aegis 1.1.8 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (65) hide show
  1. data/.gitignore +4 -0
  2. data/README.rdoc +58 -165
  3. data/Rakefile +20 -12
  4. data/VERSION +1 -1
  5. data/aegis.gemspec +85 -56
  6. data/lib/aegis.rb +9 -6
  7. data/lib/aegis/access_denied.rb +4 -0
  8. data/lib/aegis/action.rb +99 -0
  9. data/lib/aegis/compiler.rb +113 -0
  10. data/lib/aegis/has_role.rb +89 -110
  11. data/lib/aegis/parser.rb +110 -0
  12. data/lib/aegis/permissions.rb +164 -107
  13. data/lib/aegis/resource.rb +158 -0
  14. data/lib/aegis/role.rb +25 -55
  15. data/lib/aegis/sieve.rb +39 -0
  16. data/lib/rails/action_controller.rb +38 -0
  17. data/lib/rails/active_record.rb +1 -5
  18. data/spec/action_controller_spec.rb +100 -0
  19. data/spec/app_root/app/controllers/application_controller.rb +7 -0
  20. data/spec/app_root/app/controllers/reviews_controller.rb +36 -0
  21. data/spec/app_root/app/models/permissions.rb +14 -0
  22. data/spec/app_root/app/models/property.rb +5 -0
  23. data/spec/app_root/app/models/review.rb +5 -0
  24. data/{test → spec}/app_root/app/models/user.rb +1 -2
  25. data/{test → spec}/app_root/config/boot.rb +0 -0
  26. data/{test → spec}/app_root/config/database.yml +0 -0
  27. data/{test → spec}/app_root/config/environment.rb +0 -0
  28. data/{test → spec}/app_root/config/environments/in_memory.rb +0 -0
  29. data/{test → spec}/app_root/config/environments/mysql.rb +0 -0
  30. data/{test → spec}/app_root/config/environments/postgresql.rb +0 -0
  31. data/{test → spec}/app_root/config/environments/sqlite.rb +0 -0
  32. data/{test → spec}/app_root/config/environments/sqlite3.rb +0 -0
  33. data/spec/app_root/config/routes.rb +7 -0
  34. data/{test/app_root/db/migrate/20090408115228_create_users.rb → spec/app_root/db/migrate/001_create_users.rb} +2 -1
  35. data/spec/app_root/db/migrate/002_create_properties.rb +13 -0
  36. data/spec/app_root/db/migrate/003_create_reviews.rb +14 -0
  37. data/{test → spec}/app_root/lib/console_with_fixtures.rb +0 -0
  38. data/{test → spec}/app_root/log/.gitignore +0 -0
  39. data/{test → spec}/app_root/script/console +0 -0
  40. data/spec/controllers/reviews_controller_spec.rb +19 -0
  41. data/spec/has_role_spec.rb +177 -0
  42. data/spec/permissions_spec.rb +550 -0
  43. data/spec/rcov.opts +2 -0
  44. data/spec/spec.opts +4 -0
  45. data/{test/test_helper.rb → spec/spec_helper.rb} +6 -9
  46. metadata +73 -57
  47. data/lib/aegis/constants.rb +0 -6
  48. data/lib/aegis/normalization.rb +0 -26
  49. data/lib/aegis/permission_error.rb +0 -5
  50. data/lib/aegis/permission_evaluator.rb +0 -34
  51. data/test/app_root/app/controllers/application_controller.rb +0 -2
  52. data/test/app_root/app/models/old_soldier.rb +0 -6
  53. data/test/app_root/app/models/permissions.rb +0 -49
  54. data/test/app_root/app/models/soldier.rb +0 -5
  55. data/test/app_root/app/models/trust_fund_kid.rb +0 -5
  56. data/test/app_root/app/models/user_subclass.rb +0 -2
  57. data/test/app_root/app/models/veteran_soldier.rb +0 -6
  58. data/test/app_root/config/routes.rb +0 -4
  59. data/test/app_root/db/migrate/20090429075648_create_soldiers.rb +0 -14
  60. data/test/app_root/db/migrate/20091110075648_create_veteran_soldiers.rb +0 -14
  61. data/test/app_root/db/migrate/20091110075649_create_trust_fund_kids.rb +0 -15
  62. data/test/has_role_options_test.rb +0 -64
