annotation_security 1.0.1 → 1.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (63) hide show
  1. data/CHANGELOG.md +14 -0
  2. data/HOW-TO.md +275 -0
  3. data/{MIT-LICENSE → LICENSE} +1 -1
  4. data/README.md +39 -0
  5. data/Rakefile +62 -55
  6. data/assets/app/helpers/annotation_security_helper.rb +8 -8
  7. data/assets/config/initializers/annotation_security.rb +11 -11
  8. data/assets/config/security/relations.rb +20 -20
  9. data/assets/vendor/plugins/annotation_security/init.rb +13 -13
  10. data/bin/annotation_security +7 -7
  11. data/lib/annotation_security/exceptions.rb +124 -124
  12. data/lib/annotation_security/exec.rb +188 -188
  13. data/lib/annotation_security/filters.rb +37 -37
  14. data/lib/annotation_security/includes/action_controller.rb +144 -143
  15. data/lib/annotation_security/includes/active_record.rb +27 -27
  16. data/lib/annotation_security/includes/helper.rb +215 -215
  17. data/lib/annotation_security/includes/resource.rb +84 -84
  18. data/lib/annotation_security/includes/role.rb +30 -30
  19. data/lib/annotation_security/includes/user.rb +26 -26
  20. data/lib/annotation_security/manager/policy_factory.rb +29 -29
  21. data/lib/annotation_security/manager/policy_manager.rb +79 -79
  22. data/lib/annotation_security/manager/relation_loader.rb +272 -272
  23. data/lib/annotation_security/manager/resource_manager.rb +36 -36
  24. data/lib/annotation_security/manager/right_loader.rb +87 -87
  25. data/lib/annotation_security/model_observer.rb +61 -61
  26. data/lib/annotation_security/policy/abstract_policy.rb +344 -344
  27. data/lib/annotation_security/policy/abstract_static_policy.rb +75 -75
  28. data/lib/annotation_security/policy/all_resources_policy.rb +20 -20
  29. data/lib/annotation_security/policy/rule.rb +340 -340
  30. data/lib/annotation_security/policy/rule_set.rb +138 -138
  31. data/lib/annotation_security/rails.rb +38 -38
  32. data/lib/annotation_security/user_wrapper.rb +73 -73
  33. data/lib/annotation_security/utils.rb +141 -141
  34. data/lib/annotation_security/version.rb +10 -0
  35. data/lib/annotation_security.rb +102 -97
  36. data/lib/extensions/action_controller.rb +32 -32
  37. data/lib/extensions/active_record.rb +34 -34
  38. data/lib/extensions/filter.rb +133 -133
  39. data/lib/extensions/object.rb +10 -10
  40. data/lib/security_context.rb +589 -551
  41. data/spec/annotation_security/exceptions_spec.rb +16 -16
  42. data/spec/annotation_security/includes/helper_spec.rb +82 -82
  43. data/spec/annotation_security/manager/policy_manager_spec.rb +15 -15
  44. data/spec/annotation_security/manager/resource_manager_spec.rb +17 -17
  45. data/spec/annotation_security/manager/right_loader_spec.rb +17 -17
  46. data/spec/annotation_security/policy/abstract_policy_spec.rb +16 -16
  47. data/spec/annotation_security/policy/all_resources_policy_spec.rb +24 -24
  48. data/spec/annotation_security/policy/rule_set_spec.rb +112 -112
  49. data/spec/annotation_security/policy/rule_spec.rb +77 -77
  50. data/spec/annotation_security/policy/test_policy_spec.rb +80 -80
  51. data/spec/annotation_security/security_context_spec.rb +78 -78
  52. data/spec/annotation_security/utils_spec.rb +73 -73
  53. data/spec/helper/test_controller.rb +65 -65
  54. data/spec/helper/test_helper.rb +5 -5
  55. data/spec/helper/test_relations.rb +6 -6
  56. data/spec/helper/test_resource.rb +38 -38
  57. data/spec/helper/test_role.rb +21 -21
  58. data/spec/helper/test_user.rb +31 -31
  59. data/spec/rails_stub.rb +37 -37
  60. metadata +94 -72
  61. data/CHANGELOG +0 -2
  62. data/HOW-TO +0 -261
  63. data/README +0 -39
@@ -1,142 +1,142 @@
1
- #
2
- # = lib/annotation_security/utils.rb
3
- #
4
- # Provides some methods that are needed at several locations in the plug-in.
