arrthorizer 0.1.0.pre
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.gitignore +21 -0
- data/.travis.yml +6 -0
- data/Gemfile +10 -0
- data/LICENSE.txt +22 -0
- data/README.md +32 -0
- data/Rakefile +8 -0
- data/arrthorizer.gemspec +24 -0
- data/config.ru +7 -0
- data/lib/arrthorizer/arrthorizer_exception.rb +11 -0
- data/lib/arrthorizer/context.rb +65 -0
- data/lib/arrthorizer/context_builder.rb +11 -0
- data/lib/arrthorizer/context_role.rb +31 -0
- data/lib/arrthorizer/permission.rb +14 -0
- data/lib/arrthorizer/privilege.rb +44 -0
- data/lib/arrthorizer/rails/configuration.rb +67 -0
- data/lib/arrthorizer/rails/controller_action.rb +45 -0
- data/lib/arrthorizer/rails/controller_concern.rb +70 -0
- data/lib/arrthorizer/rails/controller_configuration.rb +36 -0
- data/lib/arrthorizer/rails/controller_context_builder.rb +39 -0
- data/lib/arrthorizer/rails.rb +24 -0
- data/lib/arrthorizer/registry.rb +30 -0
- data/lib/arrthorizer/role.rb +31 -0
- data/lib/arrthorizer/roles.rb +19 -0
- data/lib/arrthorizer/version.rb +3 -0
- data/lib/arrthorizer.rb +28 -0
- data/lib/generators/arrthorizer/install/USAGE +9 -0
- data/lib/generators/arrthorizer/install/install_generator.rb +62 -0
- data/lib/generators/arrthorizer/install/templates/config.yml +49 -0
- data/spec/arrthorizer_exception/inner_spec.rb +21 -0
- data/spec/context/equals_spec.rb +44 -0
- data/spec/context/merge_spec.rb +37 -0
- data/spec/context_builder/build_spec.rb +12 -0
- data/spec/context_role/to_key_spec.rb +21 -0
- data/spec/context_spec.rb +49 -0
- data/spec/controllers/some_controller_spec.rb +79 -0
- data/spec/integration/registry/missing_handler_spec.rb +25 -0
- data/spec/integration/role_spec.rb +17 -0
- data/spec/internal/app/assets/images/rails.png +0 -0
- data/spec/internal/app/assets/javascripts/application.js +15 -0
- data/spec/internal/app/assets/javascripts/test.js.coffee +3 -0
- data/spec/internal/app/assets/stylesheets/application.css +13 -0
- data/spec/internal/app/assets/stylesheets/test.css.scss +3 -0
- data/spec/internal/app/controllers/application_controller.rb +3 -0
- data/spec/internal/app/controllers/some_controller.rb +17 -0
- data/spec/internal/app/helpers/application_helper.rb +2 -0
- data/spec/internal/app/helpers/test_helper.rb +2 -0
- data/spec/internal/app/mailers/.gitkeep +0 -0
- data/spec/internal/app/models/.gitkeep +0 -0
- data/spec/internal/app/roles/namespaced/context_role.rb +9 -0
- data/spec/internal/app/roles/unnamespaced_context_role.rb +6 -0
- data/spec/internal/app/views/layouts/application.html.erb +11 -0
- data/spec/internal/app/views/some/some_action.html.erb +2 -0
- data/spec/internal/config/application.rb +65 -0
- data/spec/internal/config/arrthorizer.yml +9 -0
- data/spec/internal/config/boot.rb +6 -0
- data/spec/internal/config/database.yml +25 -0
- data/spec/internal/config/environment.rb +5 -0
- data/spec/internal/config/routes.rb +3 -0
- data/spec/internal/db/schema.rb +3 -0
- data/spec/internal/log/.gitignore +1 -0
- data/spec/internal/public/favicon.ico +0 -0
- data/spec/permission/grant_spec.rb +14 -0
- data/spec/privilege/accessible_to_spec.rb +32 -0
- data/spec/privilege/get_spec.rb +35 -0
- data/spec/privilege/initialize_spec.rb +15 -0
- data/spec/privilege/make_accessible_to_spec.rb +22 -0
- data/spec/rails/.gitkeep +0 -0
- data/spec/rails/controller_action/initialize_spec.rb +42 -0
- data/spec/rails/controller_action/key_for_spec.rb +17 -0
- data/spec/rails/controller_action/to_key_spec.rb +14 -0
- data/spec/rails/controller_concern/arrthorizer_context_spec.rb +22 -0
- data/spec/rails/controller_concern/authorize_spec.rb +113 -0
- data/spec/rails/controller_concern/integration_spec.rb +75 -0
- data/spec/rails/controller_concern/to_prepare_context_spec.rb +38 -0
- data/spec/rails/controller_configuration/initialize_spec.rb +19 -0
- data/spec/role/get_spec.rb +29 -0
- data/spec/role/shared_examples/finding_the_right_role.rb +6 -0
- data/spec/spec_helper.rb +21 -0
- data/spec/support/reset.rb +26 -0
- metadata +244 -0
data/lib/arrthorizer.rb
ADDED
@@ -0,0 +1,28 @@
|
|
1
|
+
require "arrthorizer/version"
|
2
|
+
|
3
|
+
module Arrthorizer
|
4
|
+
autoload :ArrthorizerException, "arrthorizer/arrthorizer_exception"
|
5
|
+
|
6
|
+
autoload :Registry, "arrthorizer/registry"
|
7
|
+
|
8
|
+
autoload :Role, "arrthorizer/role"
|
9
|
+
autoload :ContextRole, "arrthorizer/context_role"
|
10
|
+
|
11
|
+
autoload :Permission, "arrthorizer/permission"
|
12
|
+
autoload :Privilege, "arrthorizer/privilege"
|
13
|
+
|
14
|
+
autoload :ContextBuilder, "arrthorizer/context_builder"
|
15
|
+
|
16
|
+
autoload :Rails, "arrthorizer/rails"
|
17
|
+
|
18
|
+
require 'arrthorizer/context'
|
19
|
+
require 'arrthorizer/roles'
|
20
|
+
|
21
|
+
if defined?(::Rails)
|
22
|
+
Arrthorizer::Rails.initialize!
|
23
|
+
end
|
24
|
+
|
25
|
+
def self.configure(&block)
|
26
|
+
self.tap(&block)
|
27
|
+
end
|
28
|
+
end
|
@@ -0,0 +1,62 @@
|
|
1
|
+
module Arrthorizer
|
2
|
+
module Generators
|
3
|
+
class InstallGenerator < ::Rails::Generators::Base
|
4
|
+
source_root File.expand_path('../templates', __FILE__)
|
5
|
+
|
6
|
+
def create_roles_dir
|
7
|
+
create_file gitkeep_for(roles_dir), ''
|
8
|
+
end
|
9
|
+
|
10
|
+
def create_config_file
|
11
|
+
copy_file "config.yml", "config/arrthorizer.yml"
|
12
|
+
end
|
13
|
+
|
14
|
+
def activate_filter
|
15
|
+
insert_into_file 'app/controllers/application_controller.rb', filter_code, after: /class ApplicationController.*$/
|
16
|
+
insert_into_file 'app/controllers/application_controller.rb', context_preparation_code, before: /end$\s*\z/
