arsecurity 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. data/CHANGELOG +4 -0
  2. data/Rakefile +1 -1
  3. data/lib/arsecurity.rb +1 -0
  4. data/lib/arsecurity_default.rb +10 -2
  5. data/lib/arsecurity_permission.rb +3 -3
  6. data/lib/arsecurity_util.rb +12 -12
  7. metadata +2 -2
data/CHANGELOG CHANGED
@@ -1,3 +1,7 @@
1
+ Changes in version 0.1.1 (2009-03-28)
2
+ -------------------------------------
3
+ fix missing of require
4
+
1
5
  Changes in version 0.1.0 (2009-03-16)
2
6
  -------------------------------------
3
7
  initial release
data/Rakefile CHANGED
@@ -1,7 +1,7 @@
1
1
  require 'rubygems'
2
2
  require 'rake/gempackagetask'
3
3
  PKG_NAME = "arsecurity"
4
- PKG_VERSION = "0.1.0"
4
+ PKG_VERSION = "0.1.1"
5
5
  PKG_FILE_NAME = "#{PKG_NAME}-#{PKG_VERSION}"
6
6
  PKG_FILES = FileList[
7
7
  '[A-Z]*',
data/lib/arsecurity.rb CHANGED
@@ -1,4 +1,5 @@
1
1
  require 'rinterceptor'
2
+ require 'arsecurity_util'
2
3
  module Arsecurity
3
4
  CREATE = 'create'
4
5
  READ = 'read'
data/lib/arsecurity_default.rb CHANGED
@@ -1,5 +1,5 @@
1
-
2
-
1
+ require 'arsecurity'
2
+ require 'arsecurity_handler'
3
3
  module ArsecurityDefault
4
4
  #value can be regexp, symbol or string
5
5
  CLASS_READ_METHOD = ["find_every", "count"]
@@ -22,6 +22,14 @@ end
22
22
 
23
23
  class DefaultArsecurityHandler < ArsecurityHandler
24
24
  class << self
25
+ #for customize logic, such as for administrator
26
+ def accept?
27
+ false
28
+ end
29
+ #for customize logic, such as for time restriction
30
+ def reject?
31
+ false
32
+ end
25
33
  def get_conditions(invocation)
26
34
  case invocation.method
27
35
  when *ArsecurityDefault::CLASS_READ_METHOD
data/lib/arsecurity_permission.rb CHANGED
@@ -1,8 +1,8 @@
1
1
  class ArsecurityPermission
2
- attr_accessor :type, :method, :instance_condition, :sql_condition
2
+ attr_accessor :target_class_name, :operation, :instance_condition, :sql_condition
3
3
  def initialize(permission)
4
- @type = permission[:type]
5
- @method = permission[:method]
4
+ @target_class_name = permission[:target_class_name]
5
+ @operation = permission[:operation]
6
6
  @instance_condition = permission[:instance_condition]
7
7
  @sql_condition = permission[:sql_condition]
8
8
  end
data/lib/arsecurity_util.rb CHANGED
@@ -1,25 +1,25 @@
1
1
  class ArsecurityUtil
2
2
  class << self
3
3
  attr_accessor :handler
4
- def authorized?(method, type, instance, invocation)
4
+ def authorized?(operation, target_class_name, instance, invocation)
5
5
  return true if handler.accept?
6
6
  return false if handler.reject?
7
7
  result = false
8
8
  permissions = handler.permissions
9
9
 
10
10
  unless permissions.nil? || permissions.empty?
11
- result = check_permissions(permissions, method, type, instance, invocation)
11
+ result = check_permissions(permissions, operation, target_class_name, instance, invocation)
12
12
  end
13
13
  result
14
14
  end
15
15
 
16
- def check_permissions(permissions, method, type, instance, invocation)
16
+ def check_permissions(permissions, operation, target_class_name, instance, invocation)
17
17
 
18
18
  permissions.each do |permission|
19
19
  permission = ArsecurityPermission.new(permission) if permission.is_a?(Hash)
20
- next if permission.type != type
21
- unless permission.method.nil?
22
- next if permission.method != method
20
+ next if permission.target_class_name != target_class_name
21
+ unless permission.operation.nil?
22
+ next if permission.operation != operation
23
23
  end
24
24
  #instance not nil mean persist
25
25
 
@@ -27,7 +27,7 @@ class ArsecurityUtil
27
27
  if permission.instance_condition.nil? || permission.instance_condition.empty?
28
28
  return true
29
29
  else
30
- result = ERB.new("<% result = (#{permission.instance_condition}) ? true : false %><%= result %>").result(permission.send(:binding))
30
+ result = ERB.new("<% result = (#{permission.instance_condition}) ? true : false %><%= result %>").result(instance.send(:binding))
31
31
  return true if result == 'true'
32
32
  end
33
33
  else
@@ -63,17 +63,17 @@ class ArsecurityUtil
63
63
  false
64
64
  end
65
65
 
66
- def has_permission(permission, method, type, instance)
67
- return false if permission.type != type
66
+ def has_permission(permission, operation, target_class_name, instance)
67
+ return false if permission.target_class_name != target_class_name
68
68
 
69
- unless permission.method.nil?
70
- return false if permission.method != method
69
+ unless permission.operation.nil?
70
+ return false if permission.operation != operation
71
71
  end
72
72
 
73
73
  if permission.instance_condition.blank?
74
74
  return true
75
75
  else
76
- result = ERB.new("<% result = (#{permission.instance_condition}) ? true : false %><%= result %>").result(permission.send(:binding))
76
+ result = ERB.new("<% result = (#{permission.instance_condition}) ? true : false %><%= result %>").result(instance.send(:binding))
77
77
  return result == 'true'
78
78
  end
79
79
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: arsecurity
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Leon Li
@@ -9,7 +9,7 @@ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2009-03-17 00:00:00 +08:00
12
+ date: 2009-03-28 00:00:00 +08:00
13
13
  default_executable:
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency