butler 1.8.2 → 1.8.3

data/lib/access/role/base.rb

@@ -0,0 +1,40 @@
+class Access
+	class Role
+
+		# The module to extend the Database manager
+		module Base
+
+			# Create a new Role
+			# role is a role-oid, should be \w+
+			# description is a piece of text describing the role
+			# privileges are the privileges the role provides
+			def create(role, description=nil, privilege_oids=[], role_oids=[])
+				raise "Role #{role} already exists" if exists?(role)
+				role        = Role.new(role, description)
+				role.access = access
+				role.base   = self
+				add(role)
+				role_oids.each { |role_oid|
+					role.roles.add_oid(role_oid)
+				}
+				privilege_oids.each { |priv|
+					role.privileges.add_oid(priv)
+				}
+				role
+			end
+	
+			# Restore an Access::Privilege from it's storable data
+			def load(*args) # :nodoc:
+				return nil unless data = super
+				roles        = access.role
+				data[:roles] = data[:roles].map { |role| roles[role] }
+				array        = data.values_at(:oid, :description)
+				array       << data
+				role         = Role.new(*array)
+				role.access  = access
+				role.base    = self
+				role
+			end
+		end
+	end
+end

data/lib/access/rolelist.rb

@@ -0,0 +1,99 @@
+#--
+# Copyright 2007 by Stefan Rusterholz.
+# All rights reserved.
+# See LICENSE.txt for permissions.
+#++
+
+
+
+require 'access'
+
+
+
+class Access
+	# A list of roles
+	class RoleList
+		include Enumerable
+
+		# owner must be capable of #save and #
+		# roles is the list of Role instances (array)
+		def initialize(owner, roles=nil)
+			@owner  = owner
+			@roles  = {}
+			roles.each { |role| @roles[role] = @owner.access.role[role] } if roles
+		end
+
+		# Tests if any of the roles in self allows a privilege under
+		# given conditions (may be nil to indicate no condition)
+		def allow?(privilege, condition=nil)
+			@roles.any? { |oid, role| role.allows?(privilege, condition) }
+		end
+
+		# add a role (Role instance)
+		def add(role)
+			@roles[role.oid] = role
+			@owner.save
+		end
+		
+		def add_oid(role_oid)
+			role = @owner.access.role[role_oid]
+			raise "Role #{role_oid} does not exist" unless role
+			add(role)
+		end
+		
+		# all roles
+		def list
+			@roles.dup
+		end
+
+		# Iterate over the roles (oid & role)
+		# :yield: role_oid, role
+		def each(&block)
+			@roles.each(&block)
+		end
+		
+		# Iterate over the role oids
+		def each_oid(&block)
+			@roles.each_key(&block)
+		end
+		
+		# Iterate over the roles
+		def each_role(&block)
+			@roles.each_value(&block)
+		end
+
+		# :nodoc:
+		# prepare for storage
+		def storable
+			@roles.map { |oid, role| oid }
+		end
+		
+		# :nodoc:
+		def access
+			@owner.access
+		end
+
+		# delete a role (Role instance)
+		def remove(role)
+			remove_oid(role.oid)
+		end
+		
+		# delete a role by its oid
+		def remove_oid(role_oid)
+			@roles.delete(role_oid)
+			@owner.save
+		end
+		
+		def save
+			@owner.save
+		end
+
+		def inspect # :nodoc:
+			"#<%s:0x%08x roles=%s>" %  [
+				self.class,
+				object_id << 1,
+				@roles.map { |oid, role| oid }.join(', '),
+			]
+		end
+	end
+end

data/lib/access/savable.rb

@@ -7,7 +7,10 @@
 
 
 class Access
+
 	# Mixin for classes representing records
+	# Requires a method base (Savable creates an accessor to @base) and
+	# an #oid method.
 	module Savable
 
 		# The Access instance that manages this records base
@@ -15,15 +18,15 @@ class Access
 		
 		# The "Base" instance that manages this record 
 		attr_accessor :base
-
+		
 		# save changes to this record
 		def save
-			base.save(id())
+			base.save(oid())
 		end
 		
 		# delete this record from the database
 		def delete
-			base.delete(id())
+			base.delete(oid())
 		end
 	end
 end

data/lib/access/user.rb

@@ -14,24 +14,24 @@ require 'access/admin'
 
 class Access
 	# Access::User
-	# Use nil-id if you don't want the object to be stored.
+	# Use nil-oid if you don't want the object to be stored.
 	class User
 		include Savable
 
