RubyGems - annotation_security - Versions diffs - 1.0.2 → 1.3.1 - Mend

annotation_security 1.0.2 → 1.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (70) hide show

data/CHANGELOG +22 -0
data/HOW-TO +261 -0
data/{LICENSE → MIT-LICENSE} +1 -1
data/README +39 -0
data/Rakefile +53 -62
data/assets/app/helpers/annotation_security_helper.rb +8 -8
data/assets/config/initializers/annotation_security.rb +11 -11
data/assets/config/security/relations.rb +20 -20
data/assets/vendor/plugins/annotation_security/init.rb +14 -14
data/bin/annotation_security +7 -7
data/lib/annotation_security.rb +94 -103
data/lib/annotation_security/exceptions.rb +124 -124
data/lib/annotation_security/exec.rb +188 -188
data/lib/annotation_security/includes/helper.rb +215 -215
data/lib/annotation_security/includes/resource.rb +84 -84
data/lib/annotation_security/includes/role.rb +30 -30
data/lib/annotation_security/includes/user.rb +26 -26
data/lib/annotation_security/manager/policy_factory.rb +29 -29
data/lib/annotation_security/manager/policy_manager.rb +87 -79
data/lib/annotation_security/manager/relation_loader.rb +272 -272
data/lib/annotation_security/manager/resource_manager.rb +36 -36
data/lib/annotation_security/manager/right_loader.rb +87 -87
data/lib/annotation_security/policy/abstract_policy.rb +344 -344
data/lib/annotation_security/policy/abstract_static_policy.rb +75 -75
data/lib/annotation_security/policy/all_resources_policy.rb +20 -20
data/lib/annotation_security/policy/rule.rb +340 -340
data/lib/annotation_security/policy/rule_set.rb +138 -138
data/lib/annotation_security/rails.rb +22 -39
data/lib/{extensions → annotation_security/rails/2/extensions}/filter.rb +131 -133
data/lib/annotation_security/rails/2/includes/action_controller.rb +144 -0
data/lib/annotation_security/rails/2/includes/active_record.rb +28 -0
data/lib/annotation_security/rails/2/initializer.rb +35 -0
data/lib/annotation_security/{model_observer.rb → rails/2/model_observer.rb} +61 -61
data/lib/annotation_security/rails/3/extensions/filter.rb +28 -0
data/lib/annotation_security/{includes → rails/3/includes}/action_controller.rb +143 -144
data/lib/annotation_security/{includes → rails/3/includes}/active_record.rb +27 -27
data/lib/annotation_security/rails/3/initializer.rb +40 -0
data/lib/annotation_security/rails/3/model_observer.rb +61 -0
data/lib/annotation_security/rails/extensions.rb +21 -0
data/lib/{extensions → annotation_security/rails/extensions}/action_controller.rb +31 -32
data/lib/{extensions → annotation_security/rails/extensions}/active_record.rb +33 -34
data/lib/{extensions → annotation_security/rails/extensions}/object.rb +10 -10
data/lib/annotation_security/{filters.rb → rails/filters.rb} +37 -37
data/lib/annotation_security/user_wrapper.rb +73 -73
data/lib/annotation_security/utils.rb +141 -141
data/lib/security_context.rb +588 -589
data/spec/annotation_security/exceptions_spec.rb +16 -16
data/spec/annotation_security/includes/helper_spec.rb +82 -82
data/spec/annotation_security/manager/policy_manager_spec.rb +15 -15
data/spec/annotation_security/manager/resource_manager_spec.rb +17 -17
data/spec/annotation_security/manager/right_loader_spec.rb +17 -17
data/spec/annotation_security/policy/abstract_policy_spec.rb +16 -16
data/spec/annotation_security/policy/all_resources_policy_spec.rb +24 -24
data/spec/annotation_security/policy/rule_set_spec.rb +112 -112
data/spec/annotation_security/policy/rule_spec.rb +77 -77
data/spec/annotation_security/policy/test_policy_spec.rb +80 -80
data/spec/annotation_security/security_context_spec.rb +129 -78
data/spec/annotation_security/utils_spec.rb +73 -73
data/spec/helper/test_controller.rb +65 -65
data/spec/helper/test_helper.rb +5 -5
data/spec/helper/test_relations.rb +6 -6
data/spec/helper/test_resource.rb +38 -38
data/spec/helper/test_role.rb +21 -21
data/spec/helper/test_user.rb +31 -31
data/spec/rails_stub.rb +44 -37
metadata +110 -96
data/CHANGELOG.md +0 -14
data/HOW-TO.md +0 -275
data/README.md +0 -39
data/lib/annotation_security/version.rb +0 -10

