annotation_security 1.0.1 → 1.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (63) hide show
  1. data/CHANGELOG.md +14 -0
  2. data/HOW-TO.md +275 -0
  3. data/{MIT-LICENSE → LICENSE} +1 -1
  4. data/README.md +39 -0
  5. data/Rakefile +62 -55
  6. data/assets/app/helpers/annotation_security_helper.rb +8 -8
  7. data/assets/config/initializers/annotation_security.rb +11 -11
  8. data/assets/config/security/relations.rb +20 -20
  9. data/assets/vendor/plugins/annotation_security/init.rb +13 -13
  10. data/bin/annotation_security +7 -7
  11. data/lib/annotation_security/exceptions.rb +124 -124
  12. data/lib/annotation_security/exec.rb +188 -188
  13. data/lib/annotation_security/filters.rb +37 -37
  14. data/lib/annotation_security/includes/action_controller.rb +144 -143
  15. data/lib/annotation_security/includes/active_record.rb +27 -27
  16. data/lib/annotation_security/includes/helper.rb +215 -215
  17. data/lib/annotation_security/includes/resource.rb +84 -84
  18. data/lib/annotation_security/includes/role.rb +30 -30
  19. data/lib/annotation_security/includes/user.rb +26 -26
  20. data/lib/annotation_security/manager/policy_factory.rb +29 -29
  21. data/lib/annotation_security/manager/policy_manager.rb +79 -79
  22. data/lib/annotation_security/manager/relation_loader.rb +272 -272
  23. data/lib/annotation_security/manager/resource_manager.rb +36 -36
  24. data/lib/annotation_security/manager/right_loader.rb +87 -87
  25. data/lib/annotation_security/model_observer.rb +61 -61
  26. data/lib/annotation_security/policy/abstract_policy.rb +344 -344
  27. data/lib/annotation_security/policy/abstract_static_policy.rb +75 -75
  28. data/lib/annotation_security/policy/all_resources_policy.rb +20 -20
  29. data/lib/annotation_security/policy/rule.rb +340 -340
  30. data/lib/annotation_security/policy/rule_set.rb +138 -138
  31. data/lib/annotation_security/rails.rb +38 -38
  32. data/lib/annotation_security/user_wrapper.rb +73 -73
  33. data/lib/annotation_security/utils.rb +141 -141
  34. data/lib/annotation_security/version.rb +10 -0
  35. data/lib/annotation_security.rb +102 -97
  36. data/lib/extensions/action_controller.rb +32 -32
  37. data/lib/extensions/active_record.rb +34 -34
  38. data/lib/extensions/filter.rb +133 -133
  39. data/lib/extensions/object.rb +10 -10
  40. data/lib/security_context.rb +589 -551
  41. data/spec/annotation_security/exceptions_spec.rb +16 -16
  42. data/spec/annotation_security/includes/helper_spec.rb +82 -82
  43. data/spec/annotation_security/manager/policy_manager_spec.rb +15 -15
  44. data/spec/annotation_security/manager/resource_manager_spec.rb +17 -17
  45. data/spec/annotation_security/manager/right_loader_spec.rb +17 -17
  46. data/spec/annotation_security/policy/abstract_policy_spec.rb +16 -16
  47. data/spec/annotation_security/policy/all_resources_policy_spec.rb +24 -24
  48. data/spec/annotation_security/policy/rule_set_spec.rb +112 -112
  49. data/spec/annotation_security/policy/rule_spec.rb +77 -77
  50. data/spec/annotation_security/policy/test_policy_spec.rb +80 -80
  51. data/spec/annotation_security/security_context_spec.rb +78 -78
  52. data/spec/annotation_security/utils_spec.rb +73 -73
  53. data/spec/helper/test_controller.rb +65 -65
  54. data/spec/helper/test_helper.rb +5 -5
  55. data/spec/helper/test_relations.rb +6 -6
  56. data/spec/helper/test_resource.rb +38 -38
  57. data/spec/helper/test_role.rb +21 -21
  58. data/spec/helper/test_user.rb +31 -31
  59. data/spec/rails_stub.rb +37 -37
  60. metadata +94 -72
  61. data/CHANGELOG +0 -2
  62. data/HOW-TO +0 -261
  63. data/README +0 -39
@@ -1,27 +1,27 @@
1
- #
2
- # = lib/annotation_security/includes/user.rb
3
- #
4
-
5
- # = AnnotationSecurity::User
6
- #
7
- # This module should be included by the user domain class to
8
- # enable full support of all features.