5
- #
6
-
7
- class AnnotationSecurity::Utils # :nodoc:
8
-
9
- PREFIXES = /\A(may|is|can|has)_/
10
- SUFFIXES = /(_(for|in|of|to)|\?)\Z/
11
-
12
- # Removes pre- and suffixes from +method+,
13
- # returns +nil+ if no change was made.
14
- #
15
- def self.method_body(method)
16
- body = method.to_s.gsub(PREFIXES,'').gsub(SUFFIXES,'')
17
- method.to_s == body ? nil : body
18
- end
19
-
20
- # Parses a description string
21
- # * +description+ description of a controller action
22
- # * +allow_binding+ if false, an exception is raised if the description
23
- # contains a variable
24
- # Returns right, resource and binding
25
- #
26
- def self.parse_description(description,allow_binding=false)
27
- ActionAnnotation::Utils.parse_description(description,allow_binding)
28
- end
29
-
30
- # Parses arguments provided to #apply_policy or #allowed? and returns
31
- # [ [:action, :resource_type, resource || nil], ... ]
32
- #
33
- # See SecurityContext#allowed? for details.
34
- #
35
- # Each element of the result can be send to a policy using
36
- # policy_of_res_type.allowed?(rule, resource)
37
- # or
38
- # policy_of_res_type.static_policy.allowed?(rule, nil)
39
- #
40
- # Raises ArgumentError if args could not be parsed.
41
- #
42
- def self.parse_policy_arguments(args)
43
- if args.first.is_a? String
44
- hash = AnnotationSecurity::Utils.parse_description(args.first)
45
- elsif args.first.is_a? Hash
46
- hash = args.first
47
- end
48
- if hash
49
- action = hash.delete(:action) || hash.delete('action')
50
- resource = hash.delete(:resource) || hash.delete('resource')
51
- unless resource.__is_resource?
52
- resource_type = resource
53
- resource = nil
54
- end
55
- resource_type ||= hash.delete(:resource_type)
56
- resource_type ||= resource ? resource.resource_type : nil
57
- a = [action, resource_type]
58
- a << resource if resource
59
- args = a + args[1..-1]
60
- end
61
-
62
- args << :all_resources unless args.size > 1
63
-
64
- action, resource = args
65
-
66
- if resource.__is_resource?
67
- args = [action, resource.resource_type] + args[1..-1]
68
- end
69
- # if args.size > 2 && args.third == nil
70
- # raise ArgumentError, "Did not expect nil as resource"
71
- # end
72
- args
73
- end
74
-
75
- # returns resource type and resource object without action
76
- # expects [resource object], [resource type], or both
77
- def self.parse_resource_arguments(args)
78
- parse_policy_arguments([:r]+args)[1..2]
79
- end
80
-
81
- # Returns controller, action, objects and parameters
82
- def self.parse_action_args(args)
83
- controller = parse_controller(args.first)
84
- action = args.second.to_sym
85
-
86
- objects = args.third || []
87
- objects = [objects] unless objects.is_a? Array
88
- prepare_objects_resources(controller, objects)
89
-
90
- params = args.fourth || {}
91
- prepare_params_resources(controller, params)
92
-
93
- objects += params.values
94
-
95
- objects = objects.select { |o| o and o.__is_resource? }
96
- return [controller, action, objects, params]
97
- end
98
-
99
- # Try to find the controller class from a name.
100
- # Looks for [name](s)Controller.
101
- #
102
- # parse_controller :welcome #=> WelcomeController
103
- # parse_controller :user # => UsersController
104
- #
105
- def self.parse_controller(controller) # :nodoc:
106
- begin
107
- "#{controller.to_s.camelize}Controller".constantize
108
- rescue NameError
109
- "#{controller.to_s.pluralize.camelize}Controller".constantize
110
- end
111
- rescue NameError
112
- raise NameError, "Controller '#{controller}' was not found"
113
- end
114
-
115
- # if there are non-resources in objects, use the values to get resources
116
- # from the controllers default resource type
117
- #
118
- def self.prepare_objects_resources(controller, objects)
119
- res_type = controller.default_resource
120
- objects.collect! do |o|
121
- if o.__is_resource?
122
- o
123
- else
124
- AnnotationSecurity::ResourceManager.get_resource(res_type, o)
125
- end
126
- end
127
- end
128
-
129
- # if there are non-resources in objects, use the values to get resources
130
- # assuming the keys are the resource types (:id is defalut resource)
131
- #
132
- def self.prepare_params_resources(controller, params)
133
- params.each do |k, v|
134
- unless v.__is_resource?