  63. data/test/has_role_test.rb +0 -54
  64. data/test/permissions_test.rb +0 -109
  65. data/test/validation_test.rb +0 -55
data/spec/rcov.opts ADDED
@@ -0,0 +1,2 @@
1
+ --exclude "spec/*,gems/*"
2
+ --rails
data/spec/spec.opts ADDED
@@ -0,0 +1,4 @@
1
+ --colour
2
+ --format progress
3
+ --loadby mtime
4
+ --reverse
@@ -1,13 +1,12 @@
1
+ $: << File.join(File.dirname(__FILE__), "/../lib" )
2
+
1
3
  # Set the default environment to sqlite3's in_memory database
2
4
  ENV['RAILS_ENV'] ||= 'in_memory'
3
5
 
4
6
  # Load the Rails environment and testing framework
5
7
  require "#{File.dirname(__FILE__)}/app_root/config/environment"
6
8
  require "#{File.dirname(__FILE__)}/../lib/aegis"
7
- require 'test_help'
8
- require 'action_view/test_case' # Load additional test classes not done automatically by < Rails 2.2.2
9
-
10
- require "shoulda"
9
+ require 'spec/rails'
11
10
 
12
11
  # Undo changes to RAILS_ENV
13
12
  silence_warnings {RAILS_ENV = ENV['RAILS_ENV']}
@@ -15,9 +14,7 @@ silence_warnings {RAILS_ENV = ENV['RAILS_ENV']}
15
14
  # Run the migrations
16
15
  ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate")
17
16
 
18
- # Set default fixture loading properties
19
- ActiveSupport::TestCase.class_eval do
20
- self.use_transactional_fixtures = true
21
- self.use_instantiated_fixtures = false
22
- self.fixture_path = "#{File.dirname(__FILE__)}/fixtures"
17
+ Spec::Runner.configure do |config|
18
+ config.use_transactional_fixtures = true
19
+ config.use_instantiated_fixtures = false
23
20
  end
metadata CHANGED
@@ -1,25 +1,21 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aegis
3
3
  version: !ruby/object:Gem::Version
4
- hash: 3
5
- prerelease:
6
- segments:
7
- - 1
8
- - 1
9
- - 8
10
- version: 1.1.8
4
+ version: 2.0.0
11
5
  platform: ruby
12
6
  authors:
13
7
  - Henning Koch
8
+ - Tobias Kraze
14
9
  autorequire:
15
10
  bindir: bin
16
11
  cert_chain: []
17
12
 
18
- date: 2014-05-28 00:00:00 Z
13
+ date: 2010-05-02 00:00:00 +02:00
14
+ default_executable:
19
15
  dependencies: []
20
16
 
21
- description: Aegis is a role-based permission system, where all users are given a role. It is possible to define detailed and complex permissions for each role very easily.
22
- email: github@makandra.de
17
+ description: Aegis is an authorization solution for Ruby on Rails that supports roles and a RESTish, resource-style declaration of permission rules.
18
+ email: henning.koch@makandra.de
23
19
  executables: []
24
20
 
25
21
  extensions: []
@@ -27,81 +23,101 @@ extensions: []
27
23
  extra_rdoc_files:
28
24
  - README.rdoc
29
25
  files:
26
+ - .gitignore
30
27
  - MIT-LICENSE
31
28
  - README.rdoc
32
29
  - Rakefile
33
30
  - VERSION
34
31
  - aegis.gemspec
35
32
  - lib/aegis.rb
36
- - lib/aegis/constants.rb
33
+ - lib/aegis/access_denied.rb
34
+ - lib/aegis/action.rb
35
+ - lib/aegis/compiler.rb
37
36
  - lib/aegis/has_role.rb
38
- - lib/aegis/normalization.rb
39
- - lib/aegis/permission_error.rb
40
- - lib/aegis/permission_evaluator.rb
37
+ - lib/aegis/parser.rb
41
38
  - lib/aegis/permissions.rb
39
+ - lib/aegis/resource.rb
42
40
  - lib/aegis/role.rb
41
+ - lib/aegis/sieve.rb
42
+ - lib/rails/action_controller.rb
43
43
  - lib/rails/active_record.rb
44
- - test/app_root/app/controllers/application_controller.rb
45
- - test/app_root/app/models/old_soldier.rb
46
- - test/app_root/app/models/permissions.rb
