cbac 0.6.1 → 0.6.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Manifest +70 -74
- data/README.rdoc +51 -51
- data/Rakefile +39 -39
- data/cbac.gemspec +30 -31
- data/config/cbac/context_roles.rb +21 -21
- data/config/cbac/privileges.rb +50 -50
- data/context_roles.rb +21 -21
- data/init.rb +3 -3
- data/lib/cbac.rb +132 -132
- data/lib/cbac/cbac_pristine/pristine.rb +138 -135
- data/lib/cbac/cbac_pristine/pristine_file.rb +173 -170
- data/lib/cbac/cbac_pristine/pristine_permission.rb +205 -194
- data/lib/cbac/cbac_pristine/pristine_role.rb +41 -41
- data/lib/cbac/config.rb +9 -9
- data/lib/cbac/context_role.rb +27 -27
- data/lib/cbac/generic_role.rb +5 -5
- data/lib/cbac/known_permission.rb +14 -14
- data/lib/cbac/membership.rb +3 -3
- data/lib/cbac/permission.rb +5 -5
- data/lib/cbac/privilege.rb +117 -117
- data/lib/cbac/privilege_new_api.rb +56 -56
- data/lib/cbac/privilege_set.rb +29 -29
- data/lib/cbac/privilege_set_record.rb +6 -6
- data/lib/cbac/setup.rb +37 -37
- data/lib/generators/cbac/USAGE +33 -33
- data/lib/generators/cbac/cbac_generator.rb +75 -75
- data/lib/generators/cbac/copy_files/config/cbac.pristine +2 -2
- data/lib/generators/cbac/copy_files/config/context_roles.rb +17 -17
- data/lib/generators/cbac/copy_files/config/privileges.rb +25 -25
- data/lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb +30 -30
- data/lib/generators/cbac/copy_files/controllers/memberships_controller.rb +22 -22
- data/lib/generators/cbac/copy_files/controllers/permissions_controller.rb +61 -61
- data/lib/generators/cbac/copy_files/controllers/upgrade_controller.rb +23 -23
- data/lib/generators/cbac/copy_files/fixtures/cbac_generic_roles.yml +9 -9
- data/lib/generators/cbac/copy_files/fixtures/cbac_memberships.yml +8 -8
- data/lib/generators/cbac/copy_files/fixtures/cbac_permissions.yml +8 -8
- data/lib/generators/cbac/copy_files/initializers/cbac_config.rb +4 -4
- data/lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb +59 -59
- data/lib/generators/cbac/copy_files/migrate/create_cbac_upgrade_path.rb +40 -31
- data/lib/generators/cbac/copy_files/stylesheets/cbac.css +65 -65
- data/lib/generators/cbac/copy_files/tasks/cbac.rake +345 -345
- data/lib/generators/cbac/copy_files/views/generic_roles/index.html.erb +58 -58
- data/lib/generators/cbac/copy_files/views/layouts/cbac.html.erb +18 -18
- data/lib/generators/cbac/copy_files/views/memberships/_update.html.erb +11 -11
- data/lib/generators/cbac/copy_files/views/memberships/index.html.erb +23 -23
- data/lib/generators/cbac/copy_files/views/permissions/_update_context_role.html.erb +11 -11
- data/lib/generators/cbac/copy_files/views/permissions/_update_generic_role.html.erb +11 -11
- data/lib/generators/cbac/copy_files/views/permissions/index.html.erb +39 -39
- data/lib/generators/cbac/copy_files/views/upgrade/index.html.erb +31 -31
- data/migrations/20110211105533_add_pristine_files_to_cbac_upgrade_path.rb +16 -0
- data/privileges.rb +50 -50
- data/spec/cbac_pristine_file_spec.rb +329 -329
- data/spec/cbac_pristine_permission_spec.rb +358 -358
- data/spec/cbac_pristine_role_spec.rb +85 -85