|
17
|
+
end
|
18
|
+
|
19
|
+
protected
|
20
|
+
def filter_code
|
21
|
+
<<-FILTER_CODE
|
22
|
+
|
23
|
+
# Activate Arrthorizer's authorization checks for each
|
24
|
+
# request to this controller's actions
|
25
|
+
requires_authorization
|
26
|
+
FILTER_CODE
|
27
|
+
end
|
28
|
+
|
29
|
+
def context_preparation_code
|
30
|
+
<<-PREPARATION_CODE
|
31
|
+
|
32
|
+
# By default, configure Arrthorizer to provide all params,
|
33
|
+
# except for :controller and :action, as context to all
|
34
|
+
# ContextRoles.
|
35
|
+
to_prepare_context do |c|
|
36
|
+
c.defaults do
|
37
|
+
# this block must return a Hash-like object. It is
|
38
|
+
# advisable to put actual objects in this hash instead
|
39
|
+
# of ids and such. The block is executed within the
|
40
|
+
# controller, so all methods defined on the controller
|
41
|
+
# are available in this block.
|
42
|
+
params.except(:controller, :action)
|
43
|
+
end
|
44
|
+
|
45
|
+
# for specific actions, additional context can be defined
|
46
|
+
# c.for_action(:new) do
|
47
|
+
# arrthorizer_defaults.merge(key: 'value')
|
48
|
+
# end
|
49
|
+
end
|
50
|
+
PREPARATION_CODE
|
51
|
+
end
|
52
|
+
|
53
|
+
def gitkeep_for(directory)
|
54
|
+
directory.join('.gitkeep')
|
55
|
+
end
|
56
|
+
|
57
|
+
def roles_dir
|
58
|
+
::Rails.root.join('app', 'roles')
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
62
|
+
end
|
@@ -0,0 +1,49 @@
|
|
1
|
+
---
|
2
|
+
# This file contains the configuration for Arrthorizer. It defines privileges and links them to
|
3
|
+
# both Controller Actions and the Roles that are allowed to use them.
|
4
|
+
#
|
5
|
+
# Say we're writing a forum, and we have a Forum::TopicsController with the default REST actions.
|
6
|
+
# We might want to split these REST actions into Create, Read, Update and Delete privileges
|
7
|
+
# (Let's call them 'create_forum_topic', 'read_forum_topic', 'update_forum_topic' and
|
8
|
+
# 'delete_forum_topic'. None of these names are magically generated - *you* get to choose the
|
9
|
+
# names).
|
10
|
+
#
|
11
|
+
# Let's also assume that we have Roles for Forum::TopicStarter and Forum::Administrators.
|
12
|
+
# ForumTopicStarters may be allowed to delete any topics they started and update them in
|
13
|
+
# whatever way they deem relevant, but not change any topics they did not start themselves. This
|
14
|
+
# means the role would be a ContextRole.
|
15
|
+
# Let's also assume you have a LoggedInUser role which allows anyone to see any topic or start a
|
16
|
+
# new one, as # long as they're logged in.
|
17
|
+
#
|
18
|
+
# We would define these privileges as follows:
|
19
|
+
#
|
20
|
+
# read_forum_topic:
|
21
|
+
# actions:
|
22
|
+
# - forum/topics:
|
23
|
+
# - show
|
24
|
+
# - index
|
25
|
+
# roles:
|
26
|
+
# - LoggedInUser
|
27
|
+
#
|
28
|
+
# create_forum_topic:
|
29
|
+
# actions:
|
30
|
+
# - forum/topics:
|
31
|
+
# - new
|
32
|
+
# - create
|
33
|
+
# roles:
|
34
|
+
# - LoggedInUser
|
35
|
+
#
|
36
|
+
# delete_forum_topic:
|
37
|
+
# actions:
|
38
|
+
# - forum/topics:
|
39
|
+
# - destroy
|
40
|
+
# roles:
|
41
|
+
# - Forum::TopicStarter
|
42
|
+
#
|
43
|
+
# update_forum_topic:
|
44
|
+
# actions:
|
45
|
+
