cbac 0.6.5 → 0.6.7

Sign up to get free protection for your applications and to get access to all the features.
Files changed (23) hide show
  1. data/Gemfile +2 -0
  2. data/Gemfile.lock +92 -0
  3. data/Manifest +5 -2
  4. data/cbac.gemspec +9 -5
  5. data/lib/cbac.rb +12 -9
  6. data/lib/cbac/cbac_pristine/pristine_permission.rb +1 -2
  7. data/lib/cbac/privilege.rb +9 -10
  8. data/lib/cbac/setup.rb +9 -9
  9. data/lib/cbac/version.rb +3 -0
  10. data/lib/generators/cbac/cbac_generator.rb +2 -8
  11. data/lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb +55 -32
  12. data/lib/generators/cbac/copy_files/views/permissions/index.html.erb +1 -1
  13. data/spec/cbac_authorization_check_spec.rb +70 -0
  14. data/spec/cbac_pristine_file_spec.rb +20 -27
  15. data/spec/cbac_pristine_permission_spec.rb +168 -132
  16. data/spec/cbac_pristine_role_spec.rb +1 -8
  17. data/spec/fixtures/controllers/dating/daughter_controller.rb +11 -0
  18. data/spec/spec_helper.rb +35 -10
  19. data/spec/support/schema.rb +30 -0
  20. data/test/test_cbac_privilege.rb +13 -9
  21. metadata +74 -9
  22. data/lib/generators/cbac/copy_files/migrate/create_cbac_upgrade_path.rb +0 -40
  23. data/test/test_cbac_authorize_context_roles.rb +0 -39
data/Gemfile CHANGED
@@ -1,3 +1,5 @@
1
+ source 'https://rubygems.org'
2
+
1
3
  gemspec
2
4
 
3
5
  group :release do
data/Gemfile.lock CHANGED
@@ -2,28 +2,120 @@ PATH
2
2
  remote: .
3
3
  specs:
4
4
  cbac (0.6.5)
5
+ rails (>= 3.0)
5
6
 
6
7
  GEM
8
+ remote: https://rubygems.org/
7
9
  specs:
10
+ actionmailer (3.2.10)
11
+ actionpack (= 3.2.10)
12
+ mail (~> 2.4.4)
13
+ actionpack (3.2.10)
14
+ activemodel (= 3.2.10)
15
+ activesupport (= 3.2.10)
16
+ builder (~> 3.0.0)
17
+ erubis (~> 2.7.0)
18
+ journey (~> 1.0.4)
19
+ rack (~> 1.4.0)
20
+ rack-cache (~> 1.2)
21
+ rack-test (~> 0.6.1)
22
+ sprockets (~> 2.2.1)
23
+ activemodel (3.2.10)
24
+ activesupport (= 3.2.10)
25
+ builder (~> 3.0.0)
26
+ activerecord (3.2.10)
27
+ activemodel (= 3.2.10)
28
+ activesupport (= 3.2.10)
29
+ arel (~> 3.0.2)
30
+ tzinfo (~> 0.3.29)
31
+ activeresource (3.2.10)
32
+ activemodel (= 3.2.10)
33
+ activesupport (= 3.2.10)
34
+ activesupport (3.2.10)
35
+ i18n (~> 0.6)
36
+ multi_json (~> 1.0)
8
37
  allison (2.0.3)
38
+ arel (3.0.2)
39
+ builder (3.0.4)
40
+ database_cleaner (0.9.1)
41
+ diff-lcs (1.1.3)
9
42
  echoe (4.6.3)
10
43
  allison (>= 2.0.3)
11
44
  gemcutter (>= 0.7.0)
12
45
  rake (>= 0.9.2)
13
46
  rdoc (>= 3.6.1)
14
47
  rubyforge (>= 2.0.4)
48
+ erubis (2.7.0)
15
49
  gemcutter (0.7.1)
50
+ hike (1.2.1)
51
+ i18n (0.6.1)
52
+ journey (1.0.4)
16
53
  json (1.7.5)
17
54
  json_pure (1.7.5)
55
+ mail (2.4.4)
56
+ i18n (>= 0.4.0)
57
+ mime-types (~> 1.16)
58
+ treetop (~> 1.4.8)
59
+ mime-types (1.19)
60
+ multi_json (1.5.0)
61
+ polyglot (0.3.3)
62
+ rack (1.4.3)
63
+ rack-cache (1.2)
64
+ rack (>= 0.4)
65
+ rack-ssl (1.3.2)
66
+ rack
67
+ rack-test (0.6.2)
68
+ rack (>= 1.0)
69
+ rails (3.2.10)
70
+ actionmailer (= 3.2.10)
71
+ actionpack (= 3.2.10)
72
+ activerecord (= 3.2.10)
73
+ activeresource (= 3.2.10)
74
+ activesupport (= 3.2.10)
75
+ bundler (~> 1.0)
76
+ railties (= 3.2.10)
77
+ railties (3.2.10)
78
+ actionpack (= 3.2.10)
79
+ activesupport (= 3.2.10)
80
+ rack-ssl (~> 1.3.2)
81
+ rake (>= 0.8.7)
82
+ rdoc (~> 3.4)
83
+ thor (>= 0.14.6, < 2.0)
18
84
  rake (0.9.2.2)
19
85
  rdoc (3.12)
20
86
  json (~> 1.4)
87
+ rspec-core (2.12.2)
88
+ rspec-expectations (2.12.1)
89
+ diff-lcs (~> 1.1.3)
90
+ rspec-mocks (2.12.1)
91
+ rspec-rails (2.12.1)
92
+ actionpack (>= 3.0)
93
+ activesupport (>= 3.0)
94
+ railties (>= 3.0)
95
+ rspec-core (~> 2.12.0)
96
+ rspec-expectations (~> 2.12.0)
97
+ rspec-mocks (~> 2.12.0)
21
98
  rubyforge (2.0.4)
22
99
  json_pure (>= 1.1.7)
100
+ sprockets (2.2.2)
101
+ hike (~> 1.2)
102
+ multi_json (~> 1.0)
103
+ rack (~> 1.0)
104
+ tilt (~> 1.1, != 1.3.0)
105
+ sqlite3 (1.3.6)
106
+ thor (0.16.0)
107
+ tilt (1.3.3)
108
+ treetop (1.4.12)
109
+ polyglot
110
+ polyglot (>= 0.3.1)
111
+ tzinfo (0.3.35)
23
112
 
