aegis 2.4.1 → 2.5.0

data/VERSION

@@ -1 +1 @@
-2.4.1
+2.5.0

data/aegis.gemspec

@@ -1,15 +1,15 @@
 # Generated by jeweler
-# DO NOT EDIT THIS FILE
-# Instead, edit Jeweler::Tasks in Rakefile, and run `rake gemspec`
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
 # -*- encoding: utf-8 -*-
 
 Gem::Specification.new do |s|
   s.name = %q{aegis}
-  s.version = "2.4.1"
+  s.version = "2.5.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Henning Koch", "Tobias Kraze"]
-  s.date = %q{2010-09-08}
+  s.date = %q{2010-10-07}
   s.description = %q{Aegis is an authorization solution for Ruby on Rails that supports roles and a RESTish, resource-style declaration of permission rules.}
   s.email = %q{henning.koch@makandra.de}
   s.extra_rdoc_files = [
@@ -77,16 +77,10 @@ Also see http://wiki.github.com/makandra/aegis/controller-integration
 }
   s.rdoc_options = ["--charset=UTF-8"]
   s.require_paths = ["lib"]
-  s.rubygems_version = %q{1.3.6}
+  s.rubygems_version = %q{1.3.7}
   s.summary = %q{Complete authorization solution for Rails}
   s.test_files = [
-    "spec/aegis/controller_spec.rb",
-     "spec/aegis/has_role_spec.rb",
-     "spec/aegis/loader_spec.rb",
-     "spec/aegis/permissions_spec.rb",
-     "spec/aegis/sieve_spec.rb",
-     "spec/aegis/spec/matchers_spec.rb",
-     "spec/app_root/app/controllers/application_controller.rb",
+    "spec/app_root/app/controllers/application_controller.rb",
      "spec/app_root/app/controllers/reviews_controller.rb",
      "spec/app_root/app/controllers/songs_controller.rb",
      "spec/app_root/app/models/permissions.rb",
@@ -106,16 +100,23 @@ Also see http://wiki.github.com/makandra/aegis/controller-integration
      "spec/app_root/db/migrate/003_create_reviews.rb",
      "spec/app_root/lib/console_with_fixtures.rb",
      "spec/controllers/reviews_controller_spec.rb",
-     "spec/spec_helper.rb"
+     "spec/spec_helper.rb",
+     "spec/aegis/has_role_spec.rb",
+     "spec/aegis/loader_spec.rb",
+     "spec/aegis/permissions_spec.rb",
+     "spec/aegis/sieve_spec.rb",
+     "spec/aegis/spec/matchers_spec.rb",
+     "spec/aegis/controller_spec.rb"
   ]
 
   if s.respond_to? :specification_version then
     current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
     s.specification_version = 3
 
-    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
     else
     end
   else
   end
 end
+

data/lib/aegis/compiler.rb

@@ -17,12 +17,15 @@ module Aegis
     end
 
     def compile(atoms)
-      grouped_atoms = group_atoms(atoms)
-      for atom in grouped_atoms[:structure] || []
-        compile_structure(atom)
-      end
-      for atom in grouped_atoms[:sieve] || []
-        compile_sieve(atom)
+      for atom in atoms
+        case atom_group(atom)
+        when :structure
+          compile_structure(atom)
+        when :sieve
+          compile_sieve(atom)
+        else
+          unexpected_atom_type!(atom)
+        end
       end
     end
 
@@ -43,7 +46,7 @@ module Aegis
       when :resources
         compile_child_resource(atom, :collection)
       else
-        "Unexpected atom type: #{atom[:type]}"
+        unexpected_atom_type!(atom)
       end
     end
 
@@ -82,7 +85,7 @@ module Aegis
           compile_sieve(child, @resource.writing_actions)
         end
       else
-        "Unexpected atom type: #{atom[:type]}"
+        unexpected_atom_type!(atom)
       end
     end
 
@@ -103,10 +106,12 @@ module Aegis
         :pluralize_resource => options[:collection] }
     end
 
-    def group_atoms(atoms)
-      atoms.group_by do |atom|
-        ATOM_GROUPS[atom[:type]]
-      end
+    def atom_group(atom)
+      ATOM_GROUPS[atom[:type]]
+    end
+
+    def unexpected_atom_type!(atom)
+      raise Aegis::InvalidSyntax, "Unexpected atom type: #{atom[:type]}"
     end
 
   end

data/lib/aegis/errors.rb

@@ -6,4 +6,13 @@ module Aegis
   class UncheckedPermissions < StandardError
   end
 
