqlite3.rb
52
+ - test/app_root/config/routes.rb
53
+ - test/app_root/db/migrate/20090408115228_create_users.rb
54
+ - test/app_root/db/migrate/20090429075648_create_soldiers.rb
55
+ - test/app_root/lib/console_with_fixtures.rb
56
+ - test/app_root/log/.gitignore
57
+ - test/app_root/script/console
58
+ - test/has_role_options_test.rb
59
+ - test/has_role_test.rb
60
+ - test/permissions_test.rb
61
+ - test/test_helper.rb
62
+ - test/validation_test.rb
63
+ has_rdoc: true
64
+ homepage: http://github.com/makandra/aegis
65
+ licenses: []
66
+
67
+ post_install_message:
68
+ rdoc_options:
69
+ - --charset=UTF-8
70
+ require_paths:
71
+ - lib
72
+ required_ruby_version: !ruby/object:Gem::Requirement
73
+ requirements:
74
+ - - ">="
75
+ - !ruby/object:Gem::Version
76
+ version: "0"
77
+ version:
78
+ required_rubygems_version: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ">="
81
+ - !ruby/object:Gem::Version
82
+ version: "0"
83
+ version:
84
+ requirements: []
85
+
86
+ rubyforge_project:
87
+ rubygems_version: 1.3.5
88
+ signing_key:
89
+ specification_version: 3
90
+ summary: Role-based permissions for your user models.
91
+ test_files:
92
+ - test/app_root/app/models/permissions.rb
93
+ - test/app_root/app/models/soldier.rb
94
+ - test/app_root/app/models/user.rb
95
+ - test/app_root/app/controllers/application_controller.rb
96
+ - test/app_root/config/environment.rb
97
+ - test/app_root/config/environments/mysql.rb
98
+ - test/app_root/config/environments/postgresql.rb
99
+ - test/app_root/config/environments/sqlite3.rb
100
+ - test/app_root/config/environments/in_memory.rb
101
+ - test/app_root/config/environments/sqlite.rb
102
+ - test/app_root/config/boot.rb
103
+ - test/app_root/config/routes.rb
104
+ - test/app_root/db/migrate/20090429075648_create_soldiers.rb
105
+ - test/app_root/db/migrate/20090408115228_create_users.rb
106
+ - test/app_root/lib/console_with_fixtures.rb
107
+ - test/validation_test.rb
108
+ - test/test_helper.rb
109
+ - test/has_role_options_test.rb
110
+ - test/has_role_test.rb
111
+ - test/permissions_test.rb