authoritah 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/LICENSE +20 -0
- data/README.rdoc +51 -0
- data/init.rb +1 -0
- data/lib/authoritah.rb +127 -0
- data/spec/authoritah_spec.rb +210 -0
- data/spec/railsenv/app/controllers/application.rb +2 -0
- data/spec/railsenv/config/boot.rb +110 -0
- data/spec/railsenv/config/database.yml +25 -0
- data/spec/railsenv/config/environment.rb +37 -0
- data/spec/railsenv/config/environments/cucumber.rb +23 -0
- data/spec/railsenv/config/environments/development.rb +17 -0
- data/spec/railsenv/config/environments/production.rb +28 -0
- data/spec/railsenv/config/environments/test.rb +29 -0
- data/spec/railsenv/config/initializers/backtrace_silencers.rb +7 -0
- data/spec/railsenv/config/initializers/inflections.rb +10 -0
- data/spec/railsenv/config/initializers/mime_types.rb +5 -0
- data/spec/railsenv/config/initializers/new_rails_defaults.rb +21 -0
- data/spec/railsenv/config/initializers/session_store.rb +15 -0
- data/spec/railsenv/config/locales/en.yml +4 -0
- data/spec/railsenv/config/routes.rb +14 -0
- data/spec/spec_helper.rb +31 -0
- metadata +75 -0
data/LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright (c) 2009 Steven Mohapi-Banks
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.rdoc
ADDED
@@ -0,0 +1,51 @@
|
|
1
|
+
=Respec' my Authoritah!!
|
2
|
+
|
3
|
+
A stupidly simple authorization gem for Rails.
|
4
|
+
|
5
|
+
==Installation
|
6
|
+
|
7
|
+
Make sure Github is in your repo sources:
|
8
|
+
$ gem sources -a http://gems.github.com
|
9
|
+
|
10
|
+
Installation:
|
11
|
+
$ sudo gem install indmill-authoritah
|
12
|
+
|
13
|
+
==Usage
|
14
|
+
|
15
|
+
By default (i.e. when no Authoritah declarations are made) all requests are allowed. Authoritah is pretty flexible in introducing authorization rules to your application. An example is called for:
|
16
|
+
|
17
|
+
class WidgetController < ApplicationController
|
18
|
+
|
19
|
+
permits :current_user => :admin?
|
20
|
+
end
|
21
|
+
|
22
|
+
This is a wildcard rule. It assumes you have a method on your controller called "current_user" (as something like restful_authentication or authlogic would provide) that returns an object that can respond to an admin? message - the rule will pass if admin? returns true. Once a permit rule is defined access to the actions of this controller are ONLY permitted if you fulfill the predicate.
|
23
|
+
|
24
|
+
class WidgetController < ApplicationController
|
25
|
+
|
26
|
+
permits :current_user => :admin?, :to => [:create, :destroy]
|
27
|
+
permits :current_user => :logged_in?, :to => :show
|
28
|
+
end
|
29
|
+
|
30
|
+
What about if we only want to control access to certain actions? Easy, add a :to option and pass it an action or array of actions. You can add as many rules and scope them by action - Authoritah will ensure that a request is only permitted if all rules for a given action pass.
|
31
|
+
|
32
|
+
You also have the ability to expressly forbid access using the forbids directive:
|
33
|
+
|
34
|
+
class WidgetController < ApplicationController
|
35
|
+
|
36
|
+
permits :current_user => :logged_in?
|
37
|
+
forbids :current_user => :blacklisted?, :from => [:create, :destroy]
|
38
|
+
end
|
39
|
+
|
40
|
+
In this scenario any logged in user can access the controller actions, but any user responding true to blacklisted? will be forbidden from running the :create or :destroy actions.
|
41
|
+
|
42
|
+
The final feature so far is the ability to pass a Proc as the predicate:
|
43
|
+
|
44
|
+
class WidgetController < ApplicationController
|
45
|
+
|
46
|
+
forbids :current_user => Proc.new {|user| user.name.index("Hacky McHackster") }
|
47
|
+
end
|
48
|
+
|
49
|
+
The Proc gets passed the result of the :current_user message to the controller for you to specify more complex rules.
|
50
|
+
|
51
|
+
This is VERY early and probably has a legion of bugs, but there's a good spread of specs and I'll be improving it over the coming days. Thanks for watching.
|
data/init.rb
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
require "authoritah.rb"
|
data/lib/authoritah.rb
ADDED
@@ -0,0 +1,127 @@
|
|
1
|
+
module Authoritah
|
2
|
+
module Controller
|
3
|
+
|
4
|
+
class OptionsError < StandardError
|
5
|
+
def initialize(message)
|
6
|
+
super(message)
|
7
|
+
end
|
8
|
+
end
|
9
|
+
|
10
|
+
def self.included(base)
|
11
|
+
base.send(:extend, ClassMethods)
|
12
|
+
base.send(:include, InstanceMethods)
|
13
|
+
|
14
|
+
base.before_filter :check_permissions
|
15
|
+
end
|
16
|
+
|
17
|
+
module ClassMethods
|
18
|
+
|
19
|
+
def permits(*args)
|
20
|
+
apply_declaration(:permit, :to, args)
|
21
|
+
end
|
22
|
+
|
23
|
+
def forbids(*args)
|
24
|
+
apply_declaration(:forbid, :from, args)
|
25
|
+
end
|
26
|
+
|
27
|
+
def apply_declaration(perm_type, action_identifier, args)
|
28
|
+
options = args.extract_options!
