aegis 2.4.1 → 2.5.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. data/VERSION +1 -1
  2. data/aegis.gemspec +15 -14
  3. data/lib/aegis/compiler.rb +17 -12
  4. data/lib/aegis/errors.rb +9 -0
  5. data/lib/aegis/parser.rb +6 -4
  6. data/lib/aegis/permissions.rb +6 -5
  7. data/spec/aegis/permissions_spec.rb +81 -10
  8. metadata +16 -11
data/VERSION CHANGED
@@ -1 +1 @@
1
- 2.4.1
1
+ 2.5.0
data/aegis.gemspec CHANGED
@@ -1,15 +1,15 @@
1
1
  # Generated by jeweler
2
- # DO NOT EDIT THIS FILE
3
- # Instead, edit Jeweler::Tasks in Rakefile, and run `rake gemspec`
2
+ # DO NOT EDIT THIS FILE DIRECTLY
3
+ # Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
4
4
  # -*- encoding: utf-8 -*-
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{aegis}
8
- s.version = "2.4.1"
8
+ s.version = "2.5.0"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Henning Koch", "Tobias Kraze"]
12
- s.date = %q{2010-09-08}
12
+ s.date = %q{2010-10-07}
13
13
  s.description = %q{Aegis is an authorization solution for Ruby on Rails that supports roles and a RESTish, resource-style declaration of permission rules.}
14
14
  s.email = %q{henning.koch@makandra.de}
15
15
  s.extra_rdoc_files = [
@@ -77,16 +77,10 @@ Also see http://wiki.github.com/makandra/aegis/controller-integration
77
77
  }
78
78
  s.rdoc_options = ["--charset=UTF-8"]
79
79
  s.require_paths = ["lib"]
80
- s.rubygems_version = %q{1.3.6}
80
+ s.rubygems_version = %q{1.3.7}
81
81
  s.summary = %q{Complete authorization solution for Rails}
82
82
  s.test_files = [
83
- "spec/aegis/controller_spec.rb",
84
- "spec/aegis/has_role_spec.rb",
85
- "spec/aegis/loader_spec.rb",
86
- "spec/aegis/permissions_spec.rb",
87
- "spec/aegis/sieve_spec.rb",
88
- "spec/aegis/spec/matchers_spec.rb",
89
- "spec/app_root/app/controllers/application_controller.rb",
83
+ "spec/app_root/app/controllers/application_controller.rb",
90
84
  "spec/app_root/app/controllers/reviews_controller.rb",
91
85
  "spec/app_root/app/controllers/songs_controller.rb",
92
86
  "spec/app_root/app/models/permissions.rb",
@@ -106,16 +100,23 @@ Also see http://wiki.github.com/makandra/aegis/controller-integration
106
100
  "spec/app_root/db/migrate/003_create_reviews.rb",
107
101
  "spec/app_root/lib/console_with_fixtures.rb",
108
102
  "spec/controllers/reviews_controller_spec.rb",
109
- "spec/spec_helper.rb"
103
+ "spec/spec_helper.rb",
104
+ "spec/aegis/has_role_spec.rb",
105
+ "spec/aegis/loader_spec.rb",
106
+ "spec/aegis/permissions_spec.rb",
107
+ "spec/aegis/sieve_spec.rb",
108
+ "spec/aegis/spec/matchers_spec.rb",
109
+ "spec/aegis/controller_spec.rb"
110
110
  ]
111
111
 
112
112
  if s.respond_to? :specification_version then
113
113
  current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
114
114
  s.specification_version = 3
115
115
 
116
- if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
116
+ if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
117
117
  else
118
118
  end
119
119
  else
120
120
  end
121
121
  end
122
+
data/lib/aegis/compiler.rb CHANGED
@@ -17,12 +17,15 @@ module Aegis
17
17
  end
18
18
 
19
19
  def compile(atoms)
20
- grouped_atoms = group_atoms(atoms)
21
- for atom in grouped_atoms[:structure] || []
22
- compile_structure(atom)
23
- end
24
- for atom in grouped_atoms[:sieve] || []
25
- compile_sieve(atom)
20
+ for atom in atoms
21
+ case atom_group(atom)
22
+ when :structure
23
+ compile_structure(atom)
24
+ when :sieve
25
+ compile_sieve(atom)
26
+ else
27
+ unexpected_atom_type!(atom)
28
+ end
26
29
  end
27
30
  end
28
31
 
@@ -43,7 +46,7 @@ module Aegis
43
46
  when :resources
44
47
  compile_child_resource(atom, :collection)
45
48
  else
46
- "Unexpected atom type: #{atom[:type]}"
49
+ unexpected_atom_type!(atom)
47
50
  end
48
51
  end
49
52
 