24
113
  PLATFORMS
25
114
  ruby
26
115
 
27
116
  DEPENDENCIES
28
117
  cbac!
118
+ database_cleaner
29
119
  echoe
120
+ rspec-rails
121
+ sqlite3
data/Manifest CHANGED
@@ -3,6 +3,7 @@ Gemfile.lock
3
3
  Manifest
4
4
  README.rdoc
5
5
  Rakefile
6
+ cbac.gemspec
6
7
  config/cbac/context_roles.rb
7
8
  config/cbac/privileges.rb
8
9
  context_roles.rb
@@ -23,6 +24,7 @@ lib/cbac/privilege_new_api.rb
23
24
  lib/cbac/privilege_set.rb
24
25
  lib/cbac/privilege_set_record.rb
25
26
  lib/cbac/setup.rb
27
+ lib/cbac/version.rb
26
28
  lib/generators/cbac/USAGE
27
29
  lib/generators/cbac/cbac_generator.rb
28
30
  lib/generators/cbac/copy_files/config/cbac.pristine
@@ -37,7 +39,6 @@ lib/generators/cbac/copy_files/fixtures/cbac_memberships.yml
37
39
  lib/generators/cbac/copy_files/fixtures/cbac_permissions.yml
38
40
  lib/generators/cbac/copy_files/initializers/cbac_config.rb
39
41
  lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb
40
- lib/generators/cbac/copy_files/migrate/create_cbac_upgrade_path.rb
41
42
  lib/generators/cbac/copy_files/stylesheets/cbac.css
42
43
  lib/generators/cbac/copy_files/tasks/cbac.rake
43
44
  lib/generators/cbac/copy_files/views/generic_roles/index.html.erb
@@ -51,19 +52,21 @@ lib/generators/cbac/copy_files/views/upgrade/index.html.erb
51
52
  migrations/20110211105533_add_pristine_files_to_cbac_upgrade_path.rb
52
53
  privileges.rb
53
54
  rails/init.rb
55
+ spec/cbac_authorization_check_spec.rb
54
56
  spec/cbac_pristine_file_spec.rb
55
57
  spec/cbac_pristine_permission_spec.rb
56
58
  spec/cbac_pristine_role_spec.rb
59
+ spec/fixtures/controllers/dating/daughter_controller.rb
57
60
  spec/rcov.opts
58
61
  spec/spec.opts
59
62
  spec/spec_helper.rb
63
+ spec/support/schema.rb
60
64
  tasks/cbac.rake
61
65
  test/fixtures/cbac_generic_roles.yml
62
66
  test/fixtures/cbac_memberships.yml
63
67
  test/fixtures/cbac_permissions.yml
64
68
  test/fixtures/cbac_privilege_set.yml
65
69
  test/test_cbac_actions.rb
66
- test/test_cbac_authorize_context_roles.rb
67
70
  test/test_cbac_authorize_generic_roles.rb
68
71
  test/test_cbac_context_role.rb
69
72
  test/test_cbac_privilege.rb
data/cbac.gemspec CHANGED
@@ -2,27 +2,31 @@
2
2
 