|
29
|
+
actions = options.delete(action_identifier)
|
30
|
+
|
31
|
+
check_role_selectors(options)
|
32
|
+
|
33
|
+
role_method = options.first[0]
|
34
|
+
role_predicate = options.first[1]
|
35
|
+
|
36
|
+
controller_permissions[controller_name.to_sym] ||= PermissionSet.new
|
37
|
+
controller_permissions[controller_name.to_sym] <<
|
38
|
+
{:type => perm_type, :role_method => role_method, :role_predicate => role_predicate, :actions => actions ? Array(actions) : nil}
|
39
|
+
end
|
40
|
+
|
41
|
+
def this_controllers_permissions
|
42
|
+
controller_permissions[controller_name.to_sym]
|
43
|
+
end
|
44
|
+
|
45
|
+
protected
|
46
|
+
|
47
|
+
def check_role_selectors(options)
|
48
|
+
raise Authoritah::Controller::OptionsError.new("Too many role selectors") if options.size > 1
|
49
|
+
end
|
50
|
+
|
51
|
+
def controller_permissions
|
52
|
+
@@controller_permissions ||= {}
|
53
|
+
end
|
54
|
+
|
55
|
+
def clear_permissions
|
56
|
+
@@controller_permissions = {}
|
57
|
+
end
|
58
|
+
end
|
59
|
+
|
60
|
+
module InstanceMethods
|
61
|
+
|
62
|
+
def check_permissions
|
63
|
+
return true if permitted?(action_name.to_sym)
|
64
|
+
render(:file => File.join(RAILS_ROOT, 'public', '404.html'), :status => 404)
|
65
|
+
false
|
66
|
+
end
|
67
|
+
|
68
|
+
protected
|
69
|
+
|
70
|
+
def permitted?(action)
|
71
|
+
return true unless permissions = self.class.this_controllers_permissions
|
72
|
+
permissions.permits?(self, action) && !permissions.forbids?(self, action)
|
73
|
+
end
|
74
|
+
end
|
75
|
+
|
76
|
+
class PermissionSet
|
77
|
+
|
78
|
+
def <<(permission_hash)
|
79
|
+
permission_hash[:actions] = [:all] unless permission_hash[:actions]
|
80
|
+
permissions << permission_hash
|
81
|
+
end
|
82
|
+
|
83
|
+
def size
|
84
|
+
permissions.size
|
85
|
+
end
|
86
|
+
|
87
|
+
def first
|
88
|
+
permissions.first
|
89
|
+
end
|
90
|
+
|
91
|
+
def permits?(controller, action)
|
92
|
+
apply_rules(:permit, controller, action).include?(false) == false
|
93
|
+
end
|
94
|
+
|
95
|
+
def forbids?(controller, action)
|
96
|
+
apply_rules(:forbid, controller, action).include?(true)
|
97
|
+
end
|
98
|
+
|
99
|
+
def permissions
|
100
|
+
@permissions ||= []
|
101
|
+
end
|
102
|
+
|
103
|
+
protected
|
104
|
+
|
105
|
+
def apply_rules(rule_type, controller, action)
|
106
|
+
permissions.select{|p|
|
107
|
+
p[:type] == rule_type
|
108
|
+
}.select{|p|
|
109
|
+
p[:actions].include?(action) || p[:actions].include?(:all)
|
110
|
+
}.map do |permission|
|
111
|
+
begin
|
112
|
+
if permission[:role_predicate].is_a? Symbol
|
113
|
+
controller.send(permission[:role_method]).send(permission[:role_predicate])
|
114
|
+
elsif permission[:role_predicate].is_a? Proc
|
115
|
+
permission[:role_predicate].call(controller.send(permission[:role_method]))
|
116
|
+
else
|
117
|
+
false
|
118
|
+
end
|
119
|
+
rescue
|
120
|
+
false
|
121
|
+
end
|
122
|
+
end
|
123
|
+
end
|
124
|
+
end
|
125
|
+
|
126
|
+
end
|
127
|
+
end
|
@@ -0,0 +1,210 @@
|
|
1
|
+
require File.dirname(__FILE__) + '/spec_helper'
|
2
|
+
|
3
|
+
describe Authoritah::Controller do
|
4
|
+
|
5
|
+
before(:each) do
|
6
|
+
ActionController::Base.send(:include, Authoritah::Controller)
|
7
|
+
ActionController::Base.send(:clear_permissions)
|
8
|
+
end
|
9
|
+
|
10
|
+
describe "adding methods to controllers" do
|
11
|
+
it "should add an permits method to the controller" do
|
12
|
+
ActionController::Base.methods.should include('permits')
|
13
|
+
end
|
14
|
+
|
15
|
+
it "should add a forbids method to the controller" do
|
16
|
+
ActionController::Base.methods.should include('forbids')
|
17
|
+
end
|
18
|
+
|
19
|
+
it "should add a before_filter to check permissions to the controller" do
|
20
|
+
ActionController::Base.before_filters.should include(:check_permissions)
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
it "should raise an error if too many role selectors specified" do
|
25
|
+
lambda do
|
26
|
+
TestAuthorizerController.permits(:current_user => :logged_in?, :another_user => :logged_out?)
