cbac 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (45) hide show
  1. data/Manifest +44 -0
  2. data/README.rdoc +48 -0
  3. data/Rakefile +36 -0
  4. data/cbac.gemspec +31 -0
  5. data/generators/cbac/USAGE +34 -0
  6. data/generators/cbac/cbac_generator.rb +45 -0
  7. data/generators/cbac/templates/config/context_roles.rb +10 -0
  8. data/generators/cbac/templates/config/privileges.rb +30 -0
  9. data/generators/cbac/templates/controllers/generic_roles_controller.rb +30 -0
  10. data/generators/cbac/templates/controllers/memberships_controller.rb +22 -0
  11. data/generators/cbac/templates/controllers/permissions_controller.rb +42 -0
  12. data/generators/cbac/templates/fixtures/cbac_generic_roles.yml +9 -0
  13. data/generators/cbac/templates/fixtures/cbac_memberships.yml +8 -0
  14. data/generators/cbac/templates/fixtures/cbac_permissions.yml +8 -0
  15. data/generators/cbac/templates/migrate/create_cbac.rb +40 -0
  16. data/generators/cbac/templates/stylesheets/cbac.css +65 -0
  17. data/generators/cbac/templates/views/generic_roles/index.html.erb +59 -0
  18. data/generators/cbac/templates/views/layouts/cbac.html.erb +17 -0
  19. data/generators/cbac/templates/views/memberships/_update.html.erb +12 -0
  20. data/generators/cbac/templates/views/memberships/index.html.erb +22 -0
  21. data/generators/cbac/templates/views/permissions/_update_context_role.html.erb +12 -0
  22. data/generators/cbac/templates/views/permissions/_update_generic_role.html.erb +12 -0
  23. data/generators/cbac/templates/views/permissions/index.html.erb +31 -0
  24. data/init.rb +11 -0
  25. data/lib/cbac.rb +104 -0
  26. data/lib/cbac/config.rb +10 -0
  27. data/lib/cbac/context_role.rb +27 -0
  28. data/lib/cbac/generic_role.rb +6 -0
  29. data/lib/cbac/membership.rb +4 -0
  30. data/lib/cbac/permission.rb +6 -0
  31. data/lib/cbac/privilege.rb +72 -0
  32. data/lib/cbac/privilege_set.rb +28 -0
  33. data/lib/cbac/privilege_set_record.rb +5 -0
  34. data/lib/cbac/setup.rb +31 -0
  35. data/tasks/cbac.rake +19 -0
  36. data/test/fixtures/cbac_generic_roles.yml +9 -0
  37. data/test/fixtures/cbac_memberships.yml +8 -0
  38. data/test/fixtures/cbac_permissions.yml +15 -0
  39. data/test/fixtures/cbac_privilege_set.yml +18 -0
  40. data/test/test_cbac_authorize_context_roles.rb +43 -0
  41. data/test/test_cbac_authorize_generic_roles.rb +37 -0
  42. data/test/test_cbac_context_role.rb +51 -0
  43. data/test/test_cbac_privilege.rb +99 -0
  44. data/test/test_cbac_privilege_set.rb +52 -0
  45. metadata +118 -0
@@ -0,0 +1,44 @@
1
+ Manifest
2
+ README.rdoc
3
+ Rakefile
4
+ cbac.gemspec
5
+ generators/cbac/USAGE
6
+ generators/cbac/cbac_generator.rb
7
+ generators/cbac/templates/config/context_roles.rb
8
+ generators/cbac/templates/config/privileges.rb
9
+ generators/cbac/templates/controllers/generic_roles_controller.rb
10
+ generators/cbac/templates/controllers/memberships_controller.rb
11
+ generators/cbac/templates/controllers/permissions_controller.rb
12
+ generators/cbac/templates/fixtures/cbac_generic_roles.yml
13
+ generators/cbac/templates/fixtures/cbac_memberships.yml
14
+ generators/cbac/templates/fixtures/cbac_permissions.yml
15
+ generators/cbac/templates/migrate/create_cbac.rb
16
+ generators/cbac/templates/stylesheets/cbac.css
17
+ generators/cbac/templates/views/generic_roles/index.html.erb
18
+ generators/cbac/templates/views/layouts/cbac.html.erb
19
+ generators/cbac/templates/views/memberships/_update.html.erb
20
+ generators/cbac/templates/views/memberships/index.html.erb
21
+ generators/cbac/templates/views/permissions/_update_context_role.html.erb