- data/spec/rcov.opts +1 -1
- data/spec/spec.opts +4 -4
- data/spec/spec_helper.rb +11 -11
- data/tasks/cbac.rake +345 -345
- data/test/fixtures/cbac_generic_roles.yml +9 -9
- data/test/fixtures/cbac_memberships.yml +8 -8
- data/test/fixtures/cbac_permissions.yml +14 -14
- data/test/fixtures/cbac_privilege_set.yml +18 -18
- data/test/test_cbac_actions.rb +71 -71
- data/test/test_cbac_authorize_context_roles.rb +39 -39
- data/test/test_cbac_authorize_generic_roles.rb +36 -36
- data/test/test_cbac_context_role.rb +50 -50
- data/test/test_cbac_privilege.rb +151 -151
- data/test/test_cbac_privilege_set.rb +50 -50
- data/test/test_helper.rb +28 -28
- metadata +14 -15
- data/nbproject/private/private.properties +0 -3
- data/nbproject/private/private.xml +0 -4
- data/nbproject/private/rake-d.txt +0 -0
- data/nbproject/project.properties +0 -9
- data/nbproject/project.xml +0 -16
@@ -1,2 +1,2 @@
|
|
1
|
-
0:+:PrivilegeSet(login) ContextRole(everybody)
|
2
|
-
1:+:PrivilegeSet(cbac_administration) Admin()
|
1
|
+
0:+:PrivilegeSet(login) ContextRole(everybody)
|
2
|
+
1:+:PrivilegeSet(cbac_administration) Admin()
|
@@ -1,17 +1,17 @@
|
|
1
|
-
### context_roles.rb
|
2
|
-
#
|
3
|
-
# Defines the context roles for the CBAC system
|
4
|
-
#
|
5
|
-
include Cbac
|
6
|
-
puts "Loading context_roles"
|
7
|
-
|
8
|
-
# Defining context roles
|
9
|
-
ContextRole.add :everybody do
|
10
|
-
true
|
11
|
-
end
|
12
|
-
ContextRole.add :not_logged_in_user do |context|
|
13
|
-
context.current_user.nil?
|
14
|
-
end
|
15
|
-
ContextRole.add :logged_in_user do |context|
|
16
|
-
not context.current_user.nil?
|
17
|
-
end
|
1
|
+
### context_roles.rb
|
2
|
+
#
|
3
|
+
# Defines the context roles for the CBAC system
|
4
|
+
#
|
5
|
+
include Cbac
|
6
|
+
puts "Loading context_roles"
|
7
|
+
|
8
|
+
# Defining context roles
|
9
|
+
ContextRole.add :everybody do
|
10
|
+
true
|
11
|
+
end
|
12
|
+
ContextRole.add :not_logged_in_user do |context|
|
13
|
+
context.current_user.nil?
|
14
|
+
end
|
15
|
+
ContextRole.add :logged_in_user do |context|
|
16
|
+
not context.current_user.nil?
|
17
|
+
end
|
@@ -1,25 +1,25 @@
|
|
1
|
-
### Privileges.rb
|
2
|
-
#
|
3
|
-
# Defines the privilegesets and privileges for the CBAC system
|
4
|
-
#
|
5
|
-
include Cbac
|
6
|
-
puts "Loading privilegesets"
|
7
|
-
|
8
|
-
cbac do
|
9
|
-
set :public, "Stuff that is always accessible" do
|
10
|
-
# Insert public conroller/methods here
|
11
|
-
end
|
12
|
-
|
13
|
-
set :cbac_administration, "Allows administration of CBAC modules" do
|
14
|
-
in_module :cbac do
|
15
|
-
get "permissions", :index
|
16
|
-
post "permissions", :create
|
17
|
-
get "memberships", :index
|
18
|
-
post "memberships", :create
|
19
|
-
get "generic_roles", :index
|
20
|
-
post "generic_roles", :update, :create, :delete
|
21
|
-
get "upgrade", :index
|
22
|
-
post "upgrade", :update
|
23
|
-
end
|
24
|
-
end
|
25
|
-
end
|
1
|
+
### Privileges.rb
|
2
|
+
#
|
3
|
+
# Defines the privilegesets and privileges for the CBAC system
|
4
|
+
#
|
5
|
+
include Cbac
|
6
|
+
puts "Loading privilegesets"
|
7
|
+
|
8
|
+
cbac do