# - forum/topics:
|
46
|
+
# - edit
|
47
|
+
# - update
|
48
|
+
# roles:
|
49
|
+
# - Forum::TopicStarter
|
@@ -0,0 +1,21 @@
|
|
1
|
+
require "spec_helper"
|
2
|
+
|
3
|
+
describe Arrthorizer::ArrthorizerException do
|
4
|
+
describe :inner do
|
5
|
+
let(:inner_exception) { Class.new(StandardError).new }
|
6
|
+
|
7
|
+
context "when an ArrthorizerException is raised from a rescue block" do
|
8
|
+
it "wraps the rescued exception and exposes it via the #inner method" do
|
9
|
+
begin
|
10
|
+
raise inner_exception
|
11
|
+
rescue
|
12
|
+
begin
|
13
|
+
raise Arrthorizer::ArrthorizerException
|
14
|
+
rescue Exception => e
|
15
|
+
e.inner.should be inner_exception
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
@@ -0,0 +1,44 @@
|
|
1
|
+
require "spec_helper"
|
2
|
+
|
3
|
+
describe Arrthorizer::Context do
|
4
|
+
let(:context_hash) { { some_key: 'some_value' } }
|
5
|
+
let(:context) { Arrthorizer::Context.new(context_hash) }
|
6
|
+
|
7
|
+
describe :== do
|
8
|
+
context "when an Arrthorizer::Context is provided" do
|
9
|
+
context "and that context has the same contents" do
|
10
|
+
let(:other) { Arrthorizer::Context.new(context_hash) }
|
11
|
+
|
12
|
+
it "returns true" do
|
13
|
+
expect(context).to eq(other)
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
context "but that context has different contents" do
|
18
|
+
let(:other) { Arrthorizer::Context.new(some_key: 'other_value') }
|
19
|
+
|
20
|
+
it "returns false" do
|
21
|
+
expect(context).not_to eq(other)
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
context "when a hashlike object is provided" do
|
27
|
+
context "and that object has the same contents" do
|
28
|
+
let(:other) { context_hash.dup }
|
29
|
+
|
30
|
+
it "returns true" do
|
31
|
+
expect(context).to eq(other)
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
context "but that object has different contents" do
|
36
|
+
let(:other) { { some_key: 'some_other_value' } }
|
37
|
+
|
38
|
+
it "returns false" do
|
39
|
+
expect(context).not_to eq(other)
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
@@ -0,0 +1,37 @@
|
|
1
|
+
require "spec_helper"
|
2
|
+
|
3
|
+
describe Arrthorizer::Context do
|
4
|
+
describe :merge do
|
5
|
+
let(:base_hash) { { key: 'value' } }
|
6
|
+
let(:base_context) { Arrthorizer::Context.new(base_hash) }
|
7
|
+
let(:other_hash) { { other_key: 'other_value' } }
|
8
|
+
let(:merged_hash) { base_hash.merge(other_hash) }
|
9
|
+
|
10
|
+
shared_examples_for "the return value of Arrthorizer::Context#merge" do
|
11
|
+
it "returns an Arrthorizer::Context" do
|
12
|
+
result.should be_an Arrthorizer::Context
|
13
|
+
end
|
14
|
+
|
15
|
+
describe "the returned Arrthorizer::Context" do
|
16
|
+
it "contains the merged contents" do
|
17
|
+
merged_hash.each_pair do |key, value|
|
18
|
+
result.send(key).should == value
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
context "when another Arrthorizer::Context is provided" do
|
25
|
+
let(:other_context) { Arrthorizer::Context.new(other_hash) }
|
26
|
+
let(:result) { base_context.merge(other_context) }
|
27
|
+
|
28
|
+
include_examples "the return value of Arrthorizer::Context#merge"
|
29
|
+
end
|
30