22
+ generators/cbac/templates/views/permissions/_update_generic_role.html.erb
23
+ generators/cbac/templates/views/permissions/index.html.erb
24
+ init.rb
25
+ lib/cbac.rb
26
+ lib/cbac/config.rb
27
+ lib/cbac/context_role.rb
28
+ lib/cbac/generic_role.rb
29
+ lib/cbac/membership.rb
30
+ lib/cbac/permission.rb
31
+ lib/cbac/privilege.rb
32
+ lib/cbac/privilege_set.rb
33
+ lib/cbac/privilege_set_record.rb
34
+ lib/cbac/setup.rb
35
+ tasks/cbac.rake
36
+ test/fixtures/cbac_generic_roles.yml
37
+ test/fixtures/cbac_memberships.yml
38
+ test/fixtures/cbac_permissions.yml
39
+ test/fixtures/cbac_privilege_set.yml
40
+ test/test_cbac_authorize_context_roles.rb
41
+ test/test_cbac_authorize_generic_roles.rb
42
+ test/test_cbac_context_role.rb
43
+ test/test_cbac_privilege.rb
44
+ test/test_cbac_privilege_set.rb
@@ -0,0 +1,48 @@
1
+ = Context Based Access Control
2
+
3
+ == DESCRIPTION:
4
+ Easy to use, light-weight authorization system for Rails applications.
5
+
6
+
7
+ == FEATURES:
8
+ - Authorize users via roles/ groups
9
+ - Authorize users via the context of their request
10
+
11
+ == SYNOPSIS:
12
+ Context Based Access Control allows you to build a Rails application with
13
+ both generic roles as well as context roles. The generic role part allows
14
+ an application to authorize users with a conventional role system. The context
15
+ part allows an application to authorize with a combination of the user
16
+ credentials and the context of the requested action.
17
+
18
+ == REQUIREMENTS:
19
+
20
+ == INSTALL:
21
+ The gem can be installed using the 'gem' command.
22
+ gem install cbac
23
+
24
+ To use the gem, see the documentation at cbac.rubyforge.org.
25
+ == LICENSE:
26
+
27
+ (The MIT License)
28
+
29
+ Copyright (c) 2009 Bert Meerman
30
+
31
+ Permission is hereby granted, free of charge, to any person obtaining
32
+ a copy of this software and associated documentation files (the
33
+ 'Software'), to deal in the Software without restriction, including
34
+ without limitation the rights to use, copy, modify, merge, publish,
35
+ distribute, sublicense, and/or sell copies of the Software, and to
36
+ permit persons to whom the Software is furnished to do so, subject to
37
+ the following conditions:
38
+
39
+ The above copyright notice and this permission notice shall be
40
+ included in all copies or substantial portions of the Software.
41
+
42
+ THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
43
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
44
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
45
+ IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
46
+ CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
47
+ TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
48
+ SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@@ -0,0 +1,36 @@
1
+ # Rakefile
2
+ require 'rubygems'
3
+ require 'rake'
4
+ require 'rake/testtask'
5
+ require 'rake/rdoctask'
6
+ require 'echoe'
7
+
8
+ desc 'Default: run unit tests.'
9
+ task :default => :test
10
+
11
+ desc 'Test CBAC plugin.'
12
+ Rake::TestTask.new(:test) do |t|
13
+ t.libs << 'lib'
14
+ t.pattern = 'test/**/test_*.rb'
15
+ t.verbose = true
16
+ end
17
+
18
+ desc 'Generate documentation for CBAC plugin.'
19
+ Rake::RDocTask.new(:rdoc) do |rdoc|
20
+ rdoc.rdoc_dir = 'rdoc'
21
+ rdoc.title = 'Cbac'
22
+ rdoc.options << '--line-numbers' << '--inline-source'
23
+ rdoc.rdoc_files.include('README')
24
+ rdoc.rdoc_files.include('lib/**/*.rb')
25
+ end
26
+
27
+ Echoe.new('cbac', '0.3.1') do |p|
28
+ p.summary = "CBAC - Simple authorization system for Rails applications."
