authoryze 0.0.3

checksums.yaml

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    MzBjOTQ1NWVmNmJiYjJmNzMyYTE2M2RlNTljMDNkNmU5OTYxOTg4Mg==
+  data.tar.gz: !binary |-
+    N2YyZTBkYmMwNWE1ZTRmZTQxNWUxYmI5Y2M5YjczYmRmNjc2YjZiMg==
+!binary "U0hBNTEy":
+  metadata.gz: !binary |-
+    YzdmZThiYTI0ZTNjNThjNTUzNjE1NzM1NTU3MjQzN2Y0NDhlNmI3YWUwNGVl
+    ZTcxYmU5MTM1Mzg1YTNlZTUxNDRmODkzZjFjZWNjYmU4OWE1OTE0ZWRiMmYz
+    N2ZiMmRkOThiZWUyMzU4YTQ2ODQxYjJjNDMyZDUzZjMyYmNlNDM=
+  data.tar.gz: !binary |-
+    NTIwYWNmZDFiMGU4ZGNmNzczNmZjOGRjNTc2MjlkMWM1ZWQyZWUwMTgxOTY1
+    NDI5MjdmNzgxZGM2YWU2YWFiOWVhYmRjZWFiZjc2MGRjNDVmMzA0ZmYzZDQ1
+    MWY2OWJlOGFmMTU1OTlmMzIxZDIzODIxZWY5YzAxZTI4NDRmYjc=

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/.rspec

@@ -0,0 +1,3 @@
+--color
+--format progress
+--require spec_helper

data/.ruby-version

@@ -0,0 +1 @@
+1.9.3-p392

data/.watchr

@@ -0,0 +1,96 @@
+if __FILE__ == $0
+  puts "Run with: watchr #{__FILE__}. \n\nRequired gems: watchr rev"
+  exit 1
+end
+
+# --------------------------------------------------
+# Convenience Methods
+# --------------------------------------------------
+def run(cmd)
+  sleep(2)
+  puts("%s %s [%s]" % ["|\n" * 5 , cmd , Time.now.to_s])
+  $last_test = cmd
+  system(cmd)
+end
+
+def run_all_specs
+  tags = "--tag #{ARGV[1]}" if ARGV[1]
+  run "bundle exec rake -s spec SPEC_OPTS='--order rand #{tags.to_s}'"
+end
+
+def run_last_test
+  run($last_test)
+end
+
+def run_single_spec *spec
+  tags = "--tag #{ARGV[1]}" if ARGV[1]
+  spec = spec.join(' ')
+  run "bundle exec rspec  #{spec} --order rand #{tags}"
+end
+
+def run_specs_with_shared_examples(shared_example_filename, spec_path = 'spec')
+
+  # Returns the names of the shared examples in filename
+  def shared_examples(filename)
+    lines = File.readlines(filename)
+    lines.grep(/shared_examples_for[\s'"]+(.+)['"]\s*[do|\{]/) do |matching_line|
+      $1
+    end
+  end
+
+  # Returns array with filenames of the specs using shared_example
+  def specs_with_shared_example(shared_example, path)
+    command = "grep -lrE 'it_should_behave_like .(#{shared_example}).' #{path}"
+    `#{command}`.split
+  end
+
+  shared_examples(shared_example_filename).each do |shared_example|
+    specs_to_run = specs_with_shared_example(shared_example, spec_path)
+    run_single_spec(specs_to_run) unless specs_to_run.empty?
+  end
+
+end
+
+def run_cucumber_scenario scenario_path
+  if scenario_path !~ /.*\.feature$/
+    scenario_path = $last_scenario
+  end
+  $last_scenario = scenario_path
+  run "bundle exec cucumber #{scenario_path} --tags @dev"
+end
+
+# --------------------------------------------------
+# Watchr Rules
+# --------------------------------------------------
+watch( '^spec/spec_helper\.rb'                    ) {     run_all_specs }
+watch( '^spec/shared_behaviors/.*\.rb'            ) { |m| run_specs_with_shared_examples(m[0]) }
+watch( '^spec/.*_spec\.rb'                        ) { |m| run_single_spec(m[0]) }
+watch( '^app/lib/.*'                        ) { |m| run_last_test }
+watch( '^spec/factories.*'                        ) { |m| run_last_test }
+watch( '^test_harness/.*'                        ) { |m| run_last_test }
+watch( '^app/(.*)\.rb'                            ) { |m| run_single_spec("spec/%s_spec.rb" % m[1]) }
+watch( '^app/views/(.*)\.haml'                    ) { |m| run_single_spec("spec/views/%s.haml_spec.rb" % m[1]) }
+watch( '^lib/(.*)\.rb'                            ) { |m| run_single_spec("spec/other/%s_spec.rb" % m[1] ) }
+watch( '^features/*/.*'                           ) { |m| run_cucumber_scenario(m[0]) }
+watch( '^test-harness/*/.*'                       ) { |m| run_cucumber_scenario(m[0]) }
+
+
+# --------------------------------------------------
+# Signal Handling
+# --------------------------------------------------
+# Ctrl-\
+Signal.trap('QUIT') do
+  puts " --- Running all tests ---\n\n"
+  run_all_specs
+end
+
+# Ctrl-T
+Signal.trap('TSTP') do
+  puts " --- Running last test --\n\n"
+  run_cucumber_scenario nil
+end
+
+# Ctrl-C
+Signal.trap('INT') { abort("\n") }
+
+puts "Watching.." 