3
3
  Gem::Specification.new do |s|
4
4
  s.name = "cbac"
5
- s.version = "0.6.5"
5
+ s.version = "0.6.7"
6
6
 
7
7
  s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
8
8
  s.authors = ["Bert Meerman"]
9
- s.date = "2012-10-23"
9
+ s.date = "2013-01-09"
10
10
  s.description = "Simple authorization system for Rails applications. Allows you to develop applications with a mixed role based authorization and a context based authorization model. Does not supply authentication."
11
11
  s.email = "bertm@rubyforge.org"
12
- s.extra_rdoc_files = ["README.rdoc", "lib/cbac.rb", "lib/cbac/cbac_pristine/pristine.rb", "lib/cbac/cbac_pristine/pristine_file.rb", "lib/cbac/cbac_pristine/pristine_permission.rb", "lib/cbac/cbac_pristine/pristine_role.rb", "lib/cbac/config.rb", "lib/cbac/context_role.rb", "lib/cbac/generic_role.rb", "lib/cbac/known_permission.rb", "lib/cbac/membership.rb", "lib/cbac/permission.rb", "lib/cbac/privilege.rb", "lib/cbac/privilege_new_api.rb", "lib/cbac/privilege_set.rb", "lib/cbac/privilege_set_record.rb", "lib/cbac/setup.rb", "lib/generators/cbac/USAGE", "lib/generators/cbac/cbac_generator.rb", "lib/generators/cbac/copy_files/config/cbac.pristine", "lib/generators/cbac/copy_files/config/context_roles.rb", "lib/generators/cbac/copy_files/config/privileges.rb", "lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb", "lib/generators/cbac/copy_files/controllers/memberships_controller.rb", "lib/generators/cbac/copy_files/controllers/permissions_controller.rb", "lib/generators/cbac/copy_files/controllers/upgrade_controller.rb", "lib/generators/cbac/copy_files/fixtures/cbac_generic_roles.yml", "lib/generators/cbac/copy_files/fixtures/cbac_memberships.yml", "lib/generators/cbac/copy_files/fixtures/cbac_permissions.yml", "lib/generators/cbac/copy_files/initializers/cbac_config.rb", "lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb", "lib/generators/cbac/copy_files/migrate/create_cbac_upgrade_path.rb", "lib/generators/cbac/copy_files/stylesheets/cbac.css", "lib/generators/cbac/copy_files/tasks/cbac.rake", "lib/generators/cbac/copy_files/views/generic_roles/index.html.erb", "lib/generators/cbac/copy_files/views/layouts/cbac.html.erb", "lib/generators/cbac/copy_files/views/memberships/_update.html.erb", "lib/generators/cbac/copy_files/views/memberships/index.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_context_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_generic_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/index.html.erb", "lib/generators/cbac/copy_files/views/upgrade/index.html.erb", "tasks/cbac.rake"]
13
- s.files = ["Gemfile", "Gemfile.lock", "Manifest", "README.rdoc", "Rakefile", "config/cbac/context_roles.rb", "config/cbac/privileges.rb", "context_roles.rb", "init.rb", "lib/cbac.rb", "lib/cbac/cbac_pristine/pristine.rb", "lib/cbac/cbac_pristine/pristine_file.rb", "lib/cbac/cbac_pristine/pristine_permission.rb", "lib/cbac/cbac_pristine/pristine_role.rb", "lib/cbac/config.rb", "lib/cbac/context_role.rb", "lib/cbac/generic_role.rb", "lib/cbac/known_permission.rb", "lib/cbac/membership.rb", "lib/cbac/permission.rb", "lib/cbac/privilege.rb", "lib/cbac/privilege_new_api.rb", "lib/cbac/privilege_set.rb", "lib/cbac/privilege_set_record.rb", "lib/cbac/setup.rb", "lib/generators/cbac/USAGE", "lib/generators/cbac/cbac_generator.rb", "lib/generators/cbac/copy_files/config/cbac.pristine", "lib/generators/cbac/copy_files/config/context_roles.rb", "lib/generators/cbac/copy_files/config/privileges.rb", "lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb", "lib/generators/cbac/copy_files/controllers/memberships_controller.rb", "lib/generators/cbac/copy_files/controllers/permissions_controller.rb", "lib/generators/cbac/copy_files/controllers/upgrade_controller.rb", "lib/generators/cbac/copy_files/fixtures/cbac_generic_roles.yml", "lib/generators/cbac/copy_files/fixtures/cbac_memberships.yml", "lib/generators/cbac/copy_files/fixtures/cbac_permissions.yml", "lib/generators/cbac/copy_files/initializers/cbac_config.rb", "lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb", "lib/generators/cbac/copy_files/migrate/create_cbac_upgrade_path.rb", "lib/generators/cbac/copy_files/stylesheets/cbac.css", "lib/generators/cbac/copy_files/tasks/cbac.rake", "lib/generators/cbac/copy_files/views/generic_roles/index.html.erb", "lib/generators/cbac/copy_files/views/layouts/cbac.html.erb", "lib/generators/cbac/copy_files/views/memberships/_update.html.erb", "lib/generators/cbac/copy_files/views/memberships/index.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_context_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_generic_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/index.html.erb", "lib/generators/cbac/copy_files/views/upgrade/index.html.erb", "migrations/20110211105533_add_pristine_files_to_cbac_upgrade_path.rb", "privileges.rb", "rails/init.rb", "spec/cbac_pristine_file_spec.rb", "spec/cbac_pristine_permission_spec.rb", "spec/cbac_pristine_role_spec.rb", "spec/rcov.opts", "spec/spec.opts", "spec/spec_helper.rb", "tasks/cbac.rake", "test/fixtures/cbac_generic_roles.yml", "test/fixtures/cbac_memberships.yml", "test/fixtures/cbac_permissions.yml", "test/fixtures/cbac_privilege_set.yml", "test/test_cbac_actions.rb", "test/test_cbac_authorize_context_roles.rb", "test/test_cbac_authorize_generic_roles.rb", "test/test_cbac_context_role.rb", "test/test_cbac_privilege.rb", "test/test_cbac_privilege_set.rb", "test/test_helper.rb", "cbac.gemspec"]
12