29
+ p.description = "Simple authorization system for Rails applications. Allows you to develop applications with a mixed role based authorization and a context based authorization model. Does not supply authentication."
30
+ p.url = "http://cbac.rubyforge.org"
31
+ p.author = "Bert Meerman"
32
+ p.email = "b.meerman@ogd.nl"
33
+ p.ignore_pattern = []
34
+ p.development_dependencies = []
35
+ end
36
+
@@ -0,0 +1,31 @@
1
+ # -*- encoding: utf-8 -*-
2
+
3
+ Gem::Specification.new do |s|
4
+ s.name = %q{cbac}
5
+ s.version = "0.3.1"
6
+
7
+ s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
8
+ s.authors = ["Bert Meerman"]
9
+ s.date = %q{2010-02-05}
10
+ s.description = %q{Simple authorization system for Rails applications. Allows you to develop applications with a mixed role based authorization and a context based authorization model. Does not supply authentication.}
11
+ s.email = %q{b.meerman@ogd.nl}
12
+ s.extra_rdoc_files = ["README.rdoc", "lib/cbac.rb", "lib/cbac/config.rb", "lib/cbac/context_role.rb", "lib/cbac/generic_role.rb", "lib/cbac/membership.rb", "lib/cbac/permission.rb", "lib/cbac/privilege.rb", "lib/cbac/privilege_set.rb", "lib/cbac/privilege_set_record.rb", "lib/cbac/setup.rb", "tasks/cbac.rake"]
13
+ s.files = ["Manifest", "README.rdoc", "Rakefile", "cbac.gemspec", "generators/cbac/USAGE", "generators/cbac/cbac_generator.rb", "generators/cbac/templates/config/context_roles.rb", "generators/cbac/templates/config/privileges.rb", "generators/cbac/templates/controllers/generic_roles_controller.rb", "generators/cbac/templates/controllers/memberships_controller.rb", "generators/cbac/templates/controllers/permissions_controller.rb", "generators/cbac/templates/fixtures/cbac_generic_roles.yml", "generators/cbac/templates/fixtures/cbac_memberships.yml", "generators/cbac/templates/fixtures/cbac_permissions.yml", "generators/cbac/templates/migrate/create_cbac.rb", "generators/cbac/templates/stylesheets/cbac.css", "generators/cbac/templates/views/generic_roles/index.html.erb", "generators/cbac/templates/views/layouts/cbac.html.erb", "generators/cbac/templates/views/memberships/_update.html.erb", "generators/cbac/templates/views/memberships/index.html.erb", "generators/cbac/templates/views/permissions/_update_context_role.html.erb", "generators/cbac/templates/views/permissions/_update_generic_role.html.erb", "generators/cbac/templates/views/permissions/index.html.erb", "init.rb", "lib/cbac.rb", "lib/cbac/config.rb", "lib/cbac/context_role.rb", "lib/cbac/generic_role.rb", "lib/cbac/membership.rb", "lib/cbac/permission.rb", "lib/cbac/privilege.rb", "lib/cbac/privilege_set.rb", "lib/cbac/privilege_set_record.rb", "lib/cbac/setup.rb", "tasks/cbac.rake", "test/fixtures/cbac_generic_roles.yml", "test/fixtures/cbac_memberships.yml", "test/fixtures/cbac_permissions.yml", "test/fixtures/cbac_privilege_set.yml", "test/test_cbac_authorize_context_roles.rb", "test/test_cbac_authorize_generic_roles.rb", "test/test_cbac_context_role.rb", "test/test_cbac_privilege.rb", "test/test_cbac_privilege_set.rb"]
14
+ s.homepage = %q{http://cbac.rubyforge.org}
15
+ s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Cbac", "--main", "README.rdoc"]
16
+ s.require_paths = ["lib"]
17
+ s.rubyforge_project = %q{cbac}
18
+ s.rubygems_version = %q{1.3.5}
19
+ s.summary = %q{CBAC - Simple authorization system for Rails applications.}
20
+ s.test_files = ["test/test_cbac_authorize_context_roles.rb", "test/test_cbac_authorize_generic_roles.rb", "test/test_cbac_context_role.rb", "test/test_cbac_privilege.rb", "test/test_cbac_privilege_set.rb"]
21
+
22
+ if s.respond_to? :specification_version then
23
+ current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
24
+ s.specification_version = 3
25
+
26
+ if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
27
+ else
28
+ end
29
+ else
30
+ end
31
+ end
@@ -0,0 +1,34 @@
1
+ NAME
2
+ cbac - Generator scripts for the Context Based Access Control system
3
+
4
+ SYNOPSIS
5
+ cbac
6
+
7
+ DESCRIPTION
8
+ This generator creates the basic setup for the CBAC system.