|
27
|
+
end.should raise_error(Authoritah::Controller::OptionsError)
|
28
|
+
end
|
29
|
+
|
30
|
+
describe "a basic permits wildcard rule" do
|
31
|
+
before(:each) do
|
32
|
+
TestAuthorizerController.permits(:current_user => :logged_in?)
|
33
|
+
@permissions = TestAuthorizerController.send(:controller_permissions)[:test_authorizer]
|
34
|
+
end
|
35
|
+
it "should have one permission" do @permissions.size.should == 1 end
|
36
|
+
it "should use current_user to retrieve the 'role object'" do @permissions.first[:role_method].should == :current_user end
|
37
|
+
it "should use logged_in? as the predicate to call on the 'role object'" do @permissions.first[:role_predicate].should == :logged_in? end
|
38
|
+
it "should not specify the actions" do @permissions.first[:actions].should == [:all] end
|
39
|
+
end
|
40
|
+
|
41
|
+
describe "a basic permits rule on a single action" do
|
42
|
+
before(:each) do
|
43
|
+
TestAuthorizerController.permits(:current_user => :logged_in?, :to => :show)
|
44
|
+
@permissions = TestAuthorizerController.send(:controller_permissions)[:test_authorizer]
|
45
|
+
end
|
46
|
+
it "should have one permission" do @permissions.size.should == 1 end
|
47
|
+
it "should use current_user to retrieve the 'role object'" do @permissions.first[:role_method].should == :current_user end
|
48
|
+
it "should use logged_in? as the predicate to call on the 'role object'" do @permissions.first[:role_predicate].should == :logged_in? end
|
49
|
+
it "should specify the action" do @permissions.first[:actions].should == [:show] end
|
50
|
+
end
|
51
|
+
|
52
|
+
describe "a basic rule on many actions" do
|
53
|
+
before(:each) do
|
54
|
+
TestAuthorizerController.permits(:current_user => :logged_in?, :to => [:show, :create, :update])
|
55
|
+
@permissions = TestAuthorizerController.send(:controller_permissions)[:test_authorizer]
|
56
|
+
end
|
57
|
+
it "should specify the actions" do @permissions.first[:actions].should == [:show, :create, :update] end
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
describe TestAuthorizerController, :type => :controller do
|
62
|
+
|
63
|
+
before(:each) do
|
64
|
+
TestAuthorizerController.send(:include, Authoritah::Controller)
|
65
|
+
TestAuthorizerController.send(:clear_permissions)
|
66
|
+
end
|
67
|
+
|
68
|
+
context "with no permissions set " do
|
69
|
+
it "should render the index" do get :index; response.should render_template('index') end
|
70
|
+
end
|
71
|
+
|
72
|
+
describe "specifying permit rules" do
|
73
|
+
context "with a wildcard permission" do
|
74
|
+
before(:each) do
|
75
|
+
TestAuthorizerController.permits(:current_user => :logged_in?)
|
76
|
+
end
|
77
|
+
|
78
|
+
context "a logged in user" do
|
79
|
+
before(:each) do
|
80
|
+
controller.stubs(:current_user => stub(:logged_in? => true))
|
81
|
+
end
|
82
|
+
it "should render index" do
|
83
|
+
get :index
|
84
|
+
response.should render_template('index')
|
85
|
+
end
|
86
|
+
end
|
87
|
+
context "an unauthenticated user" do
|
88
|
+
before(:each) do
|
89
|
+
controller.stubs(:current_user => false)
|
90
|
+
end
|
91
|
+
it "should receive a 404" do
|
92
|
+
get :index
|
93
|
+
response.status.should == "404 Not Found"
|
94
|
+
response.should render_template(File.join(RAILS_ROOT, 'public', '/404.html'))
|
95
|
+
end
|
96
|
+
end
|
97
|
+
end
|
98
|
+
|
99
|
+
context "with a single permitted action" do
|
100
|
+
before(:each) do
|
101
|
+
TestAuthorizerController.permits(:current_user => :logged_in?, :to => :create)
|
102
|
+
end
|
103
|
+
|
104
|
+
context "a logged in user" do
|
105
|
+
before(:each) do
|
106
|
+
controller.stubs(:current_user => stub(:logged_in? => true))
|
107
|
+
end
|
108
|
+
it "should permit POST create" do post :create; response.should redirect_to('/success') end
|
109
|
+
it "should render index" do get :index; response.should render_template('index') end
|
110
|
+
end
|
111
|
+
context "an unauthenticated user" do
|
112
|
+
before(:each) do
|
113
|
+
controller.stubs(:current_user => false)
|
114
|
+
end
|
115
|
+
it "should receive a 404 when POST create" do
|
116
|
+
post :create
|
117
|
+
response.status.should == "404 Not Found"
|
118
|
+
response.should render_template(File.join(RAILS_ROOT, 'public', '/404.html'))
|
119
|
+
end
|
120
|
+
it "should render the index" do get :index; response.should render_template('index') end
|
121
|
+
end
|
122
|
+
end
|
123
|
+
|
124
|
+
context "with a multiple permitted actions" do
|
125
|
+
before(:each) do
|
126
|
+
TestAuthorizerController.permits(:current_user => :logged_in?, :to => [:create, :show, :index])
|
127
|
+
end
|
128
|
+
|
129
|
+
context "a logged in user" do
|
130
|
+
before(:each) do
|
131
|
+
controller.stubs(:current_user => stub(:logged_in? => true))
|
132
|
+
end
|
133
|
+
it "should permit create" do post :create; response.should redirect_to('/success') end
|
134
|
+
it "should render index" do get :index; response.should render_template('index') end
|
135
|
+
end
|
136
|
+
context "an unauthenticated user" do
|
137
|
+
before(:each) do
|
138
|
+
controller.stubs(:current_user => false)
|
139
|
+
end
|
140
|
+
it "should receive a 404 when POST create" do
|
141
|
+
post :create
|
142
|
+
response.status.should == "404 Not Found"
|
143
|
+
response.should render_template(File.join(RAILS_ROOT, 'public', '/404.html'))
|
144
|
+
end
|
145
|
+
it "should receive a 404" do get :index; response.status.should == "404 Not Found" end
|
146
|
+
end
|
147
|
+
end
|
148
|
+
end
|
149
|
+
|
150
|
+
describe "specifying forbid rules" do
|
151
|
+
context "with a wildcard forbid" do
|
152
|
+
before(:each) do
|
153
|
+
TestAuthorizerController.forbids(:current_user => :blacklisted?)