@@ -82,7 +85,7 @@ module Aegis
82
85
  compile_sieve(child, @resource.writing_actions)
83
86
  end
84
87
  else
85
- "Unexpected atom type: #{atom[:type]}"
88
+ unexpected_atom_type!(atom)
86
89
  end
87
90
  end
88
91
 
@@ -103,10 +106,12 @@ module Aegis
103
106
  :pluralize_resource => options[:collection] }
104
107
  end
105
108
 
106
- def group_atoms(atoms)
107
- atoms.group_by do |atom|
108
- ATOM_GROUPS[atom[:type]]
109
- end
109
+ def atom_group(atom)
110
+ ATOM_GROUPS[atom[:type]]
111
+ end
112
+
113
+ def unexpected_atom_type!(atom)
114
+ raise Aegis::InvalidSyntax, "Unexpected atom type: #{atom[:type]}"
110
115
  end
111
116
 
112
117
  end
data/lib/aegis/errors.rb CHANGED
@@ -6,4 +6,13 @@ module Aegis
6
6
  class UncheckedPermissions < StandardError
7
7
  end
8
8
 
9
+ class InvalidSyntax < StandardError
10
+ end
11
+
12
+ class MissingUser < StandardError
13
+ end
14
+
15
+ class MissingAction < StandardError
16
+ end
17
+
9
18
  end
data/lib/aegis/parser.rb CHANGED
@@ -17,8 +17,10 @@ module Aegis
17
17
  end
18
18
 
19
19
  def action(*args, &block)
20
- # useful warning for people upgrading from Aegis 2
21
- raise "action blocks do not take block arguments. allow/deny blocks do." if block && block.arity > 0
20
+ if block && block.arity > 0
21
+ # useful warning for people upgrading from Aegis 2
22
+ raise Aegis::InvalidSyntax, "Action blocks do not take block arguments in Aegis 2. allow/deny blocks do."
23
+ end
22
24
  split_definitions(*args) do |name, options|
23
25
  @atoms.push({
24
26
  :type => :action,
@@ -83,7 +85,7 @@ module Aegis
83
85
  end
84
86
 
85
87
  def reading(&block)
86
- block or raise "missing block"
88
+ block or raise Aegis::InvalidSyntax, "missing block"
87
89
  @atoms.push({
88
90
  :type => :reading,
89
91
  :children => Aegis::Parser.parse(&block)
@@ -91,7 +93,7 @@ module Aegis
91
93
  end
92
94
 
93
95
  def writing(&block)
94
- block or raise "missing block"
96
+ block or raise Aegis::InvalidSyntax, "missing block"
95
97
  @atoms.push({
96
98
  :type => :writing,
97
99
  :children => Aegis::Parser.parse(&block)
data/lib/aegis/permissions.rb CHANGED
@@ -8,7 +8,7 @@ module Aegis
8
8
 
9
9
  def missing_action_means(strategy)
10
10
  prepare
11
- MISSING_ACTION_STRATEGIES.include?(strategy) or raise ArgumentError, "missing_action_means must be one of #{MISSING_ACTION_STRATEGIES.inspect}"
11
+ MISSING_ACTION_STRATEGIES.include?(strategy) or raise Aegis::InvalidSyntax, "missing_action_means must be one of #{MISSING_ACTION_STRATEGIES.inspect}"
12
12
  @missing_action_strategy = strategy
13
13
  end
14
14
 
@@ -25,7 +25,7 @@ module Aegis
25
25
  end
26
26
 
27
27
  def permission(*args)
28
- raise "The Aegis API has changed. See http://wiki.github.com/makandra/aegis/upgrading-to-aegis-2 for migration instructions."
28
+ raise Aegis::InvalidSyntax, "The Aegis API has changed. See http://wiki.github.com/makandra/aegis/upgrading-to-aegis-2 for migration instructions."
29
29
  end
30
30
 
31
31
  def action(*args, &block)
@@ -58,7 +58,7 @@ module Aegis
58
58
 
59
59
  def role(role_name, options = {})
60
60
  role_name = role_name.to_s
61
- role_name != 'everyone' or raise "Cannot define a role named: #{role_name}"
61
+ role_name != 'everyone' or raise Aegis::InvalidSyntax, "Cannot define a role named: #{role_name}"
62
62
  @roles_by_name ||= {}
63
63
  @roles_by_name[role_name] = Aegis::Role.new(role_name, options)
64
64
  end
@@ -104,6 +104,7 @@ module Aegis
104
104
  private
105
105
 
106
106
  def query_action(verb, user, path, *args)
107
+ prepare
107
108
  user = handle_missing_user(user)
108
109
  action = find_action_by_path(path)
109
110
  action.send(verb, user, *args)
@@ -111,7 +112,7 @@ module Aegis
111
112
 
