aegis 1.1.8 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (65) hide show
  1. data/.gitignore +4 -0
  2. data/README.rdoc +58 -165
  3. data/Rakefile +20 -12
  4. data/VERSION +1 -1
  5. data/aegis.gemspec +85 -56
  6. data/lib/aegis.rb +9 -6
  7. data/lib/aegis/access_denied.rb +4 -0
  8. data/lib/aegis/action.rb +99 -0
  9. data/lib/aegis/compiler.rb +113 -0
  10. data/lib/aegis/has_role.rb +89 -110
  11. data/lib/aegis/parser.rb +110 -0
  12. data/lib/aegis/permissions.rb +164 -107
  13. data/lib/aegis/resource.rb +158 -0
  14. data/lib/aegis/role.rb +25 -55
  15. data/lib/aegis/sieve.rb +39 -0
  16. data/lib/rails/action_controller.rb +38 -0
  17. data/lib/rails/active_record.rb +1 -5
  18. data/spec/action_controller_spec.rb +100 -0
  19. data/spec/app_root/app/controllers/application_controller.rb +7 -0
  20. data/spec/app_root/app/controllers/reviews_controller.rb +36 -0
  21. data/spec/app_root/app/models/permissions.rb +14 -0
  22. data/spec/app_root/app/models/property.rb +5 -0
  23. data/spec/app_root/app/models/review.rb +5 -0
  24. data/{test → spec}/app_root/app/models/user.rb +1 -2
  25. data/{test → spec}/app_root/config/boot.rb +0 -0
  26. data/{test → spec}/app_root/config/database.yml +0 -0
  27. data/{test → spec}/app_root/config/environment.rb +0 -0
  28. data/{test → spec}/app_root/config/environments/in_memory.rb +0 -0
  29. data/{test → spec}/app_root/config/environments/mysql.rb +0 -0
  30. data/{test → spec}/app_root/config/environments/postgresql.rb +0 -0
  31. data/{test → spec}/app_root/config/environments/sqlite.rb +0 -0
  32. data/{test → spec}/app_root/config/environments/sqlite3.rb +0 -0
  33. data/spec/app_root/config/routes.rb +7 -0
  34. data/{test/app_root/db/migrate/20090408115228_create_users.rb → spec/app_root/db/migrate/001_create_users.rb} +2 -1
  35. data/spec/app_root/db/migrate/002_create_properties.rb +13 -0
  36. data/spec/app_root/db/migrate/003_create_reviews.rb +14 -0
  37. data/{test → spec}/app_root/lib/console_with_fixtures.rb +0 -0
  38. data/{test → spec}/app_root/log/.gitignore +0 -0
  39. data/{test → spec}/app_root/script/console +0 -0
  40. data/spec/controllers/reviews_controller_spec.rb +19 -0
  41. data/spec/has_role_spec.rb +177 -0
  42. data/spec/permissions_spec.rb +550 -0
  43. data/spec/rcov.opts +2 -0
  44. data/spec/spec.opts +4 -0
  45. data/{test/test_helper.rb → spec/spec_helper.rb} +6 -9
  46. metadata +73 -57
  47. data/lib/aegis/constants.rb +0 -6
  48. data/lib/aegis/normalization.rb +0 -26
  49. data/lib/aegis/permission_error.rb +0 -5
  50. data/lib/aegis/permission_evaluator.rb +0 -34
  51. data/test/app_root/app/controllers/application_controller.rb +0 -2
  52. data/test/app_root/app/models/old_soldier.rb +0 -6
  53. data/test/app_root/app/models/permissions.rb +0 -49
  54. data/test/app_root/app/models/soldier.rb +0 -5
  55. data/test/app_root/app/models/trust_fund_kid.rb +0 -5
  56. data/test/app_root/app/models/user_subclass.rb +0 -2
  57. data/test/app_root/app/models/veteran_soldier.rb +0 -6
  58. data/test/app_root/config/routes.rb +0 -4
  59. data/test/app_root/db/migrate/20090429075648_create_soldiers.rb +0 -14
  60. data/test/app_root/db/migrate/20091110075648_create_veteran_soldiers.rb +0 -14
  61. data/test/app_root/db/migrate/20091110075649_create_trust_fund_kids.rb +0 -15