|
+
|
31
|
+
context "when a Hash is provided" do
|
32
|
+
let(:result) { base_context.merge(other_hash) }
|
33
|
+
|
34
|
+
include_examples "the return value of Arrthorizer::Context#merge"
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
@@ -0,0 +1,12 @@
|
|
1
|
+
require "spec_helper"
|
2
|
+
|
3
|
+
describe Arrthorizer::ContextBuilder do
|
4
|
+
let(:builder) { Arrthorizer::ContextBuilder.new do end }
|
5
|
+
|
6
|
+
describe :build do
|
7
|
+
it "returns an Arrthorizer::Context" do
|
8
|
+
builder.build.should be_an Arrthorizer::Context
|
9
|
+
end
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
@@ -0,0 +1,21 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Arrthorizer::ContextRole do
|
4
|
+
describe :to_key do
|
5
|
+
context "when the context role is not namespaced" do
|
6
|
+
let(:role) { UnnamespacedContextRole.instance }
|
7
|
+
|
8
|
+
it "returns a snake_cased version of the class name" do
|
9
|
+
expect(role.to_key).to eql "UnnamespacedContextRole"
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
13
|
+
context "when the context role is namespaced" do
|
14
|
+
let(:role) { Namespaced::ContextRole.instance }
|
15
|
+
|
16
|
+
specify "the namespace is taken into account" do
|
17
|
+
expect(role.to_key).to eql "Namespaced::ContextRole"
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
@@ -0,0 +1,49 @@
|
|
1
|
+
require "spec_helper"
|
2
|
+
|
3
|
+
# explicitly require the right file since
|
4
|
+
# Context() is not an autoloaded constant
|
5
|
+
require "arrthorizer/context"
|
6
|
+
|
7
|
+
describe Arrthorizer do
|
8
|
+
describe 'Context()' do
|
9
|
+
let(:key) { 'key' }
|
10
|
+
let(:value) { 'value' }
|
11
|
+
let(:arg) { Object.new }
|
12
|
+
|
13
|
+
context "when an object that does not support #to_hash is provided" do
|
14
|
+
it "raises an Arrthorizer::ContextConversionError" do
|
15
|
+
expect {
|
16
|
+
Arrthorizer::Context(arg)
|
17
|
+
}.to raise_error(Arrthorizer::Context::ConversionError)
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
context "when an object responding to #to_hash is provided" do
|
22
|
+
before :each do
|
23
|
+
arg.stub(:to_hash).and_return({ key => value })
|
24
|
+
end
|
25
|
+
|
26
|
+
it "returns an Arrthorizer::Context" do
|
27
|
+
result = Arrthorizer::Context(arg)
|
28
|
+
|
29
|
+
result.should be_an Arrthorizer::Context
|
30
|
+
end
|
31
|
+
|
32
|
+
describe "the returned Arrthorizer::Context" do
|
33
|
+
let(:result) { Arrthorizer::Context(arg) }
|
34
|
+
|
35
|
+
specify "it contains the same key-value pairs" do
|
36
|
+
result.send(key).should == value
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
context "when an Arrthorizer::Context is provided" do
|
42
|
+
let(:param) { Arrthorizer::Context.new }
|
43
|
+
|
44
|
+
specify "that context is returned unmodified" do
|
45
|
+
Arrthorizer::Context(param).should be(param)
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
@@ -0,0 +1,79 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe SomeController do
|
4
|
+
let(:action) { Arrthorizer::Rails::ControllerAction.fetch("some#some_action") }
|
5
|
+
let(:other_action) { Arrthorizer::Rails::ControllerAction.fetch("some#other_action") }
