cbac 0.6.3 → 0.6.4
Sign up to get free protection for your applications and to get access to all the features.
- data/Manifest +71 -71
- data/README.rdoc +51 -51
- data/Rakefile +39 -39
- data/cbac.gemspec +30 -30
- data/config/cbac/context_roles.rb +21 -21
- data/config/cbac/privileges.rb +50 -50
- data/context_roles.rb +21 -21
- data/init.rb +3 -3
- data/lib/cbac.rb +132 -132
- data/lib/cbac/cbac_pristine/pristine.rb +138 -138
- data/lib/cbac/cbac_pristine/pristine_file.rb +179 -179
- data/lib/cbac/cbac_pristine/pristine_permission.rb +205 -205
- data/lib/cbac/cbac_pristine/pristine_role.rb +43 -43
- data/lib/cbac/config.rb +9 -9
- data/lib/cbac/context_role.rb +27 -27
- data/lib/cbac/generic_role.rb +7 -7
- data/lib/cbac/known_permission.rb +15 -15
- data/lib/cbac/membership.rb +3 -3
- data/lib/cbac/permission.rb +5 -5
- data/lib/cbac/privilege.rb +117 -117
- data/lib/cbac/privilege_new_api.rb +56 -56
- data/lib/cbac/privilege_set.rb +29 -29
- data/lib/cbac/privilege_set_record.rb +6 -6
- data/lib/cbac/setup.rb +37 -37
- data/lib/generators/cbac/USAGE +33 -33
- data/lib/generators/cbac/cbac_generator.rb +75 -75
- data/lib/generators/cbac/copy_files/config/cbac.pristine +2 -2
- data/lib/generators/cbac/copy_files/config/context_roles.rb +17 -17
- data/lib/generators/cbac/copy_files/config/privileges.rb +25 -25
- data/lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb +30 -30
- data/lib/generators/cbac/copy_files/controllers/memberships_controller.rb +22 -22
- data/lib/generators/cbac/copy_files/controllers/permissions_controller.rb +61 -61
- data/lib/generators/cbac/copy_files/controllers/upgrade_controller.rb +23 -23
- data/lib/generators/cbac/copy_files/fixtures/cbac_generic_roles.yml +9 -9
- data/lib/generators/cbac/copy_files/fixtures/cbac_memberships.yml +8 -8
- data/lib/generators/cbac/copy_files/fixtures/cbac_permissions.yml +8 -8
- data/lib/generators/cbac/copy_files/initializers/cbac_config.rb +4 -4
- data/lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb +59 -59
- data/lib/generators/cbac/copy_files/migrate/create_cbac_upgrade_path.rb +40 -40
- data/lib/generators/cbac/copy_files/stylesheets/cbac.css +65 -65
- data/lib/generators/cbac/copy_files/tasks/cbac.rake +345 -345
- data/lib/generators/cbac/copy_files/views/generic_roles/index.html.erb +58 -58
- data/lib/generators/cbac/copy_files/views/layouts/cbac.html.erb +18 -18
- data/lib/generators/cbac/copy_files/views/memberships/_update.html.erb +11 -11
- data/lib/generators/cbac/copy_files/views/memberships/index.html.erb +23 -23
- data/lib/generators/cbac/copy_files/views/permissions/_update_context_role.html.erb +11 -11
- data/lib/generators/cbac/copy_files/views/permissions/_update_generic_role.html.erb +11 -11
- data/lib/generators/cbac/copy_files/views/permissions/index.html.erb +39 -39
- data/lib/generators/cbac/copy_files/views/upgrade/index.html.erb +31 -31
- data/migrations/20110211105533_add_pristine_files_to_cbac_upgrade_path.rb +16 -16
- data/privileges.rb +50 -50
- data/spec/cbac_pristine_file_spec.rb +329 -329
- data/spec/cbac_pristine_permission_spec.rb +358 -358
- data/spec/cbac_pristine_role_spec.rb +85 -85
- data/spec/rcov.opts +1 -1
- data/spec/spec.opts +4 -4
- data/spec/spec_helper.rb +11 -11
- data/tasks/cbac.rake +345 -345
- data/test/db/test.sqlite3 +0 -0
- data/test/fixtures/cbac_generic_roles.yml +9 -9
- data/test/fixtures/cbac_memberships.yml +8 -8
- data/test/fixtures/cbac_permissions.yml +14 -14
- data/test/fixtures/cbac_privilege_set.yml +18 -18
- data/test/test_cbac_actions.rb +71 -71
- data/test/test_cbac_authorize_context_roles.rb +39 -39
- data/test/test_cbac_authorize_generic_roles.rb +36 -36
- data/test/test_cbac_context_role.rb +50 -50
- data/test/test_cbac_privilege.rb +151 -151
- data/test/test_cbac_privilege_set.rb +50 -50
- data/test/test_helper.rb +28 -28
- metadata +11 -13
data/Manifest
CHANGED
@@ -1,71 +1,71 @@
|
|
1
|
-
Manifest
|
2
|
-
README.rdoc
|
3
|
-
Rakefile
|
4
|
-
cbac.gemspec
|
5
|
-
config/cbac/context_roles.rb
|
6
|
-
config/cbac/privileges.rb
|
7
|
-
context_roles.rb
|
8
|
-
init.rb
|
9
|
-
lib/cbac.rb
|
10
|
-
lib/cbac/cbac_pristine/pristine.rb
|
11
|
-
lib/cbac/cbac_pristine/pristine_file.rb
|
12
|
-
lib/cbac/cbac_pristine/pristine_permission.rb
|
13
|
-
lib/cbac/cbac_pristine/pristine_role.rb
|
14
|
-
lib/cbac/config.rb
|
15
|
-
lib/cbac/context_role.rb