135
- res_type = k == :id ? controller.default_resource : k
136
- v = AnnotationSecurity::ResourceManager.get_resource(res_type, v)
137
- params[k] = v
138
- end
139
- end
140
- end
141
-
1
+ #
2
+ # = lib/annotation_security/utils.rb
3
+ #
4
+ # Provides some methods that are needed at several locations in the plug-in.
5
+ #
6
+
7
+ class AnnotationSecurity::Utils # :nodoc:
8
+
9
+ PREFIXES = /\A(may|is|can|has)_/
10
+ SUFFIXES = /(_(for|in|of|to)|\?)\Z/
11
+
12
+ # Removes pre- and suffixes from +method+,
13
+ # returns +nil+ if no change was made.
14
+ #
15
+ def self.method_body(method)
16
+ body = method.to_s.gsub(PREFIXES,'').gsub(SUFFIXES,'')
17
+ method.to_s == body ? nil : body
18
+ end
19
+
20
+ # Parses a description string
21
+ # * +description+ description of a controller action
22
+ # * +allow_binding+ if false, an exception is raised if the description
23
+ # contains a variable
24
+ # Returns right, resource and binding
25
+ #
26
+ def self.parse_description(description,allow_binding=false)
27
+ ActionAnnotation::Utils.parse_description(description,allow_binding)
28
+ end
29
+
30
+ # Parses arguments provided to #apply_policy or #allowed? and returns
31
+ # [ [:action, :resource_type, resource || nil], ... ]
32
+ #
33
+ # See SecurityContext#allowed? for details.
34
+ #
35
+ # Each element of the result can be send to a policy using
36
+ # policy_of_res_type.allowed?(rule, resource)
37
+ # or
38
+ # policy_of_res_type.static_policy.allowed?(rule, nil)
39
+ #
40
+ # Raises ArgumentError if args could not be parsed.
41
+ #
42
+ def self.parse_policy_arguments(args)
43
+ if args.first.is_a? String
44
+ hash = AnnotationSecurity::Utils.parse_description(args.first)
45
+ elsif args.first.is_a? Hash
46
+ hash = args.first
47
+ end
48
+ if hash
49
+ action = hash.delete(:action) || hash.delete('action')
50
+ resource = hash.delete(:resource) || hash.delete('resource')
51
+ unless resource.__is_resource?
52
+ resource_type = resource
53
+ resource = nil
54
+ end
55
+ resource_type ||= hash.delete(:resource_type)
56
+ resource_type ||= resource ? resource.resource_type : nil
57
+ a = [action, resource_type]
58
+ a << resource if resource
59
+ args = a + args[1..-1]
60
+ end
61
+
62
+ args << :all_resources unless args.size > 1
63
+
64
+ action, resource = args
65
+
66
+ if resource.__is_resource?
67
+ args = [action, resource.resource_type] + args[1..-1]
68
+ end
69
+ # if args.size > 2 && args.third == nil
70
+ # raise ArgumentError, "Did not expect nil as resource"
71
+ # end
72
+ args
73
+ end
74
+
75
+ # returns resource type and resource object without action
76
+ # expects [resource object], [resource type], or both
77
+ def self.parse_resource_arguments(args)
78
+ parse_policy_arguments([:r]+args)[1..2]
79
+ end
80
+
81
+ # Returns controller, action, objects and parameters
82
+ def self.parse_action_args(args)
83
+ controller = parse_controller(args.first)
84
+ action = args.second.to_sym
85
+
86
+ objects = args.third || []
87
+ objects = [objects] unless objects.is_a? Array
88
+ prepare_objects_resources(controller, objects)
89
+
90
+ params = args.fourth || {}
91
+ prepare_params_resources(controller, params)
92
+
93
+ objects += params.values
94
+
95
+ objects = objects.select { |o| o and o.__is_resource? }
96
+ return [controller, action, objects, params]
97
+ end
98
+
99
+ # Try to find the controller class from a name.
100
+ # Looks for [name](s)Controller.
101
+ #
102
+ # parse_controller :welcome #=> WelcomeController
103
+ # parse_controller :user # => UsersController
104
+ #
105
+ def self.parse_controller(controller) # :nodoc:
106
+ begin
107
+ "#{controller.to_s.camelize}Controller".constantize
108
+ rescue NameError
109
+ "#{controller.to_s.pluralize.camelize}Controller".constantize
110
+ end
111
+ rescue NameError
112
+ raise NameError, "Controller '#{controller}' was not found"
113
+ end
114
+
115
+ # if there are non-resources in objects, use the values to get resources
116
+ # from the controllers default resource type
117
+ #
118
+ def self.prepare_objects_resources(controller, objects)
119
+ res_type = controller.default_resource
120
+ objects.collect! do |o|
121
+ if o.__is_resource?