47
- - test/app_root/app/models/soldier.rb
48
- - test/app_root/app/models/trust_fund_kid.rb
49
- - test/app_root/app/models/user.rb
50
- - test/app_root/app/models/user_subclass.rb
51
- - test/app_root/app/models/veteran_soldier.rb
52
- - test/app_root/config/boot.rb
53
- - test/app_root/config/database.yml
54
- - test/app_root/config/environment.rb
55
- - test/app_root/config/environments/in_memory.rb
56
- - test/app_root/config/environments/mysql.rb
57
- - test/app_root/config/environments/postgresql.rb
58
- - test/app_root/config/environments/sqlite.rb
59
- - test/app_root/config/environments/sqlite3.rb
60
- - test/app_root/config/routes.rb
61
- - test/app_root/db/migrate/20090408115228_create_users.rb
62
- - test/app_root/db/migrate/20090429075648_create_soldiers.rb
63
- - test/app_root/db/migrate/20091110075648_create_veteran_soldiers.rb
64
- - test/app_root/db/migrate/20091110075649_create_trust_fund_kids.rb
65
- - test/app_root/lib/console_with_fixtures.rb
66
- - test/app_root/log/.gitignore
67
- - test/app_root/script/console
68
- - test/has_role_options_test.rb
69
- - test/has_role_test.rb
70
- - test/permissions_test.rb
71
- - test/test_helper.rb
72
- - test/validation_test.rb
44
+ - spec/action_controller_spec.rb
45
+ - spec/app_root/app/controllers/application_controller.rb
46
+ - spec/app_root/app/controllers/reviews_controller.rb
47
+ - spec/app_root/app/models/permissions.rb
48
+ - spec/app_root/app/models/property.rb
49
+ - spec/app_root/app/models/review.rb
50
+ - spec/app_root/app/models/user.rb
51
+ - spec/app_root/config/boot.rb
52
+ - spec/app_root/config/database.yml
53
+ - spec/app_root/config/environment.rb
54
+ - spec/app_root/config/environments/in_memory.rb
55
+ - spec/app_root/config/environments/mysql.rb
56
+ - spec/app_root/config/environments/postgresql.rb
57
+ - spec/app_root/config/environments/sqlite.rb
58
+ - spec/app_root/config/environments/sqlite3.rb
59
+ - spec/app_root/config/routes.rb
60
+ - spec/app_root/db/migrate/001_create_users.rb
61
+ - spec/app_root/db/migrate/002_create_properties.rb
62
+ - spec/app_root/db/migrate/003_create_reviews.rb
63
+ - spec/app_root/lib/console_with_fixtures.rb
64
+ - spec/app_root/log/.gitignore
65
+ - spec/app_root/script/console
66
+ - spec/controllers/reviews_controller_spec.rb
67
+ - spec/has_role_spec.rb
68
+ - spec/permissions_spec.rb
69
+ - spec/rcov.opts
70
+ - spec/spec.opts
71
+ - spec/spec_helper.rb
72
+ has_rdoc: true
73
73
  homepage: http://github.com/makandra/aegis
74
74
  licenses: []
75
75
 
76
76
  post_install_message:
77
- rdoc_options: []
78
-
77
+ rdoc_options:
78
+ - --charset=UTF-8
79
79
  require_paths:
80
80
  - lib
81
81
  required_ruby_version: !ruby/object:Gem::Requirement
82
- none: false
83
82
  requirements:
84
83
  - - ">="
85
84
  - !ruby/object:Gem::Version
86
- hash: 3
87
- segments:
88
- - 0
89
85
  version: "0"
86
+ version:
90
87
  required_rubygems_version: !ruby/object:Gem::Requirement
91
- none: false
92
88
  requirements:
93
89
  - - ">="
94
90
  - !ruby/object:Gem::Version
95
- hash: 3
96
- segments:
97
- - 0
98
91
  version: "0"
92
+ version:
99
93
  requirements: []
100
94
 
101
95
  rubyforge_project:
102
- rubygems_version: 1.8.25
96
+ rubygems_version: 1.3.5
103
97
  signing_key:
104
98
  specification_version: 3
105
- summary: Role-based permissions for your user models.