|
16
|
-
lib/cbac/generic_role.rb
|
17
|
-
lib/cbac/known_permission.rb
|
18
|
-
lib/cbac/membership.rb
|
19
|
-
lib/cbac/permission.rb
|
20
|
-
lib/cbac/privilege.rb
|
21
|
-
lib/cbac/privilege_new_api.rb
|
22
|
-
lib/cbac/privilege_set.rb
|
23
|
-
lib/cbac/privilege_set_record.rb
|
24
|
-
lib/cbac/setup.rb
|
25
|
-
lib/generators/cbac/USAGE
|
26
|
-
lib/generators/cbac/cbac_generator.rb
|
27
|
-
lib/generators/cbac/copy_files/config/cbac.pristine
|
28
|
-
lib/generators/cbac/copy_files/config/context_roles.rb
|
29
|
-
lib/generators/cbac/copy_files/config/privileges.rb
|
30
|
-
lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb
|
31
|
-
lib/generators/cbac/copy_files/controllers/memberships_controller.rb
|
32
|
-
lib/generators/cbac/copy_files/controllers/permissions_controller.rb
|
33
|
-
lib/generators/cbac/copy_files/controllers/upgrade_controller.rb
|
34
|
-
lib/generators/cbac/copy_files/fixtures/cbac_generic_roles.yml
|
35
|
-
lib/generators/cbac/copy_files/fixtures/cbac_memberships.yml
|
36
|
-
lib/generators/cbac/copy_files/fixtures/cbac_permissions.yml
|
37
|
-
lib/generators/cbac/copy_files/initializers/cbac_config.rb
|
38
|
-
lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb
|
39
|
-
lib/generators/cbac/copy_files/migrate/create_cbac_upgrade_path.rb
|
40
|
-
lib/generators/cbac/copy_files/stylesheets/cbac.css
|
41
|
-
lib/generators/cbac/copy_files/tasks/cbac.rake
|
42
|
-
lib/generators/cbac/copy_files/views/generic_roles/index.html.erb
|
43
|
-
lib/generators/cbac/copy_files/views/layouts/cbac.html.erb
|
44
|
-
lib/generators/cbac/copy_files/views/memberships/_update.html.erb
|
45
|
-
lib/generators/cbac/copy_files/views/memberships/index.html.erb
|
46
|
-
lib/generators/cbac/copy_files/views/permissions/_update_context_role.html.erb
|
47
|
-
lib/generators/cbac/copy_files/views/permissions/_update_generic_role.html.erb
|
48
|
-
lib/generators/cbac/copy_files/views/permissions/index.html.erb
|
49
|
-
lib/generators/cbac/copy_files/views/upgrade/index.html.erb
|
50
|
-
migrations/20110211105533_add_pristine_files_to_cbac_upgrade_path.rb
|
51
|
-
privileges.rb
|
52
|
-
rails/init.rb
|
53
|
-
spec/cbac_pristine_file_spec.rb
|
54
|
-
spec/cbac_pristine_permission_spec.rb
|
55
|
-
spec/cbac_pristine_role_spec.rb
|
56
|
-
spec/rcov.opts
|
57
|
-
spec/spec.opts
|
58
|
-
spec/spec_helper.rb
|
59
|
-
tasks/cbac.rake
|
60
|
-
test/db/test.sqlite3
|
61
|
-
test/fixtures/cbac_generic_roles.yml
|
62
|
-
test/fixtures/cbac_memberships.yml
|
63
|
-
test/fixtures/cbac_permissions.yml
|
64
|
-
test/fixtures/cbac_privilege_set.yml
|
65
|
-
test/test_cbac_actions.rb
|
66
|
-
test/test_cbac_authorize_context_roles.rb
|
67
|
-
test/test_cbac_authorize_generic_roles.rb
|
68
|
-
test/test_cbac_context_role.rb
|
69
|
-
test/test_cbac_privilege.rb
|
70
|
-
test/test_cbac_privilege_set.rb
|
71
|
-
test/test_helper.rb
|
1
|
+
Manifest
|
2
|
+
README.rdoc
|
3
|
+
Rakefile
|
4
|
+
cbac.gemspec
|
5
|
+
config/cbac/context_roles.rb
|
6
|
+
config/cbac/privileges.rb
|
7
|
+
context_roles.rb
|
8
|
+
init.rb
|
9
|
+
lib/cbac.rb
|
10
|
+
lib/cbac/cbac_pristine/pristine.rb
|
11
|
+
lib/cbac/cbac_pristine/pristine_file.rb
|
12
|
+
lib/cbac/cbac_pristine/pristine_permission.rb
|
13
|
+
lib/cbac/cbac_pristine/pristine_role.rb
|
14
|
+
lib/cbac/config.rb
|
15
|
+
lib/cbac/context_role.rb
|
16
|
+
lib/cbac/generic_role.rb
|
17
|
+
lib/cbac/known_permission.rb
|
18
|
+
lib/cbac/membership.rb
|
19
|
+
lib/cbac/permission.rb
|
20
|
+
lib/cbac/privilege.rb
|
21
|
+
lib/cbac/privilege_new_api.rb
|
22
|
+
lib/cbac/privilege_set.rb
|
23
|
+
lib/cbac/privilege_set_record.rb
|
24
|
+
lib/cbac/setup.rb
|
25
|
+
lib/generators/cbac/USAGE
|
26
|
+
lib/generators/cbac/cbac_generator.rb
|
27
|
+
lib/generators/cbac/copy_files/config/cbac.pristine
|
28
|
+
lib/generators/cbac/copy_files/config/context_roles.rb
|
29
|
+
lib/generators/cbac/copy_files/config/privileges.rb
|
30
|
+
lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb
|
31
|
+
lib/generators/cbac/copy_files/controllers/memberships_controller.rb
|
32
|
+
lib/generators/cbac/copy_files/controllers/permissions_controller.rb
|
33
|
+
lib/generators/cbac/copy_files/controllers/upgrade_controller.rb
|
34
|
+
lib/generators/cbac/copy_files/fixtures/cbac_generic_roles.yml
|
35
|
+
lib/generators/cbac/copy_files/fixtures/cbac_memberships.yml