122
+ o
123
+ else
124
+ AnnotationSecurity::ResourceManager.get_resource(res_type, o)
125
+ end
126
+ end
127
+ end
128
+
129
+ # if there are non-resources in objects, use the values to get resources
130
+ # assuming the keys are the resource types (:id is defalut resource)
131
+ #
132
+ def self.prepare_params_resources(controller, params)
133
+ params.each do |k, v|
134
+ unless v.__is_resource?
135
+ res_type = k == :id ? controller.default_resource : k
136
+ v = AnnotationSecurity::ResourceManager.get_resource(res_type, v)
137
+ params[k] = v
138
+ end
139
+ end
140
+ end
141
+
142
142
  end
@@ -0,0 +1,10 @@
1
+ #
2
+ # = lib/annotation_security/version.rb
3
+ #
4
+ # Defines the version of this lib
5
+ #
6
+
7
+ module AnnotationSecurity
8
+
9
+ Version = '1.0.2'
10
+ end
@@ -1,98 +1,103 @@
1
- #
2
- # = lib/annotation_security.rb
3
- #
4
- # This modul provides the AnnotationSecurity security layer.
5
- #
6
-
7
- # = AnnotationSecurity
8
- module AnnotationSecurity; end
9
-
10
- # Load annotation security files
11
- dir = File.dirname(__FILE__)
12
- require dir + '/annotation_security/manager/policy_manager'
13
- require dir + '/annotation_security/manager/policy_factory'
14
- require dir + '/annotation_security/manager/relation_loader'
15
- require dir + '/annotation_security/manager/right_loader'
16
- require dir + '/annotation_security/manager/resource_manager'
17
- require dir + '/annotation_security/policy/abstract_policy'
18
- require dir + '/annotation_security/policy/abstract_static_policy'
19
- require dir + '/annotation_security/policy/rule_set'
20
- require dir + '/annotation_security/policy/rule'
21
- require dir + '/annotation_security/includes/resource'
22
- require dir + '/annotation_security/includes/action_controller'
23
- require dir + '/annotation_security/includes/active_record'
24
- require dir + '/annotation_security/includes/role'
25
- require dir + '/annotation_security/includes/user'
26
- require dir + '/annotation_security/includes/helper'
27
- require dir + '/annotation_security/exceptions'
28
- require dir + '/annotation_security/filters'
29
- require dir + '/annotation_security/model_observer'
30
- require dir + '/annotation_security/user_wrapper'
31
- require dir + '/annotation_security/utils'
32
-
33
- require dir + '/security_context'
34
-
35
- module AnnotationSecurity
36
-
37
- # Load the file specified by +fname+.
38
- # The file will be reloaded automatically if reset is called.
39
- #
40
- # See AnnotationSecurity::RightLoader for details.
41
- #
42
- def self.load_rights(fname, ext = 'yml')
43
- # The file is expected to be a yaml file.
44
- # However, it is also possible to use a ruby file that uses
45
- # AnnotationSecurity.define_rights. In this case, ext should be 'rb'.
46
- PolicyManager.add_file(fname, ext)
47
- end
48
-
49
- # Load the file specified by +fname+.
50
- # The file will be reloaded automatically if reset is called.
51
- #
52
- # See AnnotationSecurity::RelationLoader for details.
53
- #
54
- def self.load_relations(fname)
55
- PolicyManager.add_file(fname, 'rb')
56
- end
57
-
58
- # Defines relations specified in +block+.
59
- #
60
- # See AnnotationSecurity::RelationLoader for details
61
- #
62
- def self.define_relations(*resources,&block)
63
- RelationLoader.define_relations(*resources,&block)
64
- end
65
-
66
- # Defines rights specified in +hash+.
67
- #
68
- # See AnnotationSecurity::RightLoader for details
69
- #
70
- def self.define_rights(hash)
71
- RightLoader.define_rights(hash)
72
- end
73
-
74
- # Reloads all files that were loaded with load_rights or load_relations.
75
- #
76
- # In development mode, reset is being executed before each request.
77
- #
78
- def self.reset
79
- PolicyManager.reset
80
- end
81
-
82
- # Initializes AnnotationSecurity for a Rails application and loads
83
- # Rails specific parts of the library.