|
154
|
+
end
|
155
|
+
context "a blacklisted user" do
|
156
|
+
before(:each) do
|
157
|
+
controller.stubs(:current_user => stub(:logged_in? => true, :blacklisted? => true))
|
158
|
+
end
|
159
|
+
it "should receive a 404" do
|
160
|
+
get :index
|
161
|
+
response.status.should == "404 Not Found"
|
162
|
+
response.should render_template(File.join(RAILS_ROOT, 'public', '/404.html'))
|
163
|
+
end
|
164
|
+
end
|
165
|
+
context "an unauthenticated user" do
|
166
|
+
it "should render index" do get :index; response.should render_template('index') end
|
167
|
+
end
|
168
|
+
end
|
169
|
+
end
|
170
|
+
|
171
|
+
describe "specifying a combination of permit and forbid rules" do
|
172
|
+
context "with a wildcard forbid" do
|
173
|
+
before(:each) do
|
174
|
+
TestAuthorizerController.permits(:current_user => :logged_in?)
|
175
|
+
TestAuthorizerController.forbids(:current_user => :blacklisted?, :from => :create)
|
176
|
+
end
|
177
|
+
context "a logged in user" do
|
178
|
+
before(:each) do
|
179
|
+
controller.stubs(:current_user => stub(:logged_in? => true))
|
180
|
+
end
|
181
|
+
it "should permit create" do post :create; response.should redirect_to('/success') end
|
182
|
+
it "should render index" do get :index; response.should render_template('index') end
|
183
|
+
end
|
184
|
+
context "a blacklisted user" do
|
185
|
+
before(:each) do
|
186
|
+
controller.stubs(:current_user => stub(:logged_in? => true, :blacklisted? => true))
|
187
|
+
end
|
188
|
+
it "should receive a 404 for create" do post :create; response.status.should == "404 Not Found" end
|
189
|
+
it "should render index" do get :index; response.should render_template('index') end
|
190
|
+
end
|
191
|
+
context "an unauthenticated user" do
|
192
|
+
it "should receive a 404" do get :index; response.status.should == "404 Not Found" end
|
193
|
+
end
|
194
|
+
end
|
195
|
+
end
|
196
|
+
|
197
|
+
describe "using a Proc" do
|
198
|
+
context "with a wildcard rule" do
|
199
|
+
before(:each) do
|
200
|
+
TestAuthorizerController.permits(:current_user => Proc.new {|u| u.logged_in?})
|
201
|
+
end
|
202
|
+
context "a logged in user" do
|
203
|
+
before(:each) do
|
204
|
+
controller.stubs(:current_user => stub(:logged_in? => true))
|
205
|
+
end
|
206
|
+
it "should render index" do get :index; response.should render_template('index') end
|
207
|
+
end
|
208
|
+
end
|
209
|
+
end
|
210
|
+
end
|
@@ -0,0 +1,110 @@
|
|
1
|
+
# Don't change this file!
|
2
|
+
# Configure your app in config/environment.rb and config/environments/*.rb
|
3
|
+
|
4
|
+
RAILS_ROOT = "#{File.dirname(__FILE__)}/.." unless defined?(RAILS_ROOT)
|
5
|
+
|
6
|
+
module Rails
|
7
|
+
class << self
|
8
|
+
def boot!
|
9
|
+
unless booted?
|
10
|
+
preinitialize
|
11
|
+
pick_boot.run
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
def booted?
|
16
|
+
defined? Rails::Initializer
|
17
|
+
end
|
18
|
+
|
19
|
+
def pick_boot
|
20
|
+
(vendor_rails? ? VendorBoot : GemBoot).new
|
21
|
+
end
|
22
|
+
|
23
|
+
def vendor_rails?