data/spec/annotation_security/utils_spec.rb CHANGED Viewed

@@ -1,74 +1,74 @@
-require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
-describe AnnotationSecurity::Utils do
-  it 'should remove prefixes of the method body' do
-    %w{may_rule is_rule can_rule has_rule}.each do |method|
-      AnnotationSecurity::Utils.method_body(method).should eql('rule')
-    end
-  end
-  it 'should remove suffixes of the method body' do
-    %w{rule_for rule_of rule_in rule_to rule?}.each do |method|
-      AnnotationSecurity::Utils.method_body(method).should eql('rule')
-    end
-  end
-  it 'should return nil if the method body is clean' do
-    AnnotationSecurity::Utils.method_body('rule').should be_nil
-  end
-  it 'should ignore prefixes and suffixes without underscore in method body' do
-    %w{mayrule isrule rulefor ruleof canrulein hasruleto}.each do |method|
-      AnnotationSecurity::Utils.method_body(method).should eql(nil)
-    end
-  end
-  it 'should remove only prefix or suffix from the method body at a time' do
-    AnnotationSecurity::Utils.method_body('may_is_rule').should eql('is_rule')
-    AnnotationSecurity::Utils.method_body('rule_of_for').should eql('rule_of')
-    AnnotationSecurity::Utils.method_body('can_has_rule_to?').should eql('has_rule_to')
-  end
-  it 'should parse descriptions without bindings correctly' do
-    ['show a resource', 'show with some text ignored a resource',
-     'show pluralized resources', '(ignoring comments) show a resource',
-     'show a resource (with comment at the end)'].each do |s|
-      AnnotationSecurity::Utils.parse_description(s).
-        should == {:action => :show, :resource => :resource}
-    end
-  end
-  it 'should detect bindings of a description' do
-    {
-      'show the resource in @res' =>
-        {:action => :show,:resource => :resource, :source => '@res'},
-      'show the resource from :id' =>
-        {:action => :show,:resource => :resource, :source => :id},
-    }.each_pair do |key, value|
-      AnnotationSecurity::Utils.parse_description(key,true).should == value
-    end
-  end
-  it 'should raise an error if an unexpected binding is detected in a description' do
-    lambda {
-      AnnotationSecurity::Utils.parse_description('show the resource :id')
-    }.should raise_error(StandardError)
-  end
-  it 'should parse policy arguments like specified in SecurityContext.allowed?' do
-    obj = Object.new
-    def obj.__is_resource?; true; end
-    def obj.resource_type; :o_resource; end
-    {
-      [:show, :resource, obj] => [:show, :resource, obj],
-      [:show, obj] => [:show, :o_resource, obj],
-      ['show resource', obj] => [:show, :resource, obj],
-      [:show, :resource] => [:show, :resource],
-      [:administrate] => [:administrate, :all_resources]
-    }.each_pair do |key, value|
-      AnnotationSecurity::Utils.parse_policy_arguments(key).should == value
-    end
-  end
+require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
+describe AnnotationSecurity::Utils do
+  it 'should remove prefixes of the method body' do
+    %w{may_rule is_rule can_rule has_rule}.each do |method|
+      AnnotationSecurity::Utils.method_body(method).should eql('rule')
+    end
+  end
+  it 'should remove suffixes of the method body' do
+    %w{rule_for rule_of rule_in rule_to rule?}.each do |method|
+      AnnotationSecurity::Utils.method_body(method).should eql('rule')
+    end
+  end
+  it 'should return nil if the method body is clean' do
+    AnnotationSecurity::Utils.method_body('rule').should be_nil
+  end
+  it 'should ignore prefixes and suffixes without underscore in method body' do
+    %w{mayrule isrule rulefor ruleof canrulein hasruleto}.each do |method|
+      AnnotationSecurity::Utils.method_body(method).should eql(nil)
+    end
+  end
+  it 'should remove only prefix or suffix from the method body at a time' do
+    AnnotationSecurity::Utils.method_body('may_is_rule').should eql('is_rule')
+    AnnotationSecurity::Utils.method_body('rule_of_for').should eql('rule_of')
+    AnnotationSecurity::Utils.method_body('can_has_rule_to?').should eql('has_rule_to')
+  end
+  it 'should parse descriptions without bindings correctly' do
+    ['show a resource', 'show with some text ignored a resource',
+     'show pluralized resources', '(ignoring comments) show a resource',
+     'show a resource (with comment at the end)'].each do |s|
+      AnnotationSecurity::Utils.parse_description(s).
+        should == {:action => :show, :resource => :resource}
+    end
+  end
+  it 'should detect bindings of a description' do
+    {
+      'show the resource in @res' =>
+        {:action => :show,:resource => :resource, :source => '@res'},
+      'show the resource from :id' =>
+        {:action => :show,:resource => :resource, :source => :id},
+    }.each_pair do |key, value|
+      AnnotationSecurity::Utils.parse_description(key,true).should == value
+    end
+  end
+  it 'should raise an error if an unexpected binding is detected in a description' do
+    lambda {
+      AnnotationSecurity::Utils.parse_description('show the resource :id')
+    }.should raise_error(StandardError)
+  end
+  it 'should parse policy arguments like specified in SecurityContext.allowed?' do
+    obj = Object.new
+    def obj.__is_resource?; true; end
+    def obj.resource_type; :o_resource; end
+    {
+      [:show, :resource, obj] => [:show, :resource, obj],
+      [:show, obj] => [:show, :o_resource, obj],
+      ['show resource', obj] => [:show, :resource, obj],
+      [:show, :resource] => [:show, :resource],
+      [:administrate] => [:administrate, :all_resources]
+    }.each_pair do |key, value|
+      AnnotationSecurity::Utils.parse_policy_arguments(key).should == value
+    end
+  end
 end