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in authoryze.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2013 Maher Hawash
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,29 @@
+# Authoryze
+
+TODO: Write a gem description
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'authoryze'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install authoryze
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/authoryze.gemspec

@@ -0,0 +1,27 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'authoryze/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "authoryze"
+  spec.version       = Authoryze::VERSION
+  spec.authors       = ["Maher Hawash"]
+  spec.email         = ["gmhawash@gmail.com"]
+  spec.description   = %q{Provides matrix based and role level authorization}
+  spec.summary       = %q{matrix based and role level authorization}
+  spec.homepage      = ""
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency 'rspec'
+  spec.add_development_dependency 'watchr'
+  spec.add_development_dependency 'debugger'
+  spec.add_development_dependency 'simplecov'
+end

data/lib/authoryze.rb

@@ -0,0 +1,43 @@
+require "forwardable"
+require 'authoryze/version'
+require 'authoryze/rails'
+require 'authoryze/exceptions'
+require 'authoryze/configuration'
+
+module Authoryze
+  class << self
+    extend Forwardable
+    Configuration.defined_settings.each do |setting|
+      def_delegators :configuration, setting, "#{setting.to_s}="
+    end
+
+    # @public
+    # Returns the global configuration, or initializes a new configuration
+    # object if it doesn't exist yet.
+    #
+    def configuration
+      @configuration ||= Authoryze::Configuration.new
+    end
+
+    # @public
+    # Yields the global configuration to a block.
+    # @yield [configuration] global configuration
+    #
+    # @example
+    #   Authoryze.configure do |c|
+    #     c.root = 'path/to/ruote/assets'
+    #   end
+    # @see Authoryze::Configuration
+    def configure(&block)
+      unless block_given?
+        raise ArgumentError.new("You tried to .configure without a block!")
+      end
+      yield configuration
+    end
+
+    def reset!
+      @configuration = nil
+    end
+  end
+end
+

data/lib/authoryze/configuration.rb

@@ -0,0 +1,30 @@
+module Authoryze
+  # Stores configuration information
+  #
+  # Configuration information is loaded from a configuration block defined within
+  # the client application.
+  #
+  # @example Standard settings
+  #   Authroyze.configure do |c|
+  #     c.resource_accessor = :current_user         # controller.current_user
+  #     c.permission_collection = :permissions    # controller.current_user.permissions
+  #   end
+  #
+  class Configuration
+    class << self
+      def define_setting(name)
+        defined_settings << name
+        attr_accessor name
+      end
+
+      def defined_settings
+        @defined_settings ||= []
+      end
+    end
+
+    define_setting :resource_accessor
+
+    define_setting :permissions_collection
+
+  end
+end

data/lib/authoryze/exceptions.rb

@@ -0,0 +1,17 @@
+module Authoryze
+  class AccessDenied < StandardError
+    attr_reader :action, :subject
+    attr_writer :default_message
+
+    def initialize(message = nil, action = nil, subject = nil)
+      @message = message
+      @action = action
+      @subject = subject
+      @default_message = I18n.t(:"unauthorized.default", :default => "You are not authorized to access this page.")
+    end
+
+    def to_s
+      @message || @default_message
+    end
+  end
+end