|
24
|
+
File.exist?("#{RAILS_ROOT}/vendor/rails")
|
25
|
+
end
|
26
|
+
|
27
|
+
def preinitialize
|
28
|
+
load(preinitializer_path) if File.exist?(preinitializer_path)
|
29
|
+
end
|
30
|
+
|
31
|
+
def preinitializer_path
|
32
|
+
"#{RAILS_ROOT}/config/preinitializer.rb"
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
class Boot
|
37
|
+
def run
|
38
|
+
load_initializer
|
39
|
+
Rails::Initializer.run(:set_load_path)
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
class VendorBoot < Boot
|
44
|
+
def load_initializer
|
45
|
+
require "#{RAILS_ROOT}/vendor/rails/railties/lib/initializer"
|
46
|
+
Rails::Initializer.run(:install_gem_spec_stubs)
|
47
|
+
Rails::GemDependency.add_frozen_gem_path
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
class GemBoot < Boot
|
52
|
+
def load_initializer
|
53
|
+
self.class.load_rubygems
|
54
|
+
load_rails_gem
|
55
|
+
require 'initializer'
|
56
|
+
end
|
57
|
+
|
58
|
+
def load_rails_gem
|
59
|
+
if version = self.class.gem_version
|
60
|
+
gem 'rails', version
|
61
|
+
else
|
62
|
+
gem 'rails'
|
63
|
+
end
|
64
|
+
rescue Gem::LoadError => load_error
|
65
|
+
$stderr.puts %(Missing the Rails #{version} gem. Please `gem install -v=#{version} rails`, update your RAILS_GEM_VERSION setting in config/environment.rb for the Rails version you do have installed, or comment out RAILS_GEM_VERSION to use the latest version installed.)
|
66
|
+
exit 1
|
67
|
+
end
|
68
|
+
|
69
|
+
class << self
|
70
|
+
def rubygems_version
|
71
|
+
Gem::RubyGemsVersion rescue nil
|
72
|
+
end
|
73
|
+
|
74
|
+
def gem_version
|
75
|
+
if defined? RAILS_GEM_VERSION
|
76
|
+
RAILS_GEM_VERSION
|
77
|
+
elsif ENV.include?('RAILS_GEM_VERSION')
|
78
|
+
ENV['RAILS_GEM_VERSION']
|
79
|
+
else
|
80
|
+
parse_gem_version(read_environment_rb)
|
81
|
+
end
|
82
|
+
end
|
83
|
+
|
84
|
+
def load_rubygems
|
85
|
+
min_version = '1.3.2'
|
86
|
+
require 'rubygems'
|
87
|
+
unless rubygems_version >= min_version
|
88
|
+
$stderr.puts %Q(Rails requires RubyGems >= #{min_version} (you have #{rubygems_version}). Please `gem update --system` and try again.)
|
89
|
+
exit 1
|
90
|
+
end
|
91
|
+
|
92
|
+
rescue LoadError
|
93
|
+
$stderr.puts %Q(Rails requires RubyGems >= #{min_version}. Please install RubyGems and try again: http://rubygems.rubyforge.org)
|
94
|
+
exit 1
|
95
|
+
end
|
96
|
+
|
97
|
+
def parse_gem_version(text)
|
98
|
+
$1 if text =~ /^[^#]*RAILS_GEM_VERSION\s*=\s*["']([!~<>=]*\s*[\d.]+)["']/
|
99
|
+
end
|
100
|
+
|
101
|
+
private
|
102
|
+
def read_environment_rb
|
103
|
+
File.read("#{RAILS_ROOT}/config/environment.rb")
|
104
|
+
end
|
105
|
+
end
|
106
|
+
end
|
107
|
+
end
|
108
|
+
|
109
|
+
# All that for this:
|
110
|
+
Rails.boot!
|
@@ -0,0 +1,25 @@
|
|
1
|
+
# SQLite version 3.x
|
2
|
+
# gem install sqlite3-ruby (not necessary on OS X Leopard)
|
3
|
+
development:
|
4
|
+
adapter: sqlite3
|
5
|
+
database: db/development.sqlite3
|
6
|
+
pool: 5
|
7
|
+
timeout: 5000
|
8
|
+
|
9
|
+
# Warning: The database defined as "test" will be erased and
|
10
|
+
# re-generated from your development database when you run "rake".
|
11
|
+
# Do not set this db to the same as development or production.
|
12
|
+
test: &TEST
|
13
|
+
adapter: sqlite3
|
14
|
+
database: db/test.sqlite3
|
15
|
+
pool: 5
|
16
|
+
timeout: 5000
|
17
|
+
|
18
|
+
production:
|
19
|
+
adapter: sqlite3
|
20
|
+
database: db/production.sqlite3
|
21
|
+
pool: 5
|
22
|
+
timeout: 5000
|
23
|
+
|
24
|
+
cucumber:
|
25
|
+
<<: *TEST
|
@@ -0,0 +1,37 @@
|
|
1
|
+
# Be sure to restart your server when you modify this file
|
2
|
+
|
3
|
+
# Specifies gem version of Rails to use when vendor/rails is not present
|
4
|
+
RAILS_GEM_VERSION = '2.3.4' unless defined? RAILS_GEM_VERSION
|
5
|
+
|
6
|
+
# Bootstrap the Rails environment, frameworks, and default configuration
|
7
|
+
require File.join(File.dirname(__FILE__), 'boot')