9
+
10
+ Included:
11
+ - config/privileges.rb
12
+ - config/context_roles.rb
13
+ - db/migrate/create_cbac.rb
14
+ - app/controllers/cbac/generic_roles_controller.rb
15
+ - app/controllers/cbac/memberships_controller.rb
16
+ - app/controllers/cbac/permissions_controller.rb
17
+ - app/views/layouts/cbac.html.erb
18
+ - app/views/cbac/generic_roles/index.html.erb
19
+ - app/views/cbac/memberships/index.html.erb
20
+ - app/views/cbac/memberships/_update.html.erb
21
+ - app/views/cbac/permissions/index.html.erb
22
+ - app/views/cbac/permissions/_update.html.erb
23
+ - public/stylesheets/cbac.css
24
+ - test/fixtures/cbac_permissions.yml
25
+ - test/fixtures/cbac_generic_roles.yml
26
+ - test/fixtures/cbac_memberships.yml
27
+
28
+
29
+ EXAMPLE
30
+ ./script/generate cbac
31
+
32
+ MORE INFO
33
+ http://cbac.rubyforge.org/
34
+
@@ -0,0 +1,45 @@
1
+ require 'rbconfig'
2
+
3
+ class CbacGenerator < Rails::Generator::Base
4
+ def initialize(runtime_args, runtime_options = {})
5
+ super
6
+ #puts runtime_args
7
+ #raise "silently quiting"
8
+ end
9
+
10
+ def manifest
11
+ record do |m|
12
+ # developer files
13
+ m.file "config/privileges.rb", "config/privileges.rb", :collision => :skip
14
+ m.file "config/context_roles.rb", "config/context_roles.rb", :collision => :skip
15
+
16
+ # administration pages
17
+ m.directory "app/controllers/cbac"
18
+ m.file "controllers/permissions_controller.rb", "app/controllers/cbac/permissions_controller.rb"
19
+ m.file "controllers/generic_roles_controller.rb", "app/controllers/cbac/generic_roles_controller.rb"
20
+ m.file "controllers/memberships_controller.rb", "app/controllers/cbac/memberships_controller.rb"
21
+ m.directory "app/views/layouts"
22
+ m.file "views/layouts/cbac.html.erb", "app/views/layouts/cbac.html.erb"
23
+ m.directory "app/views/cbac"
24
+ m.directory "app/views/cbac/permissions"
25
+ m.directory "app/views/cbac/generic_roles"
26
+ m.directory "app/views/cbac/memberships"
27
+ m.file "views/permissions/index.html.erb", "app/views/cbac/permissions/index.html.erb"
28
+ m.file "views/permissions/_update_context_role.html.erb", "app/views/cbac/permissions/_update_context_role.html.erb"
29
+ m.file "views/permissions/_update_generic_role.html.erb", "app/views/cbac/permissions/_update_generic_role.html.erb"
30
+ m.file "views/generic_roles/index.html.erb", "app/views/cbac/generic_roles/index.html.erb"
31
+ m.file "views/memberships/index.html.erb", "app/views/cbac/memberships/index.html.erb"
32
+ m.file "views/memberships/_update.html.erb", "app/views/cbac/memberships/_update.html.erb"
33
+ m.directory "public/stylesheets"
34
+ m.file "stylesheets/cbac.css", "public/stylesheets/cbac.css"
35
+
36
+ # migrations
37
+ m.migration_template "migrate/create_cbac.rb", "db/migrate", {:migration_file_name => "create_cbac"}
38
+
39
+ # default fixtures
40
+ m.file "fixtures/cbac_permissions.yml", "test/fixtures/cbac_permissions.yml"
41
+ m.file "fixtures/cbac_generic_roles.yml", "test/fixtures/cbac_generic_roles.yml"
42
+ m.file "fixtures/cbac_memberships.yml", "test/fixtures/cbac_memberships.yml"
43
+ end
44
+ end
45
+ end
@@ -0,0 +1,10 @@
1
+ ### context_roles.rb
2
+ #
3
+ # Defines the context roles for the CBAC system
4
+ #
5
+ include Cbac
6
+
7
+ # Defining context roles
8
+ ContextRole.add :everybody, 'true'
9
+ ContextRole.add :not_logged_in_user, 'current_user.to_i == 0'
10
