cbac 0.6.2 → 0.6.3
Sign up to get free protection for your applications and to get access to all the features.
- data/Manifest +71 -70
- data/README.rdoc +51 -51
- data/Rakefile +39 -39
- data/cbac.gemspec +30 -30
- data/config/cbac/context_roles.rb +21 -21
- data/config/cbac/privileges.rb +50 -50
- data/context_roles.rb +21 -21
- data/init.rb +3 -3
- data/lib/cbac.rb +132 -132
- data/lib/cbac/cbac_pristine/pristine.rb +138 -138
- data/lib/cbac/cbac_pristine/pristine_file.rb +179 -173
- data/lib/cbac/cbac_pristine/pristine_permission.rb +205 -205
- data/lib/cbac/cbac_pristine/pristine_role.rb +43 -42
- data/lib/cbac/config.rb +9 -9
- data/lib/cbac/context_role.rb +27 -27
- data/lib/cbac/generic_role.rb +7 -6
- data/lib/cbac/known_permission.rb +15 -14
- data/lib/cbac/membership.rb +3 -3
- data/lib/cbac/permission.rb +5 -5
- data/lib/cbac/privilege.rb +117 -117
- data/lib/cbac/privilege_new_api.rb +56 -56
- data/lib/cbac/privilege_set.rb +29 -29
- data/lib/cbac/privilege_set_record.rb +6 -6
- data/lib/cbac/setup.rb +37 -37
- data/lib/generators/cbac/USAGE +33 -33
- data/lib/generators/cbac/cbac_generator.rb +75 -75
- data/lib/generators/cbac/copy_files/config/cbac.pristine +2 -2
- data/lib/generators/cbac/copy_files/config/context_roles.rb +17 -17
- data/lib/generators/cbac/copy_files/config/privileges.rb +25 -25
- data/lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb +30 -30
- data/lib/generators/cbac/copy_files/controllers/memberships_controller.rb +22 -22
- data/lib/generators/cbac/copy_files/controllers/permissions_controller.rb +61 -61
- data/lib/generators/cbac/copy_files/controllers/upgrade_controller.rb +23 -23
- data/lib/generators/cbac/copy_files/fixtures/cbac_generic_roles.yml +9 -9
- data/lib/generators/cbac/copy_files/fixtures/cbac_memberships.yml +8 -8
- data/lib/generators/cbac/copy_files/fixtures/cbac_permissions.yml +8 -8
- data/lib/generators/cbac/copy_files/initializers/cbac_config.rb +4 -4
- data/lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb +59 -59
- data/lib/generators/cbac/copy_files/migrate/create_cbac_upgrade_path.rb +40 -40
- data/lib/generators/cbac/copy_files/stylesheets/cbac.css +65 -65
- data/lib/generators/cbac/copy_files/tasks/cbac.rake +345 -345
- data/lib/generators/cbac/copy_files/views/generic_roles/index.html.erb +58 -58
- data/lib/generators/cbac/copy_files/views/layouts/cbac.html.erb +18 -18
- data/lib/generators/cbac/copy_files/views/memberships/_update.html.erb +11 -11
- data/lib/generators/cbac/copy_files/views/memberships/index.html.erb +23 -23
- data/lib/generators/cbac/copy_files/views/permissions/_update_context_role.html.erb +11 -11
- data/lib/generators/cbac/copy_files/views/permissions/_update_generic_role.html.erb +11 -11
- data/lib/generators/cbac/copy_files/views/permissions/index.html.erb +39 -39
- data/lib/generators/cbac/copy_files/views/upgrade/index.html.erb +31 -31
- data/migrations/20110211105533_add_pristine_files_to_cbac_upgrade_path.rb +16 -16
- data/privileges.rb +50 -50
- data/spec/cbac_pristine_file_spec.rb +329 -329
- data/spec/cbac_pristine_permission_spec.rb +358 -358