|
9
|
+
set :public, "Stuff that is always accessible" do
|
10
|
+
# Insert public conroller/methods here
|
11
|
+
end
|
12
|
+
|
13
|
+
set :cbac_administration, "Allows administration of CBAC modules" do
|
14
|
+
in_module :cbac do
|
15
|
+
get "permissions", :index
|
16
|
+
post "permissions", :create
|
17
|
+
get "memberships", :index
|
18
|
+
post "memberships", :create
|
19
|
+
get "generic_roles", :index
|
20
|
+
post "generic_roles", :update, :create, :delete
|
21
|
+
get "upgrade", :index
|
22
|
+
post "upgrade", :update
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
@@ -1,30 +1,30 @@
|
|
1
|
-
class Cbac::GenericRolesController < ApplicationController
|
2
|
-
# The layout used for all CBAC pages
|
3
|
-
layout "cbac"
|
4
|
-
|
5
|
-
# GET /index
|
6
|
-
# GET /index.xml
|
7
|
-
def index
|
8
|
-
end
|
9
|
-
|
10
|
-
# POST /update
|
11
|
-
def update
|
12
|
-
@role = Cbac::GenericRole.find(params[:id])
|
13
|
-
@role.update_attributes(params[:cbac_generic_role])
|
14
|
-
redirect_to :action => "index"
|
15
|
-
end
|
16
|
-
|
17
|
-
# POST /create
|
18
|
-
def create
|
19
|
-
@role = Cbac::GenericRole.new(params[:cbac_generic_role])
|
20
|
-
@role.save
|
21
|
-
redirect_to :action => "index"
|
22
|
-
end
|
23
|
-
|
24
|
-
# POST /delete
|
25
|
-
def delete
|
26
|
-
@role = Cbac::GenericRole.find(params[:id])
|
27
|
-
@role.delete
|
28
|
-
redirect_to :action => "index"
|
29
|
-
end
|
30
|
-
end
|
1
|
+
class Cbac::GenericRolesController < ApplicationController
|
2
|
+
# The layout used for all CBAC pages
|
3
|
+
layout "cbac"
|
4
|
+
|
5
|
+
# GET /index
|
6
|
+
# GET /index.xml
|
7
|
+
def index
|
8
|
+
end
|
9
|
+
|
10
|
+
# POST /update
|
11
|
+
def update
|
12
|
+
@role = Cbac::GenericRole.find(params[:id])
|
13
|
+
@role.update_attributes(params[:cbac_generic_role])
|
14
|
+
redirect_to :action => "index"
|
15
|
+
end
|
16
|
+
|
17
|
+
# POST /create
|
18
|
+
def create
|
19
|
+
@role = Cbac::GenericRole.new(params[:cbac_generic_role])
|
20
|
+
@role.save
|
21
|
+
redirect_to :action => "index"
|
22
|
+
end
|
23
|
+
|
24
|
+
# POST /delete
|
25
|
+
def delete
|
26
|
+
@role = Cbac::GenericRole.find(params[:id])
|
27
|
+
@role.delete
|
28
|
+
redirect_to :action => "index"
|
29
|
+
end
|
30
|
+
end
|
@@ -1,22 +1,22 @@
|
|
1
|
-
class Cbac::MembershipsController < ApplicationController
|
2
|
-
# The layout used for all CBAC pages
|
3
|
-
layout "cbac"
|
4
|
-
|
5
|
-
# GET /index
|
6
|
-
# GET /index.xml
|
7
|
-
def index
|
8
|
-
@generic_roles = Cbac::GenericRole.find(:all)
|
9
|
-
@users = User.find(:all)
|
10
|
-
end
|
11
|
-
|
12
|
-
# POST /update
|
13
|
-
def update
|
14
|
-
Cbac::Membership.find(:all, :conditions => ["generic_role_id = ? AND user_id = ?", params[:generic_role_id], params[:user_id]]).each{|p|p.delete}
|
15
|
-
if params[:member].to_s == "1"
|
16
|
-
Cbac::Membership.create(:generic_role_id => params[:generic_role_id], :user_id => params[:user_id])
|
17
|
-
end
|
18
|
-
role = Cbac::GenericRole.find(params[:generic_role_id])
|
19
|
-
render :partial => "cbac/memberships/update.html", :locals => {:generic_role => role,