  62. data/test/has_role_options_test.rb +0 -64
  63. data/test/has_role_test.rb +0 -54
  64. data/test/permissions_test.rb +0 -109
  65. data/test/validation_test.rb +0 -55
@@ -1,54 +0,0 @@
1
- require "test/test_helper"
2
-
3
- class HasRoleTest < ActiveSupport::TestCase
4
-
5
- context "Objects that have an aegis role" do
6
-
7
- setup do
8
- @guest = User.new(:role_name => "guest")
9
- @student = User.new(:role_name => "student")
10
- @student_subclass = UserSubclass.new(:role_name => "student")
11
- @admin = User.new(:role_name => "admin")
12
- end
13
-
14
- should "know their role" do
15
- assert_equal :guest, @guest.role.name
16
- assert_equal :student, @student.role.name
17
- assert_equal :student, @student_subclass.role.name
18
- assert_equal :admin, @admin.role.name
19
- end
20
-
21
- should "know if they belong to a role" do
22
- assert @guest.guest?
23
- assert !@guest.student?
24
- assert !@guest.admin?
25
- assert !@student.guest?
26
- assert !@student_subclass.guest?
27
- assert @student.student?
28
- assert @student_subclass.student?
29
- assert !@student.admin?
30
- assert !@student_subclass.admin?
31
- assert !@admin.guest?
32
- assert !@admin.student?
33
- assert @admin.admin?
34
- end
35
-
36
- should "still behave as usual when a method ending in a '?' does not map to a role query" do
37
- assert_raise NoMethodError do
38
- @guest.nonexisting_method?
39
- end
40
- end
41
-
42
- should "know that they respond to permission methods" do
43
- assert @guest.respond_to?(:may_foo?)
44
- assert @guest.respond_to?(:may_foo!)
45
- end
46
-
47
- should "retain the usual respond_to behaviour for non-permission methods" do
48
- assert !@guest.respond_to?(:nonexisting_method)
49
- assert @guest.respond_to?(:to_s)
50
- end
51
-
52
- end
53
-
54
- end
@@ -1,109 +0,0 @@
1
- require "test/test_helper"
2
-
3
- class PermissionsTest < ActiveSupport::TestCase
4
-
5
- context "Aegis permissions" do
6
-
7
- setup do
8
- @guest = User.new(:role_name => "guest")
9
- @student = User.new(:role_name => "student")
10
- @student_subclass = UserSubclass.new(:role_name => "student")
11
- @admin = User.new(:role_name => "admin")
12
- end
13
-
14
- should "use the default permission for actions without any allow or grant directives" do
15
- assert !@guest.may_use_empty?
16
- assert !@student.may_use_empty?
17
- assert !@student_subclass.may_use_empty?
18
- assert @admin.may_use_empty?
19
- end
20
-
21
- should "understand simple allow and deny directives" do
22
- assert !@guest.may_use_simple?
23
- assert @student.may_use_simple?
24
- assert @student_subclass.may_use_simple?
25
- assert !@admin.may_use_simple?
26
- end
27
-
28
- should 'raise exceptions when a denied action is queried with an exclamation mark' do
29
- assert_raise Aegis::PermissionError do
30
- @guest.may_use_simple!
31
- end
32
- assert_raise Aegis::PermissionError do
33
- @admin.may_use_simple!
34
- end
35
- end
36
-
37
- should 'do nothing if an allowed action is queried with an exclamation mark' do
38
- assert_nothing_raised do
39
- @student.may_use_simple!
40
- @student_subclass.may_use_simple!
41
- end
42
- end
43
-
44
- should "implicate the singular form of an action described in plural form" do
45
- assert !@guest.may_update_users?