- data/spec/cbac_pristine_role_spec.rb +85 -85
- data/spec/rcov.opts +1 -1
- data/spec/spec.opts +4 -4
- data/spec/spec_helper.rb +11 -11
- data/tasks/cbac.rake +345 -345
- data/test/db/test.sqlite3 +0 -0
- data/test/fixtures/cbac_generic_roles.yml +9 -9
- data/test/fixtures/cbac_memberships.yml +8 -8
- data/test/fixtures/cbac_permissions.yml +14 -14
- data/test/fixtures/cbac_privilege_set.yml +18 -18
- data/test/test_cbac_actions.rb +71 -71
- data/test/test_cbac_authorize_context_roles.rb +39 -39
- data/test/test_cbac_authorize_generic_roles.rb +36 -36
- data/test/test_cbac_context_role.rb +50 -50
- data/test/test_cbac_privilege.rb +151 -151
- data/test/test_cbac_privilege_set.rb +50 -50
- data/test/test_helper.rb +28 -28
- metadata +33 -49
@@ -1,2 +1,2 @@
|
|
1
|
-
0:+:PrivilegeSet(login) ContextRole(everybody)
|
2
|
-
1:+:PrivilegeSet(cbac_administration) Admin()
|
1
|
+
0:+:PrivilegeSet(login) ContextRole(everybody)
|
2
|
+
1:+:PrivilegeSet(cbac_administration) Admin()
|
@@ -1,17 +1,17 @@
|
|
1
|
-
### context_roles.rb
|
2
|
-
#
|
3
|
-
# Defines the context roles for the CBAC system
|
4
|
-
#
|
5
|
-
include Cbac
|
6
|
-
puts "Loading context_roles"
|
7
|
-
|
8
|
-
# Defining context roles
|
9
|
-
ContextRole.add :everybody do
|
10
|
-
true
|
11
|
-
end
|
12
|
-
ContextRole.add :not_logged_in_user do |context|
|
13
|
-
context.current_user.nil?
|
14
|
-
end
|
15
|
-
ContextRole.add :logged_in_user do |context|
|
16
|
-
not context.current_user.nil?
|
17
|
-
end
|
1
|
+
### context_roles.rb
|
2
|
+
#
|
3
|
+
# Defines the context roles for the CBAC system
|
4
|
+
#
|
5
|
+
include Cbac
|
6
|
+
puts "Loading context_roles"
|
7
|
+
|
8
|
+
# Defining context roles
|
9
|
+
ContextRole.add :everybody do
|
10
|
+
true
|
11
|
+
end
|
12
|
+
ContextRole.add :not_logged_in_user do |context|
|
13
|
+
context.current_user.nil?
|
14
|
+
end
|
15
|
+
ContextRole.add :logged_in_user do |context|
|
16
|
+
not context.current_user.nil?
|
17
|
+
end
|
@@ -1,25 +1,25 @@
|
|
1
|
-
### Privileges.rb
|
2
|
-
#
|
3
|
-
# Defines the privilegesets and privileges for the CBAC system
|
4
|
-
#
|
5
|
-
include Cbac
|
6
|
-
puts "Loading privilegesets"
|
7
|
-
|
8
|
-
cbac do
|
9
|
-
set :public, "Stuff that is always accessible" do
|
10
|
-
# Insert public conroller/methods here
|
11
|
-
end
|
12
|
-
|
13
|
-
set :cbac_administration, "Allows administration of CBAC modules" do
|
14
|
-
in_module :cbac do
|
15
|
-
get "permissions", :index
|
16
|
-
post "permissions", :create
|
17
|
-
get "memberships", :index
|
18
|
-
post "memberships", :create
|
19
|
-
get "generic_roles", :index
|
20
|
-
post "generic_roles", :update, :create, :delete
|
21
|
-
get "upgrade", :index
|
22
|
-
post "upgrade", :update
|
23
|
-
end
|
24
|
-
end
|
25
|
-
end
|
1
|
+
### Privileges.rb
|
2
|
+
#
|
3
|
+
# Defines the privilegesets and privileges for the CBAC system
|
4
|
+
#
|
5
|
+
include Cbac
|
6
|
+
puts "Loading privilegesets"
|
7
|
+
|
8
|
+
cbac do
|
9
|
+
set :public, "Stuff that is always accessible" do
|
10
|
+
