cbac 0.5.4 → 0.6.0
Sign up to get free protection for your applications and to get access to all the features.
- data/Manifest +74 -65
- data/README.rdoc +51 -48
- data/Rakefile +39 -36
- data/cbac.gemspec +31 -31
- data/config/cbac/context_roles.rb +21 -0
- data/config/cbac/privileges.rb +50 -0
- data/context_roles.rb +21 -0
- data/init.rb +3 -11
- data/lib/cbac.rb +132 -114
- data/lib/cbac/cbac_pristine/pristine.rb +134 -134
- data/lib/cbac/cbac_pristine/pristine_file.rb +170 -170
- data/lib/cbac/cbac_pristine/pristine_permission.rb +193 -193
- data/lib/cbac/cbac_pristine/pristine_role.rb +41 -41
- data/lib/cbac/config.rb +9 -9
- data/lib/cbac/context_role.rb +27 -27
- data/lib/cbac/generic_role.rb +5 -5
- data/lib/cbac/known_permission.rb +14 -14
- data/lib/cbac/membership.rb +3 -3
- data/lib/cbac/permission.rb +5 -5
- data/lib/cbac/privilege.rb +117 -116
- data/lib/cbac/privilege_new_api.rb +56 -56
- data/lib/cbac/privilege_set.rb +29 -29
- data/lib/cbac/privilege_set_record.rb +6 -6
- data/lib/cbac/setup.rb +37 -30
- data/{generators → lib/generators}/cbac/USAGE +33 -33
- data/lib/generators/cbac/cbac_generator.rb +75 -0
- data/{generators/cbac/templates → lib/generators/cbac/copy_files}/config/cbac.pristine +2 -2
- data/lib/generators/cbac/copy_files/config/context_roles.rb +17 -0
- data/lib/generators/cbac/copy_files/config/privileges.rb +25 -0
- data/{generators/cbac/templates → lib/generators/cbac/copy_files}/controllers/generic_roles_controller.rb +30 -30
- data/{generators/cbac/templates → lib/generators/cbac/copy_files}/controllers/memberships_controller.rb +22 -22
- data/{generators/cbac/templates → lib/generators/cbac/copy_files}/controllers/permissions_controller.rb +61 -61
- data/{generators/cbac/templates → lib/generators/cbac/copy_files}/controllers/upgrade_controller.rb +23 -23
- data/{generators/cbac/templates → lib/generators/cbac/copy_files}/fixtures/cbac_generic_roles.yml +9 -9
- data/{generators/cbac/templates → lib/generators/cbac/copy_files}/fixtures/cbac_memberships.yml +8 -8
- data/{generators/cbac/templates → lib/generators/cbac/copy_files}/fixtures/cbac_permissions.yml +8 -8
- data/lib/generators/cbac/copy_files/initializers/cbac_config.rb +2 -0
- data/{generators/cbac/templates → lib/generators/cbac/copy_files}/migrate/create_cbac_from_scratch.rb +59 -59
- data/{generators/cbac/templates → lib/generators/cbac/copy_files}/migrate/create_cbac_upgrade_path.rb +31 -31
- data/{generators/cbac/templates → lib/generators/cbac/copy_files}/stylesheets/cbac.css +65 -65
- data/{generators/cbac/templates → lib/generators/cbac/copy_files}/tasks/cbac.rake +345 -345
- data/{generators/cbac/templates → lib/generators/cbac/copy_files}/views/generic_roles/index.html.erb +58 -58
- data/{generators/cbac/templates → lib/generators/cbac/copy_files}/views/layouts/cbac.html.erb +18 -18
- data/{generators/cbac/templates → lib/generators/cbac/copy_files}/views/memberships/_update.html.erb +11 -11
- data/{generators/cbac/templates → lib/generators/cbac/copy_files}/views/memberships/index.html.erb +23 -22
- data/{generators/cbac/templates → lib/generators/cbac/copy_files}/views/permissions/_update_context_role.html.erb +11 -11
- data/{generators/cbac/templates → lib/generators/cbac/copy_files}/views/permissions/_update_generic_role.html.erb +11 -11