|
36
|
+
lib/generators/cbac/copy_files/fixtures/cbac_permissions.yml
|
37
|
+
lib/generators/cbac/copy_files/initializers/cbac_config.rb
|
38
|
+
lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb
|
39
|
+
lib/generators/cbac/copy_files/migrate/create_cbac_upgrade_path.rb
|
40
|
+
lib/generators/cbac/copy_files/stylesheets/cbac.css
|
41
|
+
lib/generators/cbac/copy_files/tasks/cbac.rake
|
42
|
+
lib/generators/cbac/copy_files/views/generic_roles/index.html.erb
|
43
|
+
lib/generators/cbac/copy_files/views/layouts/cbac.html.erb
|
44
|
+
lib/generators/cbac/copy_files/views/memberships/_update.html.erb
|
45
|
+
lib/generators/cbac/copy_files/views/memberships/index.html.erb
|
46
|
+
lib/generators/cbac/copy_files/views/permissions/_update_context_role.html.erb
|
47
|
+
lib/generators/cbac/copy_files/views/permissions/_update_generic_role.html.erb
|
48
|
+
lib/generators/cbac/copy_files/views/permissions/index.html.erb
|
49
|
+
lib/generators/cbac/copy_files/views/upgrade/index.html.erb
|
50
|
+
migrations/20110211105533_add_pristine_files_to_cbac_upgrade_path.rb
|
51
|
+
privileges.rb
|
52
|
+
rails/init.rb
|
53
|
+
spec/cbac_pristine_file_spec.rb
|
54
|
+
spec/cbac_pristine_permission_spec.rb
|
55
|
+
spec/cbac_pristine_role_spec.rb
|
56
|
+
spec/rcov.opts
|
57
|
+
spec/spec.opts
|
58
|
+
spec/spec_helper.rb
|
59
|
+
tasks/cbac.rake
|
60
|
+
test/db/test.sqlite3
|
61
|
+
test/fixtures/cbac_generic_roles.yml
|
62
|
+
test/fixtures/cbac_memberships.yml
|
63
|
+
test/fixtures/cbac_permissions.yml
|
64
|
+
test/fixtures/cbac_privilege_set.yml
|
65
|
+
test/test_cbac_actions.rb
|
66
|
+
test/test_cbac_authorize_context_roles.rb
|
67
|
+
test/test_cbac_authorize_generic_roles.rb
|
68
|
+
test/test_cbac_context_role.rb
|
69
|
+
test/test_cbac_privilege.rb
|
70
|
+
test/test_cbac_privilege_set.rb
|
71
|
+
test/test_helper.rb
|
data/README.rdoc
CHANGED
@@ -1,51 +1,51 @@
|
|
1
|
-
= Context Based Access Control
|
2
|
-
|
3
|
-
== DESCRIPTION:
|
4
|
-
Easy to use, light-weight authorization system for Rails applications.
|
5
|
-
|
6
|
-
== Update
|
7
|
-
Version 0.6 contains a few major updates on the system. This is driven by the
|
8
|
-
feature to be compliant with Rails 3
|
9
|
-
|
10
|
-
== FEATURES:
|
11
|
-
- Authorize users via roles/ groups
|
12
|
-
- Authorize users via the context of their request
|
13
|
-
|
14
|
-
== SYNOPSIS:
|
15
|
-
Context Based Access Control allows you to build a Rails application with
|
16
|
-
both generic roles as well as context roles. The generic role part allows
|
17
|
-
an application to authorize users with a conventional role system. The context
|
18
|
-
part allows an application to authorize with a combination of the user
|
19
|
-
credentials and the context of the requested action.
|
20
|
-
|
21
|
-
== REQUIREMENTS:
|
22
|
-
|
23
|
-
== INSTALL:
|
24
|
-
The gem can be installed using the 'gem' command.
|
25
|
-
gem install cbac
|
26
|
-
|
27
|
-
To use the gem, see the documentation at cbac.rubyforge.org.
|
28
|
-
== LICENSE:
|
29
|
-
|
30
|
-
(The MIT License)
|
31
|
-
|
32
|
-
Copyright (c) 2009 Bert Meerman
|
33
|
-
|
34
|
-
Permission is hereby granted, free of charge, to any person obtaining
|
35
|
-
a copy of this software and associated documentation files (the
|
36
|
-
'Software'), to deal in the Software without restriction, including
|
37
|
-
without limitation the rights to use, copy, modify, merge, publish,
|
38
|
-
distribute, sublicense, and/or sell copies of the Software, and to
|
39
|
-
permit persons to whom the Software is furnished to do so, subject to
|
40
|
-
the following conditions:
|
41
|
-
|
42
|
-
The above copyright notice and this permission notice shall be
|
43
|
-
included in all copies or substantial portions of the Software.
|
44
|
-
|
45
|
-
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
|
46
|
-
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
47
|
-
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
48
|
-
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
|
49
|
-
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
|
50
|
-
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
51
|
-
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
1
|
+
= Context Based Access Control
|
2
|
+
|
3
|
+
== DESCRIPTION:
|
4
|
+
Easy to use, light-weight authorization system for Rails applications.