112
113
  def handle_missing_user(possibly_missing_user)
113
114
  possibly_missing_user ||= case @missing_user_strategy
114
- when :error then raise "Cannot check permission without a user"
115
+ when :error then raise Aegis::MissingUser, "Cannot check permission without a user"
115
116
  when Proc then @missing_user_strategy.call
116
117
  end
117
118
  end
@@ -121,7 +122,7 @@ module Aegis
121
122
  when :default_permission then Aegis::Action.undefined
122
123
  when :allow then Aegis::Action.allow_to_all
123
124
  when :deny then Aegis::Action.deny_to_all
124
- when :error then raise "Undefined Aegis action: #{action}"
125
+ when :error then raise Aegis::MissingAction, "Undefined Aegis action: #{action}"
125
126
  end
126
127
  end
127
128
 
data/spec/aegis/permissions_spec.rb CHANGED
@@ -214,7 +214,9 @@ describe Aegis::Permissions do
214
214
  end
215
215
  end
216
216
 
217
- @permissions.may?(@moderator, 'update_post', "the post").should be_true
217
+ expect do
218
+ @permissions.may?(@moderator, 'update_post')
219
+ end.to raise_error(ArgumentError)
218
220
 
219
221
  end
220
222
 
@@ -357,6 +359,16 @@ describe Aegis::Permissions do
357
359
 
358
360
  end
359
361
 
362
+ it 'should raise an error when trying to define a role named "everyone"' do
363
+
364
+ expect do
365
+ @permissions.class_eval do
366
+ role :everyone
367
+ end
368
+ end.to raise_error(Aegis::InvalidSyntax)
369
+
370
+ end
371
+
360
372
  it "should raise an error if the argument is given to the action (Aegis 1) instead of the allow block (Aegis 2)" do
361
373
 
362
374
  expect do
@@ -365,7 +377,19 @@ describe Aegis::Permissions do
365
377
  allow :everyone
366
378
  end
367
379
  end
368
- end.to raise_error
380
+ end.to raise_error(Aegis::InvalidSyntax)
381
+
382
+ end
383
+
384
+ it 'should raise an error if a #permission (singular) method is called (which no longer exists in Aegis 2)' do
385
+
386
+ expect do
387
+ @permissions.class_eval do
388
+ permission :foo do
389
+ allow :everyone
390
+ end
391
+ end
392
+ end.to raise_error(Aegis::InvalidSyntax)
369
393
 
370
394
  end
371
395
 
@@ -407,11 +431,11 @@ describe Aegis::Permissions do
407
431
 
408
432
  @permissions.class_eval do
409
433
  resources :posts do
434
+ action :syndicate, :writing => false
435
+ action :close
410
436
  reading do
411
437
  allow :user
412
438
  end
413
- action :syndicate, :writing => false
414
- action :close
415
439
  end
416
440
  end
417
441
 
@@ -429,11 +453,11 @@ describe Aegis::Permissions do
429
453
 
430
454
  @permissions.class_eval do
431
455
  resources :posts do
456
+ action :syndicate, :writing => false
457
+ action :close
432
458
  writing do
433
459
  allow :moderator
434
460
  end
435
- action :syndicate, :writing => false
436
- action :close
437
461
  end
438
462
  end
439
463
 
@@ -449,6 +473,26 @@ describe Aegis::Permissions do
449
473
 
450
474
  end
451
475
 
476
+ it 'should raise an error if a #reading directive is stated without a block' do
477
+ expect do
478
+ @permissions.class_eval do
479
+ resources :posts do
480
+ reading
481
+ end
482
+ end
483
+ end.to raise_error(Aegis::InvalidSyntax)
484
+ end
485
+
486
+ it 'should raise an error if a #writing directive is stated without a block' do
487
+ expect do
488
+ @permissions.class_eval do
489
+ resources :posts do
490
+ writing
491
+ end
492
+ end
493
+ end.to raise_error(Aegis::InvalidSyntax)
494
+ end
495
+
452
496
  it "should allow resources with only selected actions" do
453
497
  @permissions.class_eval do
454
498
  resources :posts, :only => [:show, :update]
@@ -471,6 +515,33 @@ describe Aegis::Permissions do
471
515
  @permissions.find_action_by_path('index_posts').should_not be_abstract
472
516
  end
473
517
 