+ s.extra_rdoc_files = ["README.rdoc", "lib/cbac.rb", "lib/cbac/cbac_pristine/pristine.rb", "lib/cbac/cbac_pristine/pristine_file.rb", "lib/cbac/cbac_pristine/pristine_permission.rb", "lib/cbac/cbac_pristine/pristine_role.rb", "lib/cbac/config.rb", "lib/cbac/context_role.rb", "lib/cbac/generic_role.rb", "lib/cbac/known_permission.rb", "lib/cbac/membership.rb", "lib/cbac/permission.rb", "lib/cbac/privilege.rb", "lib/cbac/privilege_new_api.rb", "lib/cbac/privilege_set.rb", "lib/cbac/privilege_set_record.rb", "lib/cbac/setup.rb", "lib/cbac/version.rb", "lib/generators/cbac/USAGE", "lib/generators/cbac/cbac_generator.rb", "lib/generators/cbac/copy_files/config/cbac.pristine", "lib/generators/cbac/copy_files/config/context_roles.rb", "lib/generators/cbac/copy_files/config/privileges.rb", "lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb", "lib/generators/cbac/copy_files/controllers/memberships_controller.rb", "lib/generators/cbac/copy_files/controllers/permissions_controller.rb", "lib/generators/cbac/copy_files/controllers/upgrade_controller.rb", "lib/generators/cbac/copy_files/fixtures/cbac_generic_roles.yml", "lib/generators/cbac/copy_files/fixtures/cbac_memberships.yml", "lib/generators/cbac/copy_files/fixtures/cbac_permissions.yml", "lib/generators/cbac/copy_files/initializers/cbac_config.rb", "lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb", "lib/generators/cbac/copy_files/stylesheets/cbac.css", "lib/generators/cbac/copy_files/tasks/cbac.rake", "lib/generators/cbac/copy_files/views/generic_roles/index.html.erb", "lib/generators/cbac/copy_files/views/layouts/cbac.html.erb", "lib/generators/cbac/copy_files/views/memberships/_update.html.erb", "lib/generators/cbac/copy_files/views/memberships/index.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_context_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_generic_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/index.html.erb", "lib/generators/cbac/copy_files/views/upgrade/index.html.erb", "tasks/cbac.rake"]
13
+ s.files = ["Gemfile", "Gemfile.lock", "README.rdoc", "Rakefile", "cbac.gemspec", "config/cbac/context_roles.rb", "config/cbac/privileges.rb", "context_roles.rb", "init.rb", "lib/cbac.rb", "lib/cbac/cbac_pristine/pristine.rb", "lib/cbac/cbac_pristine/pristine_file.rb", "lib/cbac/cbac_pristine/pristine_permission.rb", "lib/cbac/cbac_pristine/pristine_role.rb", "lib/cbac/config.rb", "lib/cbac/context_role.rb", "lib/cbac/generic_role.rb", "lib/cbac/known_permission.rb", "lib/cbac/membership.rb", "lib/cbac/permission.rb", "lib/cbac/privilege.rb", "lib/cbac/privilege_new_api.rb", "lib/cbac/privilege_set.rb", "lib/cbac/privilege_set_record.rb", "lib/cbac/setup.rb", "lib/cbac/version.rb", "lib/generators/cbac/USAGE", "lib/generators/cbac/cbac_generator.rb", "lib/generators/cbac/copy_files/config/cbac.pristine", "lib/generators/cbac/copy_files/config/context_roles.rb", "lib/generators/cbac/copy_files/config/privileges.rb", "lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb", "lib/generators/cbac/copy_files/controllers/memberships_controller.rb", "lib/generators/cbac/copy_files/controllers/permissions_controller.rb", "lib/generators/cbac/copy_files/controllers/upgrade_controller.rb", "lib/generators/cbac/copy_files/fixtures/cbac_generic_roles.yml", "lib/generators/cbac/copy_files/fixtures/cbac_memberships.yml", "lib/generators/cbac/copy_files/fixtures/cbac_permissions.yml", "lib/generators/cbac/copy_files/initializers/cbac_config.rb", "lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb", "lib/generators/cbac/copy_files/stylesheets/cbac.css", "lib/generators/cbac/copy_files/tasks/cbac.rake", "lib/generators/cbac/copy_files/views/generic_roles/index.html.erb", "lib/generators/cbac/copy_files/views/layouts/cbac.html.erb", "lib/generators/cbac/copy_files/views/memberships/_update.html.erb", "lib/generators/cbac/copy_files/views/memberships/index.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_context_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_generic_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/index.html.erb", "lib/generators/cbac/copy_files/views/upgrade/index.html.erb", "migrations/20110211105533_add_pristine_files_to_cbac_upgrade_path.rb", "privileges.rb", "rails/init.rb", "spec/cbac_authorization_check_spec.rb", "spec/cbac_pristine_file_spec.rb", "spec/cbac_pristine_permission_spec.rb", "spec/cbac_pristine_role_spec.rb", "spec/fixtures/controllers/dating/daughter_controller.rb", "spec/rcov.opts", "spec/spec.opts", "spec/spec_helper.rb", "spec/support/schema.rb", "tasks/cbac.rake", "test/fixtures/cbac_generic_roles.yml", "test/fixtures/cbac_memberships.yml", "test/fixtures/cbac_permissions.yml", "test/fixtures/cbac_privilege_set.yml", "test/test_cbac_actions.rb", "test/test_cbac_authorize_generic_roles.rb", "test/test_cbac_context_role.rb", "test/test_cbac_privilege.rb", "test/test_cbac_privilege_set.rb", "test/test_helper.rb", "Manifest"]
14
14
  s.homepage = "http://cbac.rubyforge.org"
15
15
  s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Cbac", "--main", "README.rdoc"]
16
16
  s.require_paths = ["lib"]
17
17
  s.rubyforge_project = "cbac"
18
18
  s.rubygems_version = "1.8.24"
19
19
  s.summary = "CBAC - Simple authorization system for Rails applications."
20
- s.test_files = ["test/test_cbac_privilege.rb", "test/test_cbac_context_role.rb", "test/test_helper.rb", "test/test_cbac_actions.rb", "test/test_cbac_privilege_set.rb", "test/test_cbac_authorize_context_roles.rb", "test/test_cbac_authorize_generic_roles.rb"]
20
+ s.test_files = ["test/test_cbac_privilege.rb", "test/test_cbac_context_role.rb", "test/test_helper.rb", "test/test_cbac_actions.rb", "test/test_cbac_privilege_set.rb", "test/test_cbac_authorize_generic_roles.rb"]
21
21
 