+ ContextRole.add :logged_in_user, 'current_user.to_i > 0'
@@ -0,0 +1,30 @@
1
+ ### Privileges.rb
2
+ #
3
+ # Defines the privilegesets and privileges for the CBAC system
4
+ #
5
+ include Cbac
6
+
7
+ # Defining privilegesets
8
+ PrivilegeSet.add :cbac_administration, "Allows administration of CBAC modules"
9
+
10
+ # Defining privileges on controller methods (REST resources)
11
+ Privilege.resource :cbac_administration, "cbac/permissions/index"
12
+ Privilege.resource :cbac_administration, "cbac/permissions/create", :post
13
+ Privilege.resource :cbac_administration, "cbac/memberships/index"
14
+ Privilege.resource :cbac_administration, "cbac/memberships/create", :post
15
+ Privilege.resource :cbac_administration, "cbac/generic_roles/index"
16
+ Privilege.resource :cbac_administration, "cbac/generic_roles/update", :post
17
+ Privilege.resource :cbac_administration, "cbac/generic_roles/create", :post
18
+ Privilege.resource :cbac_administration, "cbac/generic_roles/delete", :post
19
+
20
+ # model attributes
21
+ #Privilege.model_attribute :blog_update, :blog, :author, :write
22
+ #privilege.model_attribute :blog_update, :blog, :author, :w
23
+ #privilege.model_attribute :blog_update, :blog, :author, :rw
24
+ # Models
25
+ # Enforcing mode
26
+ #Privilege.model :blog_read, :blog, :load
27
+ #Privilege.model :blog_create, :blog, :save
28
+ #Privilege.model :blog_update, :blog, :update
29
+ #Privilege.model :blog_update, :blog, :delete
30
+
@@ -0,0 +1,30 @@
1
+ class Cbac::GenericRolesController < ApplicationController
2
+ # The layout used for all CBAC pages
3
+ layout "cbac"
4
+
5
+ # GET /index
6
+ # GET /index.xml
7
+ def index
8
+ end
9
+
10
+ # POST /update
11
+ def update
12
+ @role = Cbac::GenericRole.find(params[:id])
13
+ @role.update_attributes(params[:cbac_generic_role])
14
+ redirect_to :action => "index"
15
+ end
16
+
17
+ # POST /create
18
+ def create
19
+ @role = Cbac::GenericRole.new(params[:cbac_generic_role])
20
+ @role.save
21
+ redirect_to :action => "index"
22
+ end
23
+
24
+ # POST /delete
25
+ def delete
26
+ @role = Cbac::GenericRole.find(params[:id])
27
+ @role.delete
28
+ redirect_to :action => "index"
29
+ end
30
+ end
@@ -0,0 +1,22 @@
1
+ class Cbac::MembershipsController < ApplicationController
2
+ # The layout used for all CBAC pages
3
+ layout "cbac"
4
+
5
+ # GET /index
6
+ # GET /index.xml
7
+ def index
8
+ @generic_roles = Cbac::GenericRole.find(:all)
9
+ @users = User.find(:all)
10
+ end
11
+
12
+ # POST /update
13
+ def update
14
+ Cbac::Membership.find(:all, :conditions => ["generic_role_id = ? AND user_id = ?", params[:generic_role_id], params[:user_id]]).each{|p|p.delete}
15
+ if params[:member].to_s == "1"
16
+ Cbac::Membership.create(:generic_role_id => params[:generic_role_id], :user_id => params[:user_id])
17
+ end
18
+ role = Cbac::GenericRole.find(params[:generic_role_id])
19
+ render :partial => "cbac/memberships/update.html", :locals => {:generic_role => role,
20
+ :user_id => params[:user_id], :update_partial => true}
21
+ end
22
+ end
@@ -0,0 +1,42 @@
1
+ class Cbac::PermissionsController < ApplicationController
2
+ # The layout used for all CBAC pages
3
+ layout "cbac"
4
+
5
+ # GET /index GET /index.xml
6
+ def index
7
+ @context_roles = ContextRole.roles.collect{|key, value| [key, value]}
8
+ @generic_roles = Cbac::GenericRole.find(:all)
9
+ end
10
+
11
+ def update
12
+ unless params[:context_role].nil?