518
+ it 'should allow to override individual actions' do
519
+ @permissions.class_eval do
520
+ resources :posts do
521
+ allow :everyone
522
+ action :create do
523
+ deny :everyone
524
+ end
525
+ end
526
+ end
527
+ @permissions.may?(@user, 'index_posts').should be_true
528
+ @permissions.may?(@user, 'create_post').should be_false
529
+ end
530
+
531
+ it 'should allow to repeatedly define permissions for the same action, deciding for the last directive that matched' do
532
+ @permissions.class_eval do
533
+ resources :posts do
534
+ action :create do
535
+ allow :everyone
536
+ end
537
+ action :create do
538
+ deny :user
539
+ end
540
+ end
541
+ end
542
+ @permissions.may?(@admin, 'create_posts').should be_true
543
+ @permissions.may?(@user, 'create_post').should be_false
544
+ end
474
545
 
475
546
  it "should alias action names for all actions and resources, aliasing #new and #edit by default" do
476
547
 
@@ -509,10 +580,10 @@ describe Aegis::Permissions do
509
580
  describe 'behavior when checking permissions without a user' do
510
581
 
511
582
  it "should raise an error if the user is nil" do
512
- lambda { @permissions.may?(nil, :some_action) }.should raise_error
583
+ expect { @permissions.may?(nil, :some_action) }.to raise_error(Aegis::MissingUser)
513
584
  end
514
585
 
515
- it "should substitute the results from the blank user strategy" do
586
+ it "should substitute the results from the missing user strategy" do
516
587
  @permissions.class_eval do
517
588
  missing_user_means { User.new(:role_name => 'user') }
518
589
  action :create_post do
@@ -558,8 +629,8 @@ describe Aegis::Permissions do
558
629
  @permissions.class_eval do
559
630
  missing_action_means :error
560
631
  end
561
- lambda { @permissions.may?(@user, 'missing_action') }.should raise_error
562
- lambda { @permissions.may?(@admin, 'missing_action') }.should raise_error
632
+ lambda { @permissions.may?(@user, 'missing_action') }.should raise_error(Aegis::MissingAction)
633
+ lambda { @permissions.may?(@admin, 'missing_action') }.should raise_error(Aegis::MissingAction)
563
634
  end
564
635
 
565
636
  end
metadata CHANGED
@@ -1,12 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aegis
3
3
  version: !ruby/object:Gem::Version
4
+ hash: 27
4
5
  prerelease: false
5
6
  segments:
6
7
  - 2
7
- - 4
8
- - 1
9
- version: 2.4.1
8
+ - 5
9
+ - 0
10
+ version: 2.5.0
10
11
  platform: ruby
11
12
  authors:
12
13
  - Henning Koch
@@ -15,7 +16,7 @@ autorequire:
15
16
  bindir: bin
16
17
  cert_chain: []
17
18
 
18
- date: 2010-09-08 00:00:00 +02:00
19
+ date: 2010-10-07 00:00:00 +02:00
19
20
  default_executable:
20
21
  dependencies: []
21
22
 
@@ -95,33 +96,31 @@ rdoc_options:
95
96
  require_paths:
96
97
  - lib
97
98
  required_ruby_version: !ruby/object:Gem::Requirement
99
+ none: false
98
100
  requirements:
99
101
  - - ">="
100
102
  - !ruby/object:Gem::Version
103
+ hash: 3
101
104
  segments:
102
105
  - 0
103
106
  version: "0"
104
107
  required_rubygems_version: !ruby/object:Gem::Requirement
108
+ none: false
105
109
  requirements:
106
110
  - - ">="
107
111
  - !ruby/object:Gem::Version
112
+ hash: 3
108
113
  segments:
109
114
  - 0
110
115
  version: "0"
111
116
  requirements: []
112
117
 
113
118
  rubyforge_project:
114
- rubygems_version: 1.3.6
119
+ rubygems_version: 1.3.7
115
120
  signing_key:
116
121
  specification_version: 3
117
122
  summary: Complete authorization solution for Rails
118
123
  test_files:
119
- - spec/aegis/controller_spec.rb
120
- - spec/aegis/has_role_spec.rb
121
- - spec/aegis/loader_spec.rb
122
- - spec/aegis/permissions_spec.rb
123
- - spec/aegis/sieve_spec.rb
124
- - spec/aegis/spec/matchers_spec.rb
125
124
  - spec/app_root/app/controllers/application_controller.rb
126
125
  - spec/app_root/app/controllers/reviews_controller.rb
127
126
  - spec/app_root/app/controllers/songs_controller.rb
@@ -143,3 +142,9 @@ test_files:
143
142
  - spec/app_root/lib/console_with_fixtures.rb
144
143
  - spec/controllers/reviews_controller_spec.rb
145
144
  - spec/spec_helper.rb
145
+ - spec/aegis/has_role_spec.rb
146
+ - spec/aegis/loader_spec.rb
147
+ - spec/aegis/permissions_spec.rb
148
+ - spec/aegis/sieve_spec.rb
149
+ - spec/aegis/spec/matchers_spec.rb
150
+ - spec/aegis/controller_spec.rb