+  class InvalidSyntax < StandardError
+  end
+
+  class MissingUser < StandardError
+  end
+
+  class MissingAction < StandardError
+  end
+
 end

data/lib/aegis/parser.rb

@@ -17,8 +17,10 @@ module Aegis
     end
 
     def action(*args, &block)
-      # useful warning for people upgrading from Aegis 2
-      raise "action blocks do not take block arguments. allow/deny blocks do." if block && block.arity > 0
+      if block && block.arity > 0
+        # useful warning for people upgrading from Aegis 2
+        raise Aegis::InvalidSyntax, "Action blocks do not take block arguments in Aegis 2. allow/deny blocks do."
+      end
       split_definitions(*args) do |name, options|
         @atoms.push({
           :type => :action,
@@ -83,7 +85,7 @@ module Aegis
     end
 
     def reading(&block)
-      block or raise "missing block"
+      block or raise Aegis::InvalidSyntax, "missing block"
       @atoms.push({
         :type => :reading,
         :children => Aegis::Parser.parse(&block)
@@ -91,7 +93,7 @@ module Aegis
     end
 
     def writing(&block)
-      block or raise "missing block"
+      block or raise Aegis::InvalidSyntax, "missing block"
       @atoms.push({
         :type => :writing,
         :children => Aegis::Parser.parse(&block)

data/lib/aegis/permissions.rb

@@ -8,7 +8,7 @@ module Aegis
 
       def missing_action_means(strategy)
         prepare
-        MISSING_ACTION_STRATEGIES.include?(strategy) or raise ArgumentError, "missing_action_means must be one of #{MISSING_ACTION_STRATEGIES.inspect}"
+        MISSING_ACTION_STRATEGIES.include?(strategy) or raise Aegis::InvalidSyntax, "missing_action_means must be one of #{MISSING_ACTION_STRATEGIES.inspect}"
         @missing_action_strategy = strategy
       end
 
@@ -25,7 +25,7 @@ module Aegis
       end
 
       def permission(*args)
-        raise "The Aegis API has changed. See http://wiki.github.com/makandra/aegis/upgrading-to-aegis-2 for migration instructions."
+        raise Aegis::InvalidSyntax, "The Aegis API has changed. See http://wiki.github.com/makandra/aegis/upgrading-to-aegis-2 for migration instructions."
       end
 
       def action(*args, &block)
@@ -58,7 +58,7 @@ module Aegis
 
       def role(role_name, options = {})
         role_name = role_name.to_s
-        role_name != 'everyone' or raise "Cannot define a role named: #{role_name}"
+        role_name != 'everyone' or raise Aegis::InvalidSyntax, "Cannot define a role named: #{role_name}"
         @roles_by_name ||= {}
         @roles_by_name[role_name] = Aegis::Role.new(role_name, options)
       end
@@ -104,6 +104,7 @@ module Aegis
       private
 
       def query_action(verb, user, path, *args)
+        prepare
         user = handle_missing_user(user)
         action = find_action_by_path(path)
         action.send(verb, user, *args)
@@ -111,7 +112,7 @@ module Aegis
 
       def handle_missing_user(possibly_missing_user)
         possibly_missing_user ||= case @missing_user_strategy
-          when :error then raise "Cannot check permission without a user"
+          when :error then raise Aegis::MissingUser, "Cannot check permission without a user"
           when Proc then @missing_user_strategy.call
         end
       end
@@ -121,7 +122,7 @@ module Aegis
           when :default_permission then Aegis::Action.undefined
           when :allow then Aegis::Action.allow_to_all
           when :deny then Aegis::Action.deny_to_all
-          when :error then raise "Undefined Aegis action: #{action}"
+          when :error then raise Aegis::MissingAction, "Undefined Aegis action: #{action}"
         end
       end
 

data/spec/aegis/permissions_spec.rb

@@ -214,7 +214,9 @@ describe Aegis::Permissions do
         end
       end
 
-      @permissions.may?(@moderator, 'update_post', "the post").should be_true
+      expect do
+        @permissions.may?(@moderator, 'update_post')
+      end.to raise_error(ArgumentError)
 
     end
 
@@ -357,6 +359,16 @@ describe Aegis::Permissions do
 
     end
 
+    it 'should raise an error when trying to define a role named "everyone"' do
+
+      expect do
+        @permissions.class_eval do
+          role :everyone
+        end
+      end.to raise_error(Aegis::InvalidSyntax)
+
+    end
+
     it "should raise an error if the argument is given to the action (Aegis 1) instead of the allow block (Aegis 2)" do
 
       expect do
@@ -365,7 +377,19 @@ describe Aegis::Permissions do
             allow :everyone
           end
         end
-      end.to raise_error
+      end.to raise_error(Aegis::InvalidSyntax)
+
+    end
+
+    it 'should raise an error if a #permission (singular) method is called (which no longer exists in Aegis 2)' do
+
+      expect do
+        @permissions.class_eval do
+          permission :foo do
+            allow :everyone
+          end
+        end
+      end.to raise_error(Aegis::InvalidSyntax)
 
     end
 
@@ -407,11 +431,11 @@ describe Aegis::Permissions do
 
       @permissions.class_eval do
         resources :posts do
+          action :syndicate, :writing => false
+          action :close
           reading do
             allow :user
           end
-          action :syndicate, :writing => false
-          action :close
         end
       end
 