84
- #
85
- # This method is called by `init.rb`,
86
- # which is run by Rails on startup.
87
- #
88
- # * +binding+ [Binding] The context of the `init.rb` file.
89
- def self.init_rails(binding)
90
- puts "Initializing AnnotationSecurity security layer"
91
-
92
- %w{annotation_security/rails extensions/object extensions/action_controller
93
- extensions/active_record extensions/filter }.each { |f| require f }
94
-
95
- config = eval("config", binding)
96
- AnnotationSecurity::Rails.init!(config)
97
- end
1
+ #
2
+ # = lib/annotation_security.rb
3
+ #
4
+ # This modul provides the AnnotationSecurity security layer.
5
+ #
6
+
7
+ # = AnnotationSecurity
8
+ module AnnotationSecurity; end
9
+
10
+ # Load annotation security files
11
+ dir = File.dirname(__FILE__)
12
+ require dir + '/annotation_security/manager/policy_manager'
13
+ require dir + '/annotation_security/manager/policy_factory'
14
+ require dir + '/annotation_security/manager/relation_loader'
15
+ require dir + '/annotation_security/manager/right_loader'
16
+ require dir + '/annotation_security/manager/resource_manager'
17
+ require dir + '/annotation_security/policy/abstract_policy'
18
+ require dir + '/annotation_security/policy/abstract_static_policy'
19
+ require dir + '/annotation_security/policy/rule_set'
20
+ require dir + '/annotation_security/policy/rule'
21
+ require dir + '/annotation_security/includes/resource'
22
+ require dir + '/annotation_security/includes/action_controller'
23
+ require dir + '/annotation_security/includes/active_record'
24
+ require dir + '/annotation_security/includes/role'
25
+ require dir + '/annotation_security/includes/user'
26
+ require dir + '/annotation_security/includes/helper'
27
+ require dir + '/annotation_security/exceptions'
28
+ require dir + '/annotation_security/filters'
29
+ require dir + '/annotation_security/model_observer'
30
+ require dir + '/annotation_security/user_wrapper'
31
+ require dir + '/annotation_security/utils'
32
+ require dir + '/annotation_security/version'
33
+
34
+ require dir + '/security_context'
35
+
36
+ module AnnotationSecurity
37
+
38
+ # Load the file specified by +fname+.
39
+ # The file will be reloaded automatically if reset is called.
40
+ #
41
+ # See AnnotationSecurity::RightLoader for details.
42
+ #
43
+ def self.load_rights(fname, ext = 'yml')
44
+ # The file is expected to be a yaml file.
45
+ # However, it is also possible to use a ruby file that uses
46
+ # AnnotationSecurity.define_rights. In this case, ext should be 'rb'.
47
+ PolicyManager.add_file(fname, ext)
48
+ end
49
+
50
+ # Load the file specified by +fname+.
51
+ # The file will be reloaded automatically if reset is called.
52
+ #
53
+ # See AnnotationSecurity::RelationLoader for details.
54
+ #
55
+ def self.load_relations(fname)
56
+ PolicyManager.add_file(fname, 'rb')
57
+ end
58
+
59
+ # Defines relations specified in +block+.
60
+ #
61
+ # See AnnotationSecurity::RelationLoader for details
62
+ #
63
+ def self.define_relations(*resources,&block)
64
+ RelationLoader.define_relations(*resources,&block)
65
+ end
66
+
67
+ # Defines rights specified in +hash+.
68
+ #
69
+ # See AnnotationSecurity::RightLoader for details
70
+ #
71
+ def self.define_rights(hash)
72
+ RightLoader.define_rights(hash)
73
+ end
74
+
75
+ # Reloads all files that were loaded with load_rights or load_relations.
76
+ #
77
+ # In development mode, reset is being executed before each request.
78
+ #
79
+ def self.reset
80
+ PolicyManager.reset
81
+ end
82
+
83
+ # Initializes AnnotationSecurity for a Rails application and loads
84
+ # Rails specific parts of the library.
85
+ #
86
+ # This method is called by `init.rb`,
87
+ # which is run by Rails on startup.
88
+ #
89
+ # * +config+ [Rails::Configuration] the rails configuration.