- data/{generators/cbac/templates → lib/generators/cbac/copy_files}/views/permissions/index.html.erb +39 -39
- data/{generators/cbac/templates → lib/generators/cbac/copy_files}/views/upgrade/index.html.erb +31 -31
- data/nbproject/private/private.properties +3 -0
- data/nbproject/private/private.xml +4 -0
- data/nbproject/private/rake-d.txt +0 -0
- data/nbproject/project.properties +9 -0
- data/nbproject/project.xml +16 -0
- data/privileges.rb +50 -0
- data/rails/init.rb +1 -0
- data/spec/cbac_pristine_file_spec.rb +329 -329
- data/spec/cbac_pristine_permission_spec.rb +358 -358
- data/spec/cbac_pristine_role_spec.rb +85 -85
- data/spec/rcov.opts +1 -1
- data/spec/spec.opts +4 -4
- data/spec/spec_helper.rb +11 -11
- data/tasks/cbac.rake +345 -345
- data/test/db/test.sqlite3 +0 -0
- data/test/fixtures/cbac_generic_roles.yml +9 -9
- data/test/fixtures/cbac_memberships.yml +8 -8
- data/test/fixtures/cbac_permissions.yml +14 -14
- data/test/fixtures/cbac_privilege_set.yml +18 -18
- data/test/test_cbac_actions.rb +71 -70
- data/test/test_cbac_authorize_context_roles.rb +39 -40
- data/test/test_cbac_authorize_generic_roles.rb +36 -37
- data/test/test_cbac_context_role.rb +50 -51
- data/test/test_cbac_privilege.rb +151 -152
- data/test/test_cbac_privilege_set.rb +50 -51
- data/test/test_helper.rb +28 -0
- metadata +70 -38
- data/generators/cbac/cbac_generator.rb +0 -66
- data/generators/cbac/templates/config/context_roles.rb +0 -10
- data/generators/cbac/templates/config/privileges.rb +0 -30
- data/vendor/plugins/cbac/Manifest +0 -60
- data/vendor/plugins/cbac/cbac-0.5.3.gem +0 -0
- data/vendor/plugins/cbac/cbac.gemspec +0 -31
- data/vendor/plugins/cbac/pkg/cbac-0.5.3.gem +0 -0
@@ -1,30 +1,30 @@
|
|
1
|
-
class Cbac::GenericRolesController < ApplicationController
|
2
|
-
# The layout used for all CBAC pages
|
3
|
-
layout "cbac"
|
4
|
-
|
5
|
-
# GET /index
|
6
|
-
# GET /index.xml
|
7
|
-
def index
|
8
|
-
end
|
9
|
-
|
10
|
-
# POST /update
|
11
|
-
def update
|
12
|
-
@role = Cbac::GenericRole.find(params[:id])
|
13
|
-
@role.update_attributes(params[:cbac_generic_role])
|
14
|
-
redirect_to :action => "index"
|
15
|
-
end
|
16
|
-
|
17
|
-
# POST /create
|
18
|
-
def create
|
19
|
-
@role = Cbac::GenericRole.new(params[:cbac_generic_role])
|
20
|
-
@role.save
|
21
|
-
redirect_to :action => "index"
|
22
|
-
end
|
23
|
-
|
24
|
-
# POST /delete
|
25
|
-
def delete
|
26
|
-
@role = Cbac::GenericRole.find(params[:id])
|
27
|
-
@role.delete
|
28
|
-
redirect_to :action => "index"
|
29
|
-
end
|
30
|
-
end
|
1
|
+
class Cbac::GenericRolesController < ApplicationController
|
2
|
+
# The layout used for all CBAC pages
|
3
|
+
layout "cbac"
|
4
|
+
|
5
|
+
# GET /index
|
6
|
+
# GET /index.xml
|
7
|
+
def index
|
8
|
+
end
|
9
|
+
|
10
|
+
# POST /update
|
11
|
+
def update
|
12
|
+
@role = Cbac::GenericRole.find(params[:id])
|
13
|
+
@role.update_attributes(params[:cbac_generic_role])
|
14
|
+
redirect_to :action => "index"
|
15
|
+
end
|
16
|
+
|
17
|
+
# POST /create
|
18
|
+
def create
|
19
|
+
@role = Cbac::GenericRole.new(params[:cbac_generic_role])
|
20
|
+
@role.save
|
21
|
+
redirect_to :action => "index"
|
22
|
+
end
|
23
|
+
|
24
|
+