|
5
|
+
|
6
|
+
== Update
|
7
|
+
Version 0.6 contains a few major updates on the system. This is driven by the
|
8
|
+
feature to be compliant with Rails 3
|
9
|
+
|
10
|
+
== FEATURES:
|
11
|
+
- Authorize users via roles/ groups
|
12
|
+
- Authorize users via the context of their request
|
13
|
+
|
14
|
+
== SYNOPSIS:
|
15
|
+
Context Based Access Control allows you to build a Rails application with
|
16
|
+
both generic roles as well as context roles. The generic role part allows
|
17
|
+
an application to authorize users with a conventional role system. The context
|
18
|
+
part allows an application to authorize with a combination of the user
|
19
|
+
credentials and the context of the requested action.
|
20
|
+
|
21
|
+
== REQUIREMENTS:
|
22
|
+
|
23
|
+
== INSTALL:
|
24
|
+
The gem can be installed using the 'gem' command.
|
25
|
+
gem install cbac
|
26
|
+
|
27
|
+
To use the gem, see the documentation at cbac.rubyforge.org.
|
28
|
+
== LICENSE:
|
29
|
+
|
30
|
+
(The MIT License)
|
31
|
+
|
32
|
+
Copyright (c) 2009 Bert Meerman
|
33
|
+
|
34
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
35
|
+
a copy of this software and associated documentation files (the
|
36
|
+
'Software'), to deal in the Software without restriction, including
|
37
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
38
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
39
|
+
permit persons to whom the Software is furnished to do so, subject to
|
40
|
+
the following conditions:
|
41
|
+
|
42
|
+
The above copyright notice and this permission notice shall be
|
43
|
+
included in all copies or substantial portions of the Software.
|
44
|
+
|
45
|
+
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
|
46
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
47
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
48
|
+
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
|
49
|
+
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
|
50
|
+
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
51
|
+
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/Rakefile
CHANGED
@@ -1,39 +1,39 @@
|
|
1
|
-
# Rakefile
|
2
|
-
require 'rubygems'
|
3
|
-
require 'rake'
|
4
|
-
require 'rake/testtask'
|
5
|
-
require 'rake/rdoctask'
|
6
|
-
require 'echoe'
|
7
|
-
|
8
|
-
# Setting default task
|
9
|
-
desc 'Default: run unit tests.'
|
10
|
-
task :default => :test
|
11
|
-
|
12
|
-
# Test task
|
13
|
-
#desc 'Test CBAC plugin.'
|
14
|
-
#Rake::TestTask.new(:test) do |t|
|
15
|
-
# t.libs << 'lib'
|
16
|
-
# t.pattern = 'test/**/test_*.rb'
|
17
|
-
# t.verbose = true
|
18
|
-
#end
|
19
|
-
|
20
|
-
# Documentation task
|
21
|
-
desc 'Generate documentation for CBAC plugin.'
|
22
|
-
Rake::RDocTask.new(:rdoc) do |rdoc|
|
23
|
-
rdoc.rdoc_dir = 'rdoc'
|
24
|
-
rdoc.title = 'Cbac'
|
25
|
-
rdoc.options << '--line-numbers' << '--inline-source'
|
26
|
-
rdoc.rdoc_files.include('README')
|
27
|
-
rdoc.rdoc_files.include('lib/**/*.rb')
|
28
|
-
end
|
29
|
-
|
30
|
-
# Echo information for packaging
|
31
|
-
Echoe.new('cbac', '0.6.
|
32
|
-
p.summary = "CBAC - Simple authorization system for Rails applications."
|
33
|
-
p.description = "Simple authorization system for Rails applications. Allows you to develop applications with a mixed role based authorization and a context based authorization model. Does not supply authentication."
|
34
|
-
p.url = "http://cbac.rubyforge.org"
|
35
|
-
p.author = "Bert Meerman"
|
36
|
-
p.email = "bertm@rubyforge.org"
|
37
|
-
p.ignore_pattern = []
|
38
|
-
p.development_dependencies = []
|
39
|
-
end
|
1
|
+
# Rakefile
|
2
|
+
require 'rubygems'
|
3
|
+
require 'rake'
|
4
|
+
require 'rake/testtask'
|
5
|
+
require 'rake/rdoctask'
|
6
|
+
require 'echoe'
|
7
|
+
|
8
|
+
# Setting default task
|
9
|
+
desc 'Default: run unit tests.'
|
10
|
+
task :default => :test
|
11
|
+
|
12
|
+
# Test task
|
13
|
+
#desc 'Test CBAC plugin.'
|
14
|
+
#Rake::TestTask.new(:test) do |t|
|
15
|
+
# t.libs << 'lib'
|
16
|
+
# t.pattern = 'test/**/test_*.rb'
|
17
|
+
# t.verbose = true
|
18
|
+
#end
|
19
|
+
|
20
|
+
# Documentation task
|
21
|
+
desc 'Generate documentation for CBAC plugin.'
|
22
|
+
Rake::RDocTask.new(:rdoc) do |rdoc|
|
23
|
+
rdoc.rdoc_dir = 'rdoc'
|
24
|
+
rdoc.title = 'Cbac'
|
25
|
+
rdoc.options << '--line-numbers' << '--inline-source'
|
26
|
+
rdoc.rdoc_files.include('README')
|
27
|
+
rdoc.rdoc_files.include('lib/**/*.rb')
|
28
|
+
end
|
29
|
+
|
30
|
+
# Echo information for packaging
|
31
|
+
Echoe.new('cbac', '0.6.1') do |p|
|
32
|
+
p.summary = "CBAC - Simple authorization system for Rails applications."
|
33
|
+
p.description = "Simple authorization system for Rails applications. Allows you to develop applications with a mixed role based authorization and a context based authorization model. Does not supply authentication."