|
8
|
+
|
9
|
+
Rails::Initializer.run do |config|
|
10
|
+
# Settings in config/environments/* take precedence over those specified here.
|
11
|
+
# Application configuration should go into files in config/initializers
|
12
|
+
# -- all .rb files in that directory are automatically loaded.
|
13
|
+
|
14
|
+
# Add additional load paths for your own custom dirs
|
15
|
+
# config.load_paths += %W( #{RAILS_ROOT}/extras )
|
16
|
+
|
17
|
+
# Specify gems that this application depends on and have them installed with rake gems:install
|
18
|
+
|
19
|
+
# Only load the plugins named here, in the order given (default is alphabetical).
|
20
|
+
# :all can be used as a placeholder for all plugins not explicitly named
|
21
|
+
# config.plugins = [ :exception_notification, :ssl_requirement, :all ]
|
22
|
+
|
23
|
+
# Skip frameworks you're not going to use. To use Rails without a database,
|
24
|
+
# you must remove the Active Record framework.
|
25
|
+
# config.frameworks -= [ :active_record, :active_resource, :action_mailer ]
|
26
|
+
|
27
|
+
# Activate observers that should always be running
|
28
|
+
# config.active_record.observers = :cacher, :garbage_collector, :forum_observer
|
29
|
+
|
30
|
+
# Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
|
31
|
+
# Run "rake -D time" for a list of tasks for finding time zone names.
|
32
|
+
config.time_zone = 'UTC'
|
33
|
+
|
34
|
+
# The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
|
35
|
+
# config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}')]
|
36
|
+
# config.i18n.default_locale = :de
|
37
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
config.cache_classes = true # This must be true for Cucumber to operate correctly!
|
2
|
+
|
3
|
+
# Log error messages when you accidentally call methods on nil.
|
4
|
+
config.whiny_nils = true
|
5
|
+
|
6
|
+
# Show full error reports and disable caching
|
7
|
+
config.action_controller.consider_all_requests_local = true
|
8
|
+
config.action_controller.perform_caching = false
|
9
|
+
|
10
|
+
# Disable request forgery protection in test environment
|
11
|
+
config.action_controller.allow_forgery_protection = false
|
12
|
+
|
13
|
+
# Tell Action Mailer not to deliver emails to the real world.
|
14
|
+
# The :test delivery method accumulates sent emails in the
|
15
|
+
# ActionMailer::Base.deliveries array.
|
16
|
+
config.action_mailer.delivery_method = :test
|
17
|
+
|
18
|
+
config.gem 'cucumber', :lib => false, :version => '>=0.3.100' unless File.directory?(File.join(Rails.root, 'vendor/plugins/cucumber'))
|
19
|
+
config.gem 'webrat', :lib => false, :version => '>=0.5.0' unless File.directory?(File.join(Rails.root, 'vendor/plugins/webrat'))
|
20
|
+
config.gem 'rspec', :lib => false, :version => '>=1.2.6' unless File.directory?(File.join(Rails.root, 'vendor/plugins/rspec'))
|
21
|
+
config.gem 'rspec-rails', :lib => 'spec/rails', :version => '>=1.2.6' unless File.directory?(File.join(Rails.root, 'vendor/plugins/rspec-rails'))
|
22
|
+
|
23
|
+
config.gem 'spork', :lib => false, :version => '>=0.5.9' unless File.directory?(File.join(Rails.root, 'vendor/plugins/spork'))