# POST /delete
|
25
|
+
def delete
|
26
|
+
@role = Cbac::GenericRole.find(params[:id])
|
27
|
+
@role.delete
|
28
|
+
redirect_to :action => "index"
|
29
|
+
end
|
30
|
+
end
|
@@ -1,22 +1,22 @@
|
|
1
|
-
class Cbac::MembershipsController < ApplicationController
|
2
|
-
# The layout used for all CBAC pages
|
3
|
-
layout "cbac"
|
4
|
-
|
5
|
-
# GET /index
|
6
|
-
# GET /index.xml
|
7
|
-
def index
|
8
|
-
@generic_roles = Cbac::GenericRole.find(:all)
|
9
|
-
@users = User.find(:all)
|
10
|
-
end
|
11
|
-
|
12
|
-
# POST /update
|
13
|
-
def update
|
14
|
-
Cbac::Membership.find(:all, :conditions => ["generic_role_id = ? AND user_id = ?", params[:generic_role_id], params[:user_id]]).each{|p|p.delete}
|
15
|
-
if params[:member].to_s == "1"
|
16
|
-
Cbac::Membership.create(:generic_role_id => params[:generic_role_id], :user_id => params[:user_id])
|
17
|
-
end
|
18
|
-
role = Cbac::GenericRole.find(params[:generic_role_id])
|
19
|
-
render :partial => "cbac/memberships/update.html", :locals => {:generic_role => role,
|
20
|
-
:user_id => params[:user_id], :update_partial => true}
|
21
|
-
end
|
22
|
-
end
|
1
|
+
class Cbac::MembershipsController < ApplicationController
|
2
|
+
# The layout used for all CBAC pages
|
3
|
+
layout "cbac"
|
4
|
+
|
5
|
+
# GET /index
|
6
|
+
# GET /index.xml
|
7
|
+
def index
|
8
|
+
@generic_roles = Cbac::GenericRole.find(:all)
|
9
|
+
@users = User.find(:all)
|
10
|
+
end
|
11
|
+
|
12
|
+
# POST /update
|
13
|
+
def update
|
14
|
+
Cbac::Membership.find(:all, :conditions => ["generic_role_id = ? AND user_id = ?", params[:generic_role_id], params[:user_id]]).each{|p|p.delete}
|
15
|
+
if params[:member].to_s == "1"
|
16
|
+
Cbac::Membership.create(:generic_role_id => params[:generic_role_id], :user_id => params[:user_id])
|
17
|
+
end
|
18
|
+
role = Cbac::GenericRole.find(params[:generic_role_id])
|
19
|
+
render :partial => "cbac/memberships/update.html", :locals => {:generic_role => role,
|
20
|
+
:user_id => params[:user_id], :update_partial => true}
|
21
|
+
end
|
22
|
+
end
|
@@ -1,61 +1,61 @@
|
|
1
|
-
class Cbac::PermissionsController < ApplicationController
|
2
|
-
# The layout used for all CBAC pages
|
3
|
-
layout "cbac"
|
4
|
-
|
5
|
-
# GET /index GET /index.xml
|
6
|
-
def index
|
7
|
-
if params[:role_substr] and params[:role_substr] != ""
|
8
|
-
@context_roles = []
|
9
|
-
@generic_roles = []
|
10
|
-
|
11
|
-
params[:role_substr].split('|').each do |role_start|
|
12
|
-
@context_roles += (ContextRole.roles.select {|key,value| !key.to_s.match(/^#{role_start}/).nil?}).collect{|key, value| [key, value]}
|
13
|
-
@generic_roles += Cbac::GenericRole.find(:all).select {|role| !role.name.match(/^#{role_start}/).nil? }
|
14
|
-
end
|
15
|
-
else
|
16
|
-
@context_roles = ContextRole.roles
|
17
|
-
@generic_roles = Cbac::GenericRole.all
|
18
|
-
end
|
19
|
-
|
20
|
-
if params[:priv_substr] && params[:priv_substr] != ""
|
21
|
-
@sets = []
|
22
|
-
params[:priv_substr].split('|').each do |priv_start|
|
23
|
-
@sets += PrivilegeSet.sets.select {|key, value| !key.to_s.match(/^#{priv_start}/).nil?}
|
24
|
-
end
|
25
|
-
else
|
26
|
-
@sets = PrivilegeSet.sets
|
27
|
-
end
|
28
|
-
end
|
29
|
-
|
30
|
-
def update
|
31
|
-
unless params[:context_role].nil?