22
22
  if s.respond_to? :specification_version then
23
23
  s.specification_version = 3
24
24
 
25
25
  if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
26
+ s.add_dependency("rails", ">= 3.0")
27
+ s.add_development_dependency("rspec-rails")
28
+ s.add_development_dependency("sqlite3")
29
+ s.add_development_dependency("database_cleaner")
26
30
  else
27
31
  end
28
32
  else
data/lib/cbac.rb CHANGED
@@ -1,3 +1,5 @@
1
+ require "active_record"
2
+
1
3
  # TODO: Check the permission table for double entries, ie: both an entry in the
2
4
  # generic_role_id field and an entry in the context_role field. Solution: solve
3
5
  # via model. Update model & add test
@@ -27,13 +29,6 @@ module Cbac
27
29
  def cbac_boot!
28
30
  if Cbac::Setup.check
29
31
  puts "CBAC properly installed"
30
-
31
- require File.expand_path(File.join(File.dirname(__FILE__), '/cbac/privilege'))
32
- require File.expand_path(File.join(File.dirname(__FILE__), '/cbac/privilege_set'))
33
- require File.expand_path(File.join(File.dirname(__FILE__), '/cbac/context_role'))
34
- require File.expand_path(File.join(File.dirname(__FILE__), '/cbac/cbac_pristine/pristine'))
35
- require File.expand_path(File.join(File.dirname(__FILE__), '/cbac/cbac_pristine/pristine_file'))
36
- require File.expand_path(File.join(File.dirname(__FILE__), '/cbac/cbac_pristine/pristine_permission'))
37
32
 
