aegis 1.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.gitignore +3 -0
- data/MIT-LICENSE +20 -0
- data/README.rdoc +176 -0
- data/Rakefile +37 -0
- data/VERSION +1 -0
- data/aegis.gemspec +92 -0
- data/lib/aegis.rb +9 -0
- data/lib/aegis/constants.rb +6 -0
- data/lib/aegis/has_role.rb +77 -0
- data/lib/aegis/normalization.rb +26 -0
- data/lib/aegis/permission_error.rb +5 -0
- data/lib/aegis/permission_evaluator.rb +34 -0
- data/lib/aegis/permissions.rb +108 -0
- data/lib/aegis/role.rb +55 -0
- data/lib/rails/active_record.rb +5 -0
- data/test/app_root/app/controllers/application_controller.rb +2 -0
- data/test/app_root/app/models/permissions.rb +49 -0
- data/test/app_root/app/models/soldier.rb +5 -0
- data/test/app_root/app/models/user.rb +6 -0
- data/test/app_root/config/boot.rb +114 -0
- data/test/app_root/config/database.yml +21 -0
- data/test/app_root/config/environment.rb +14 -0
- data/test/app_root/config/environments/in_memory.rb +0 -0
- data/test/app_root/config/environments/mysql.rb +0 -0
- data/test/app_root/config/environments/postgresql.rb +0 -0
- data/test/app_root/config/environments/sqlite.rb +0 -0
- data/test/app_root/config/environments/sqlite3.rb +0 -0
- data/test/app_root/config/routes.rb +4 -0
- data/test/app_root/db/migrate/20090408115228_create_users.rb +14 -0
- data/test/app_root/db/migrate/20090429075648_create_soldiers.rb +16 -0
- data/test/app_root/lib/console_with_fixtures.rb +4 -0
- data/test/app_root/log/.gitignore +1 -0
- data/test/app_root/script/console +7 -0
- data/test/has_role_options_test.rb +28 -0
- data/test/has_role_test.rb +39 -0
- data/test/permissions_test.rb +92 -0
- data/test/test_helper.rb +23 -0
- data/test/validation_test.rb +49 -0
- metadata +111 -0
File without changes
|
File without changes
|
@@ -0,0 +1,4 @@
|
|
1
|
+
# Loads fixtures into the database when running the test app via the console
|
2
|
+
(ENV['FIXTURES'] ? ENV['FIXTURES'].split(/,/) : Dir.glob(File.join(Rails.root, '../fixtures/*.{yml,csv}'))).each do |fixture_file|
|
3
|
+
Fixtures.create_fixtures(File.join(Rails.root, '../fixtures'), File.basename(fixture_file, '.*'))
|
4
|
+
end
|
@@ -0,0 +1 @@
|
|
1
|
+
*.log
|
@@ -0,0 +1,28 @@
|
|
1
|
+
require "test/test_helper"
|
2
|
+
|
3
|
+
class HasRoleOptionsTest < ActiveSupport::TestCase
|
4
|
+
|
5
|
+
context "A record with a custom role field" do
|
6
|
+
|
7
|
+
setup do
|
8
|
+
@soldier = Soldier.new
|
9
|
+
end
|
10
|
+
|
11
|
+
should "allow its role to be written and read" do
|
12
|
+
@soldier.role = "guest"
|
13
|
+
assert "guest", @soldier.role.name
|
14
|
+
end
|
15
|
+
|
16
|
+
should "store the role name in the custom field" do
|
17
|
+
assert "guest", @soldier.rank
|
18
|
+
end
|
19
|
+
|
20
|
+
should "still work with permissions" do
|
21
|
+
@soldier.role = "guest"
|
22
|
+
assert @soldier.may_hug?
|
23
|
+
assert !@soldier.may_update_users?
|
24
|
+
end
|
25
|
+
|
26
|
+
end
|
27
|
+
|
28
|
+
end
|
@@ -0,0 +1,39 @@
|
|
1
|
+
require "test/test_helper"
|
2
|
+
|
3
|
+
class HasRoleTest < ActiveSupport::TestCase
|
4
|
+
|
5
|
+
context "Objects that have an aegis role" do
|
6
|
+
|
7
|
+
setup do
|
8
|
+
@guest = User.new(:role_name => "guest")
|
9
|
+
@student = User.new(:role_name => "student")
|
10
|
+
@admin = User.new(:role_name => "admin")
|
11
|
+
end
|
12
|
+
|
13
|
+
should "know their role" do
|
14
|
+
assert :guest, @guest.role.name
|
15
|
+
assert :student, @student.role.name
|
16
|
+
assert :admin, @admin.role.name
|
17
|
+
end
|
18
|
+
|
19
|
+
should "know if they belong to a role" do
|
20
|
+
assert @guest.guest?
