annotation_security 1.0.2 → 1.3.1
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELOG +22 -0
- data/HOW-TO +261 -0
- data/{LICENSE → MIT-LICENSE} +1 -1
- data/README +39 -0
- data/Rakefile +53 -62
- data/assets/app/helpers/annotation_security_helper.rb +8 -8
- data/assets/config/initializers/annotation_security.rb +11 -11
- data/assets/config/security/relations.rb +20 -20
- data/assets/vendor/plugins/annotation_security/init.rb +14 -14
- data/bin/annotation_security +7 -7
- data/lib/annotation_security.rb +94 -103
- data/lib/annotation_security/exceptions.rb +124 -124
- data/lib/annotation_security/exec.rb +188 -188
- data/lib/annotation_security/includes/helper.rb +215 -215
- data/lib/annotation_security/includes/resource.rb +84 -84
- data/lib/annotation_security/includes/role.rb +30 -30
- data/lib/annotation_security/includes/user.rb +26 -26
- data/lib/annotation_security/manager/policy_factory.rb +29 -29
- data/lib/annotation_security/manager/policy_manager.rb +87 -79
- data/lib/annotation_security/manager/relation_loader.rb +272 -272
- data/lib/annotation_security/manager/resource_manager.rb +36 -36
- data/lib/annotation_security/manager/right_loader.rb +87 -87
- data/lib/annotation_security/policy/abstract_policy.rb +344 -344
- data/lib/annotation_security/policy/abstract_static_policy.rb +75 -75
- data/lib/annotation_security/policy/all_resources_policy.rb +20 -20
- data/lib/annotation_security/policy/rule.rb +340 -340
- data/lib/annotation_security/policy/rule_set.rb +138 -138
- data/lib/annotation_security/rails.rb +22 -39
- data/lib/{extensions → annotation_security/rails/2/extensions}/filter.rb +131 -133
- data/lib/annotation_security/rails/2/includes/action_controller.rb +144 -0
- data/lib/annotation_security/rails/2/includes/active_record.rb +28 -0
- data/lib/annotation_security/rails/2/initializer.rb +35 -0
- data/lib/annotation_security/{model_observer.rb → rails/2/model_observer.rb} +61 -61
- data/lib/annotation_security/rails/3/extensions/filter.rb +28 -0
- data/lib/annotation_security/{includes → rails/3/includes}/action_controller.rb +143 -144
- data/lib/annotation_security/{includes → rails/3/includes}/active_record.rb +27 -27
- data/lib/annotation_security/rails/3/initializer.rb +40 -0
- data/lib/annotation_security/rails/3/model_observer.rb +61 -0
- data/lib/annotation_security/rails/extensions.rb +21 -0
- data/lib/{extensions → annotation_security/rails/extensions}/action_controller.rb +31 -32
- data/lib/{extensions → annotation_security/rails/extensions}/active_record.rb +33 -34
- data/lib/{extensions → annotation_security/rails/extensions}/object.rb +10 -10
- data/lib/annotation_security/{filters.rb → rails/filters.rb} +37 -37
- data/lib/annotation_security/user_wrapper.rb +73 -73
- data/lib/annotation_security/utils.rb +141 -141
- data/lib/security_context.rb +588 -589
- data/spec/annotation_security/exceptions_spec.rb +16 -16
- data/spec/annotation_security/includes/helper_spec.rb +82 -82
- data/spec/annotation_security/manager/policy_manager_spec.rb +15 -15
- data/spec/annotation_security/manager/resource_manager_spec.rb +17 -17
- data/spec/annotation_security/manager/right_loader_spec.rb +17 -17
- data/spec/annotation_security/policy/abstract_policy_spec.rb +16 -16
- data/spec/annotation_security/policy/all_resources_policy_spec.rb +24 -24
- data/spec/annotation_security/policy/rule_set_spec.rb +112 -112
- data/spec/annotation_security/policy/rule_spec.rb +77 -77
- data/spec/annotation_security/policy/test_policy_spec.rb +80 -80
- data/spec/annotation_security/security_context_spec.rb +129 -78
- data/spec/annotation_security/utils_spec.rb +73 -73
- data/spec/helper/test_controller.rb +65 -65
- data/spec/helper/test_helper.rb +5 -5
- data/spec/helper/test_relations.rb +6 -6
- data/spec/helper/test_resource.rb +38 -38
- data/spec/helper/test_role.rb +21 -21
- data/spec/helper/test_user.rb +31 -31
- data/spec/rails_stub.rb +44 -37
- metadata +110 -96
- data/CHANGELOG.md +0 -14
- data/HOW-TO.md +0 -275
- data/README.md +0 -39
- data/lib/annotation_security/version.rb +0 -10
data/README.md
DELETED
@@ -1,39 +0,0 @@
|
|
1
|
-
# Resource Based security for Rails applications
|
2
|
-
|
3
|
-
This plugin provides a thin security layer for rails applications. It performs access
|
4
|
-
checks based on a behavioural description of controller actions. Security rules
|
5
|
-
are defined on a resource model which is cleanly separated from your models and controllers.
|
6
|
-
|
7
|
-
## Installation steps
|
8
|
-
|
9
|
-
The security layer is a gem and may be installed using
|
10
|
-
`gem install annotation_security`.
|
11
|
-
|
12
|
-
After installing the gem, run `annotation_security --rails RAILS_HOME` to
|
13
|
-
integrate the security layer in your rails app. Along with the
|
14
|
-
annotation_security plugin this will add
|
15
|
-
|
16
|
-
* the `AnnotationSecurity::Helper` in the `app/helpers` folder of your
|
17
|
-
rails-app. It provides some useful methods to create links and query the
|
18
|
-
security layer from views.
|
19
|
-
* example configuration files to setup the security layer under `config/security`
|
20
|
-
* an initializer for the security layer under `config/initializer`
|
21
|
-
|
22
|
-
## Where to start
|
23
|
-
|
24
|
-
Check out the basic introduction on [how to secure your application](HOW-TO.md).
|
25
|
-
In order to get a detailed idea about how things work, have a deeper look
|
26
|
-
inside `AnnotationSecurity::ActionController` (how to secure your application),
|
27
|
-
`AnnotationSecurity::RightLoader` (how to setup rights) and
|
28
|
-
`AnnotationSecurity::RelationLoader` (how to setup relations).
|
29
|
-
|
30
|
-
Have a look at the view methods provided by the `AnnotationSecurity::Helper` as
|
31
|
-
well and at the `SecurityContext` which is the main entry-point for security related
|
32
|
-
functionality in the layer.
|
33
|
-
|
34
|
-
## License
|
35
|
-
|
36
|
-
Copyright Nico Rehwaldt, Arian Treffer 2009, 2010, 2013
|
37
|
-
|
38
|
-
You may use, copy and redistribute this library under the same terms as
|
39
|
-
[Ruby itself](http://www.ruby-lang.org/en/LICENSE.txt) or under the MIT license.
|