|
32
|
-
update_context_role
|
33
|
-
return
|
34
|
-
end
|
35
|
-
unless params[:generic_role_id].nil?
|
36
|
-
update_generic_role
|
37
|
-
end
|
38
|
-
end
|
39
|
-
|
40
|
-
private
|
41
|
-
|
42
|
-
# POST /update
|
43
|
-
def update_context_role
|
44
|
-
Cbac::Permission.find(:all, :conditions => ["context_role = ? AND privilege_set_id = ?", params[:context_role], params[:privilege_set_id]]).each{|p|p.delete}
|
45
|
-
if params[:permission].to_s == "1"
|
46
|
-
Cbac::Permission.create(:context_role => params[:context_role], :privilege_set_id => params[:privilege_set_id])
|
47
|
-
end
|
48
|
-
render :partial => "cbac/permissions/update_context_role.html", :locals => {:context_role => params[:context_role],
|
49
|
-
:set_id => params[:privilege_set_id], :update_partial => true}
|
50
|
-
end
|
51
|
-
|
52
|
-
def update_generic_role
|
53
|
-
Cbac::Permission.find(:all, :conditions => ["generic_role_id = ? AND privilege_set_id = ?", params[:generic_role_id], params[:privilege_set_id]]).each{|p|p.delete}
|
54
|
-
if params[:permission].to_s == "1"
|
55
|
-
Cbac::Permission.create(:generic_role_id => params[:generic_role_id], :privilege_set_id => params[:privilege_set_id])
|
56
|
-
end
|
57
|
-
role = Cbac::GenericRole.find(params[:generic_role_id])
|
58
|
-
render :partial => "cbac/permissions/update_generic_role.html", :locals => {:role =>role,
|
59
|
-
:set_id => params[:privilege_set_id], :update_partial => true}
|
60
|
-
end
|
61
|
-
end
|
1
|
+
class Cbac::PermissionsController < ApplicationController
|
2
|
+
# The layout used for all CBAC pages
|
3
|
+
layout "cbac"
|
4
|
+
|
5
|
+
# GET /index GET /index.xml
|
6
|
+
def index
|
7
|
+
if params[:role_substr] and params[:role_substr] != ""
|
8
|
+
@context_roles = []
|
9
|
+
@generic_roles = []
|
10
|
+
|
11
|
+
params[:role_substr].split('|').each do |role_start|
|
12
|
+
@context_roles += (ContextRole.roles.select {|key,value| !key.to_s.match(/^#{role_start}/).nil?}).collect{|key, value| [key, value]}
|
13
|
+
@generic_roles += Cbac::GenericRole.find(:all).select {|role| !role.name.match(/^#{role_start}/).nil? }
|
14
|
+
end
|
15
|
+
else
|
16
|
+
@context_roles = ContextRole.roles
|
17
|
+
@generic_roles = Cbac::GenericRole.all
|
18
|
+
end
|
19
|
+
|
20
|
+
if params[:priv_substr] && params[:priv_substr] != ""
|
21
|
+
@sets = []
|
22
|
+
params[:priv_substr].split('|').each do |priv_start|
|
23
|
+
@sets += PrivilegeSet.sets.select {|key, value| !key.to_s.match(/^#{priv_start}/).nil?}
|
24
|
+
end
|
25
|
+
else
|
26
|
+
@sets = PrivilegeSet.sets
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
def update
|
31
|
+
unless params[:context_role].nil?