|
21
|
+
assert !@guest.student?
|
22
|
+
assert !@guest.admin?
|
23
|
+
assert !@student.guest?
|
24
|
+
assert @student.student?
|
25
|
+
assert !@student.admin?
|
26
|
+
assert !@admin.guest?
|
27
|
+
assert !@admin.student?
|
28
|
+
assert @admin.admin?
|
29
|
+
end
|
30
|
+
|
31
|
+
should "still behave as usual when a method ending in a '?' does not map to a role query" do
|
32
|
+
assert_raise NoMethodError do
|
33
|
+
@guest.nonexisting_method?
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
end
|
38
|
+
|
39
|
+
end
|
@@ -0,0 +1,92 @@
|
|
1
|
+
require "test/test_helper"
|
2
|
+
|
3
|
+
class PermissionsTest < ActiveSupport::TestCase
|
4
|
+
|
5
|
+
context "Aegis permissions" do
|
6
|
+
|
7
|
+
setup do
|
8
|
+
@guest = User.new(:role_name => "guest")
|
9
|
+
@student = User.new(:role_name => "student")
|
10
|
+
@admin = User.new(:role_name => "admin")
|
11
|
+
end
|
12
|
+
|
13
|
+
should "use the default permission for actions without any allow or grant directives" do
|
14
|
+
assert !@guest.may_use_empty?
|
15
|
+
assert !@student.may_use_empty?
|
16
|
+
assert @admin.may_use_empty?
|
17
|
+
end
|
18
|
+
|
19
|
+
should "understand simple allow and deny directives" do
|
20
|
+
assert !@guest.may_use_simple?
|
21
|
+
assert @student.may_use_simple?
|
22
|
+
assert !@admin.may_use_simple?
|
23
|
+
end
|
24
|
+
|
25
|
+
should 'raise exceptions when a denied action is queried with an exclamation mark' do
|
26
|
+
assert_raise Aegis::PermissionError do
|
27
|
+
@guest.may_use_simple!
|
28
|
+
end
|
29
|
+
assert_raise Aegis::PermissionError do
|
30
|
+
@admin.may_use_simple!
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
should 'do nothing if an allowed action is queried with an exclamation mark' do
|
35
|
+
assert_nothing_raised do
|
36
|
+
@student.may_use_simple!
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
should "implicate the singular form of an action described in plural form" do
|
41
|
+
assert !@guest.may_update_users?
|
42
|
+
assert !@guest.may_update_user?("foo")
|
43
|
+
assert @student.may_update_users?
|
44
|
+
assert @student.may_update_user?("foo")
|
45
|
+
assert !@admin.may_update_users?
|
46
|
+
assert !@admin.may_update_user?("foo")
|
47
|
+
end
|
48
|
+
|
49
|
+
should 'implicate create, read, update and destroy forms for actions named "crud_..."' do
|
50
|
+
assert @student.may_create_projects?
|
51
|
+
assert @student.may_read_projects?
|
52
|
+
assert @student.may_update_projects?
|
53
|
+
assert @student.may_destroy_projects?
|
54
|
+
end
|
55
|
+
|
56
|
+
should 'perform normalization of CRUD verbs (e.g. "edit" and "update")' do
|
57
|
+
assert !@guest.may_edit_drinks?
|
58
|
+
assert @student.may_edit_drinks?
|
59
|
+
assert !@admin.may_edit_drinks?
|
60
|
+
assert !@guest.may_update_drinks?
|
61
|
+
assert @student.may_update_drinks?
|
62
|
+
assert !@admin.may_update_drinks?
|
63
|
+
end
|
64
|
+
|
65
|
+
should "be able to grant or deny actions to all roles using :everyone" do
|
66
|
+
assert @guest.may_hug?
|
67
|
+
assert @student.may_hug?
|
68
|
+
assert @admin.may_hug?