|
20
|
-
:user_id => params[:user_id], :update_partial => true}
|
21
|
-
end
|
22
|
-
end
|
1
|
+
class Cbac::MembershipsController < ApplicationController
|
2
|
+
# The layout used for all CBAC pages
|
3
|
+
layout "cbac"
|
4
|
+
|
5
|
+
# GET /index
|
6
|
+
# GET /index.xml
|
7
|
+
def index
|
8
|
+
@generic_roles = Cbac::GenericRole.find(:all)
|
9
|
+
@users = User.find(:all)
|
10
|
+
end
|
11
|
+
|
12
|
+
# POST /update
|
13
|
+
def update
|
14
|
+
Cbac::Membership.find(:all, :conditions => ["generic_role_id = ? AND user_id = ?", params[:generic_role_id], params[:user_id]]).each{|p|p.delete}
|
15
|
+
if params[:member].to_s == "1"
|
16
|
+
Cbac::Membership.create(:generic_role_id => params[:generic_role_id], :user_id => params[:user_id])
|
17
|
+
end
|
18
|
+
role = Cbac::GenericRole.find(params[:generic_role_id])
|
19
|
+
render :partial => "cbac/memberships/update.html", :locals => {:generic_role => role,
|
20
|
+
:user_id => params[:user_id], :update_partial => true}
|
21
|
+
end
|
22
|
+
end
|
@@ -1,61 +1,61 @@
|
|
1
|
-
class Cbac::PermissionsController < ApplicationController
|
2
|
-
# The layout used for all CBAC pages
|
3
|
-
layout "cbac"
|
4
|
-
|
5
|
-
# GET /index GET /index.xml
|
6
|
-
def index
|
7
|
-
if params[:role_substr] and params[:role_substr] != ""
|
8
|
-
@context_roles = []
|
9
|
-
@generic_roles = []
|
10
|
-
|
11
|
-
params[:role_substr].split('|').each do |role_start|
|
12
|
-
@context_roles += (ContextRole.roles.select {|key,value| !key.to_s.match(/^#{role_start}/).nil?}).collect{|key, value| [key, value]}
|
13
|
-
@generic_roles += Cbac::GenericRole.find(:all).select {|role| !role.name.match(/^#{role_start}/).nil? }
|
14
|
-
end
|
15
|
-
else
|
16
|
-
@context_roles = ContextRole.roles
|
17
|
-
@generic_roles = Cbac::GenericRole.all
|
18
|
-
end
|
19
|
-
|
20
|
-
if params[:priv_substr] && params[:priv_substr] != ""
|
21
|
-
@sets = []
|
22
|
-
params[:priv_substr].split('|').each do |priv_start|
|
23
|
-
@sets += PrivilegeSet.sets.select {|key, value| !key.to_s.match(/^#{priv_start}/).nil?}
|
24
|
-
end
|
25
|
-
else
|
26
|
-
@sets = PrivilegeSet.sets
|
27
|
-
end
|
28
|
-
end
|
29
|
-
|
30
|
-
def update
|
31
|
-
unless params[:context_role].nil?
|
32
|
-
update_context_role
|
33
|
-
return
|
34
|
-
end
|
35
|
-
unless params[:generic_role_id].nil?
|
36
|
-
update_generic_role
|
37
|
-
end
|
38
|
-
end
|
39
|
-
|
40
|
-
private
|
41
|
-
|
42
|
-
# POST /update
|
43
|
-
def update_context_role
|
44
|
-
Cbac::Permission.find(:all, :conditions => ["context_role = ? AND privilege_set_id = ?", params[:context_role], params[:privilege_set_id]]).each{|p|p.delete}
|
45
|
-
if params[:permission].to_s == "1"
|
46
|
-
Cbac::Permission.create(:context_role => params[:context_role], :privilege_set_id => params[:privilege_set_id])
|
47
|
-
end
|
48
|
-
render :partial => "cbac/permissions/update_context_role.html", :locals => {:context_role => params[:context_role],
|
49
|
-
:set_id => params[:privilege_set_id], :update_partial => true}
|
50
|
-
end
|
51
|
-
|
52
|
-
def update_generic_role
|
53
|
-