|
34
|
+
p.url = "http://cbac.rubyforge.org"
|
35
|
+
p.author = "Bert Meerman"
|
36
|
+
p.email = "bertm@rubyforge.org"
|
37
|
+
p.ignore_pattern = []
|
38
|
+
p.development_dependencies = []
|
39
|
+
end
|
data/cbac.gemspec
CHANGED
@@ -1,30 +1,30 @@
|
|
1
|
-
# -*- encoding: utf-8 -*-
|
2
|
-
|
3
|
-
Gem::Specification.new do |s|
|
4
|
-
s.name =
|
5
|
-
s.version = "0.6.
|
6
|
-
|
7
|
-
s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
|
8
|
-
s.authors = ["Bert Meerman"]
|
9
|
-
s.date =
|
10
|
-
s.description =
|
11
|
-
s.email =
|
12
|
-
s.extra_rdoc_files = ["README.rdoc", "lib/cbac.rb", "lib/cbac/cbac_pristine/pristine.rb", "lib/cbac/cbac_pristine/pristine_file.rb", "lib/cbac/cbac_pristine/pristine_permission.rb", "lib/cbac/cbac_pristine/pristine_role.rb", "lib/cbac/config.rb", "lib/cbac/context_role.rb", "lib/cbac/generic_role.rb", "lib/cbac/known_permission.rb", "lib/cbac/membership.rb", "lib/cbac/permission.rb", "lib/cbac/privilege.rb", "lib/cbac/privilege_new_api.rb", "lib/cbac/privilege_set.rb", "lib/cbac/privilege_set_record.rb", "lib/cbac/setup.rb", "lib/generators/cbac/USAGE", "lib/generators/cbac/cbac_generator.rb", "lib/generators/cbac/copy_files/config/cbac.pristine", "lib/generators/cbac/copy_files/config/context_roles.rb", "lib/generators/cbac/copy_files/config/privileges.rb", "lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb", "lib/generators/cbac/copy_files/controllers/memberships_controller.rb", "lib/generators/cbac/copy_files/controllers/permissions_controller.rb", "lib/generators/cbac/copy_files/controllers/upgrade_controller.rb", "lib/generators/cbac/copy_files/fixtures/cbac_generic_roles.yml", "lib/generators/cbac/copy_files/fixtures/cbac_memberships.yml", "lib/generators/cbac/copy_files/fixtures/cbac_permissions.yml", "lib/generators/cbac/copy_files/initializers/cbac_config.rb", "lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb", "lib/generators/cbac/copy_files/migrate/create_cbac_upgrade_path.rb", "lib/generators/cbac/copy_files/stylesheets/cbac.css", "lib/generators/cbac/copy_files/tasks/cbac.rake", "lib/generators/cbac/copy_files/views/generic_roles/index.html.erb", "lib/generators/cbac/copy_files/views/layouts/cbac.html.erb", "lib/generators/cbac/copy_files/views/memberships/_update.html.erb", "lib/generators/cbac/copy_files/views/memberships/index.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_context_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_generic_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/index.html.erb", "lib/generators/cbac/copy_files/views/upgrade/index.html.erb", "tasks/cbac.rake"]
|
13
|
-
s.files = ["Manifest", "README.rdoc", "Rakefile", "cbac.gemspec", "config/cbac/context_roles.rb", "config/cbac/privileges.rb", "context_roles.rb", "init.rb", "lib/cbac.rb", "lib/cbac/cbac_pristine/pristine.rb", "lib/cbac/cbac_pristine/pristine_file.rb", "lib/cbac/cbac_pristine/pristine_permission.rb", "lib/cbac/cbac_pristine/pristine_role.rb", "lib/cbac/config.rb", "lib/cbac/context_role.rb", "lib/cbac/generic_role.rb", "lib/cbac/known_permission.rb", "lib/cbac/membership.rb", "lib/cbac/permission.rb", "lib/cbac/privilege.rb", "lib/cbac/privilege_new_api.rb", "lib/cbac/privilege_set.rb", "lib/cbac/privilege_set_record.rb", "lib/cbac/setup.rb", "lib/generators/cbac/USAGE", "lib/generators/cbac/cbac_generator.rb", "lib/generators/cbac/copy_files/config/cbac.pristine", "lib/generators/cbac/copy_files/config/context_roles.rb", "lib/generators/cbac/copy_files/config/privileges.rb", "lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb", "lib/generators/cbac/copy_files/controllers/memberships_controller.rb", "lib/generators/cbac/copy_files/controllers/permissions_controller.rb", "lib/generators/cbac/copy_files/controllers/upgrade_controller.rb", "lib/generators/cbac/copy_files/fixtures/cbac_generic_roles.yml", "lib/generators/cbac/copy_files/fixtures/cbac_memberships.yml", "lib/generators/cbac/copy_files/fixtures/cbac_permissions.yml", "lib/generators/cbac/copy_files/initializers/cbac_config.rb", "lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb", "lib/generators/cbac/copy_files/migrate/create_cbac_upgrade_path.rb", "lib/generators/cbac/copy_files/stylesheets/cbac.css", "lib/generators/cbac/copy_files/tasks/cbac.rake", "lib/generators/cbac/copy_files/views/generic_roles/index.html.erb", "lib/generators/cbac/copy_files/views/layouts/cbac.html.erb", "lib/generators/cbac/copy_files/views/memberships/_update.html.erb", "lib/generators/cbac/copy_files/views/memberships/index.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_context_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_generic_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/index.html.erb", "lib/generators/cbac/copy_files/views/upgrade/index.html.erb", "migrations/20110211105533_add_pristine_files_to_cbac_upgrade_path.rb", "privileges.rb", "rails/init.rb", "spec/cbac_pristine_file_spec.rb", "spec/cbac_pristine_permission_spec.rb", "spec/cbac_pristine_role_spec.rb", "spec/rcov.opts", "spec/spec.opts", "spec/spec_helper.rb", "tasks/cbac.rake", "test/db/test.sqlite3", "test/fixtures/cbac_generic_roles.yml", "test/fixtures/cbac_memberships.yml", "test/fixtures/cbac_permissions.yml", "test/fixtures/cbac_privilege_set.yml", "test/test_cbac_actions.rb", "test/test_cbac_authorize_context_roles.rb", "test/test_cbac_authorize_generic_roles.rb", "test/test_cbac_context_role.rb", "test/test_cbac_privilege.rb", "test/test_cbac_privilege_set.rb", "test/test_helper.rb"]
|
14
|
-
s.homepage =
|
15
|
-
s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Cbac", "--main", "README.rdoc"]
|
16
|
-
s.require_paths = ["lib"]
|
17
|
-
s.rubyforge_project =
|
18
|
-
s.rubygems_version =
|
19
|
-
s.summary =
|
20
|
-
s.test_files = ["test/
|
21
|
-
|
22
|
-
if s.respond_to? :specification_version then
|
23
|
-
s.specification_version = 3
|
24
|
-
|
25
|
-
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
|
26
|
-
else
|
27
|
-
end
|
28
|
-
else
|
29
|
-
end
|
30
|
-
end
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
|
3
|
+
Gem::Specification.new do |s|
|
4
|
+
s.name = "cbac"
|
5
|
+
s.version = "0.6.4"
|
6
|
+
|
7
|
+
s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
|
8
|
+
s.authors = ["Bert Meerman"]
|
9
|
+
s.date = "2012-07-04"
|
10
|
+
s.description = "Simple authorization system for Rails applications. Allows you to develop applications with a mixed role based authorization and a context based authorization model. Does not supply authentication."