 		module Base
 			# Create a new - inactive(!) - user
 			def create(user_id, credentials, meta=nil, admin=false, opt={})
-				raise "User-id #{user_id} already exists" if exists?(user_id)
+				raise "User-oid #{user_id} already exists" if exists?(user_id)
 				credentials = credentials ? access.hash_credentials(credentials, user_id) : "*"
 				user        = User.new(
+					access,
+					self,
 					user_id,
 					credentials,
 					meta,
 					admin,
-					{:active => !!opt.delete(:active)}.merge(opt)
+					{ :active => !!opt.delete(:active) }.merge(opt)
 				)
-				user.access = access
-				user.base   = self
 				add(user)
 				user
 			end
@@ -39,9 +39,9 @@ class Access
 			# Restore an Access::User from it's storable data
 			def load(*args) # :nodoc:
 				return nil unless data = super
-				array       = data.values_at(:id, :credentials, :meta, :admin)
+				array       = data.values_at(:oid, :credentials, :meta, :admin)
 				array      << data
-				user        = User.new(*array)
+				user        = User.new(access, self, *array)
 				user.access = access
 				user.base   = self
 				user
@@ -49,7 +49,7 @@ class Access
 		end
 
 		# The record-id
-		attr_reader :id
+		attr_reader :oid
 		
 		# The credentials of the user (password)
 		attr_reader :credentials
@@ -67,7 +67,7 @@ class Access
 		# Simplified to hashes and scalar values.
 		def storable
 			{
-				:id          => @id,
+				:oid         => @oid,
 				:credentials => @credentials,
 				:meta        => @meta,
 				:admin       => @admin,
@@ -78,18 +78,20 @@ class Access
 		end
 		
 		# access: the access-instance the user is tied to (necessary for storing)
-		# id: a string/integer, identifying the user
+		# oid: a string/integer, identifying the user
 		# credentials: (if not subclassed) a string authenticating the user, will be hashed before storing.
 		# meta: meta data about the user
 		# admin: admin's have all privileges granted
-		def initialize(id, credentials, meta=nil, admin=false, other={})
-			@id          = id
+		def initialize(access, base, oid, credentials, meta=nil, admin=false, other={})
+			@access      = access
+			@base        = base
+			@oid         = oid
 			@credentials = credentials
 			@admin       = admin
 			@active      = other.has_key?(:active) ? other[:active] : false
 			@meta        = meta
-			@roles       = Roles.new(self, other[:role])
-			@privileges  = Privileges.new(self, other[:privileges])
+			@roles       = RoleList.new(self, other[:roles])
+			@privileges  = PrivilegeList.new(self, other[:privileges])
 			@logged      = false
 
 			extend(Admin) if @admin
@@ -100,7 +102,7 @@ class Access
 		# accepted as correct) or a plaintext password, the method uses
 		# Access#hash_credentials to hash the passed in value.
 		def credentials=(value)
-			@credentials = value ? access.hash_credentials(value, @id) : "*"
+			@credentials = value ? access.hash_credentials(value, @oid) : "*"
 			save
 		end
 		
@@ -173,22 +175,22 @@ class Access
 		
 		# :nodoc:
 		def eql?(other)
-			self.class == other.class && @id.eql?(other.id)
+			self.class == other.class && @oid.eql?(other.oid)
 		end
 		alias == eql? # in ruby1.8 that's unecessary as == uses eql? per default
 		
 		# :nodoc:
 		def hash
-			@id.hash
+			@oid.hash
 		end
 
 		# :nodoc:
 		def inspect
-			"#<%s:0x%08x base: %s id: %s credentials: %s %s%s%s>" %  [
+			"#<%s:0x%08x base: %s oid: %s credentials: %s %s%s%s>" %  [
 				self.class,
 				object_id << 1,
 				"#{@base.class}(#{(class <<@base; self; end).ancestors.first})",
-				@id.inspect,
+				@oid.inspect,
 				@credentials,
 				@active ? 'active' : 'inactive',
 				admin? ? ' admin' : '',

data/lib/access/version.rb

@@ -0,0 +1,17 @@
+#--
+# Copyright 2007 by Stefan Rusterholz.
+# All rights reserved.
+# See LICENSE.txt for permissions.
+#++
+
+
+
+class Access
+	module VERSION # :nodoc:
+		MAJOR  = 1
+		MINOR  = 0
+		TINY   = 0
+		STRING = "#{MAJOR}.#{MINOR}.#{TINY}"
+		def self.to_s; STRING; end
+	end
+end

data/lib/access/yamlbase.rb

@@ -7,16 +7,18 @@
 
 
 require 'access'
+require 'thread'
 require 'yaml'
 
 
 
 class Access
 
-	# An Access compatible storage backend
+	# An Access compatible storage backend, based on YAML
 	class YAMLBase
 		include Enumerable
 
+		# The access instance this base is tied to
 		attr_accessor :access
 
 		#	extender:  a module that will extend this instance and provide additional
@@ -24,105 +26,119 @@ class Access
 		#	framework: the Access instance this data-storage is tied to
 		#	path:      the path to the data		
 		def initialize(extender, path=nil)
-			@path      = path
-			@extender  = extender
+			extend(extender) if extender
+			@path      = path || default_path # default_path comes from the extender
 			@data      = {}
-			extend(extender)
+			@lock      = Mutex.new
 