|
69
|
+
end
|
70
|
+
|
71
|
+
should "allow the definition of parametrized actions" do
|
72
|
+
assert !@guest.may_divide?(10, 2)
|
73
|
+
assert @student.may_divide?(10, 2)
|
74
|
+
assert !@student.may_divide?(10, 0)
|
75
|
+
assert @admin.may_divide?(10, 2)
|
76
|
+
assert @admin.may_divide?(10, 0)
|
77
|
+
end
|
78
|
+
|
79
|
+
should 'use default permissions for undefined actions' do
|
80
|
+
!@student.may_do_undefined_stuff?("foo")
|
81
|
+
@admin.may_do_undefined_stuff?("foo")
|
82
|
+
end
|
83
|
+
|
84
|
+
should 'overshadow previous action definitions with the same name' do
|
85
|
+
assert @guest.may_draw?
|
86
|
+
assert !@student.may_draw?
|
87
|
+
assert !@admin.may_draw?
|
88
|
+
end
|
89
|
+
|
90
|
+
end
|
91
|
+
|
92
|
+
end
|
data/test/test_helper.rb
ADDED
@@ -0,0 +1,23 @@
|
|
1
|
+
# Set the default environment to sqlite3's in_memory database
|
2
|
+
ENV['RAILS_ENV'] ||= 'in_memory'
|
3
|
+
|
4
|
+
# Load the Rails environment and testing framework
|
5
|
+
require "#{File.dirname(__FILE__)}/app_root/config/environment"
|
6
|
+
require "#{File.dirname(__FILE__)}/../lib/aegis"
|
7
|
+
require 'test_help'
|
8
|
+
require 'action_view/test_case' # Load additional test classes not done automatically by < Rails 2.2.2
|
9
|
+
|
10
|
+
require "shoulda"
|
11
|
+
|
12
|
+
# Undo changes to RAILS_ENV
|
13
|
+
silence_warnings {RAILS_ENV = ENV['RAILS_ENV']}
|
14
|
+
|
15
|
+
# Run the migrations
|
16
|
+
ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate")
|
17
|
+
|
18
|
+
# Set default fixture loading properties
|
19
|
+
ActiveSupport::TestCase.class_eval do
|
20
|
+
self.use_transactional_fixtures = true
|
21
|
+
self.use_instantiated_fixtures = false
|
22
|
+
self.fixture_path = "#{File.dirname(__FILE__)}/fixtures"
|
23
|
+
end
|
@@ -0,0 +1,49 @@
|
|
1
|
+
require "test/test_helper"
|
2
|
+
|
3
|
+
class ValidationTest < ActiveSupport::TestCase
|
4
|
+
|
5
|
+
context "A model that has and validates its role" do
|
6
|
+
|
7
|
+
setup do
|
8
|
+
@user = User.new()
|
9
|
+
end
|
10
|
+
|
11
|
+
context "that has a role_name mapping to a role" do
|
12
|
+
|
13
|
+
setup do
|
14
|
+
@user.role_name = "admin"
|
15
|
+
end
|
16
|
+
|
17
|
+
should "be valid" do
|
18
|
+
assert @user.valid?
|
19
|
+
end
|
20
|
+
|
21
|
+
end
|
22
|
+
|
23
|
+
context "that has a blank role_name" do
|
24
|
+
|
25
|
+
setup do
|
26
|
+
@user.role_name = ""
|
27
|
+
end
|
28
|
+
|
29
|
+
should "not be valid" do
|
30
|
+
assert !@user.valid?
|
31
|
+
end
|
32
|
+
|
33
|
+
end
|
34
|
+
|
35
|
+
context "that has a role_name not mapping to a role" do
|
36
|
+
|
37
|
+
setup do
|
38
|
+
@user.role_name = "nonexisting_role_name"
|
39
|
+
end
|
40
|
+
|
41
|
+
should "not be valid" do
|
42
|
+
assert !@user.valid?
|
43
|
+
end
|
44
|
+
|
45
|
+
end
|
46
|
+
|
47
|
+
end
|
48
|
+
|
49
|
+
end
|
metadata
ADDED
@@ -0,0 +1,111 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: aegis
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.1.3
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Henning Koch
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
|
12
|
+
date: 2009-10-15 00:00:00 +02:00
|
13
|
+
default_executable:
|
14
|
+
dependencies: []
|
15
|
+
|
16
|
+
description: Aegis is a role-based permission system, where all users are given a role. It is possible to define detailed and complex permissions for each role very easily.