data/lib/authoryze/rails.rb

@@ -0,0 +1,18 @@
+module Authoryze
+module Rails
+  def self.setup
+    if defined?(::Rails) &&  defined?(::ActionController::Base)
+      require 'authoryze/rails/controller_extensions'
+      require 'authoryze/rails/can_filter'
+      require 'authoryze/rails/authoryze_filter'
+
+      ActionController::Base.class_eval do
+        include Authoryze::Rails::ControllerExtensions
+      end
+    end
+  end
+end
+end
+
+Authoryze::Rails.setup
+

data/lib/authoryze/rails/authoryze_filter.rb

@@ -0,0 +1,37 @@
+module Authoryze
+module Rails
+  class AuthoryzeFilter
+    def initialize(controller_class)
+      @controller_name = controller_class.controller_name
+    end
+
+    def filter(controller)
+      @controller = controller
+      unless matches_permission?
+        raise Authoryze::AccessDenied, "Permission '#{action}' is not allowed for current user"
+      end
+    end
+
+    private
+    def matches_permission?
+      [:manage, action].any? do |permission|
+        permission = "%s_%s?" % [permission, @controller_name]
+        @controller.can.respond_to?(permission) &&
+        @controller.can.send(permission)
+      end
+    end
+
+    def action
+      @action ||= {
+        :index => :read,
+        :show => :read,
+        :new => :create,
+        :create => :create,
+        :edit => :update,
+        :update => :update,
+      }[@controller.request.parameters['action'].to_sym]
+    end
+  end
+end
+end
+

data/lib/authoryze/rails/can_filter.rb

@@ -0,0 +1,18 @@
+module Authoryze
+module Rails
+  class CanFilter
+    def initialize(permissions)
+      @permissions = permissions
+    end
+
+    def filter(controller)
+      @permissions.each do |permission|
+        unless controller.can.send("#{permission}?")
+          raise Authoryze::AccessDenied, "Permission '#{permission}' is not allowed for current user"
+        end
+      end
+    end
+  end
+end
+end
+

data/lib/authoryze/rails/controller_extensions.rb

@@ -0,0 +1,38 @@
+require 'ostruct'
+
+module Authoryze
+module Rails
+  module ControllerExtensions
+    extend ActiveSupport::Concern
+
+    included do
+      class_eval do
+        helper_method :can
+      end
+    end
+
+    def can
+      @__can_authoryze ||= OpenStruct.new begin
+        if resource = send(Authoryze.resource_accessor)
+          Hash[resource.send(Authoryze.permissions_collection).map{|x| ['%s?' % x,true]}]
+        end
+      end
+    end
+
+    module ClassMethods
+      def authoryze!(*args)
+        options = args.extract_options!
+        filter = Authoryze::Rails::AuthoryzeFilter.new(self)
+        self.before_filter(filter, options.slice(:only, :except, :if, :unless))
+      end
+
+      def can(*args)
+        options = args.extract_options!
+        filter = Authoryze::Rails::CanFilter.new(args)
+        self.before_filter(filter, options.slice(:only, :except, :if, :unless))
+      end
+    end
+  end
+end
+end
+

data/lib/authoryze/rails/filter.rb

@@ -0,0 +1,18 @@
+module Authoryze
+module Rails
+  class Filter
+    def initialize(permissions)
+      @permissions = permissions
+    end
+
+    def filter(controller)
+      @permissions.each do |permission|
+        unless controller.can.send("#{permission}?")
+          raise Authoryze::AccessDenied, "Permission '#{permission}' is not allowed for current user"
+        end
+      end
+    end
+  end
+end
+end
+

data/lib/authoryze/version.rb

@@ -0,0 +1,3 @@
+module Authoryze
+  VERSION = "0.0.3"
+end

data/spec/authorize/configuration_spec.rb

@@ -0,0 +1,3 @@
+describe Authoryze::Configuration do
+
+end

data/spec/authorize/rails_spec.rb

@@ -0,0 +1,27 @@
+describe Authoryze::Rails do
+  describe '.setup' do
+    it 'injects ControllerExtensions into ActionController::Base' do
+      stub_const("Rails", :rails)
+      stub_const("ActionController::Base", Class.new)
+      stub_const("Authoryze::Rails::ControllerExtensions", Class.new)
+      described_class.should_receive(:require).any_number_of_times
+      ActionController::Base.should_receive(:include).with(Authoryze::Rails::ControllerExtensions)
+
+      described_class.setup
+    end
+
+    it 'skips injection if Rails not defined' do
+      stub_const("ActionController::Base", Class.new)
+      described_class.should_not_receive(:require).any_number_of_times
+
+      described_class.setup
+    end
+
+    it 'skips injection if ActionController::Base is not defined' do
+      stub_const("Rails", Class.new)
+      described_class.should_not_receive(:require).any_number_of_times
+
+      described_class.setup
+    end
+  end
+end