-			@path    ||= default_path
 			raise "Path must be a directory (#@path)" unless File.directory?(@path)
 		end
 		
-		#	The full path and filename to the data object belonging to id
-		def filename(id)
-			"#{@path}/#{escape(id)}.yaml"
+		#	The full path and filename to the data object belonging to oid
+		def filename(oid)
+			"#{@path}/#{escape(oid)}.yaml"
 		end
 		
 		# Escapes path names
-		def escape(id)
-			id.gsub(/[\x00-\x1f.%]/) { |m| "%%%02x"%m }.gsub("/", ".")
+		def escape(oid)
+			oid.gsub(/[\x00-\x1f.%]/) { |m| "%%%02x"%m }.gsub("/", ".")
 		end
 		
-		# Extracts the record-id from a path
-		def path2id(path)
+		# Extracts the record-oid from a path
+		def path2oid(path)
 			path[(@path.length+1)..-6].gsub(".", "/").gsub(/%([\dA-Fa-f]{2})/) { $1.to_i(16).chr }
 		end
 
 		# Load an entry, will not write to cache, returns nil if entry doesn't exist
-		def load(id)
-			file = filename(id)
-			File.exist?(file) ? YAML.load_file(file) : nil
+		def load(oid)
+			file = filename(oid)
+			YAML.load_file(file)
+		rescue Errno::ENOENT
+			nil
 		end
 
 		# Loads all entries into cache
 		def cache_all
 			slice = (@path.length+1)..-6
-			Dir.glob("#{@path}/*.yaml") { |path| # /**
-				id = path[slice]
-				@data[id] ||= load(id)
+			@lock.synchronize {
+				Dir.glob("#{@path}/*.yaml") { |path| # /**
+					oid = path[slice]
+					@data[oid] ||= load(oid)
+				}
 			}
 		end
 			
 
-		#	Retrieve the object with id, if force_load cache will be ignored.
-		def [](id, force_load=false)
-			if force_load then
-				@data[id] = load(id)
-			else
-				@data[id] ||= load(id)
-			end
+		#	Retrieve the object with oid, if force_load cache will be ignored.
+		def [](oid, force_load=false)
+			@lock.synchronize {
+				if force_load then
+					@data[oid] = load(oid)
+				else
+					@data[oid] ||= load(oid)
+				end
+			}
 		end
 		
 		#	Add a record to the storage
 		def <<(record)
-			@data[record.id]	= record
-			save(record.id)
+			@lock.synchronize {
+				@data[record.oid]	= record
+				save(record.oid)
+			}
 		end
 		alias add <<
 
 		#	Delete a record from the storage
-		def delete(id)
-			@data.delete(id)
-			File.delete(filename(id))
+		def delete_oid(oid)
+			@lock.synchronize {
+				@data.delete(oid)
+				File.delete(filename(oid))
+			}
 		end
 		
-		# All record id's
-		def keys
-			Dir.glob("#{@path}/*.yaml").map { |path|
-				path2id(path)
-			}
+		#	Delete a record from the storage
+		def delete(record)
+			delete_oid(record.oid)
 		end
-
-		#	Iterate over records, yielding id and object
+		
+		#	Iterate over records, yielding oid and object
 		def each
 			slice = (@path.length+1)..-6
 			Dir.glob("#{@path}/*.yaml") { |path|
-				id = path[slice]
-				yield(id, @data[id] || load(id))
+				oid = path[slice]
+				yield(oid, @data[oid] || load(oid))
 			}
 		end
 
-		#	Iterate over records, yielding id
+		#	Iterate over records, yielding oid
 		def each_key
 			Dir.glob("#{@path}/*.yaml") { |path|
-				yield(path2id(path))
+				yield(path2oid(path))
+			}
+		end
+
+		# All record oid's
+		def keys
+			Dir.glob("#{@path}/*.yaml").map { |path|
+				path2oid(path)
 			}
 		end
 
 		#	Check existency of an object.
-		def exists?(id)
-			@data.has_key?(id) || File.exists?(filename(id))
+		def exists?(oid)
+			@data.has_key?(oid) || File.exists?(filename(oid))
 		end
 		alias exist? exists?
 		
 		#	Synchronize data-cache with filesystem.
-		def save(id=nil)
-			if @data.has_key?(id) then
-				File.open(filename(id), 'w') { |fh| fh.write(@data[id].storable.to_yaml) }
-			elsif id.nil? then
+		def save(oid=nil)
+			if @data.has_key?(oid) then
+				File.open(filename(oid), 'w') { |fh| fh.write(@data[oid].storable.to_yaml) }
+			elsif oid.nil? then
 				@data.each_key { |key| save(key) }
 			else
-				raise "Could not save '#{id}' since it's not in @data"
+				raise "Could not save '#{oid}' since it's not in @data"
 			end
 		end
 	end