106
- test_files: []
107
-
99
+ summary: Complete authorization solution for Rails
100
+ test_files:
101
+ - spec/app_root/app/models/user.rb
102
+ - spec/app_root/app/models/property.rb
103
+ - spec/app_root/app/models/review.rb
104
+ - spec/app_root/app/models/permissions.rb
105
+ - spec/app_root/app/controllers/application_controller.rb
106
+ - spec/app_root/app/controllers/reviews_controller.rb
107
+ - spec/app_root/config/boot.rb
108
+ - spec/app_root/config/environment.rb
109
+ - spec/app_root/config/environments/in_memory.rb
110
+ - spec/app_root/config/environments/mysql.rb
111
+ - spec/app_root/config/environments/postgresql.rb
112
+ - spec/app_root/config/environments/sqlite.rb
113
+ - spec/app_root/config/environments/sqlite3.rb
114
+ - spec/app_root/config/routes.rb
115
+ - spec/app_root/db/migrate/001_create_users.rb
116
+ - spec/app_root/db/migrate/002_create_properties.rb
117
+ - spec/app_root/db/migrate/003_create_reviews.rb
118
+ - spec/app_root/lib/console_with_fixtures.rb
119
+ - spec/action_controller_spec.rb
120
+ - spec/has_role_spec.rb
121
+ - spec/permissions_spec.rb
122
+ - spec/spec_helper.rb
123
+ - spec/controllers/reviews_controller_spec.rb
@@ -1,6 +0,0 @@
1
- module Aegis
2
- module Constants
3
- EVERYONE_ROLE_NAME = :everyone
4
- CRUD_VERBS = ["create", "read", "update", "destroy"]
5
- end
6
- end
@@ -1,26 +0,0 @@
1
- module Aegis
2
- class Normalization
3
-
4
- VERB_NORMALIZATIONS = {
5
- "edit" => "update",
6
- "show" => "read",
7
- "list" => "read",
8
- "view" => "read",
9
- "delete" => "destroy",
10
- "remove" => "destroy"
11
- }
12
-
13
- def self.normalize_verb(verb)
14
- VERB_NORMALIZATIONS[verb] || verb
15
- end
16
-
17
- def self.normalize_permission(permission)
18
- if permission =~ /^([^_]+?)_(.+?)$/
19
- verb, target = $1, $2
20
- permission = normalize_verb(verb) + "_" + target
21
- end
22
- permission
23
- end
24
-
25
- end
26
- end
@@ -1,5 +0,0 @@
1
- module Aegis
2
- class PermissionError < StandardError
3
-
4
- end
5
- end
@@ -1,34 +0,0 @@
1
- module Aegis
2
- class PermissionEvaluator
3
-
4
- def initialize(role)
5
- @role = role
6
- end
7
-
8
- def evaluate(permissions, rule_args)
9
- @result = @role.allow_by_default?
10
- permissions.each do |permission|
11
- instance_exec(*rule_args, &permission)
12
- end
13
- @result
14
- end
15
-
16
- def allow(*role_name_or_names, &block)
17
- rule_encountered(role_name_or_names, true, &block)
18
- end
19
-
20
- def deny(*role_name_or_names, &block)
21
- rule_encountered(role_name_or_names, false, &block)
22
- end
23
-
24
- def rule_encountered(role_name_or_names, is_allow, &block)
25
- role_names = Array(role_name_or_names)
26
- if role_names.include?(@role.name) || role_names.include?(Aegis::Constants::EVERYONE_ROLE_NAME)
27
- @result = (block ? block.call : true)
28
- @result = !@result unless is_allow
29
- end
30
- end
31
-
32
- end
33
- end
34
-
@@ -1,2 +0,0 @@
1
- class ApplicationController < ActionController::Base
2
- end
@@ -1,6 +0,0 @@
1
- class VeteranSoldier < ActiveRecord::Base
2
-
3
- # Use legacy parameter :name_accessor instead of :accessor
4
- has_role :name_accessor => "rank"
5
-
6
- end
@@ -1,49 +0,0 @@
1
-
2
- class Permissions < Aegis::Permissions
3
-
4
- role :guest
5
- role :student
6
- role :admin, :default_permission => :allow
7
-
8
- permission :use_empty do
9
- end
10
-
11
- permission :use_simple do
12
- allow :student
13
- deny :admin
14
- end
15
-
16
- permission :update_users do
17
- allow :student
18
- deny :admin
19
- end
20
-
21
- permission :crud_projects do
22
- allow :student