46
- assert !@guest.may_update_user?("foo")
47
- assert @student.may_update_users?
48
- assert @student_subclass.may_update_users?
49
- assert @student.may_update_user?("foo")
50
- assert @student_subclass.may_update_user?("foo")
51
- assert !@admin.may_update_users?
52
- assert !@admin.may_update_user?("foo")
53
- end
54
-
55
- should 'implicate create, read, update and destroy forms for actions named "crud_..."' do
56
- assert @student.may_create_projects?
57
- assert @student_subclass.may_create_projects?
58
- assert @student.may_read_projects?
59
- assert @student_subclass.may_read_projects?
60
- assert @student.may_update_projects?
61
- assert @student_subclass.may_update_projects?
62
- assert @student.may_destroy_projects?
63
- assert @student_subclass.may_destroy_projects?
64
- end
65
-
66
- should 'perform normalization of CRUD verbs (e.g. "edit" and "update")' do
67
- assert !@guest.may_edit_drinks?
68
- assert @student.may_edit_drinks?
69
- assert @student_subclass.may_edit_drinks?
70
- assert !@admin.may_edit_drinks?
71
- assert !@guest.may_update_drinks?
72
- assert @student.may_update_drinks?
73
- assert @student_subclass.may_update_drinks?
74
- assert !@admin.may_update_drinks?
75
- end
76
-
77
- should "be able to grant or deny actions to all roles using :everyone" do
78
- assert @guest.may_hug?
79
- assert @student.may_hug?
80
- assert @student_subclass.may_hug?
81
- assert @admin.may_hug?
82
- end
83
-
84
- should "allow the definition of parametrized actions" do
85
- assert !@guest.may_divide?(10, 2)
86
- assert @student.may_divide?(10, 2)
87
- assert @student_subclass.may_divide?(10, 2)
88
- assert !@student.may_divide?(10, 0)
89
- assert !@student_subclass.may_divide?(10, 0)
90
- assert @admin.may_divide?(10, 2)
91
- assert @admin.may_divide?(10, 0)
92
- end
93
-
94
- should 'use default permissions for undefined actions' do
95
- !@student.may_do_undefined_stuff?("foo")
96
- !@student_subclass.may_do_undefined_stuff?("foo")
97
- @admin.may_do_undefined_stuff?("foo")
98
- end
99
-
100
- should 'overshadow previous action definitions with the same name' do
101
- assert @guest.may_draw?
102
- assert !@student.may_draw?
103
- assert !@student_subclass.may_draw?
104
- assert !@admin.may_draw?
105
- end
106
-
107
- end
108
-
109
- end
@@ -1,55 +0,0 @@
1
- require "test/test_helper"
2
-
3
- class ValidationTest < ActiveSupport::TestCase
4
-
5
- context "A model that has and validates its role" do
6
-
7
- setup do
8
- @user = User.new()
9
- end
10
-
11
- context "that has a role_name mapping to a role" do
12
-
13
- setup do
14
- @user.role_name = "admin"
15
- end
16
-
17
- should "be valid" do
18
- assert @user.valid?
19
- end
20
-
21
- end
22
-
23
- context "that has a blank role_name" do
24
-
25
- setup do
26
- @user.role_name = ""
27
- end
28
-
29
- should "not be valid" do
30
- assert !@user.valid?
31
- end
32
-
33
- end
34
-
35
- context "that has a role_name not mapping to a role" do
36
-
37
- setup do
38
- @user.role_name = "nonexisting_role_name"
39
- end
40
-
41
- should "not be valid" do
42
- assert !@user.valid?
43
- end
44
-
45
- end
46
-
47
- should "use add the default inclusion error message on role_name" do
48
- @user.role_name = ""
49
- @user.valid?
50
- assert_equal I18n.translate('activerecord.errors.messages.inclusion'), @user.errors.on(:role_name)
51
- end
52
-
53
- end
54
-
55
- end