# Insert public conroller/methods here
|
11
|
+
end
|
12
|
+
|
13
|
+
set :cbac_administration, "Allows administration of CBAC modules" do
|
14
|
+
in_module :cbac do
|
15
|
+
get "permissions", :index
|
16
|
+
post "permissions", :create
|
17
|
+
get "memberships", :index
|
18
|
+
post "memberships", :create
|
19
|
+
get "generic_roles", :index
|
20
|
+
post "generic_roles", :update, :create, :delete
|
21
|
+
get "upgrade", :index
|
22
|
+
post "upgrade", :update
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
@@ -1,30 +1,30 @@
|
|
1
|
-
class Cbac::GenericRolesController < ApplicationController
|
2
|
-
# The layout used for all CBAC pages
|
3
|
-
layout "cbac"
|
4
|
-
|
5
|
-
# GET /index
|
6
|
-
# GET /index.xml
|
7
|
-
def index
|
8
|
-
end
|
9
|
-
|
10
|
-
# POST /update
|
11
|
-
def update
|
12
|
-
@role = Cbac::GenericRole.find(params[:id])
|
13
|
-
@role.update_attributes(params[:cbac_generic_role])
|
14
|
-
redirect_to :action => "index"
|
15
|
-
end
|
16
|
-
|
17
|
-
# POST /create
|
18
|
-
def create
|
19
|
-
@role = Cbac::GenericRole.new(params[:cbac_generic_role])
|
20
|
-
@role.save
|
21
|
-
redirect_to :action => "index"
|
22
|
-
end
|
23
|
-
|
24
|
-
# POST /delete
|
25
|
-
def delete
|
26
|
-
@role = Cbac::GenericRole.find(params[:id])
|
27
|
-
@role.delete
|
28
|
-
redirect_to :action => "index"
|
29
|
-
end
|
30
|
-
end
|
1
|
+
class Cbac::GenericRolesController < ApplicationController
|
2
|
+
# The layout used for all CBAC pages
|
3
|
+
layout "cbac"
|
4
|
+
|
5
|
+
# GET /index
|
6
|
+
# GET /index.xml
|
7
|
+
def index
|
8
|
+
end
|
9
|
+
|
10
|
+
# POST /update
|
11
|
+
def update
|
12
|
+
@role = Cbac::GenericRole.find(params[:id])
|
13
|
+
@role.update_attributes(params[:cbac_generic_role])
|
14
|
+
redirect_to :action => "index"
|
15
|
+
end
|
16
|
+
|
17
|
+
# POST /create
|
18
|
+
def create
|
19
|
+
@role = Cbac::GenericRole.new(params[:cbac_generic_role])
|
20
|
+
@role.save
|
21
|
+
redirect_to :action => "index"
|
22
|
+
end
|
23
|
+
|
24
|
+
# POST /delete
|
25
|
+
def delete
|
26
|
+
@role = Cbac::GenericRole.find(params[:id])
|
27
|
+
@role.delete
|
28
|
+
redirect_to :action => "index"
|
29
|
+
end
|
30
|
+
end
|
@@ -1,22 +1,22 @@
|
|
1
|
-
class Cbac::MembershipsController < ApplicationController
|
2
|
-
# The layout used for all CBAC pages
|
3
|
-
layout "cbac"
|
4
|
-
|
5
|
-
# GET /index
|
6
|
-
# GET /index.xml
|
7
|
-
def index
|
8
|
-
@generic_roles = Cbac::GenericRole.find(:all)
|
9
|
-
@users = User.find(:all)
|
10
|
-
end
|
11
|
-
|
12
|
-
# POST /update
|
13
|
-
def update
|
14
|
-
Cbac::Membership.find(:all, :conditions => ["generic_role_id = ? AND user_id = ?", params[:generic_role_id], params[:user_id]]).each{|p|p.delete}
|
15
|
-
if params[:member].to_s == "1"
|
16
|
-
Cbac::Membership.create(:generic_role_id => params[:generic_role_id], :user_id => params[:user_id])
|
17
|
-
end
|
18
|
-
role = Cbac::GenericRole.find(params[:generic_role_id])
|
19
|
-
render :partial => "cbac/memberships/update.html", :locals => {:generic_role => role,
|
20
|
-
:user_id => params[:user_id], :update_partial => true}