|
17
|
+
email: github@makandra.de
|
18
|
+
executables: []
|
19
|
+
|
20
|
+
extensions: []
|
21
|
+
|
22
|
+
extra_rdoc_files:
|
23
|
+
- README.rdoc
|
24
|
+
files:
|
25
|
+
- .gitignore
|
26
|
+
- MIT-LICENSE
|
27
|
+
- README.rdoc
|
28
|
+
- Rakefile
|
29
|
+
- VERSION
|
30
|
+
- aegis.gemspec
|
31
|
+
- lib/aegis.rb
|
32
|
+
- lib/aegis/constants.rb
|
33
|
+
- lib/aegis/has_role.rb
|
34
|
+
- lib/aegis/normalization.rb
|
35
|
+
- lib/aegis/permission_error.rb
|
36
|
+
- lib/aegis/permission_evaluator.rb
|
37
|
+
- lib/aegis/permissions.rb
|
38
|
+
- lib/aegis/role.rb
|
39
|
+
- lib/rails/active_record.rb
|
40
|
+
- test/app_root/app/controllers/application_controller.rb
|
41
|
+
- test/app_root/app/models/permissions.rb
|
42
|
+
- test/app_root/app/models/soldier.rb
|
43
|
+
- test/app_root/app/models/user.rb
|
44
|
+
- test/app_root/config/boot.rb
|
45
|
+
- test/app_root/config/database.yml
|
46
|
+
- test/app_root/config/environment.rb
|
47
|
+
- test/app_root/config/environments/in_memory.rb
|
48
|
+
- test/app_root/config/environments/mysql.rb
|
49
|
+
- test/app_root/config/environments/postgresql.rb
|
50
|
+
- test/app_root/config/environments/sqlite.rb
|
51
|
+
- test/app_root/config/environments/sqlite3.rb
|
52
|
+
- test/app_root/config/routes.rb
|
53
|
+
- test/app_root/db/migrate/20090408115228_create_users.rb
|
54
|
+
- test/app_root/db/migrate/20090429075648_create_soldiers.rb
|
55
|
+
- test/app_root/lib/console_with_fixtures.rb
|
56
|
+
- test/app_root/log/.gitignore
|
57
|
+
- test/app_root/script/console
|
58
|
+
- test/has_role_options_test.rb
|
59
|
+
- test/has_role_test.rb
|
60
|
+
- test/permissions_test.rb
|
61
|
+
- test/test_helper.rb
|
62
|
+
- test/validation_test.rb
|
63
|
+
has_rdoc: true
|
64
|
+
homepage: http://github.com/makandra/aegis
|
65
|
+
licenses: []
|
66
|
+
|
67
|
+
post_install_message:
|
68
|
+
rdoc_options:
|
69
|
+
- --charset=UTF-8
|
70
|
+
require_paths:
|
71
|
+
- lib
|
72
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
73
|
+
requirements:
|
74
|
+
- - ">="
|
75
|
+
- !ruby/object:Gem::Version
|
76
|
+
version: "0"
|
77
|
+
version:
|
78
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - ">="
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: "0"
|
83
|
+
version:
|
84
|
+
requirements: []
|
85
|
+
|
86
|
+
rubyforge_project:
|
87
|
+
rubygems_version: 1.3.5
|
88
|
+
signing_key:
|
89
|
+
specification_version: 3
|
90
|
+
summary: Role-based permissions for your user models.
|
91
|
+
test_files:
|
92
|
+
- test/app_root/app/models/permissions.rb
|
93
|
+
- test/app_root/app/models/soldier.rb
|
94
|
+
- test/app_root/app/models/user.rb
|
95
|
+
- test/app_root/app/controllers/application_controller.rb
|
96
|
+
- test/app_root/config/environment.rb
|
97
|
+
- test/app_root/config/environments/mysql.rb
|
98
|
+
- test/app_root/config/environments/postgresql.rb
|
99
|
+
- test/app_root/config/environments/sqlite3.rb
|
100
|
+
- test/app_root/config/environments/in_memory.rb
|
101
|
+
- test/app_root/config/environments/sqlite.rb
|
102
|
+
- test/app_root/config/boot.rb
|
103
|
+
- test/app_root/config/routes.rb
|
104
|
+
- test/app_root/db/migrate/20090429075648_create_soldiers.rb
|
105
|
+
- test/app_root/db/migrate/20090408115228_create_users.rb
|
106
|
+
- test/app_root/lib/console_with_fixtures.rb
|
107
|
+
- test/validation_test.rb
|
108
|
+
- test/test_helper.rb
|
109
|
+
- test/has_role_options_test.rb
|
110
|
+
- test/has_role_test.rb
|
111
|
+
- test/permissions_test.rb
|