|
@@ -0,0 +1,17 @@
|
|
1
|
+
# Settings specified here will take precedence over those in config/environment.rb
|
2
|
+
|
3
|
+
# In the development environment your application's code is reloaded on
|
4
|
+
# every request. This slows down response time but is perfect for development
|
5
|
+
# since you don't have to restart the webserver when you make code changes.
|
6
|
+
config.cache_classes = false
|
7
|
+
|
8
|
+
# Log error messages when you accidentally call methods on nil.
|
9
|
+
config.whiny_nils = true
|
10
|
+
|
11
|
+
# Show full error reports and disable caching
|
12
|
+
config.action_controller.consider_all_requests_local = true
|
13
|
+
config.action_view.debug_rjs = true
|
14
|
+
config.action_controller.perform_caching = false
|
15
|
+
|
16
|
+
# Don't care if the mailer can't send
|
17
|
+
config.action_mailer.raise_delivery_errors = false
|
@@ -0,0 +1,28 @@
|
|
1
|
+
# Settings specified here will take precedence over those in config/environment.rb
|
2
|
+
|
3
|
+
# The production environment is meant for finished, "live" apps.
|
4
|
+
# Code is not reloaded between requests
|
5
|
+
config.cache_classes = true
|
6
|
+
|
7
|
+
# Full error reports are disabled and caching is turned on
|
8
|
+
config.action_controller.consider_all_requests_local = false
|
9
|
+
config.action_controller.perform_caching = true
|
10
|
+
config.action_view.cache_template_loading = true
|
11
|
+
|
12
|
+
# See everything in the log (default is :info)
|
13
|
+
# config.log_level = :debug
|
14
|
+
|
15
|
+
# Use a different logger for distributed setups
|
16
|
+
# config.logger = SyslogLogger.new
|
17
|
+
|
18
|
+
# Use a different cache store in production
|
19
|
+
# config.cache_store = :mem_cache_store
|
20
|
+
|
21
|
+
# Enable serving of images, stylesheets, and javascripts from an asset server
|
22
|
+
# config.action_controller.asset_host = "http://assets.example.com"
|
23
|
+
|
24
|
+
# Disable delivery errors, bad email addresses will be ignored
|
25
|
+
# config.action_mailer.raise_delivery_errors = false
|
26
|
+
|
27
|
+
# Enable threaded mode
|
28
|
+
# config.threadsafe!
|
@@ -0,0 +1,29 @@
|
|
1
|
+
# Settings specified here will take precedence over those in config/environment.rb
|
2
|
+
|
3
|
+
# The test environment is used exclusively to run your application's
|
4
|
+
# test suite. You never need to work with it otherwise. Remember that
|
5
|
+
# your test database is "scratch space" for the test suite and is wiped
|
6
|
+
# and recreated between test runs. Don't rely on the data there!
|
7
|
+
config.cache_classes = true
|
8
|
+
|
9
|
+
# Log error messages when you accidentally call methods on nil.
|
10
|
+
config.whiny_nils = true
|
11
|
+
|
12
|
+
# Show full error reports and disable caching
|
13
|
+
config.action_controller.consider_all_requests_local = true
|
14
|
+
config.action_controller.perform_caching = false
|
15
|
+
config.action_view.cache_template_loading = true
|
16
|
+
|
17
|
+
# Disable request forgery protection in test environment
|
18
|
+
config.action_controller.allow_forgery_protection = false
|
19
|
+
|
20
|
+
# Tell Action Mailer not to deliver emails to the real world.
|
21
|
+
# The :test delivery method accumulates sent emails in the
|
22
|
+
# ActionMailer::Base.deliveries array.
|
23
|
+
config.action_mailer.delivery_method = :test
|
24
|
+
|
25
|
+
# Use SQL instead of Active Record's schema dumper when creating the test database.
|
26
|
+
# This is necessary if your schema can't be completely dumped by the schema dumper,
|
27
|
+
# like if you have constraints or database-specific column types
|
28
|
+
# config.active_record.schema_format = :sql
|
29
|
+
|
@@ -0,0 +1,7 @@
|
|
1
|
+
# Be sure to restart your server when you modify this file.
|
2
|
+
|
3
|
+
# You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
|
4
|
+
# Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
|
5
|
+
|
6
|
+
# You can also remove all the silencers if you're trying do debug a problem that might steem from framework code.
|
7
|
+
# Rails.backtrace_cleaner.remove_silencers!
|
@@ -0,0 +1,10 @@
|
|
1
|
+
# Be sure to restart your server when you modify this file.
|
2
|
+
|
3
|
+
# Add new inflection rules using the following format
|
4
|
+
# (all these examples are active by default):
|
5
|
+
# ActiveSupport::Inflector.inflections do |inflect|
|
6
|
+
# inflect.plural /^(ox)$/i, '\1en'
|
7
|
+
# inflect.singular /^(ox)en/i, '\1'
|
8
|
+
# inflect.irregular 'person', 'people'
|
9
|
+
# inflect.uncountable %w( fish sheep )
|
10
|
+
# end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
# Be sure to restart your server when you modify this file.
|
2
|
+
|
3
|
+
# These settings change the behavior of Rails 2 apps and will be defaults
|
4
|
+
# for Rails 3. You can remove this initializer when Rails 3 is released.
|
5
|
+
|
6
|
+
if defined?(ActiveRecord)