@@ -429,11 +453,11 @@ describe Aegis::Permissions do
 
       @permissions.class_eval do
         resources :posts do
+          action :syndicate, :writing => false
+          action :close
           writing do
             allow :moderator
           end
-          action :syndicate, :writing => false
-          action :close
         end
       end
 
@@ -449,6 +473,26 @@ describe Aegis::Permissions do
 
     end
 
+    it 'should raise an error if a #reading directive is stated without a block' do
+      expect do
+        @permissions.class_eval do
+          resources :posts do
+            reading
+          end
+        end
+      end.to raise_error(Aegis::InvalidSyntax)
+    end
+
+    it 'should raise an error if a #writing directive is stated without a block' do
+      expect do
+        @permissions.class_eval do
+          resources :posts do
+            writing
+          end
+        end
+      end.to raise_error(Aegis::InvalidSyntax)
+    end
+
     it "should allow resources with only selected actions" do
       @permissions.class_eval do
         resources :posts, :only => [:show, :update]
@@ -471,6 +515,33 @@ describe Aegis::Permissions do
       @permissions.find_action_by_path('index_posts').should_not be_abstract
     end
 
+    it 'should allow to override individual actions' do
+      @permissions.class_eval do
+        resources :posts do
+          allow :everyone
+          action :create do
+            deny :everyone
+          end
+        end
+      end
+      @permissions.may?(@user, 'index_posts').should be_true
+      @permissions.may?(@user, 'create_post').should be_false
+    end
+
+    it 'should allow to repeatedly define permissions for the same action, deciding for the last directive that matched' do
+      @permissions.class_eval do
+        resources :posts do
+          action :create do
+            allow :everyone
+          end
+          action :create do
+            deny :user
+          end
+        end
+      end
+      @permissions.may?(@admin, 'create_posts').should be_true
+      @permissions.may?(@user, 'create_post').should be_false
+    end
 
     it "should alias action names for all actions and resources, aliasing #new and #edit by default" do
 
@@ -509,10 +580,10 @@ describe Aegis::Permissions do
   describe 'behavior when checking permissions without a user' do
 
     it "should raise an error if the user is nil" do
-      lambda { @permissions.may?(nil, :some_action) }.should raise_error
+      expect { @permissions.may?(nil, :some_action) }.to raise_error(Aegis::MissingUser)
     end
 
-    it "should substitute the results from the blank user strategy" do
+    it "should substitute the results from the missing user strategy" do
       @permissions.class_eval do
         missing_user_means { User.new(:role_name => 'user') }
         action :create_post do
@@ -558,8 +629,8 @@ describe Aegis::Permissions do
       @permissions.class_eval do
         missing_action_means :error
       end
-      lambda { @permissions.may?(@user, 'missing_action') }.should raise_error
-      lambda { @permissions.may?(@admin, 'missing_action') }.should raise_error
+      lambda { @permissions.may?(@user, 'missing_action') }.should raise_error(Aegis::MissingAction)
+      lambda { @permissions.may?(@admin, 'missing_action') }.should raise_error(Aegis::MissingAction)
     end
 
   end

metadata

@@ -1,12 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: aegis
 version: !ruby/object:Gem::Version 
+  hash: 27
   prerelease: false
   segments: 
   - 2
-  - 4
-  - 1
-  version: 2.4.1
+  - 5
+  - 0
+  version: 2.5.0
 platform: ruby
 authors: 
 - Henning Koch
@@ -15,7 +16,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-09-08 00:00:00 +02:00
+date: 2010-10-07 00:00:00 +02:00
 default_executable: 
 dependencies: []
 
@@ -95,33 +96,31 @@ rdoc_options:
 require_paths: 
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      hash: 3
       segments: 
       - 0
       version: "0"
 required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      hash: 3
       segments: 
       - 0
       version: "0"
 requirements: []
 
 rubyforge_project: 
-rubygems_version: 1.3.6
+rubygems_version: 1.3.7
 signing_key: 
 specification_version: 3
 summary: Complete authorization solution for Rails
 test_files: 
-- spec/aegis/controller_spec.rb
-- spec/aegis/has_role_spec.rb
-- spec/aegis/loader_spec.rb
-- spec/aegis/permissions_spec.rb
-- spec/aegis/sieve_spec.rb
-- spec/aegis/spec/matchers_spec.rb
 - spec/app_root/app/controllers/application_controller.rb
 - spec/app_root/app/controllers/reviews_controller.rb
 - spec/app_root/app/controllers/songs_controller.rb
@@ -143,3 +142,9 @@ test_files:
 - spec/app_root/lib/console_with_fixtures.rb
 - spec/controllers/reviews_controller_spec.rb
 - spec/spec_helper.rb
+- spec/aegis/has_role_spec.rb
+- spec/aegis/loader_spec.rb
+- spec/aegis/permissions_spec.rb
+- spec/aegis/sieve_spec.rb
+- spec/aegis/spec/matchers_spec.rb
+- spec/aegis/controller_spec.rb