|
21
|
-
end
|
22
|
-
end
|
1
|
+
class Cbac::MembershipsController < ApplicationController
|
2
|
+
# The layout used for all CBAC pages
|
3
|
+
layout "cbac"
|
4
|
+
|
5
|
+
# GET /index
|
6
|
+
# GET /index.xml
|
7
|
+
def index
|
8
|
+
@generic_roles = Cbac::GenericRole.find(:all)
|
9
|
+
@users = User.find(:all)
|
10
|
+
end
|
11
|
+
|
12
|
+
# POST /update
|
13
|
+
def update
|
14
|
+
Cbac::Membership.find(:all, :conditions => ["generic_role_id = ? AND user_id = ?", params[:generic_role_id], params[:user_id]]).each{|p|p.delete}
|
15
|
+
if params[:member].to_s == "1"
|
16
|
+
Cbac::Membership.create(:generic_role_id => params[:generic_role_id], :user_id => params[:user_id])
|
17
|
+
end
|
18
|
+
role = Cbac::GenericRole.find(params[:generic_role_id])
|
19
|
+
render :partial => "cbac/memberships/update.html", :locals => {:generic_role => role,
|
20
|
+
:user_id => params[:user_id], :update_partial => true}
|
21
|
+
end
|
22
|
+
end
|
@@ -1,61 +1,61 @@
|
|
1
|
-
class Cbac::PermissionsController < ApplicationController
|
2
|
-
# The layout used for all CBAC pages
|
3
|
-
layout "cbac"
|
4
|
-
|
5
|
-
# GET /index GET /index.xml
|
6
|
-
def index
|
7
|
-
if params[:role_substr] and params[:role_substr] != ""
|
8
|
-
@context_roles = []
|
9
|
-
@generic_roles = []
|
10
|
-
|
11
|
-
params[:role_substr].split('|').each do |role_start|
|
12
|
-
@context_roles += (ContextRole.roles.select {|key,value| !key.to_s.match(/^#{role_start}/).nil?}).collect{|key, value| [key, value]}
|
13
|
-
@generic_roles += Cbac::GenericRole.find(:all).select {|role| !role.name.match(/^#{role_start}/).nil? }
|
14
|
-
end
|
15
|
-
else
|
16
|
-
@context_roles = ContextRole.roles
|
17
|
-
@generic_roles = Cbac::GenericRole.all
|
18
|
-
end
|
19
|
-
|
20
|
-
if params[:priv_substr] && params[:priv_substr] != ""
|
21
|
-
@sets = []
|
22
|
-
params[:priv_substr].split('|').each do |priv_start|
|
23
|
-
@sets += PrivilegeSet.sets.select {|key, value| !key.to_s.match(/^#{priv_start}/).nil?}
|
24
|
-
end
|
25
|
-
else
|
26
|
-
@sets = PrivilegeSet.sets
|
27
|
-
end
|
28
|
-
end
|
29
|
-
|
30
|
-
def update
|
31
|
-
unless params[:context_role].nil?
|
32
|
-
update_context_role
|
33
|
-
return
|
34
|
-
end
|
35
|
-
unless params[:generic_role_id].nil?
|
36
|
-
update_generic_role
|
37
|
-
end
|
38
|
-
end
|
39
|
-
|
40
|
-
private
|
41
|
-
|
42
|
-
# POST /update
|
43
|
-
def update_context_role
|
44
|
-
Cbac::Permission.find(:all, :conditions => ["context_role = ? AND privilege_set_id = ?", params[:context_role], params[:privilege_set_id]]).each{|p|p.delete}
|
45
|
-
if params[:permission].to_s == "1"
|
46
|
-
Cbac::Permission.create(:context_role => params[:context_role], :privilege_set_id => params[:privilege_set_id])
|
47
|
-
end
|
48
|
-
render :partial => "cbac/permissions/update_context_role.html", :locals => {:context_role => params[:context_role],
|
49
|
-
:set_id => params[:privilege_set_id], :update_partial => true}
|
50
|
-
end
|
51
|
-
|
52
|
-
def update_generic_role
|
53
|
-