9
- #
10
- module AnnotationSecurity::User
11
-
12
- # Returns true if this is the user given as parameter.
13
- #
14
- # Required to have a common interface with AnnotationSecurity::Role.
15
- #
16
- def is_user?(user)
17
- self == user
18
- end
19
-
20
- # If +obj+ is a UserWrapper, extract the user before comparing
21
- #
22
- def ==(obj)
23
- obj = obj.__user__ if obj.is_a? AnnotationSecurity::UserWrapper
24
- super(obj)
25
- end
26
-
1
+ #
2
+ # = lib/annotation_security/includes/user.rb
3
+ #
4
+
5
+ # = AnnotationSecurity::User
6
+ #
7
+ # This module should be included by the user domain class to
8
+ # enable full support of all features.
9
+ #
10
+ module AnnotationSecurity::User
11
+
12
+ # Returns true if this is the user given as parameter.
13
+ #
14
+ # Required to have a common interface with AnnotationSecurity::Role.
15
+ #
16
+ def is_user?(user)
17
+ self == user
18
+ end
19
+
20
+ # If +obj+ is a UserWrapper, extract the user before comparing
21
+ #
22
+ def ==(obj)
23
+ obj = obj.__user__ if obj.is_a? AnnotationSecurity::UserWrapper
24
+ super(obj)
25
+ end
26
+
27
27
  end
@@ -1,30 +1,30 @@
1
- #
2
- # = lib/annotation_security/manager/policy_factory.rb
3
- #
4
-
5
- # = AnnotationSecurity::PolicyFactory
6
- # Builds the policy classes.
7
- #
8
- class AnnotationSecurity::PolicyFactory # :nodoc:
9
-
10
- def initialize(resource_class)
11
- @klass = AnnotationSecurity::AbstractPolicy.new_subclass(resource_class)
12
- end
13
-
14
- def policy_class
15
- @klass
16
- end
17
-
18
- def add_rule(symbol,*args,&block)
19
- @klass.add_rule(symbol,*args,&block)
20
- end
21
-
22
- def create_policy(*args)
23
- @klass.new(*args)
24
- end
25
-
26
- def reset
27
- @klass.reset
28
- end
29
-
1
+ #
2
+ # = lib/annotation_security/manager/policy_factory.rb
3
+ #
4
+
5
+ # = AnnotationSecurity::PolicyFactory
6
+ # Builds the policy classes.
7
+ #
8
+ class AnnotationSecurity::PolicyFactory # :nodoc:
9
+
10
+ def initialize(resource_class)
11
+ @klass = AnnotationSecurity::AbstractPolicy.new_subclass(resource_class)
12
+ end
13
+
14
+ def policy_class
15
+ @klass
16
+ end
17
+
18
+ def add_rule(symbol,*args,&block)
19
+ @klass.add_rule(symbol,*args,&block)
20
+ end
21
+
22
+ def create_policy(*args)
23
+ @klass.new(*args)
24
+ end
25
+
26
+ def reset
27
+ @klass.reset
28
+ end
29
+
30
30
  end
@@ -1,80 +1,80 @@
1
- #
2
- # = lib/annotation_security/manager/policy_manager.rb
3
- #
4
- require 'yaml'
5
-
6
- # = AnnotationSecurity::PolicyManager
7
- #
8
- # Manages loading and creation of all policy classes.