Cbac::Permission.find(:all, :conditions => ["generic_role_id = ? AND privilege_set_id = ?", params[:generic_role_id], params[:privilege_set_id]]).each{|p|p.delete}
|
54
|
-
if params[:permission].to_s == "1"
|
55
|
-
Cbac::Permission.create(:generic_role_id => params[:generic_role_id], :privilege_set_id => params[:privilege_set_id])
|
56
|
-
end
|
57
|
-
role = Cbac::GenericRole.find(params[:generic_role_id])
|
58
|
-
render :partial => "cbac/permissions/update_generic_role.html", :locals => {:role =>role,
|
59
|
-
:set_id => params[:privilege_set_id], :update_partial => true}
|
60
|
-
end
|
61
|
-
end
|
1
|
+
class Cbac::PermissionsController < ApplicationController
|
2
|
+
# The layout used for all CBAC pages
|
3
|
+
layout "cbac"
|
4
|
+
|
5
|
+
# GET /index GET /index.xml
|
6
|
+
def index
|
7
|
+
if params[:role_substr] and params[:role_substr] != ""
|
8
|
+
@context_roles = []
|
9
|
+
@generic_roles = []
|
10
|
+
|
11
|
+
params[:role_substr].split('|').each do |role_start|
|
12
|
+
@context_roles += (ContextRole.roles.select {|key,value| !key.to_s.match(/^#{role_start}/).nil?}).collect{|key, value| [key, value]}
|
13
|
+
@generic_roles += Cbac::GenericRole.find(:all).select {|role| !role.name.match(/^#{role_start}/).nil? }
|
14
|
+
end
|
15
|
+
else
|
16
|
+
@context_roles = ContextRole.roles
|
17
|
+
@generic_roles = Cbac::GenericRole.all
|
18
|
+
end
|
19
|
+
|
20
|
+
if params[:priv_substr] && params[:priv_substr] != ""
|
21
|
+
@sets = []
|
22
|
+
params[:priv_substr].split('|').each do |priv_start|
|
23
|
+
@sets += PrivilegeSet.sets.select {|key, value| !key.to_s.match(/^#{priv_start}/).nil?}
|
24
|
+
end
|
25
|
+
else
|
26
|
+
@sets = PrivilegeSet.sets
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
def update
|
31
|
+
unless params[:context_role].nil?
|
32
|
+
update_context_role
|
33
|
+
return
|
34
|
+
end
|
35
|
+
unless params[:generic_role_id].nil?
|
36
|
+
update_generic_role
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
private
|
41
|
+
|
42
|
+
# POST /update
|
43
|
+
def update_context_role
|
44
|
+
Cbac::Permission.find(:all, :conditions => ["context_role = ? AND privilege_set_id = ?", params[:context_role], params[:privilege_set_id]]).each{|p|p.delete}
|
45
|
+
if params[:permission].to_s == "1"
|
46
|
+
Cbac::Permission.create(:context_role => params[:context_role], :privilege_set_id => params[:privilege_set_id])
|
47
|
+
end
|
48
|
+
render :partial => "cbac/permissions/update_context_role.html", :locals => {:context_role => params[:context_role],
|
49
|
+
:set_id => params[:privilege_set_id], :update_partial => true}
|
50
|
+
end
|
51
|
+
|
52
|
+
def update_generic_role
|
53
|
+
Cbac::Permission.find(:all, :conditions => ["generic_role_id = ? AND privilege_set_id = ?", params[:generic_role_id], params[:privilege_set_id]]).each{|p|p.delete}
|
54
|
+
if params[:permission].to_s == "1"
|
55
|
+
Cbac::Permission.create(:generic_role_id => params[:generic_role_id], :privilege_set_id => params[:privilege_set_id])
|
56
|
+
end
|
57
|
+
role = Cbac::GenericRole.find(params[:generic_role_id])
|
58
|
+