data/spec/authoryze_spec.rb

@@ -0,0 +1,59 @@
+describe Authoryze do
+
+  describe '.configure' do
+    it 'yields configuration if block given' do
+      configuration = double
+      described_class.stub(:configuration => configuration)
+      described_class.should_receive(:configure).and_yield(configuration)
+      described_class.configure {|c| }
+    end
+
+    it 'raises an error if block not given' do
+      expect{
+        described_class.configure
+      }.to raise_error ArgumentError
+    end
+  end
+
+  describe '.configuration' do
+    before :each do
+      Authoryze.reset!
+    end
+
+    it 'returns a new configuration object' do
+      Authoryze::Configuration.should_receive(:new).and_call_original
+      described_class.configuration.should be_an_instance_of Authoryze::Configuration
+    end
+
+    it 'returns memoized version' do
+      configuration = described_class.configuration
+      described_class.configuration.should == configuration
+    end
+  end
+
+  describe '#can', :pending => true do
+    it 'returns true if user has permission' do
+      role = Role.create :name => 'boss', :permissions => {'manage_peons?' => true}
+      user = create :user, :roles => [role]
+      subject.stub(:current_user => user)
+      subject.can.manage_peons?.should be_true
+    end
+
+    it 'raises AccessDenied error if user does not have permission' do
+      role = Role.create :name => 'boss', :permissions => {'manage_peons?' => true}
+      user = create :user, :roles => [role]
+      subject.stub(:current_user => user)
+      subject.can.manage_big_boss?.should be_false
+    end
+
+    it 'returns true for permissions from any of the roles' do
+      role = Role.create :name => 'boss', :permissions => {'manage_peons?' => true}
+      role2 = Role.create :name => 'boss2', :permissions => {'manage_underlings?' => true}
+      user = create :user, :roles => [role, role2]
+      subject.stub(:current_user => user)
+      subject.can.manage_peons?.should be_true
+      subject.can.manage_underlings?.should be_true
+    end
+  end
+end
+

data/spec/spec_helper.rb

@@ -0,0 +1,20 @@
+# This file was generated by the `rspec --init` command. Conventionally, all
+# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
+# Require this file using `require "spec_helper"` to ensure that it is only
+# loaded once.
+#
+# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
+
+require 'authoryze'
+
+RSpec.configure do |config|
+  config.treat_symbols_as_metadata_keys_with_true_values = true
+  config.run_all_when_everything_filtered = true
+  config.filter_run :focus
+
+  # Run specs in random order to surface order dependencies. If you find an
+  # order dependency and want to debug it, you can fix the order by providing
+  # the seed, which is printed after each run.
+  #     --seed 1234
+  config.order = 'random'
+end

metadata

@@ -0,0 +1,154 @@
+--- !ruby/object:Gem::Specification
+name: authoryze
+version: !ruby/object:Gem::Version
+  version: 0.0.3
+platform: ruby
+authors:
+- Maher Hawash
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-01-15 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: watchr
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: debugger
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Provides matrix based and role level authorization
+email:
+- gmhawash@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .rspec
+- .ruby-version
+- .watchr
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- authoryze.gemspec
+- lib/authoryze.rb
+- lib/authoryze/configuration.rb
+- lib/authoryze/exceptions.rb
+- lib/authoryze/rails.rb
+- lib/authoryze/rails/authoryze_filter.rb
+- lib/authoryze/rails/can_filter.rb
+- lib/authoryze/rails/controller_extensions.rb
+- lib/authoryze/rails/filter.rb
+- lib/authoryze/version.rb
+- spec/authorize/configuration_spec.rb
+- spec/authorize/rails_spec.rb
+- spec/authoryze_spec.rb
+- spec/spec_helper.rb
+homepage: ''
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.0.6
+signing_key: 
+specification_version: 4
+summary: matrix based and role level authorization
+test_files:
+- spec/authorize/configuration_spec.rb
+- spec/authorize/rails_spec.rb
+- spec/authoryze_spec.rb
+- spec/spec_helper.rb