90
+ def self.init_rails(config)
91
+ puts "Initializing AnnotationSecurity (#{AnnotationSecurity::Version}) security layer"
92
+
93
+ # must load the extension files after we know rails is loaded
94
+ # :o)
95
+
96
+ dir = File.dirname(__FILE__)
97
+
98
+ %w{annotation_security/rails extensions/object extensions/action_controller
99
+ extensions/active_record extensions/filter }.each { |f| require "#{dir}/#{f}" }
100
+
101
+ AnnotationSecurity::Rails.init!(config)
102
+ end
98
103
  end
@@ -1,33 +1,33 @@
1
- #
2
- # = lib/extensions/action_controller.rb
3
- #
4
-
5
- module ActionController # :nodoc:
6
-
7
- # Extends ActionController::Base for security.
8
- #
9
- class Base # :nodoc:
10
-
11
- # Include required security functionality
12
- include AnnotationSecurity::ActionController
13
-
14
- alias render_without_security render
15
-
16
- # Before rendering, evaluates the bounded rules of the current action.
17
- #
18
- def render(*args, &block)
19
- SecurityContext.apply_rules_after_action
20
- render_without_security(*args, &block)
21
- end
22
-
23
- alias redirect_to_without_security redirect_to
24
-
25
- # Before redirecting, evaluates the bounded rules of the current action.
26
- #
27
- def redirect_to(*args, &block)
28
- SecurityContext.apply_rules_after_action
29
- redirect_to_without_security(*args, &block)
30
- end
31
- end
32
-
1
+ #
2
+ # = lib/extensions/action_controller.rb
3
+ #
4
+
5
+ module ActionController # :nodoc:
6
+
7
+ # Extends ActionController::Base for security.
8
+ #
9
+ class Base # :nodoc:
10
+
11
+ # Include required security functionality
12
+ include AnnotationSecurity::ActionController
13
+
14
+ alias render_without_security render
15
+
16
+ # Before rendering, evaluates the bounded rules of the current action.
17
+ #
18
+ def render(*args, &block)
19
+ SecurityContext.apply_rules_after_action
20
+ render_without_security(*args, &block)
21
+ end
22
+
23
+ alias redirect_to_without_security redirect_to
24
+
25
+ # Before redirecting, evaluates the bounded rules of the current action.
26
+ #
27
+ def redirect_to(*args, &block)
28
+ SecurityContext.apply_rules_after_action
29
+ redirect_to_without_security(*args, &block)
30
+ end
31
+ end
32
+
33
33
  end
@@ -1,35 +1,35 @@
1
- #
2
- # = lib/extensions/active_record.rb
3
- #
4
-
5
- module ActiveRecord # :nodoc:
6
-
7
- # Extends ActiveRecord::Base so that model classes
8
- # can be tagged as resources.
9
- #
10
- # To associate a model class with a resource type, use #resource in the class
11
- # definition.
12
- #
13
- # class MyResource < ActiveRecord::Base
14
- # resource :my_resource
15
- #
16
- # # ...
17
- # end
18
- #
19
- # If you don't pass an argument to #resource, the resource name will be
20
- # the underscored class name.
21
- #
22
- # See AnnotationSecurity::Resource if you want to use non-model classes as resources.
23
- #
24
- class Base
25
-
26
- # Declares a model class to be a resource.
27
- # * +resource_type+ (optional) Symbol of the resource type (like :course)
28
- def self.resource(resource_type = nil)
29
- include ::AnnotationSecurity::ActiveRecord
30
- self.resource_type = resource_type if resource_type
31
- self.resource_type
32
- end
33
- end
34
-
1
+ #
2
+ # = lib/extensions/active_record.rb
3
+ #
4
+
5
+ module ActiveRecord # :nodoc:
6
+
7
+ # Extends ActiveRecord::Base so that model classes
8
+ # can be tagged as resources.
9
+ #
10
+ # To associate a model class with a resource type, use #resource in the class
11
+ # definition.
12
+ #
13
+ # class MyResource < ActiveRecord::Base
14
+ # resource :my_resource
15
+ #
16
+ # # ...
17
+ # end
18
+ #
19
+ # If you don't pass an argument to #resource, the resource name will be
20
+ # the underscored class name.
21
+ #
22
+ # See AnnotationSecurity::Resource if you want to use non-model classes as resources.
23
+ #
24
+ class Base
25
+
26
+ # Declares a model class to be a resource.
27
+ # * +resource_type+ (optional) Symbol of the resource type (like :course)
28
+ def self.resource(resource_type = nil)
29
+ include ::AnnotationSecurity::ActiveRecord
30
+ self.resource_type = resource_type if resource_type
31
+ self.resource_type
32
+ end
33
+ end
34
+
35
35
  end