Cbac::Permission.find(:all, :conditions => ["generic_role_id = ? AND privilege_set_id = ?", params[:generic_role_id], params[:privilege_set_id]]).each{|p|p.delete}
|
54
|
-
if params[:permission].to_s == "1"
|
55
|
-
Cbac::Permission.create(:generic_role_id => params[:generic_role_id], :privilege_set_id => params[:privilege_set_id])
|
56
|
-
end
|
57
|
-
role = Cbac::GenericRole.find(params[:generic_role_id])
|
58
|
-
render :partial => "cbac/permissions/update_generic_role.html", :locals => {:role =>role,
|
59
|
-
:set_id => params[:privilege_set_id], :update_partial => true}
|
60
|
-
end
|
61
|
-
end
|
1
|
+
class Cbac::PermissionsController < ApplicationController
|
2
|
+
# The layout used for all CBAC pages
|
3
|
+
layout "cbac"
|
4
|
+
|
5
|
+
# GET /index GET /index.xml
|
6
|
+
def index
|
7
|
+
if params[:role_substr] and params[:role_substr] != ""
|
8
|
+
@context_roles = []
|
9
|
+
@generic_roles = []
|
10
|
+
|
11
|
+
params[:role_substr].split('|').each do |role_start|
|
12
|
+
@context_roles += (ContextRole.roles.select {|key,value| !key.to_s.match(/^#{role_start}/).nil?}).collect{|key, value| [key, value]}
|
13
|
+
@generic_roles += Cbac::GenericRole.find(:all).select {|role| !role.name.match(/^#{role_start}/).nil? }
|
14
|
+
end
|
15
|
+
else
|
16
|
+
@context_roles = ContextRole.roles
|
17
|
+
@generic_roles = Cbac::GenericRole.all
|
18
|
+
end
|
19
|
+
|
20
|
+
if params[:priv_substr] && params[:priv_substr] != ""
|
21
|
+
@sets = []
|
22
|
+
params[:priv_substr].split('|').each do |priv_start|
|
23
|
+
@sets += PrivilegeSet.sets.select {|key, value| !key.to_s.match(/^#{priv_start}/).nil?}
|
24
|
+
end
|
25
|
+
else
|
26
|
+
@sets = PrivilegeSet.sets
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
def update
|
31
|
+
unless params[:context_role].nil?
|
32
|
+
update_context_role
|
33
|
+
return
|
34
|
+
end
|
35
|
+
unless params[:generic_role_id].nil?
|
36
|
+
update_generic_role
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
private
|
41
|
+
|
42
|
+
# POST /update
|
43
|
+
def update_context_role
|
44
|
+
Cbac::Permission.find(:all, :conditions => ["context_role = ? AND privilege_set_id = ?", params[:context_role], params[:privilege_set_id]]).each{|p|p.delete}
|
45
|
+
if params[:permission].to_s == "1"
|
46
|
+
Cbac::Permission.create(:context_role => params[:context_role], :privilege_set_id => params[:privilege_set_id])
|
47
|
+
end
|
48
|
+
render :partial => "cbac/permissions/update_context_role.html", :locals => {:context_role => params[:context_role],
|
49
|
+
:set_id => params[:privilege_set_id], :update_partial => true}
|
50
|
+
end
|
51
|
+
|
52
|
+
def update_generic_role
|
53
|
+
Cbac::Permission.find(:all, :conditions => ["generic_role_id = ? AND privilege_set_id = ?", params[:generic_role_id], params[:privilege_set_id]]).each{|p|p.delete}
|
54
|
+
if params[:permission].to_s == "1"
|
55
|
+
Cbac::Permission.create(:generic_role_id => params[:generic_role_id], :privilege_set_id => params[:privilege_set_id])
|
56
|
+
end
|
57
|
+
role = Cbac::GenericRole.find(params[:generic_role_id])
|
58
|
+