38
33
  # check performs a check to see if the user is allowed to access the given
39
34
  # resource. Example: authorization_check("BlogController", "index", :get)
@@ -55,7 +50,13 @@ module Cbac
55
50
  # Check the given privilege_sets
56
51
  def check_privilege_sets(privilege_sets, context = {})
57
52
  # Check the generic roles
58
- return true if privilege_sets.any? { |set| Cbac::GenericRole.find(:all, :conditions => ["user_id= ? AND privilege_set_id = ?", current_user, set.id],:joins => [:generic_role_members, :permissions]).length > 0 }
53
+ return true if privilege_sets.any? { |set|
54
+ Cbac::GenericRole.joins(:generic_role_members, :permissions).exists?(
55
+ 'cbac_memberships.user_id' => current_user,
56
+ 'cbac_permissions.privilege_set_id' => set.id
57
+ )
58
+ }
59
+
59
60
  # Check the context roles Get the permissions
60
61
  privilege_sets.collect{|privilege_set|Cbac::Permission.find(:all, :conditions => ["privilege_set_id = ? AND generic_role_id = 0", privilege_set.id.to_s])}.flatten.each do |permission|
61
62
  puts "Checking for context_role:#{permission.context_role} on privilege_set:#{permission.privilege_set.name}" if Cbac::Config.verbose
@@ -64,7 +65,9 @@ module Cbac
64
65
  return true if eval_string.call(context)
65
66
  rescue Exception => e
66
67
  puts "Error in context role: #{permission.context_role} on privilege_set: #{permission.privilege_set.name}. Context: #{context}"
67
- raise e if RAILS_ENV == "development" or RAILS_ENV == "test" # In development mode, this should crash as hard as possible, but in further stages, it should not
68
+ if %w{development test}.include? Rails.env
69
+ raise e # In development mode, this should crash as hard as possible, but in further stages, it should not
70
+ end
68
71
  end
69
72
  end
70
73
  # not authorized
data/lib/cbac/cbac_pristine/pristine_permission.rb CHANGED
@@ -151,9 +151,8 @@ module Cbac
151
151
  end
152
152
 
153
153
  line_numbers.each do |number|
154
- Cbac::KnownPermission.create(:permission_number => number, :permission_type => pristine_role.known_permission_type) if Cbac::KnownPermission.count(:conditions => {:permission_number => number, :permission_type => pristine_role.known_permission_type}) == 0
154
+ Cbac::KnownPermission.where(:permission_number => number, :permission_type => pristine_role.known_permission_type).first_or_create
155
155
  end
156
-
157
156
  end
158
157
 