|
32
|
+
update_context_role
|
33
|
+
return
|
34
|
+
end
|
35
|
+
unless params[:generic_role_id].nil?
|
36
|
+
update_generic_role
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
private
|
41
|
+
|
42
|
+
# POST /update
|
43
|
+
def update_context_role
|
44
|
+
Cbac::Permission.find(:all, :conditions => ["context_role = ? AND privilege_set_id = ?", params[:context_role], params[:privilege_set_id]]).each{|p|p.delete}
|
45
|
+
if params[:permission].to_s == "1"
|
46
|
+
Cbac::Permission.create(:context_role => params[:context_role], :privilege_set_id => params[:privilege_set_id])
|
47
|
+
end
|
48
|
+
render :partial => "cbac/permissions/update_context_role.html", :locals => {:context_role => params[:context_role],
|
49
|
+
:set_id => params[:privilege_set_id], :update_partial => true}
|
50
|
+
end
|
51
|
+
|
52
|
+
def update_generic_role
|
53
|
+
Cbac::Permission.find(:all, :conditions => ["generic_role_id = ? AND privilege_set_id = ?", params[:generic_role_id], params[:privilege_set_id]]).each{|p|p.delete}
|
54
|
+
if params[:permission].to_s == "1"
|
55
|
+
Cbac::Permission.create(:generic_role_id => params[:generic_role_id], :privilege_set_id => params[:privilege_set_id])
|
56
|
+
end
|
57
|
+
role = Cbac::GenericRole.find(params[:generic_role_id])
|
58
|
+
render :partial => "cbac/permissions/update_generic_role.html", :locals => {:role =>role,
|
59
|
+
:set_id => params[:privilege_set_id], :update_partial => true}
|
60
|
+
end
|
61
|
+
end
|
data/{generators/cbac/templates → lib/generators/cbac/copy_files}/controllers/upgrade_controller.rb
RENAMED
@@ -1,24 +1,24 @@
|
|
1
|
-
class Cbac::UpgradeController < ApplicationController
|
2
|
-
|
3
|
-
layout 'cbac'
|
4
|
-
|
5
|
-
def index
|
6
|
-
@permissions = Cbac::CbacPristine::PristinePermission.all
|
7
|
-
end
|
8
|
-
|
9
|
-
def update
|
10
|
-
|
11
|
-
params[:permissions].each do |perm_array|
|
12
|
-
next if perm_array[1][:action] == 'leave'
|
13
|
-
permission = Cbac::CbacPristine::PristinePermission.find(perm_array[1][:id])
|
14
|
-
case perm_array[1][:action]
|
15
|
-
when 'accept'
|
16
|
-
permission.accept
|
17
|
-
when 'reject'
|
18
|
-
permission.reject
|
19
|
-
end
|
20
|
-
end
|
21
|
-
redirect_to :action => :index
|
22
|
-
|
23
|
-
end
|
1
|
+
class Cbac::UpgradeController < ApplicationController
|
2
|
+
|
3
|
+
layout 'cbac'
|
4
|
+
|
5
|
+
def index
|
6
|
+
@permissions = Cbac::CbacPristine::PristinePermission.all
|
7
|
+
end
|
8
|
+
|
9
|
+
def update
|
10
|
+
|
11
|
+
params[:permissions].each do |perm_array|
|
12
|
+
next if perm_array[1][:action] == 'leave'
|
13
|
+
permission = Cbac::CbacPristine::PristinePermission.find(perm_array[1][:id])
|
14
|
+
case perm_array[1][:action]
|
15
|
+
when 'accept'
|
16
|
+
permission.accept
|
17
|
+
when 'reject'
|
18
|
+
permission.reject
|
19
|
+
end
|
20
|
+
end
|
21
|
+
redirect_to :action => :index
|
22
|
+
|
23
|
+
end
|
24
24
|
end
|
data/{generators/cbac/templates → lib/generators/cbac/copy_files}/fixtures/cbac_generic_roles.yml
RENAMED
@@ -1,9 +1,9 @@
|
|
1
|
-
###
|
2
|
-
# Context
|
3
|
-
## YAML template for the generic roles
|
4
|
-
|
5
|
-
one:
|
6
|
-
id: 1
|
7
|
-
name: administrator
|
8
|
-
remarks: Administrators role. Grants full access to the entire system.