|
11
|
+
s.email = "bertm@rubyforge.org"
|
12
|
+
s.extra_rdoc_files = ["README.rdoc", "lib/cbac.rb", "lib/cbac/cbac_pristine/pristine.rb", "lib/cbac/cbac_pristine/pristine_file.rb", "lib/cbac/cbac_pristine/pristine_permission.rb", "lib/cbac/cbac_pristine/pristine_role.rb", "lib/cbac/config.rb", "lib/cbac/context_role.rb", "lib/cbac/generic_role.rb", "lib/cbac/known_permission.rb", "lib/cbac/membership.rb", "lib/cbac/permission.rb", "lib/cbac/privilege.rb", "lib/cbac/privilege_new_api.rb", "lib/cbac/privilege_set.rb", "lib/cbac/privilege_set_record.rb", "lib/cbac/setup.rb", "lib/generators/cbac/USAGE", "lib/generators/cbac/cbac_generator.rb", "lib/generators/cbac/copy_files/config/cbac.pristine", "lib/generators/cbac/copy_files/config/context_roles.rb", "lib/generators/cbac/copy_files/config/privileges.rb", "lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb", "lib/generators/cbac/copy_files/controllers/memberships_controller.rb", "lib/generators/cbac/copy_files/controllers/permissions_controller.rb", "lib/generators/cbac/copy_files/controllers/upgrade_controller.rb", "lib/generators/cbac/copy_files/fixtures/cbac_generic_roles.yml", "lib/generators/cbac/copy_files/fixtures/cbac_memberships.yml", "lib/generators/cbac/copy_files/fixtures/cbac_permissions.yml", "lib/generators/cbac/copy_files/initializers/cbac_config.rb", "lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb", "lib/generators/cbac/copy_files/migrate/create_cbac_upgrade_path.rb", "lib/generators/cbac/copy_files/stylesheets/cbac.css", "lib/generators/cbac/copy_files/tasks/cbac.rake", "lib/generators/cbac/copy_files/views/generic_roles/index.html.erb", "lib/generators/cbac/copy_files/views/layouts/cbac.html.erb", "lib/generators/cbac/copy_files/views/memberships/_update.html.erb", "lib/generators/cbac/copy_files/views/memberships/index.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_context_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_generic_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/index.html.erb", "lib/generators/cbac/copy_files/views/upgrade/index.html.erb", "tasks/cbac.rake"]
|
13
|
+
s.files = ["Manifest", "README.rdoc", "Rakefile", "cbac.gemspec", "config/cbac/context_roles.rb", "config/cbac/privileges.rb", "context_roles.rb", "init.rb", "lib/cbac.rb", "lib/cbac/cbac_pristine/pristine.rb", "lib/cbac/cbac_pristine/pristine_file.rb", "lib/cbac/cbac_pristine/pristine_permission.rb", "lib/cbac/cbac_pristine/pristine_role.rb", "lib/cbac/config.rb", "lib/cbac/context_role.rb", "lib/cbac/generic_role.rb", "lib/cbac/known_permission.rb", "lib/cbac/membership.rb", "lib/cbac/permission.rb", "lib/cbac/privilege.rb", "lib/cbac/privilege_new_api.rb", "lib/cbac/privilege_set.rb", "lib/cbac/privilege_set_record.rb", "lib/cbac/setup.rb", "lib/generators/cbac/USAGE", "lib/generators/cbac/cbac_generator.rb", "lib/generators/cbac/copy_files/config/cbac.pristine", "lib/generators/cbac/copy_files/config/context_roles.rb", "lib/generators/cbac/copy_files/config/privileges.rb", "lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb", "lib/generators/cbac/copy_files/controllers/memberships_controller.rb", "lib/generators/cbac/copy_files/controllers/permissions_controller.rb", "lib/generators/cbac/copy_files/controllers/upgrade_controller.rb", "lib/generators/cbac/copy_files/fixtures/cbac_generic_roles.yml", "lib/generators/cbac/copy_files/fixtures/cbac_memberships.yml", "lib/generators/cbac/copy_files/fixtures/cbac_permissions.yml", "lib/generators/cbac/copy_files/initializers/cbac_config.rb", "lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb", "lib/generators/cbac/copy_files/migrate/create_cbac_upgrade_path.rb", "lib/generators/cbac/copy_files/stylesheets/cbac.css", "lib/generators/cbac/copy_files/tasks/cbac.rake", "lib/generators/cbac/copy_files/views/generic_roles/index.html.erb", "lib/generators/cbac/copy_files/views/layouts/cbac.html.erb", "lib/generators/cbac/copy_files/views/memberships/_update.html.erb", "lib/generators/cbac/copy_files/views/memberships/index.