|
7
|
+
# Include Active Record class name as root for JSON serialized output.
|
8
|
+
ActiveRecord::Base.include_root_in_json = true
|
9
|
+
|
10
|
+
# Store the full class name (including module namespace) in STI type column.
|
11
|
+
ActiveRecord::Base.store_full_sti_class = true
|
12
|
+
end
|
13
|
+
|
14
|
+
# ActionController::Routing.generate_best_match = false
|
15
|
+
|
16
|
+
# Use ISO 8601 format for JSON serialized times and dates.
|
17
|
+
ActiveSupport.use_standard_json_time_format = true
|
18
|
+
|
19
|
+
# Don't escape HTML entities in JSON, leave that for the #json_escape helper.
|
20
|
+
# if you're including raw json in an HTML page.
|
21
|
+
ActiveSupport.escape_html_entities_in_json = false
|
@@ -0,0 +1,15 @@
|
|
1
|
+
# Be sure to restart your server when you modify this file.
|
2
|
+
|
3
|
+
# Your secret key for verifying cookie session data integrity.
|
4
|
+
# If you change this key, all old sessions will become invalid!
|
5
|
+
# Make sure the secret is at least 30 characters and all random,
|
6
|
+
# no regular words or you'll be exposed to dictionary attacks.
|
7
|
+
ActionController::Base.session = {
|
8
|
+
:key => '_cukejuice_session',
|
9
|
+
:secret => 'f39ba5ef73a04aa66e9a8ab1291899f124a5a58f9702b12b5079a598666d7e395a48b7ee54c08061345686c9c2f1f7a6fc51a24596673dc8deae54cf1fdea630'
|
10
|
+
}
|
11
|
+
|
12
|
+
# Use the database for sessions instead of the cookie-based default,
|
13
|
+
# which shouldn't be used to store highly confidential information
|
14
|
+
# (create the session table with "rake db:sessions:create")
|
15
|
+
# ActionController::Base.session_store = :active_record_store
|
@@ -0,0 +1,14 @@
|
|
1
|
+
ActionController::Routing::Routes.draw do |map|
|
2
|
+
|
3
|
+
map.root :controller => 'welcome', :action => 'index'
|
4
|
+
|
5
|
+
map.resources :accounts
|
6
|
+
map.dashboard '/dashboard', :controller => 'accounts', :action => 'index'
|
7
|
+
|
8
|
+
map.resources :projects do |projects|
|
9
|
+
projects.resources :features
|
10
|
+
end
|
11
|
+
|
12
|
+
map.connect ':controller/:action/:id'
|
13
|
+
map.connect ':controller/:action/:id.:format'
|
14
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,31 @@
|
|
1
|
+
ENV["RAILS_ENV"] = "test"
|
2
|
+
require File.expand_path(File.dirname(__FILE__) + "/railsenv/config/environment")
|
3
|
+
require 'spec'
|
4
|
+
require 'spec/rails'
|
5
|
+
|
6
|
+
Spec::Runner.configure do |config|
|
7
|
+
config.use_transactional_fixtures = true
|
8
|
+
config.use_instantiated_fixtures = false
|
9
|
+
config.mock_with :mocha
|
10
|
+
end
|
11
|
+
|
12
|
+
plugin_spec_dir = File.dirname(__FILE__)
|
13
|
+
ActiveRecord::Base.logger = Logger.new(plugin_spec_dir + "/debug.log")
|
14
|
+
|
15
|
+
dir = File.expand_path(File.dirname(__FILE__))
|
16
|
+
require "#{dir}/../lib/authoritah"
|
17
|
+
|
18
|
+
class TestAuthorizerController < ActionController::Base
|
19
|
+
|
20
|
+
def index
|
21
|
+
render
|
22
|
+
end
|
23
|
+
|
24
|
+
def create
|
25
|
+
redirect_to '/success'
|
26
|
+
end
|
27
|
+
|
28
|
+
def show
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
metadata
ADDED
@@ -0,0 +1,75 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: authoritah
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Steven Mohapi-Banks
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
|
12
|
+
date: 2009-09-24 00:00:00 +01:00
|
13
|
+
default_executable:
|
14
|
+
dependencies: []
|
15
|
+
|
16
|
+
description: A really simple authorization plugin for Rails.
|
17
|
+
email: steven.mohapibanks@me.com
|
18
|
+
executables: []
|
19
|
+
|
20
|
+
extensions: []
|
21
|
+
|
22
|
+
extra_rdoc_files:
|
23
|
+
- LICENSE
|
24
|
+
- README.rdoc
|
25
|
+
files:
|
26
|
+
- init.rb
|
27
|
+
- lib/authoritah.rb
|
28
|
+
- LICENSE
|
29
|
+
- README.rdoc
|
30
|
+
has_rdoc: true
|
31
|
+
homepage: http://github.com/indmill/authoritah
|
32
|
+
licenses: []
|
33
|
+
|
34
|
+
post_install_message:
|
35
|
+
rdoc_options:
|
36
|
+
- --charset=UTF-8
|
37
|
+
require_paths:
|
38
|
+
- lib
|
39
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
40
|
+
requirements:
|
41
|
+
- - ">="
|
42
|
+
- !ruby/object:Gem::Version
|
43
|
+
version: "0"
|
44
|
+
version:
|
45
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
46
|
+
requirements:
|
47
|
+
- - ">="
|
48
|
+
- !ruby/object:Gem::Version
|
49
|
+
version: "0"
|
50
|
+
version:
|
51
|
+
requirements: []
|
52
|
+
|
53
|
+
rubyforge_project:
|
54
|
+
rubygems_version: 1.3.4
|
55
|
+
signing_key:
|
56
|
+
specification_version: 3
|
57
|
+
summary: A really simple authorization plugin for Rails.
|
58
|
+
test_files:
|
59
|
+
- spec/authoritah_spec.rb
|
60
|
+
- spec/spec_helper.rb
|
61
|
+
- spec/railsenv/app/controllers/application.rb
|
62
|
+
- spec/railsenv/config/boot.rb
|
63
|
+
- spec/railsenv/config/database.yml
|
64
|
+
- spec/railsenv/config/environment.rb
|
65
|
+
- spec/railsenv/config/environments/cucumber.rb
|
66
|
+
- spec/railsenv/config/environments/development.rb
|
67
|
+
- spec/railsenv/config/environments/production.rb
|
68
|
+
- spec/railsenv/config/environments/test.rb
|
69
|
+
- spec/railsenv/config/initializers/backtrace_silencers.rb
|
70
|
+
- spec/railsenv/config/initializers/inflections.rb
|
71
|
+
- spec/railsenv/config/initializers/mime_types.rb
|
72
|
+
- spec/railsenv/config/initializers/new_rails_defaults.rb
|
73
|
+
- spec/railsenv/config/initializers/session_store.rb
|
74
|
+
- spec/railsenv/config/locales/en.yml
|
75
|
+
- spec/railsenv/config/routes.rb
|