23
- end
24
-
25
- permission :edit_drinks do
26
- allow :student
27
- deny :admin
28
- end
29
-
30
- permission :hug do
31
- allow :everyone
32
- end
33
-
34
- permission :divide do |user, left, right|
35
- allow :student do
36
- right != 0
37
- end
38
- end
39
-
40
- permission :draw do
41
- allow :everyone
42
- end
43
-
44
- permission :draw do
45
- deny :student
46
- deny :admin
47
- end
48
-
49
- end
@@ -1,5 +0,0 @@
1
- class Soldier < ActiveRecord::Base
2
-
3
- has_role :accessor => "rank"
4
-
5
- end
@@ -1,5 +0,0 @@
1
- class TrustFundKid < ActiveRecord::Base
2
-
3
- has_role :default => :admin
4
-
5
- end
@@ -1,2 +0,0 @@
1
- class UserSubclass < User
2
- end
@@ -1,6 +0,0 @@
1
- class VeteranSoldier < ActiveRecord::Base
2
-
3
- # Using legacy parameter names
4
- has_role :name_accessor => "rank"
5
-
6
- end
@@ -1,4 +0,0 @@
1
- ActionController::Routing::Routes.draw do |map|
2
- map.connect ':controller/:action/:id'
3
- map.connect ':controller/:action/:id.:format'
4
- end
@@ -1,14 +0,0 @@
1
- class CreateSoldiers < ActiveRecord::Migration
2
-
3
- def self.up
4
- create_table :soldiers do |t|
5
- t.string :rank
6
- t.timestamps
7
- end
8
- end
9
-
10
- def self.down
11
- drop_table :soldiers
12
- end
13
-
14
- end
@@ -1,14 +0,0 @@
1
- class CreateVeteranSoldiers < ActiveRecord::Migration
2
-
3
- def self.up
4
- create_table :veteran_soldiers do |t|
5
- t.string :rank
6
- t.timestamps
7
- end
8
- end
9
-
10
- def self.down
11
- drop_table :veteran_soldiers
12
- end
13
-
14
- end
@@ -1,15 +0,0 @@
1
- class CreateTrustFundKids < ActiveRecord::Migration
2
-
3
- def self.up
4
- create_table :trust_fund_kids do |t|
5
- t.string :role_name
6
- t.integer :account_balance
7
- t.timestamps
8
- end
9
- end
10
-
11
- def self.down
12
- drop_table :trust_fund_kids
13
- end
14
-
15
- end
@@ -1,64 +0,0 @@
1
- require "test/test_helper"
2
-
3
- class HasRoleOptionsTest < ActiveSupport::TestCase
4
-
5
- context "A record with a custom role field" do
6
-
7
- setup do
8
- @soldier = Soldier.new
9
- end
10
-
11
- should "allow its role to be written and read" do
12
- @soldier.role = "guest"
13
- assert_equal :guest, @soldier.role.name
14
- end
15
-
16
- should "store the role name in the custom field" do
17
- @soldier.role = "guest"
18
- assert_equal "guest", @soldier.rank
19
- end
20
-
21
- should "still work with permissions" do
22
- @soldier.role = "guest"
23
- assert @soldier.may_hug?
24
- assert !@soldier.may_update_users?
25
- end
26
-
27
- end
28
-
29
- context "A record wiring up its role using legacy parameter names" do
30
-
31
- setup do
32
- @vetaran_soldier = VeteranSoldier.new
33
- end
34
-
35
- should "allow its role to be written and read" do
36
- @vetaran_soldier.role = "guest"
37
- assert_equal :guest, @vetaran_soldier.role.name
38
- end
39
-
40
- end
41
-
42
- context "A record with a default role" do
43
-
44
- should "create new instances with that role" do
45
- assert_equal :admin, TrustFundKid.new.role.name
46
- end
47
-
48
- should "set that role if the initial role name is blank" do
49
- assert_equal :admin, TrustFundKid.new(:role_name => "").role.name
50
- end
51
-
52
- should "ignore the default if another role is given" do
53
- assert_equal :student, TrustFundKid.new(:role_name => "student").role.name
54
- end
55
-
56
- should "not update existing records with the default role" do
57
- kid = TrustFundKid.create!(:role_name => "student")
58
- kid.update_attributes(:account_balance => 10_000_000)
59
- assert_equal :student, kid.reload.role.name
60
- end
61
-
62
- end
63
-
64
- end