159
158
  # add this permission to the staging area
data/lib/cbac/privilege.rb CHANGED
@@ -24,16 +24,16 @@ class Privilege
24
24
  @get_resources = Hash.new if @get_resources.nil?
25
25
  @post_resources = Hash.new if @post_resources.nil?
26
26
  action_aliases = {"GET" => ["GET", "get", "g","idempotent"], "POST" => ["POST", "post", "p"]}
27
- raise ArgumentError, "CBAC: PrivilegeSet does not exist: #{privilege_set}" unless PrivilegeSet.sets.include?(privilege_set)
27
+ raise ArgumentError, "CBAC: PrivilegeSet does not exist: #{privilege_set}" unless Cbac::PrivilegeSet.sets.include?(privilege_set)
28
28
  action_option = action_aliases.find { |name, aliases| aliases.include?(action.to_s) }
29
29
  raise ArgumentError, "CBAC: Wrong value for argument 'action' in Privilege.resource: #{action}" if action_option.nil?
30
30
  case action_option[0]
31
31
  when "GET"
32
- (@get_resources[method] ||= Array.new) << PrivilegeSet.sets[privilege_set]
33
- (@includes[privilege_set] || Array.new).each {|child_set| (@get_resources[method] ||= Array.new) << PrivilegeSet.sets[child_set]} unless @includes.nil?
32
+ (@get_resources[method] ||= Array.new) << Cbac::PrivilegeSet.sets[privilege_set]
33
+ (@includes[privilege_set] || Array.new).each {|child_set| (@get_resources[method] ||= Array.new) << Cbac::PrivilegeSet.sets[child_set]} unless @includes.nil?
34
34
  when "POST"
35
- (@post_resources[method] ||= Array.new) << PrivilegeSet.sets[privilege_set]
36
- (@includes[privilege_set] || Array.new).each {|child_set| (@post_resources[method] ||= Array.new) << PrivilegeSet.sets[child_set]} unless @includes.nil?
35
+ (@post_resources[method] ||= Array.new) << Cbac::PrivilegeSet.sets[privilege_set]
36
+ (@includes[privilege_set] || Array.new).each {|child_set| (@post_resources[method] ||= Array.new) << Cbac::PrivilegeSet.sets[child_set]} unless @includes.nil?
37
37
  else
38
38
  raise "CBAC: This should never happen (incorrect HTTP action)"
39
39
  end
@@ -49,11 +49,11 @@ class Privilege
49
49
  def include(privilege_set, included_privilege_set)
50
50
  @includes = Hash.new if @includes.nil?
51
51
  child_set = privilege_set.to_sym
52
- raise ArgumentError, "CBAC: PrivilegeSet does not exist: #{child_set}" unless PrivilegeSet.sets.include?(child_set)
52
+ raise ArgumentError, "CBAC: PrivilegeSet does not exist: #{child_set}" unless Cbac::PrivilegeSet.sets.include?(child_set)
53
53
  included_privilege_set = [included_privilege_set] unless included_privilege_set.is_a?(Enumerable)
54
54
  included_privilege_set.each do |base_set|
55
55
  # Check for existence of PrivilegeSet
56
- raise ArgumentError, "CBAC: PrivilegeSet does not exist: #{base_set}" unless PrivilegeSet.sets.include?(base_set)
56
+ raise ArgumentError, "CBAC: PrivilegeSet does not exist: #{base_set}" unless Cbac::PrivilegeSet.sets.include?(base_set)
57
57
  # Adds the references
58
58
  (@includes[base_set.to_sym] ||= Array.new) << child_set
59
59
  # Copies existing resources
@@ -65,7 +65,6 @@ class Privilege
65
65
  end
66
66
  end
67
67
  end
68
-
69
68
 
70
69
  def model_attribute
71
70
 
@@ -81,14 +80,14 @@ class Privilege
81
80
  # Usage:
82
81
  # Privilege.select "my_controller/action", :get
83
82
  #
84
- # Returns an array of PrivilegeSet objects
83
+ # Returns an array of Cbac::PrivilegeSet objects
85
84
  #
86
85
  # If incorrect values are given for action_type the method will raise an
87
86
  # ArgumentError. If the controller and action name are not found, an
88
87
  # exception is being raised.
89
88
  def select(controller_method, action_type)
90
89
  action_type = action_type.to_s
91
- post_methods = ["post", "put", "delete"]
90
+ post_methods = ["post", "put", "delete", "patch"]
92
91
  if action_type == "get"
93
92
  privilege_sets = Privilege.get_resources[controller_method]
94
93
  else if post_methods.include?(action_type)
data/lib/cbac/setup.rb CHANGED
@@ -9,17 +9,16 @@ module Cbac
9
9
  # Check to see if the tables are correctly migrated. If the tables are not
10
10
  # migrated, CBAC should terminate immediately.
11
11
  def check_tables
12
- # It is possible that there is no database connection yet. In that case, the table_exist call will fail
13
12
  begin
14
- return false unless Cbac::PrivilegeSetRecord.table_exists?
13
+ classes = [ Cbac::PrivilegeSetRecord, Cbac::GenericRole, Cbac::Membership, Cbac::Permission ]
14
+ return classes.all? do |c|
15
+ c.table_exists?
16
+ end
15
17
  rescue ActiveRecord::ConnectionNotEstablished
18
+ # There is no database connection yet.
16
19
  puts "CBAC: Connection to database not established when initializing Cbac. Cbac is *not* running."
17
20
  return false
18
21
  end
19
- return false unless Cbac::GenericRole.table_exists?
20
- return false unless Cbac::Membership.table_exists?
21
- return false unless Cbac::Permission.table_exists?
22
- true
23
22
  end
24
23
 
25
24
  # Checks if the system is properly setup. This method is used by the
@@ -27,12 +26,13 @@ module Cbac
27
26
  # is not properly setup, the bootstrapper will crash. Checks are performed
28
27
  # to see if all the tables exists.
29
28
  def check
30
- if check_tables == false
29
+ unless check_tables
31
30
  puts "CBAC: not properly initialized: one or more tables are missing. Did you install it correctly? (run generate)"
32
31
  return false
33
32
  end
34
- true
33
+
34
+ return true
35
35
  end
36
36
  end
37
37
  end
38
- end
38
+ end
data/lib/cbac/version.rb ADDED
@@ -0,0 +1,3 @@
1
+ module Cbac
2
+ VERSION = '0.6.7'
3
+ end
data/lib/generators/cbac/cbac_generator.rb CHANGED
@@ -52,14 +52,8 @@ class CbacGenerator < Rails::Generators::Base
52
52
  copy_file "stylesheets/cbac.css", "public/stylesheets/cbac.css"
53
53
 