data/spec/helper/test_controller.rb CHANGED Viewed

@@ -1,66 +1,66 @@
-class TestController < ActionController::Base
-  describe :show, 'shows a test_resource'
-  describe :edit, 'edit some test_resources'
-  describe :show_edit, 'shows a test_resource', 'edits a test_resource'
-  describe :edit_with_render, 'edits the test_resource in @resource'
-  describe :delete, 'delete test_resource by :id'
-  describe :list, 'list all test_resources in @list'
-  def test_init(action, params)
-    @action = action
-    @params = params
-  end
-  def action_name
-    @action
-  end
-  def params
-    @params
-  end
-  def show
-    @resource = TestResource.find params[:id]
-  end
-  def edit
-    @resource = TestResource.find params[:id]
-  end
-  def show_edit
-    @resource = TestResource.find params[:id]
-  end
-  def edit_with_render
-    @resource = TestResource.find params[:id1]
-    render 'view'
-    @resource = TestResource.find params[:id2]
-  end
-  def delete
-    self.class.enter_delete
-    @resource = TestResource.find params[:id]
-  end
-  def list
-    r1 = TestResource.find params[:id1]
-    r2 = TestResource.find params[:id2]
-    @list = [r1, r2]
-  end
-  def render(*args)
-    super(*args)
-    self.class.exit_render
-  end
-  # callbacks used for mocking
-  def self.enter_delete
-  end
-  def self.exit_render
-  end
+class TestController < ActionController::Base
+  describe :show, 'shows a test_resource'
+  describe :edit, 'edit some test_resources'
+  describe :show_edit, 'shows a test_resource', 'edits a test_resource'
+  describe :edit_with_render, 'edits the test_resource in @resource'
+  describe :delete, 'delete test_resource by :id'
+  describe :list, 'list all test_resources in @list'
+  def test_init(action, params)
+    @action = action
+    @params = params
+  end
+  def action_name
+    @action
+  end
+  def params
+    @params
+  end
+  def show
+    @resource = TestResource.find params[:id]
+  end
+  def edit
+    @resource = TestResource.find params[:id]
+  end
+  def show_edit
+    @resource = TestResource.find params[:id]
+  end
+  def edit_with_render
+    @resource = TestResource.find params[:id1]
+    render 'view'
+    @resource = TestResource.find params[:id2]
+  end
+  def delete
+    self.class.enter_delete
+    @resource = TestResource.find params[:id]
+  end
+  def list
+    r1 = TestResource.find params[:id1]
+    r2 = TestResource.find params[:id2]
+    @list = [r1, r2]
+  end
+  def render(*args)
+    super(*args)
+    self.class.exit_render
+  end
+  # callbacks used for mocking
+  def self.enter_delete
+  end
+  def self.exit_render
+  end
 end