render :partial => "cbac/permissions/update_generic_role.html", :locals => {:role =>role,
|
59
|
+
:set_id => params[:privilege_set_id], :update_partial => true}
|
60
|
+
end
|
61
|
+
end
|
@@ -1,24 +1,24 @@
|
|
1
|
-
class Cbac::UpgradeController < ApplicationController
|
2
|
-
|
3
|
-
layout 'cbac'
|
4
|
-
|
5
|
-
def index
|
6
|
-
@permissions = Cbac::CbacPristine::PristinePermission.all
|
7
|
-
end
|
8
|
-
|
9
|
-
def update
|
10
|
-
|
11
|
-
params[:permissions].each do |perm_array|
|
12
|
-
next if perm_array[1][:action] == 'leave'
|
13
|
-
permission = Cbac::CbacPristine::PristinePermission.find(perm_array[1][:id])
|
14
|
-
case perm_array[1][:action]
|
15
|
-
when 'accept'
|
16
|
-
permission.accept
|
17
|
-
when 'reject'
|
18
|
-
permission.reject
|
19
|
-
end
|
20
|
-
end
|
21
|
-
redirect_to :action => :index
|
22
|
-
|
23
|
-
end
|
1
|
+
class Cbac::UpgradeController < ApplicationController
|
2
|
+
|
3
|
+
layout 'cbac'
|
4
|
+
|
5
|
+
def index
|
6
|
+
@permissions = Cbac::CbacPristine::PristinePermission.all
|
7
|
+
end
|
8
|
+
|
9
|
+
def update
|
10
|
+
|
11
|
+
params[:permissions].each do |perm_array|
|
12
|
+
next if perm_array[1][:action] == 'leave'
|
13
|
+
permission = Cbac::CbacPristine::PristinePermission.find(perm_array[1][:id])
|
14
|
+
case perm_array[1][:action]
|
15
|
+
when 'accept'
|
16
|
+
permission.accept
|
17
|
+
when 'reject'
|
18
|
+
permission.reject
|
19
|
+
end
|
20
|
+
end
|
21
|
+
redirect_to :action => :index
|
22
|
+
|
23
|
+
end
|
24
24
|
end
|
@@ -1,9 +1,9 @@
|
|
1
|
-
###
|
2
|
-
# Context
|
3
|
-
## YAML template for the generic roles
|
4
|
-
|
5
|
-
one:
|
6
|
-
id: 1
|
7
|
-
name: administrator
|
8
|
-
remarks: Administrators role. Grants full access to the entire system.
|
9
|
-
|
1
|
+
###
|
2
|
+
# Context
|
3
|
+
## YAML template for the generic roles
|
4
|
+
|
5
|
+
one:
|
6
|
+
id: 1
|
7
|
+
name: administrator
|
8
|
+
remarks: Administrators role. Grants full access to the entire system.
|
9
|
+
|
@@ -1,8 +1,8 @@
|
|
1
|
-
###
|
2
|
-
# Context
|
3
|
-
## YAML template for the memberships
|
4
|
-
|
5
|
-
# Making the first user member of the administrator group
|
6
|
-
one:
|
7
|
-
user_id: 1
|
8
|
-
generic_role_id: 1
|
1
|
+
###
|
2
|
+
# Context
|
3
|
+
## YAML template for the memberships
|
4
|
+
|
5
|
+
# Making the first user member of the administrator group
|
6
|
+
one:
|
7
|
+
user_id: 1
|
8
|
+
generic_role_id: 1
|
@@ -1,8 +1,8 @@
|
|
1
|
-
###
|
2
|
-
# Context
|
3
|
-
## YAML template for the permissions
|
4
|
-
<% PrivilegeSet.sets.each do |set| %>
|
5
|
-
fix_<%= set.id %>:
|
6
|
-
generic_role_id: 1
|
7
|
-
privilege_set_id: <%= set.id %>
|
8
|
-
<% end %>
|
1
|
+
###
|
2
|
+
# Context
|
3
|
+
## YAML template for the permissions
|
4
|
+
<% PrivilegeSet.sets.each do |set| %>
|
5
|
+
fix_<%= set.id %>:
|
6
|
+
generic_role_id: 1
|
7
|
+
privilege_set_id: <%= set.id %>
|
8
|
+
<% end %>
|
@@ -1,4 +1,4 @@
|
|
1
|
-
puts "Initializing CBAC..."
|
2
|
-
include Cbac
|
3
|
-
Cbac::cbac_boot!
|
4
|
-
puts "CBAC initialized"
|
1
|
+
puts "Initializing CBAC..."
|
2
|
+
include Cbac
|
3
|
+
Cbac::cbac_boot!