render :partial => "cbac/permissions/update_generic_role.html", :locals => {:role =>role,
|
59
|
+
:set_id => params[:privilege_set_id], :update_partial => true}
|
60
|
+
end
|
61
|
+
end
|
@@ -1,24 +1,24 @@
|
|
1
|
-
class Cbac::UpgradeController < ApplicationController
|
2
|
-
|
3
|
-
layout 'cbac'
|
4
|
-
|
5
|
-
def index
|
6
|
-
@permissions = Cbac::CbacPristine::PristinePermission.all
|
7
|
-
end
|
8
|
-
|
9
|
-
def update
|
10
|
-
|
11
|
-
params[:permissions].each do |perm_array|
|
12
|
-
next if perm_array[1][:action] == 'leave'
|
13
|
-
permission = Cbac::CbacPristine::PristinePermission.find(perm_array[1][:id])
|
14
|
-
case perm_array[1][:action]
|
15
|
-
when 'accept'
|
16
|
-
permission.accept
|
17
|
-
when 'reject'
|
18
|
-
permission.reject
|
19
|
-
end
|
20
|
-
end
|
21
|
-
redirect_to :action => :index
|
22
|
-
|
23
|
-
end
|
1
|
+
class Cbac::UpgradeController < ApplicationController
|
2
|
+
|
3
|
+
layout 'cbac'
|
4
|
+
|
5
|
+
def index
|
6
|
+
@permissions = Cbac::CbacPristine::PristinePermission.all
|
7
|
+
end
|
8
|
+
|
9
|
+
def update
|
10
|
+
|
11
|
+
params[:permissions].each do |perm_array|
|
12
|
+
next if perm_array[1][:action] == 'leave'
|
13
|
+
permission = Cbac::CbacPristine::PristinePermission.find(perm_array[1][:id])
|
14
|
+
case perm_array[1][:action]
|
15
|
+
when 'accept'
|
16
|
+
permission.accept
|
17
|
+
when 'reject'
|
18
|
+
permission.reject
|
19
|
+
end
|
20
|
+
end
|
21
|
+
redirect_to :action => :index
|
22
|
+
|
23
|
+
end
|
24
24
|
end
|
@@ -1,9 +1,9 @@
|
|
1
|
-
###
|
2
|
-
# Context
|
3
|
-
## YAML template for the generic roles
|
4
|
-
|
5
|
-
one:
|
6
|
-
id: 1
|
7
|
-
name: administrator
|
8
|
-
remarks: Administrators role. Grants full access to the entire system.
|
9
|
-
|
1
|
+
###
|
2
|
+
# Context
|
3
|
+
## YAML template for the generic roles
|
4
|
+
|
5
|
+
one:
|
6
|
+
id: 1
|
7
|
+
name: administrator
|
8
|
+
remarks: Administrators role. Grants full access to the entire system.
|
9
|
+
|
@@ -1,8 +1,8 @@
|
|
1
|
-
###
|
2
|
-
# Context
|
3
|
-
## YAML template for the memberships
|
4
|
-
|
5
|
-
# Making the first user member of the administrator group
|
6
|
-
one:
|
7
|
-
user_id: 1
|
8
|
-
generic_role_id: 1
|
1
|
+
###
|
2
|
+
# Context
|
3
|
+
## YAML template for the memberships
|
4
|
+
|
5
|
+
# Making the first user member of the administrator group
|
6
|
+
one:
|
7
|
+
user_id: 1
|
8
|
+
generic_role_id: 1
|
@@ -1,8 +1,8 @@
|
|
1
|
-
###
|
2
|
-
# Context
|
3
|
-
## YAML template for the permissions
|
4
|
-
<% PrivilegeSet.sets.each do |set| %>
|
5
|
-
fix_<%= set.id %>:
|
6
|
-
generic_role_id: 1
|
7
|
-
privilege_set_id: <%= set.id %>
|
8
|
-
<% end %>
|
1
|
+
###
|
2
|
+
# Context
|
3
|
+
## YAML template for the permissions
|
4
|
+
<% PrivilegeSet.sets.each do |set| %>
|
5
|
+
fix_<%= set.id %>:
|
6
|
+
generic_role_id: 1
|
7
|
+
privilege_set_id: <%= set.id %>
|
8
|
+
<% end %>
|
@@ -1,4 +1,4 @@
|
|
1
|
-
puts "Initializing CBAC..."
|
2
|
-
include Cbac
|
3
|
-
Cbac::cbac_boot!
|
4
|
-
puts "CBAC initialized"
|
1
|
+
puts "Initializing CBAC..."
|
2
|
+
include Cbac
|
3
|
+
Cbac::cbac_boot!