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_context_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_generic_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/index.html.erb", "lib/generators/cbac/copy_files/views/upgrade/index.html.erb", "migrations/20110211105533_add_pristine_files_to_cbac_upgrade_path.rb", "privileges.rb", "rails/init.rb", "spec/cbac_pristine_file_spec.rb", "spec/cbac_pristine_permission_spec.rb", "spec/cbac_pristine_role_spec.rb", "spec/rcov.opts", "spec/spec.opts", "spec/spec_helper.rb", "tasks/cbac.rake", "test/db/test.sqlite3", "test/fixtures/cbac_generic_roles.yml", "test/fixtures/cbac_memberships.yml", "test/fixtures/cbac_permissions.yml", "test/fixtures/cbac_privilege_set.yml", "test/test_cbac_actions.rb", "test/test_cbac_authorize_context_roles.rb", "test/test_cbac_authorize_generic_roles.rb", "test/test_cbac_context_role.rb", "test/test_cbac_privilege.rb", "test/test_cbac_privilege_set.rb", "test/test_helper.rb"]
|
14
|
+
s.homepage = "http://cbac.rubyforge.org"
|
15
|
+
s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Cbac", "--main", "README.rdoc"]
|
16
|
+
s.require_paths = ["lib"]
|
17
|
+
s.rubyforge_project = "cbac"
|
18
|
+
s.rubygems_version = "1.8.21"
|
19
|
+
s.summary = "CBAC - Simple authorization system for Rails applications."
|
20
|
+
s.test_files = ["test/test_cbac_authorize_generic_roles.rb", "test/test_cbac_actions.rb", "test/test_cbac_privilege_set.rb", "test/test_helper.rb", "test/test_cbac_context_role.rb", "test/test_cbac_authorize_context_roles.rb", "test/test_cbac_privilege.rb"]
|
21
|
+
|
22
|
+
if s.respond_to? :specification_version then
|
23
|
+
s.specification_version = 3
|
24
|
+
|
25
|
+
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
|
26
|
+
else
|
27
|
+
end
|
28
|
+
else
|
29
|
+
end
|
30
|
+
end
|
@@ -1,21 +1,21 @@
|
|
1
|
-
### context_roles.rb
|
2
|
-
#
|
3
|
-
# Defines the context roles for the CBAC system
|
4
|
-
#
|
5
|
-
include Cbac
|
6
|
-
|
7
|
-
# Defining context roles
|
8
|
-
ContextRole.add :not_logged_in_user, 'current_user == 0'
|
9
|
-
ContextRole.add :logged_in_user, 'current_user.to_i > 0'
|
10
|
-
ContextRole.add :everybody, "true"
|
11
|
-
ContextRole.add :news_owner do
|
12
|
-
context[:post].user.id == current_user
|
13
|
-
end
|
14
|
-
|
15
|
-
ContextRole.add :news_owner_with_email do
|
16
|
-
return false if News.find(params[:id]).author_id == current_user
|
17
|
-
return false if User.find(current_user).email.nil?
|
18
|
-
true
|
19
|
-
end
|
20
|
-
|
21
|
-
|
1
|
+
### context_roles.rb
|
2
|
+
#
|
3
|
+
# Defines the context roles for the CBAC system
|
4
|
+
#
|
5
|
+
include Cbac
|
6
|
+
|
7
|
+
# Defining context roles
|
8
|
+
ContextRole.add :not_logged_in_user, 'current_user == 0'
|
9
|
+
ContextRole.add :logged_in_user, 'current_user.to_i > 0'
|
10
|
+
ContextRole.add :everybody, "true"
|
11
|
+
ContextRole.add :news_owner do
|
12
|
+
context[:post].user.id == current_user
|
13
|
+
end
|
14
|
+
|
15
|
+
ContextRole.add :news_owner_with_email do
|
16
|
+
return false if News.find(params[:id]).author_id == current_user
|
17
|
+
return false if User.find(current_user).email.nil?
