break_dance 0.1.2

checksums.yaml

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    NjM5MDQ4YzAwY2VhZjlhMTdiYmE5MzEwNjZjOWUyZTcwMGNjZDRhYQ==
+  data.tar.gz: !binary |-
+    Y2JhNmE0MzgzYzc3ZmJlMjdjYTk2NzJkZjU1OWM0MjgzMjgwMDBjYg==
+SHA512:
+  metadata.gz: !binary |-
+    MjRmNjE1OWVkMGEwMDYxNGFhZTkxNjBhZDgwNDkxYWQ4MjA4OTBlYmYxZDk0
+    ZmM2NmQ0YzkxN2IwMjE4ODM2OTUyMGZjZTMyZWM4NmZkMjZlYmYyZWE1OGQw
+    NjMxNzllZTk0M2U3MjhkZjkyYTA5MmJiMTMzN2IxNGVjNmQwNzU=
+  data.tar.gz: !binary |-
+    NDE2OWNlNDFjMzY3OWQ0ZWU2NjUyYzYyMmU4MzUxYTE5YTBjOWYwYzQ5MDAx
+    MWJlODA3ZGZjMmM4N2JjZjEwMTc5OGM4ZDI3YmRmOTMyOGY5ZjAyOTQ0NGEz
+    MTBiNzFiZTFiYjA5ZWJlNTlhMjZjYWY5ZjlmOThlYjYwNGUzNzk=

data/.gitignore

@@ -0,0 +1,20 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+.idea
+.ruby-version
+.ruby-gemset

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in break_dance.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 Zlatko Zahariev
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,29 @@
+# BreakDance
+
+TODO: Write a gem description
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'break_dance'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install break_dance
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/break_dance.gemspec

@@ -0,0 +1,23 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'break_dance/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "break_dance"
+  spec.version       = BreakDance::VERSION
+  spec.authors       = ['Zlatko Zahariev']
+  spec.email         = ['zlatko.zahariev@gmail.com']
+  spec.description   = %q{Rails authorization gem.}
+  spec.summary       = %q{Rails authorization for data-centric applications based on ActiveRecord.}
+  spec.homepage      = 'https://github.com/notentered/breakdance'
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "rake"
+end

data/lib/break_dance/controller_additions.rb

@@ -0,0 +1,72 @@
+module BreakDance
+  module ControllerAdditions
+    module ClassMethods
+      def enable_authorization!
+        before_filter :prepare_security_policy
+        before_filter :access_filter
+      end
+    end
+
+    def self.included(base)
+      base.extend ClassMethods
+      base.helper_method :can?, :cannot?
+    end
+
+    def with_authorization?
+      @with_authorization || false
+    end
+
+    def can?(action, resource)
+      return true unless with_authorization?
+
+      allowed_permissions = current_permissions['resources'].select { |_,v| v == '1'}
+
+      allowed = allowed_permissions.any? do |r|
+        Thread.current[:security_policy_holder].resources[r[0].to_sym] and Thread.current[:security_policy_holder].resources[r[0].to_sym][:can].any? do |k,v|
+          v = Array.wrap(v)
+          k == resource.to_sym && (
+          (
+            v.include?(:all_actions) &&
+            !(
+              Thread.current[:security_policy_holder].resources[r[0].to_sym][:except] &&
+              Thread.current[:security_policy_holder].resources[r[0].to_sym][:except][resource.to_sym] &&
+              Thread.current[:security_policy_holder].resources[r[0].to_sym][:except][resource.to_sym].include?(action.to_sym)
+            )
+          ) || v.include?(action.to_sym) )
+        end
+      end
+
+      allowed
+    end
+
+    def cannot?(action, resource)
+      !can?(action, resource)
+    end
+
+    def current_permissions
+      Permissions.for_user(current_user)
+    end
+
+    private
+
+    def prepare_security_policy
+      @with_authorization = true
+
+      Thread.current[:security_policy_holder] = BreakDance::SecurityPoliciesHolder.new
+
+      SecurityPolicy.new(current_user)
+    end
+
+    def access_filter
+      raise BreakDance::AccessDenied.new unless can?(self.action_name ,self.controller_path)
+    end
+
+  end
+
+end
+
+if defined? ActionController::Base
+  ActionController::Base.class_eval do
+    include BreakDance::ControllerAdditions
+  end
+end

data/lib/break_dance/exceptions.rb

@@ -0,0 +1,4 @@
+module BreakDance
+  class AccessDenied < StandardError
+  end
+end

data/lib/break_dance/security_policies_holder.rb

@@ -0,0 +1,10 @@
+module BreakDance
+  class SecurityPoliciesHolder < BasicObject
+    attr_accessor :policies, :resources, :suppress_security_for
+
+    def initialize
+      @policies = {}
+      @resources = {}
+    end
+  end
+end

data/lib/break_dance/security_policy_additions.rb

@@ -0,0 +1,19 @@
+module BreakDance
+  module SecurityPolicyAdditions
+    def policy(name)
+      @policy_name = name
+      yield
+    end
+
+    def scope(model)
+      model_name = model.name
+      if @user and @user.permissions and @user.permissions['models'] and @user.permissions['models'].has_key? model_name and @user.permissions['models'][model_name] == @policy_name
+        Thread.current[:security_policy_holder].policies[model.name] = yield(model.unscoped)
+      end
+    end
+
+    def resource(key, resource)
+      Thread.current[:security_policy_holder].resources[key] = resource
+    end
+  end
+end

data/lib/break_dance/security_scoping.rb

@@ -0,0 +1,29 @@
+module BreakDance
+  module SecurityScoping
+    extend ActiveSupport::Concern
+
+    module ClassMethods
+      def scoped(options = nil)
+        scope = super(options)
+        return ActiveRecord::Relation.new(self, Arel::Table.new(table_name)) unless scope
+
+        sph = Thread.current[:security_policy_holder]
+        if sph
+          if sph.suppress_security_for == self.name
+            sph.suppress_security_for = nil
+            scope
+          else
+            scope.merge(sph.policies[self.name]).readonly(false)
+          end
+        else
+          scope
+        end
+      end
+
+      def unsecured
+        Thread.current[:security_policy_holder].suppress_security_for = self.name
+        scoped
+      end
+    end
+  end
+end

data/lib/break_dance/version.rb

@@ -0,0 +1,3 @@
+module BreakDance
+  VERSION = "0.1.2"
+end

data/lib/break_dance.rb

@@ -0,0 +1,12 @@
+require 'break_dance/controller_additions'
+require 'break_dance/exceptions'
+require 'break_dance/security_policy_additions'
+require 'break_dance/security_policies_holder'
+require 'break_dance/security_scoping'
+require 'break_dance/version'
+
+ActiveRecord::Base.send(:include, BreakDance::SecurityScoping)
+
+module BreakDance
+
+end

metadata

@@ -0,0 +1,85 @@
+--- !ruby/object:Gem::Specification
+name: break_dance
+version: !ruby/object:Gem::Version
+  version: 0.1.2
+platform: ruby
+authors:
+- Zlatko Zahariev
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-04-11 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Rails authorization gem.
+email:
+- zlatko.zahariev@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- break_dance.gemspec
+- lib/break_dance.rb
+- lib/break_dance/controller_additions.rb
+- lib/break_dance/exceptions.rb
+- lib/break_dance/security_policies_holder.rb
+- lib/break_dance/security_policy_additions.rb
+- lib/break_dance/security_scoping.rb
+- lib/break_dance/version.rb
+homepage: https://github.com/notentered/breakdance
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: Rails authorization for data-centric applications based on ActiveRecord.
+test_files: []