|
4
|
+
puts "CBAC initialized"
|
@@ -1,59 +1,59 @@
|
|
1
|
-
class CreateCbacFromScratch < ActiveRecord::Migration
|
2
|
-
def self.up
|
3
|
-
create_table :cbac_permissions do |t|
|
4
|
-
t.integer :generic_role_id, :default => 0
|
5
|
-
t.string :context_role
|
6
|
-
t.integer :privilege_set_id
|
7
|
-
t.timestamps
|
8
|
-
end
|
9
|
-
|
10
|
-
create_table :cbac_generic_roles do |t|
|
11
|
-
t.string :name
|
12
|
-
t.text :remarks
|
13
|
-
t.timestamps
|
14
|
-
end
|
15
|
-
|
16
|
-
create_table :cbac_memberships do |t|
|
17
|
-
t.integer :user_id
|
18
|
-
t.integer :generic_role_id
|
19
|
-
t.timestamps
|
20
|
-
end
|
21
|
-
|
22
|
-
create_table :cbac_privilege_set do |t|
|
23
|
-
t.string :name
|
24
|
-
t.string :comment
|
25
|
-
t.timestamps
|
26
|
-
end
|
27
|
-
|
28
|
-
create_table :cbac_staged_permissions do |t|
|
29
|
-
t.integer :pristine_role_id
|
30
|
-
t.string :privilege_set_name
|
31
|
-
t.integer :line_number
|
32
|
-
t.string :comment
|
33
|
-
t.text :operation, :limit => 2
|
34
|
-
t.timestamps
|
35
|
-
end
|
36
|
-
|
37
|
-
create_table :cbac_staged_roles do |t|
|
38
|
-
t.string :role_type
|
39
|
-
t.string :name
|
40
|
-
t.integer :role_id
|
41
|
-
t.timestamps
|
42
|
-
end
|
43
|
-
|
44
|
-
create_table :cbac_known_permissions do |t|
|
45
|
-
t.integer :permission_number, :null => :no
|
46
|
-
t.integer :permission_type, :default => 0
|
47
|
-
end
|
48
|
-
end
|
49
|
-
|
50
|
-
def self.down
|
51
|
-
drop_table :cbac_permissions
|
52
|
-
drop_table :cbac_generic_roles
|
53
|
-
drop_table :cbac_memberships
|
54
|
-
drop_table :cbac_privilege_set
|
55
|
-
drop_table :cbac_staged_permissions
|
56
|
-
drop_table :cbac_staged_roles
|
57
|
-
drop_table :cbac_known_permission
|
58
|
-
end
|
59
|
-
end
|
1
|
+
class CreateCbacFromScratch < ActiveRecord::Migration
|
2
|
+
def self.up
|
3
|
+
create_table :cbac_permissions do |t|
|
4
|
+
t.integer :generic_role_id, :default => 0
|
5
|
+
t.string :context_role
|
6
|
+
t.integer :privilege_set_id
|
7
|
+
t.timestamps
|
8
|
+
end
|
9
|
+
|
10
|
+
create_table :cbac_generic_roles do |t|
|
11
|
+
t.string :name
|
12
|
+
t.text :remarks
|
13
|
+
t.timestamps
|
14
|
+
end
|
15
|
+
|
16
|
+
create_table :cbac_memberships do |t|
|
17
|
+
t.integer :user_id
|
18
|
+
t.integer :generic_role_id
|
19
|
+
t.timestamps
|
20
|
+
end
|
21
|
+
|
22
|
+
create_table :cbac_privilege_set do |t|
|
23
|
+
t.string :name
|
24
|
+
t.string :comment
|
25
|
+
t.timestamps
|
26
|
+
end
|
27
|
+
|
28
|
+
create_table :cbac_staged_permissions do |t|
|
29
|
+
t.integer :pristine_role_id
|
30
|
+
t.string :privilege_set_name
|
31
|
+
t.integer :line_number
|
32
|
+
t.string :comment
|
33
|
+
t.text :operation, :limit => 2
|
34
|
+
t.timestamps
|
35
|
+
end
|
36
|
+
|
37
|
+
create_table :cbac_staged_roles do |t|
|
38
|
+
t.string :role_type
|
39
|
+
t.string :name
|
40
|
+
t.integer :role_id
|
41
|
+
t.timestamps
|
42
|
+
end
|
43
|
+
|
44
|
+
create_table :cbac_known_permissions do |t|
|
45
|
+
t.integer :permission_number, :null => :no
|
46
|
+
t.integer :permission_type, :default => 0
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
def self.down
|
51
|
+
drop_table :cbac_permissions
|
52
|
+
drop_table :cbac_generic_roles
|
53
|
+
drop_table :cbac_memberships
|
54
|
+
drop_table :cbac_privilege_set
|
55
|
+
drop_table :cbac_staged_permissions
|
56
|
+
drop_table :cbac_staged_roles
|
57
|
+
drop_table :cbac_known_permission
|
58
|
+
end
|
59
|
+
end
|