|
9
|
-
|
1
|
+
###
|
2
|
+
# Context
|
3
|
+
## YAML template for the generic roles
|
4
|
+
|
5
|
+
one:
|
6
|
+
id: 1
|
7
|
+
name: administrator
|
8
|
+
remarks: Administrators role. Grants full access to the entire system.
|
9
|
+
|
data/{generators/cbac/templates → lib/generators/cbac/copy_files}/fixtures/cbac_memberships.yml
RENAMED
@@ -1,8 +1,8 @@
|
|
1
|
-
###
|
2
|
-
# Context
|
3
|
-
## YAML template for the memberships
|
4
|
-
|
5
|
-
# Making the first user member of the administrator group
|
6
|
-
one:
|
7
|
-
user_id: 1
|
8
|
-
generic_role_id: 1
|
1
|
+
###
|
2
|
+
# Context
|
3
|
+
## YAML template for the memberships
|
4
|
+
|
5
|
+
# Making the first user member of the administrator group
|
6
|
+
one:
|
7
|
+
user_id: 1
|
8
|
+
generic_role_id: 1
|
data/{generators/cbac/templates → lib/generators/cbac/copy_files}/fixtures/cbac_permissions.yml
RENAMED
@@ -1,8 +1,8 @@
|
|
1
|
-
###
|
2
|
-
# Context
|
3
|
-
## YAML template for the permissions
|
4
|
-
<% PrivilegeSet.sets.each do |set| %>
|
5
|
-
fix_<%= set.id %>:
|
6
|
-
generic_role_id: 1
|
7
|
-
privilege_set_id: <%= set.id %>
|
8
|
-
<% end %>
|
1
|
+
###
|
2
|
+
# Context
|
3
|
+
## YAML template for the permissions
|
4
|
+
<% PrivilegeSet.sets.each do |set| %>
|
5
|
+
fix_<%= set.id %>:
|
6
|
+
generic_role_id: 1
|
7
|
+
privilege_set_id: <%= set.id %>
|
8
|
+
<% end %>
|
@@ -1,59 +1,59 @@
|
|
1
|
-
class CreateCbacFromScratch < ActiveRecord::Migration
|
2
|
-
def self.up
|
3
|
-
create_table :cbac_permissions do |t|
|
4
|
-
t.integer :generic_role_id, :default => 0
|
5
|
-
t.string :context_role
|
6
|
-
t.integer :privilege_set_id
|
7
|
-
t.timestamps
|
8
|
-
end
|
9
|
-
|
10
|
-
create_table :cbac_generic_roles do |t|
|
11
|
-
t.string :name
|
12
|
-
t.text :remarks
|
13
|
-
t.timestamps
|
14
|
-
end
|
15
|
-
|
16
|
-
create_table :cbac_memberships do |t|
|
17
|
-
t.integer :user_id
|
18
|
-
t.integer :generic_role_id
|
19
|
-
t.timestamps
|
20
|
-
end
|
21
|
-
|
22
|
-
create_table :cbac_privilege_set do |t|
|
23
|
-
t.string :name
|
24
|
-
t.string :comment
|
25
|
-
t.timestamps
|
26
|
-
end
|
27
|
-
|
28
|
-
create_table :cbac_staged_permissions do |t|
|
29
|
-
t.integer :pristine_role_id
|
30
|
-
t.string :privilege_set_name
|
31
|
-
t.integer :line_number
|
32
|
-
t.string :comment
|
33
|
-
t.text :operation, :limit => 2
|
34
|
-
t.timestamps
|
35
|
-
end
|
36
|
-
|
37
|