data/spec/helper/test_helper.rb CHANGED Viewed

@@ -1,5 +1,5 @@
-class TestHelper
-  include AnnotationSecurity::Helper
-end
+class TestHelper
+  include AnnotationSecurity::Helper
+end

data/spec/helper/test_relations.rb CHANGED Viewed

@@ -1,7 +1,7 @@
-AnnotationSecurity.define_relations(:test_resource) do
-  owner do |user, res|
-    user.name == res.name
-  end
+AnnotationSecurity.define_relations(:test_resource) do
+  owner do |user, res|
+    user.name == res.name
+  end
 end

data/spec/helper/test_resource.rb CHANGED Viewed

@@ -1,39 +1,39 @@
-class TestResource
-  include AnnotationSecurity::Resource
-  self.resource_type = :test_resource
-  def self.find(arg)
-    obj = new arg
-    # normally, this is done by a model observer
-    SecurityContext.observe obj
-    obj
-  end
-  def self.get_resource(arg)
-    return nil if arg.nil?
-    return arg if arg.is_a? self
-    new arg
-  end
-  def initialize(name = "")
-    @name = name
-  end
-  def name
-    @name
-  end
-  def ==(other)
-    return false unless other.is_a? self.class
-    name == other.name
-  end
-  def to_s
-    "<TestResource:#{name}>"
-  end
+class TestResource
+  include AnnotationSecurity::Resource
+  self.resource_type = :test_resource
+  def self.find(arg)
+    obj = new arg
+    # normally, this is done by a model observer
+    SecurityContext.observe obj
+    obj
+  end
+  def self.get_resource(arg)
+    return nil if arg.nil?
+    return arg if arg.is_a? self
+    new arg
+  end
+  def initialize(name = "")
+    @name = name
+  end
+  def name
+    @name
+  end
+  def ==(other)
+    return false unless other.is_a? self.class
+    name == other.name
+  end
+  def to_s
+    "<TestResource:#{name}>"
+  end
 end

data/spec/helper/test_role.rb CHANGED Viewed

@@ -1,22 +1,22 @@
-class TestRole
-  include AnnotationSecurity::Role
-  def initialize(name,user)
-    @name = name
-    @user = user
-  end
-  def role_name
-    @name
-  end
-  def name
-    role_name
-  end
-  def user
-    @user
-  end
+class TestRole
+  include AnnotationSecurity::Role
+  def initialize(name,user)
+    @name = name
+    @user = user
+  end
+  def role_name
+    @name
+  end
+  def name
+    role_name
+  end
+  def user
+    @user
+  end
 end

data/spec/helper/test_user.rb CHANGED Viewed

@@ -1,32 +1,32 @@
-class TestUser
-  include AnnotationSecurity::User
-  def initialize(name='user_name')
-    @name = name
-    @one_role = TestRole.new(:one,self)
-    @many_roles = [
-        TestRole.new(:a,self), TestRole.new(:b,self), TestRole.new(:c,self)]
-  end
-  def user_name
-    @name
-  end
-  def name
-    user_name
-  end
-  def as_one_role
-    @one_role
-  end
-  def as_many_roles
-    @many_roles
-  end
-  def to_s
-    "<TestUser:#{name}>"
-  end
+class TestUser
+  include AnnotationSecurity::User
+  def initialize(name='user_name')
+    @name = name
+    @one_role = TestRole.new(:one,self)
+    @many_roles = [
+        TestRole.new(:a,self), TestRole.new(:b,self), TestRole.new(:c,self)]
+  end
+  def user_name
+    @name
+  end
+  def name
+    user_name
+  end
+  def as_one_role
+    @one_role
+  end
+  def as_many_roles
+    @many_roles
+  end
+  def to_s
+    "<TestUser:#{name}>"
+  end
 end