|
4
|
+
puts "CBAC initialized"
|
@@ -1,59 +1,59 @@
|
|
1
|
-
class CreateCbacFromScratch < ActiveRecord::Migration
|
2
|
-
def self.up
|
3
|
-
create_table :cbac_permissions do |t|
|
4
|
-
t.integer :generic_role_id, :default => 0
|
5
|
-
t.string :context_role
|
6
|
-
t.integer :privilege_set_id
|
7
|
-
t.timestamps
|
8
|
-
end
|
9
|
-
|
10
|
-
create_table :cbac_generic_roles do |t|
|
11
|
-
t.string :name
|
12
|
-
t.text :remarks
|
13
|
-
t.timestamps
|
14
|
-
end
|
15
|
-
|
16
|
-
create_table :cbac_memberships do |t|
|
17
|
-
t.integer :user_id
|
18
|
-
t.integer :generic_role_id
|
19
|
-
t.timestamps
|
20
|
-
end
|
21
|
-
|
22
|
-
create_table :cbac_privilege_set do |t|
|
23
|
-
t.string :name
|
24
|
-
t.string :comment
|
25
|
-
t.timestamps
|
26
|
-
end
|
27
|
-
|
28
|
-
create_table :cbac_staged_permissions do |t|
|
29
|
-
t.integer :pristine_role_id
|
30
|
-
t.string :privilege_set_name
|
31
|
-
t.integer :line_number
|
32
|
-
t.string :comment
|
33
|
-
t.text :operation, :limit => 2
|
34
|
-
t.timestamps
|
35
|
-
end
|
36
|
-
|
37
|
-
create_table :cbac_staged_roles do |t|
|
38
|
-
t.string :role_type
|
39
|
-
t.string :name
|
40
|
-
t.integer :role_id
|
41
|
-
t.timestamps
|
42
|
-
end
|
43
|
-
|
44
|
-
create_table :cbac_known_permissions do |t|
|
45
|
-
t.integer :permission_number, :null => :no
|
46
|
-
t.integer :permission_type, :default => 0
|
47
|
-
end
|
48
|
-
end
|
49
|
-
|
50
|
-
def self.down
|
51
|
-
drop_table :cbac_permissions
|
52
|
-
drop_table :cbac_generic_roles
|
53
|
-
drop_table :cbac_memberships
|
54
|
-
drop_table :cbac_privilege_set
|
55
|
-
drop_table :cbac_staged_permissions
|
56
|
-
drop_table :cbac_staged_roles
|
57
|
-
drop_table :cbac_known_permission
|
58
|
-
end
|
59
|
-
end
|
1
|
+
class CreateCbacFromScratch < ActiveRecord::Migration
|
2
|
+
def self.up
|
3
|
+
create_table :cbac_permissions do |t|
|
4
|
+
t.integer :generic_role_id, :default => 0
|
5
|
+
t.string :context_role
|
6
|
+
t.integer :privilege_set_id
|
7
|
+
t.timestamps
|
8
|
+
end
|
9
|
+
|
10
|
+
create_table :cbac_generic_roles do |t|
|
11
|
+
t.string :name
|
12
|
+
t.text :remarks
|
13
|
+
t.timestamps
|
14
|
+
end
|
15
|
+
|
16
|
+
create_table :cbac_memberships do |t|
|
17
|
+
t.integer :user_id
|
18
|
+
t.integer :generic_role_id
|
19
|
+
t.timestamps
|
20
|
+
end
|
21
|
+
|
22
|
+
create_table :cbac_privilege_set do |t|
|
23
|
+
t.string :name
|
24
|
+
t.string :comment
|
25
|
+
t.timestamps
|
26
|
+
end
|
27
|
+
|
28
|
+
create_table :cbac_staged_permissions do |t|
|
29
|
+
t.integer :pristine_role_id
|
30
|
+
t.string :privilege_set_name
|
31
|
+
t.integer :line_number
|
32
|
+
t.string :comment
|
33
|
+
t.text :operation, :limit => 2
|
34
|
+
t.timestamps
|
35
|
+
end
|
36
|
+
|
37
|
+
create_table :cbac_staged_roles do |t|
|
38
|
+
t.string :role_type
|
39
|
+
t.string :name
|
40
|
+
t.integer :role_id
|
41
|
+
t.timestamps
|
42
|
+
end
|
43
|
+
|
44
|
+
create_table :cbac_known_permissions do |t|
|
45
|
+
t.integer :permission_number, :null => :no
|
46
|
+
t.integer :permission_type, :default => 0
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
def self.down
|
51
|
+
drop_table :cbac_permissions
|
52
|
+
drop_table :cbac_generic_roles
|
53
|
+
drop_table :cbac_memberships
|
54
|
+
drop_table :cbac_privilege_set
|
55
|
+
drop_table :cbac_staged_permissions
|
56
|
+
drop_table :cbac_staged_roles
|
57
|
+
drop_table :cbac_known_permission
|
58
|
+
end
|
59
|
+
end
|