|
18
|
+
true
|
19
|
+
end
|
20
|
+
|
21
|
+
|
data/config/cbac/privileges.rb
CHANGED
@@ -1,50 +1,50 @@
|
|
1
|
-
### Privileges.rb
|
2
|
-
#
|
3
|
-
# Defines the privilegesets and privileges for the CBAC system
|
4
|
-
#
|
5
|
-
include Cbac
|
6
|
-
|
7
|
-
# Defining privilegesets
|
8
|
-
PrivilegeSet.add :cbac_administration, "Allows administration of CBAC modules"
|
9
|
-
PrivilegeSet.add :login, "Allows users to log onto the system"
|
10
|
-
PrivilegeSet.add :news_item_read, "Allows reading news_item items"
|
11
|
-
PrivilegeSet.add :news_item_create, "Allows creating news_item items"
|
12
|
-
PrivilegeSet.add :news_item_update, "Allows changing existing news_item items"
|
13
|
-
PrivilegeSet.add :news_item_administrator, "Allows administration of news items"
|
14
|
-
PrivilegeSet.add :news_item_moderator, "Moderator"
|
15
|
-
|
16
|
-
# Defining privileges
|
17
|
-
Privilege.resource :cbac_administration, "cbac/permissions/index"
|
18
|
-
Privilege.resource :cbac_administration, "cbac/permissions/update", :post
|
19
|
-
Privilege.resource :cbac_administration, "cbac/generic_roles/index"
|
20
|
-
Privilege.resource :cbac_administration, "cbac/generic_roles/update", :post
|
21
|
-
Privilege.resource :cbac_administration, "cbac/generic_roles/create", :post
|
22
|
-
Privilege.resource :cbac_administration, "cbac/generic_roles/delete", :post
|
23
|
-
Privilege.resource :cbac_administration, "cbac/memberships/index"
|
24
|
-
Privilege.resource :cbac_administration, "cbac/memberships/update", :post
|
25
|
-
Privilege.resource :cbac_administration, "cbac/upgrade/index"
|
26
|
-
Privilege.resource :cbac_administration, "cbac/upgrade/process_changes", :post
|
27
|
-
Privilege.resource :login, "news_items/login", :POST
|
28
|
-
Privilege.resource :news_item_read, "news_items/index"
|
29
|
-
Privilege.resource :news_item_read, "news_items/show"
|
30
|
-
Privilege.resource :news_item_create, "news_items/new"
|
31
|
-
Privilege.resource :news_item_create, "news_items/create", :POST
|
32
|
-
Privilege.resource :news_item_create, "news_items/create", :idempotent
|
33
|
-
Privilege.resource :news_item_update, "news_items/edit"
|
34
|
-
Privilege.resource :news_item_update, "news_items/update", :POST
|
35
|
-
|
36
|
-
# Recursive privilegesets
|
37
|
-
Privilege.include :news_item_moderator, :news_item_update
|
38
|
-
Privilege.include :news_item_administrator, [:news_item_read, :news_item_create, :news_item_update]
|
39
|
-
|
40
|
-
# Models
|
41
|
-
# Enforcing mode
|
42
|
-
#Privilege.model :blog_read, :blog, :load
|
43
|
-
#Privilege.model :blog_create, :blog, :save
|
44
|
-
#Privilege.model :blog_update, :blog, :update
|
45
|
-
#Privilege.model :blog_update, :blog, :delete
|
46
|
-
# model attributes
|
47
|
-
#Privilege.model_attribute :blog_update, :blog, :author, :write
|
48
|
-
#privilege.model_attribute :blog_update, :blog, :author, :w
|
49
|
-
#privilege.model_attribute :blog_update, :blog, :author, :rw
|
50
|
-
|
1
|
+
### Privileges.rb
|
2
|
+
#
|
3
|
+
# Defines the privilegesets and privileges for the CBAC system
|
4
|
+
#
|
5
|
+
include Cbac
|
6
|
+
|
7
|
+
# Defining privilegesets
|
8
|
+
PrivilegeSet.add :cbac_administration, "Allows administration of CBAC modules"
|
9
|
+
PrivilegeSet.add :login, "Allows users to log onto the system"
|
10
|
+
PrivilegeSet.add :news_item_read, "Allows reading news_item items"
|
11
|
+
PrivilegeSet.add :news_item_create, "Allows creating news_item items"
|
12
|
+
PrivilegeSet.add :news_item_update, "Allows changing existing news_item items"
|
13
|
+
PrivilegeSet.add :news_item_administrator, "Allows administration of news items"
|
14
|
+
PrivilegeSet.add :news_item_moderator, "Moderator"
|
15
|
+
|
16
|
+
# Defining privileges
|
17
|
+
Privilege.resource :cbac_administration, "cbac/permissions/index"
|
18
|
+
Privilege.resource :cbac_administration, "cbac/permissions/update", :post
|
19
|
+
Privilege.resource :cbac_administration, "cbac/generic_roles/index"
|
20
|
+
Privilege.resource :cbac_administration, "cbac/generic_roles/update", :post
|
21
|
+
Privilege.resource :cbac_administration, "cbac/generic_roles/create", :post
|
22
|
+
Privilege.resource :cbac_administration, "cbac/generic_roles/delete", :post
|
23
|
+
Privilege.resource :cbac_administration, "cbac/memberships/index"
|
24
|
+
Privilege.resource :cbac_administration, "cbac/memberships/update", :post
|
25
|
+
Privilege.resource :cbac_administration, "cbac/upgrade/index"
|
26
|
+
Privilege.resource :cbac_administration, "cbac/upgrade/process_changes", :post
|
27
|
+
Privilege.resource :login, "news_items/login", :POST
|
28
|
+
Privilege.resource :news_item_read, "news_items/index"
|
29
|
+
Privilege.resource :news_item_read, "news_items/show"
|
30
|
+
Privilege.resource :news_item_create, "news_items/new"
|
31
|
+
Privilege.resource :news_item_create, "news_items/create", :POST
|
32
|
+
Privilege.resource :news_item_create, "news_items/create", :idempotent
|
33
|
+
Privilege.resource :news_item_update, "news_items/edit"
|
34
|
+
Privilege.resource :news_item_update, "news_items/update", :POST
|
35
|
+
|
36
|
+
# Recursive privilegesets
|
37
|
+
Privilege.include :news_item_moderator, :news_item_update
|
38
|
+
Privilege.include :news_item_administrator, [:news_item_read, :news_item_create, :news_item_update]
|
39
|
+
|
40
|
+
# Models
|
41
|
+
# Enforcing mode
|
42
|
+
#Privilege.model :blog_read, :blog, :load
|
43
|
+
#Privilege.model :blog_create, :blog, :save
|
44
|
+
#Privilege.model :blog_update, :blog, :update
|
45
|
+
#Privilege.model :blog_update, :blog, :delete
|
46
|
+
# model attributes
|
47
|
+
#Privilege.model_attribute :blog_update, :blog, :author, :write
|
48
|
+
#privilege.model_attribute :blog_update, :blog, :author, :w
|
49
|
+
#privilege.model_attribute :blog_update, :blog, :author, :rw
|
50
|
+
|