|
6
|
+
|
7
|
+
describe :some_action do
|
8
|
+
let!(:privilege) { action.privilege }
|
9
|
+
let!(:current_user) { double("user") }
|
10
|
+
|
11
|
+
before do
|
12
|
+
controller.stub(:current_user) { current_user }
|
13
|
+
end
|
14
|
+
|
15
|
+
describe "context roles" do
|
16
|
+
let!(:context_role) do
|
17
|
+
configure_context_role do |user, context|
|
18
|
+
# This can be any type of check, e.g.:
|
19
|
+
# blog = Blog.find(context[:id])
|
20
|
+
# blog.author == user
|
21
|
+
|
22
|
+
# For the purpose of this test, just do a simple check:
|
23
|
+
# is the param :some_param equal to true.
|
24
|
+
context.some_param == true
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
context "when the role is linked to the privilege" do
|
29
|
+
before do
|
30
|
+
Arrthorizer::Permission.grant(privilege, to: context_role)
|
31
|
+
end
|
32
|
+
|
33
|
+
context "when I supply the correct 'some_param' param" do
|
34
|
+
let(:allow_request) { true }
|
35
|
+
|
36
|
+
it "succeeds" do
|
37
|
+
get :some_action, some_param: allow_request
|
38
|
+
|
39
|
+
response.should be_success
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
context "when I do not supply the correct 'some_param' param" do
|
44
|
+
let(:allow_request) { "something else" }
|
45
|
+
|
46
|
+
it "succeeds" do
|
47
|
+
get :some_action, some_param: allow_request
|
48
|
+
|
49
|
+
response.should be_forbidden
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
context "when the role is linked to a different privilege" do
|
55
|
+
before do
|
56
|
+
other_privilege = other_action.privilege
|
57
|
+
Arrthorizer::Permission.grant(other_privilege, to: context_role)
|
58
|
+
end
|
59
|
+
|
60
|
+
context "when I supply the correct 'some_param' param" do
|
61
|
+
let(:allow_request) { true }
|
62
|
+
|
63
|
+
it "still fails" do
|
64
|
+
get :some_action, some_param: allow_request
|
65
|
+
|
66
|
+
response.should be_forbidden
|
67
|
+
end
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|
72
|
+
|
73
|
+
private
|
74
|
+
def configure_context_role(&block)
|
75
|
+
UnnamespacedContextRole.instance.tap do |role|
|
76
|
+
role.stub(:applies_to_user?, &block)
|
77
|
+
end
|
78
|
+
end
|
79
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
require "spec_helper"
|
2
|
+
|
3
|
+
describe Arrthorizer::Registry do
|
4
|
+
subject(:registry) { Arrthorizer::Registry.new }
|
5
|
+
|
6
|
+
context "when the requested value is not in the Registry" do
|
7
|
+
context "and no default value was specified" do
|
8
|
+
it "raises an Arrthorizer::Registry::NotFound" do
|
9
|
+
expect {
|
10
|
+
registry.fetch("some_value")
|
11
|
+
}.to raise_error(Arrthorizer::Registry::NotFound)
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
context "and a default value was specified" do
|
16
|
+
subject(:registry) { Arrthorizer::Registry.new }
|
17
|
+
let(:default) { :default }
|
18
|
+
|
19
|
+
it "returns the default" do
|
20
|
+
actual = registry.fetch("some_value") { default }
|
21
|
+
expect(actual).to eq(default)
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Arrthorizer::Role do
|
4
|
+
context "when a new ContextRole class is created" do
|
5
|
+
let(:context_role) { class TestRole < Arrthorizer::ContextRole; end; TestRole.instance }
|
6
|
+
|
7
|
+
specify "that role is stored" do
|
8
|
+
Arrthorizer::Role.get(context_role.to_key).should be context_role
|
9
|
+
end
|
10
|
+
|
11
|
+
after :each do
|
12
|
+
if defined?(TestRole)
|
13
|
+
Object.send(:remove_const, :TestRole)
|
14
|
+
end
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
Binary file
|
@@ -0,0 +1,15 @@
|
|
1
|
+
// This is a manifest file that'll be compiled into application.js, which will include all the files
|
2
|
+
// listed below.
|
3
|
+
//
|
4
|
+
// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
|
5
|
+
// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
|
6
|
+
//
|
7
|
+
// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
|
8
|
+
// the compiled file.
|
9
|
+
//
|
10
|
+
// WARNING: THE FIRST BLANK LINE MARKS THE END OF WHAT'S TO BE PROCESSED, ANY BLANK LINE SHOULD
|
11
|
+
// GO AFTER THE REQUIRES BELOW.
|
12
|
+
//
|
13
|
+
//= require jquery
|
14
|
+
//= require jquery_ujs
|
15
|
+
//= require_tree .
|
@@ -0,0 +1,13 @@
|
|
1
|
+
/*
|
2
|
+
* This is a manifest file that'll be compiled into application.css, which will include all the files
|
3
|
+
* listed below.
|
4
|
+
*
|
5
|
+
* Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
|
6
|
+
* or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
|
7
|
+
*
|
8
|
+
* You're free to add application-wide styles to this file and they'll appear at the top of the
|
9
|
+
* compiled file, but it's generally better to create a new file per style scope.
|
10
|
+
*
|
11
|
+
*= require_self
|
12
|
+
*= require_tree .