-
create_table :cbac_staged_roles do |t|
|
38
|
-
t.string :role_type
|
39
|
-
t.string :name
|
40
|
-
t.integer :role_id
|
41
|
-
t.timestamps
|
42
|
-
end
|
43
|
-
|
44
|
-
create_table :cbac_known_permissions do |t|
|
45
|
-
t.integer :permission_number, :null => :no
|
46
|
-
t.integer :permission_type, :default => 0
|
47
|
-
end
|
48
|
-
end
|
49
|
-
|
50
|
-
def self.down
|
51
|
-
drop_table :cbac_permissions
|
52
|
-
drop_table :cbac_generic_roles
|
53
|
-
drop_table :cbac_memberships
|
54
|
-
drop_table :cbac_privilege_set
|
55
|
-
drop_table :cbac_staged_permissions
|
56
|
-
drop_table :cbac_staged_roles
|
57
|
-
drop_table :cbac_known_permission
|
58
|
-
end
|
59
|
-
end
|
1
|
+
class CreateCbacFromScratch < ActiveRecord::Migration
|
2
|
+
def self.up
|
3
|
+
create_table :cbac_permissions do |t|
|
4
|
+
t.integer :generic_role_id, :default => 0
|
5
|
+
t.string :context_role
|
6
|
+
t.integer :privilege_set_id
|
7
|
+
t.timestamps
|
8
|
+
end
|
9
|
+
|
10
|
+
create_table :cbac_generic_roles do |t|
|
11
|
+
t.string :name
|
12
|
+
t.text :remarks
|
13
|
+
t.timestamps
|
14
|
+
end
|
15
|
+
|
16
|
+
create_table :cbac_memberships do |t|
|
17
|
+
t.integer :user_id
|
18
|
+
t.integer :generic_role_id
|
19
|
+
t.timestamps
|
20
|
+
end
|
21
|
+
|
22
|
+
create_table :cbac_privilege_set do |t|
|
23
|
+
t.string :name
|
24
|
+
t.string :comment
|
25
|
+
t.timestamps
|
26
|
+
end
|
27
|
+
|
28
|
+
create_table :cbac_staged_permissions do |t|
|
29
|
+
t.integer :pristine_role_id
|
30
|
+
t.string :privilege_set_name
|
31
|
+
t.integer :line_number
|
32
|
+
t.string :comment
|
33
|
+
t.text :operation, :limit => 2
|
34
|
+
t.timestamps
|
35
|
+
end
|
36
|
+
|
37
|
+
create_table :cbac_staged_roles do |t|
|
38
|
+
t.string :role_type
|
39
|
+
t.string :name
|
40
|
+
t.integer :role_id
|
41
|
+
t.timestamps
|
42
|
+
end
|
43
|
+
|
44
|
+
create_table :cbac_known_permissions do |t|
|
45
|
+
t.integer :permission_number, :null => :no
|
46
|
+
t.integer :permission_type, :default => 0
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
def self.down
|
51
|
+
drop_table :cbac_permissions
|
52
|
+
drop_table :cbac_generic_roles
|
53
|
+
drop_table :cbac_memberships
|
54
|
+
drop_table :cbac_privilege_set
|
55
|
+
drop_table :cbac_staged_permissions
|
56
|
+
drop_table :cbac_staged_roles
|
57
|
+
drop_table :cbac_known_permission
|
58
|
+
end
|
59
|
+
end
|