13
+ update_context_role
14
+ return
15
+ end
16
+ unless params[:generic_role_id].nil?
17
+ update_generic_role
18
+ end
19
+ end
20
+
21
+ private
22
+
23
+ # POST /update
24
+ def update_context_role
25
+ Cbac::Permission.find(:all, :conditions => ["context_role = ? AND privilege_set_id = ?", params[:context_role], params[:privilege_set_id]]).each{|p|p.delete}
26
+ if params[:permission].to_s == "1"
27
+ Cbac::Permission.create(:context_role => params[:context_role], :privilege_set_id => params[:privilege_set_id])
28
+ end
29
+ render :partial => "cbac/permissions/update_context_role.html", :locals => {:context_role => params[:context_role],
30
+ :set_id => params[:privilege_set_id], :update_partial => true}
31
+ end
32
+
33
+ def update_generic_role
34
+ Cbac::Permission.find(:all, :conditions => ["generic_role_id = ? AND privilege_set_id = ?", params[:generic_role_id], params[:privilege_set_id]]).each{|p|p.delete}
35
+ if params[:permission].to_s == "1"
36
+ Cbac::Permission.create(:generic_role_id => params[:generic_role_id], :privilege_set_id => params[:privilege_set_id])
37
+ end
38
+ role = Cbac::GenericRole.find(params[:generic_role_id])
39
+ render :partial => "cbac/permissions/update_generic_role.html", :locals => {:role =>role,
40
+ :set_id => params[:privilege_set_id], :update_partial => true}
41
+ end
42
+ end
@@ -0,0 +1,9 @@
1
+ ###
2
+ # Context
3
+ ## YAML template for the generic roles
4
+
5
+ one:
6
+ id: 1
7
+ name: administrators
8
+ remarks: Administrators role. Grants full access to the entire system.
9
+
@@ -0,0 +1,8 @@
1
+ ###
2
+ # Context
3
+ ## YAML template for the memberships
4
+
5
+ # Making the first user member of the administrator group
6
+ one:
7
+ user_id: 1
8
+ cbac_generic_role_id: 1
@@ -0,0 +1,8 @@
1
+ ###
2
+ # Context
3
+ ## YAML template for the permissions
4
+ <% PrivilegeSet.sets.each do |set| %>
5
+ fix_<%= set.id %>:
6
+ generic_role_id: 1
7
+ privilege_set_id: <%= set.id %>
8
+ <% end %>
@@ -0,0 +1,40 @@
1
+ class CreateCbac < ActiveRecord::Migration
2
+ def self.up
3
+ create_table :cbac_permissions do |t|
4
+ t.integer :generic_role_id, :default => 0
5
+ t.string :context_role
6
+ t.integer :privilege_set_id
7
+ t.timestamps
8
+ end
9
+
10
+ create_table :cbac_generic_roles do |t|
11
+ t.string :name
12
+ t.text :remarks
13
+ t.timestamps
14
+ end
15
+
16
+ create_table :cbac_memberships do |t|
17
+ t.integer :user_id
18
+ t.integer :generic_role_id
19
+ t.timestamps
20
+ end
21
+
22
+ create_table :cbac_privilege_set do |t|
23
+ t.string :name
24
+ t.timestamps
25
+ end
26
+
27
+ # create_table :cbac_context_role do |t|
28
+ # t.string :name
29
+ # t.timestamps
30
+ # end
31
+ end
32
+
33
+ def self.down
34
+ drop_table :cbac_permissions
35
+ drop_table :cbac_generic_roles
36
+ drop_table :cbac_memberships
37
+ drop_table :cbac_privilege_set
38
+ # drop_table :cbac_context_role
39
+ end
40
+ end