|
13
|
+
*/
|
@@ -0,0 +1,17 @@
|
|
1
|
+
require 'arrthorizer/rails'
|
2
|
+
|
3
|
+
class SomeController < ApplicationController
|
4
|
+
to_prepare_context do |c|
|
5
|
+
c.defaults do
|
6
|
+
{ some_param: params[:some_param] }
|
7
|
+
end
|
8
|
+
end
|
9
|
+
|
10
|
+
before_filter :authorize
|
11
|
+
|
12
|
+
def some_action
|
13
|
+
end
|
14
|
+
|
15
|
+
def other_action
|
16
|
+
end
|
17
|
+
end
|
File without changes
|
File without changes
|
@@ -0,0 +1,65 @@
|
|
1
|
+
require File.expand_path('../boot', __FILE__)
|
2
|
+
|
3
|
+
# Pick the frameworks you want:
|
4
|
+
require "active_record/railtie"
|
5
|
+
require "action_controller/railtie"
|
6
|
+
require "action_mailer/railtie"
|
7
|
+
require "active_resource/railtie"
|
8
|
+
require "sprockets/railtie"
|
9
|
+
# require "rails/test_unit/railtie"
|
10
|
+
|
11
|
+
if defined?(Bundler)
|
12
|
+
# If you precompile assets before deploying to production, use this line
|
13
|
+
Bundler.require(*Rails.groups(:assets => %w(development test)))
|
14
|
+
# If you want your assets lazily compiled in production, use this line
|
15
|
+
# Bundler.require(:default, :assets, Rails.env)
|
16
|
+
end
|
17
|
+
|
18
|
+
module TestCbac
|
19
|
+
class Application < Rails::Application
|
20
|
+
# Settings in config/environments/* take precedence over those specified here.
|
21
|
+
# Application configuration should go into files in config/initializers
|
22
|
+
# -- all .rb files in that directory are automatically loaded.
|
23
|
+
|
24
|
+
# Custom directories with classes and modules you want to be autoloadable.
|
25
|
+
# config.autoload_paths += %W(#{config.root}/extras)
|
26
|
+
|
27
|
+
# Only load the plugins named here, in the order given (default is alphabetical).
|
28
|
+
# :all can be used as a placeholder for all plugins not explicitly named.
|
29
|
+
# config.plugins = [ :exception_notification, :ssl_requirement, :all ]
|
30
|
+
|
31
|
+
# Activate observers that should always be running.
|
32
|
+
# config.active_record.observers = :cacher, :garbage_collector, :forum_observer
|
33
|
+
|
34
|
+
# Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
|
35
|
+
# Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
|
36
|
+
# config.time_zone = 'Central Time (US & Canada)'
|
37
|
+
|
38
|
+
# The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
|
39
|
+
# config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
|
40
|
+
# config.i18n.default_locale = :de
|
41
|
+
|
42
|
+
# Configure the default encoding used in templates for Ruby 1.9.
|
43
|
+
config.encoding = "utf-8"
|
44
|
+
|
45
|
+
# Configure sensitive parameters which will be filtered from the log file.
|
46
|
+
config.filter_parameters += [:password]
|
47
|
+
|
48
|
+
# Use SQL instead of Active Record's schema dumper when creating the database.
|
49
|
+
# This is necessary if your schema can't be completely dumped by the schema dumper,
|
50
|
+
# like if you have constraints or database-specific column types
|
51
|
+
# config.active_record.schema_format = :sql
|
52
|
+
|
53
|
+
# Enforce whitelist mode for mass assignment.
|
54
|
+
# This will create an empty whitelist of attributes available for mass-assignment for all models
|
55
|
+
# in your app. As such, your models will need to explicitly whitelist or blacklist accessible
|
56
|
+
# parameters by using an attr_accessible or attr_protected declaration.
|
57
|
+
config.active_record.whitelist_attributes = true
|
58
|
+
|
59
|
+
# Enable the asset pipeline
|
60
|
+
config.assets.enabled = true
|
61
|
+
|
62
|
+
# Version of your assets, change this if you want to expire all your assets
|
63
|
+
config.assets.version = '1.0'
|
64
|
+
end
|
65
|
+
end
|