9
- #
10
- class AnnotationSecurity::PolicyManager # :nodoc:
11
-
12
- # Get the policy factory for a resource class
13
- def self.policy_factory(resource_type) # :nodoc:
14
- policy_factories[resource_type.to_sym]
15
- end
16
-
17
- # Creates a policy object for a user and a resource type
18
- #
19
- # ==== Example
20
- #
21
- # picture = Picture.find_by_id(params[:picture])
22
- # policy = PolicyManager.get_policy(:picture,@current_user)
23
- # policy.allowed? :show, picture # => true or false
24
- #
25
- def self.create_policy(resource_type,*args)
26
- policy_factory(resource_type).create_policy(*args)
27
- end
28
-
29
- def self.policy_class(resource_class) # :nodoc:
30
- policy_factory(resource_class).policy_class
31
- end
32
-
33
- def self.config_files # :nodoc:
34
- @files ||= []
35
- end
36
-
37
- # Adds a file that contains security configurations
38
- # * +f+ file name
39
- # * +ext+ 'yml' or 'rb'
40
- def self.add_file(f,ext) # :nodoc:
41
- unless config_files.include? [f,ext]
42
- config_files.push [f,ext]
43
- load_file(f,ext)
44
- end
45
- end
46
-
47
- def self.reset
48
- policy_factories.each_value(&:reset)
49
- config_files.each { |f,ext| load_file(f,ext) }
50
- end
51
-
52
- private
53
-
54
- def self.load_file(f,ext)
55
- fname = get_file_name(f,ext)
56
- case ext
57
- when 'yml'
58
- AnnotationSecurity::RightLoader.define_rights(YAML.load_file(fname))
59
- when 'rb'
60
- load fname
61
- end
62
- end
63
-
64
- SEARCH_PATH = ['', RAILS_ROOT, RAILS_ROOT + '/config/security/',
65
- RAILS_ROOT + '/config/', RAILS_ROOT + '/security/']
66
-
67
- def self.get_file_name(f,ext)
68
- SEARCH_PATH.each do |fname1|
69
- [f, f+'.'+ext].each do |fname2|
70
- return (fname1 + fname2) if File.exist?(fname1 + fname2)
71
- end
72
- end
73
- raise "File not found: '#{f+'.'+ext}'"
74
- end
75
-
76
- def self.policy_factories
77
- # Create a new factory if it is needed
78
- @factories ||= Hash.new { |h,k| h[k] = AnnotationSecurity::PolicyFactory.new(k) }
79
- end
1
+ #
2
+ # = lib/annotation_security/manager/policy_manager.rb
3
+ #
4
+ require 'yaml'
5
+
6
+ # = AnnotationSecurity::PolicyManager
7
+ #
8
+ # Manages loading and creation of all policy classes.
9
+ #
10
+ class AnnotationSecurity::PolicyManager # :nodoc:
11
+
12
+ # Get the policy factory for a resource class
13
+ def self.policy_factory(resource_type) # :nodoc:
14
+ policy_factories[resource_type.to_sym]
15
+ end
16
+
17
+ # Creates a policy object for a user and a resource type
18
+ #
19
+ # ==== Example
20
+ #
21
+ # picture = Picture.find_by_id(params[:picture])
22
+ # policy = PolicyManager.get_policy(:picture,@current_user)
23
+ # policy.allowed? :show, picture # => true or false
24
+ #
25
+ def self.create_policy(resource_type,*args)
26
+ policy_factory(resource_type).create_policy(*args)
27
+ end
28
+
29
+ def self.policy_class(resource_class) # :nodoc:
30
+ policy_factory(resource_class).policy_class
31
+ end
32
+
33
+ def self.config_files # :nodoc:
34
+ @files ||= []
35
+ end
36
+
37
+ # Adds a file that contains security configurations
38
+ # * +f+ file name
39
+ # * +ext+ 'yml' or 'rb'
40
+ def self.add_file(f,ext) # :nodoc:
41
+ unless config_files.include? [f,ext]
42
+ config_files.push [f,ext]
43
+ load_file(f,ext)
44
+ end
45
+ end
46
+
47
+ def self.reset
48
+ policy_factories.each_value(&:reset)
49
+ config_files.each { |f,ext| load_file(f,ext) }
50
+ end
51
+
52
+ private
53
+
54
+ def self.load_file(f,ext)
55
+ fname = get_file_name(f,ext)
56
+ case ext
57
+ when 'yml'
58
+ AnnotationSecurity::RightLoader.define_rights(YAML.load_file(fname))
59
+ when 'rb'
60
+ load fname
61
+ end
62
+ end
63
+
64
+ SEARCH_PATH = ['', RAILS_ROOT, RAILS_ROOT + '/config/security/',
65
+ RAILS_ROOT + '/config/', RAILS_ROOT + '/security/']
66
+
67
+ def self.get_file_name(f,ext)
68
+ SEARCH_PATH.each do |fname1|
69
+ [f, f+'.'+ext].each do |fname2|
70
+ return (fname1 + fname2) if File.exist?(fname1 + fname2)
71
+ end
72
+ end
73
+ raise "File not found: '#{f+'.'+ext}'"
74
+ end
75
+
76
+ def self.policy_factories
77
+ # Create a new factory if it is needed
78
+ @factories ||= Hash.new { |h,k| h[k] = AnnotationSecurity::PolicyFactory.new(k) }
79
+ end
80
80
  end