54
54
  # migrations
55
- #puts "type of m: " + class.name
56
- if self.class.migration_exists?("#{::Rails.root.to_s}/db/migrate", "create_cbac")
57
- # This is an upgrade from a previous version of CBAC
58
- migration_template "migrate/create_cbac_upgrade_path.rb", "db/migrate/create_cbac_upgrade_path" unless self.class.migration_exists?("#{::Rails.root.to_s}/db/migrate", "create_cbac_upgrade_path")
59
- else
60
- # This is the first install of CBAC into the current project
61
- migration_template "migrate/create_cbac_from_scratch.rb", "db/migrate/create_cbac_from_scratch" unless self.class.migration_exists?("#{::Rails.root.to_s}/db/migrate", "create_cbac_from_scratch")
62
- end
55
+ migration_template "migrate/create_cbac_from_scratch.rb", "db/migrate/create_cbac_from_scratch" unless self.class.migration_exists?("#{::Rails.root.to_s}/db/migrate", "create_cbac_from_scratch")
56
+
63
57
  # default fixtures
64
58
  copy_file "fixtures/cbac_permissions.yml", "test/fixtures/cbac_permissions.yml"
65
59
  copy_file "fixtures/cbac_generic_roles.yml", "test/fixtures/cbac_generic_roles.yml"
data/lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb CHANGED
@@ -1,49 +1,72 @@
1
1
  class CreateCbacFromScratch < ActiveRecord::Migration
2
2
  def self.up
3
- create_table :cbac_permissions do |t|
4
- t.integer :generic_role_id, :default => 0
5
- t.string :context_role
6
- t.integer :privilege_set_id
7
- t.timestamps
3
+ unless Cbac::Permission.table_exists?
4
+ create_table :cbac_permissions do |t|
5
+ t.integer :generic_role_id, :default => 0
6
+ t.string :context_role
7
+ t.integer :privilege_set_id
8
+ t.timestamps
9
+ end
8
10
  end
9
11
 
10
- create_table :cbac_generic_roles do |t|
11
- t.string :name
12
- t.text :remarks
13
- t.timestamps
12
+ unless Cbac::GenericRole.table_exists?
13
+ create_table :cbac_generic_roles do |t|
14
+ t.string :name
15
+ t.text :remarks
16
+ t.timestamps
17
+ end
14
18
  end
15
19
 
16
- create_table :cbac_memberships do |t|
17
- t.integer :user_id
18
- t.integer :generic_role_id
19
- t.timestamps
20
+ unless Cbac::Membership.table_exists?
21
+ create_table :cbac_memberships do |t|
22
+ t.integer :user_id
23
+ t.integer :generic_role_id
24
+ t.timestamps
25
+ end
20
26
  end
21
27
 
22
- create_table :cbac_privilege_set do |t|
23
- t.string :name
24
- t.string :comment
25
- t.timestamps
28
+ unless Cbac::PrivilegeSetRecord.table_exists?
29
+ create_table :cbac_privilege_set do |t|
30
+ t.string :name
31
+ t.string :comment
32
+ t.timestamps
33
+ end
26
34
  end
27
35
 
28
- create_table :cbac_staged_permissions do |t|
29
- t.integer :pristine_role_id
30
- t.string :privilege_set_name
31
- t.integer :line_number
32
- t.string :comment
33
- t.text :operation, :limit => 2
34
- t.timestamps
36
+ unless Cbac::CbacPristine::PristineFile.table_exists?
37
+ create_table :cbac_pristine_files do |t|
38
+ t.string :type
39
+ t.string :file_name
40
+ t.timestamps
41
+ end
35
42
  end
36
43
 
37
- create_table :cbac_staged_roles do |t|
38
- t.string :role_type
39
- t.string :name
40
- t.integer :role_id
41
- t.timestamps
44
+ unless Cbac::CbacPristine::PristinePermission.table_exists?
45
+ create_table :cbac_staged_permissions do |t|
46
+ t.integer :pristine_role_id
47
+ t.integer :pristine_file_id
48
+ t.string :privilege_set_name
49
+ t.integer :line_number
50
+ t.string :comment
51
+ t.text :operation, :limit => 2
52
+ t.timestamps
53
+ end
42
54
  end
43
55
 
44
- create_table :cbac_known_permissions do |t|
45
- t.integer :permission_number, :null => :no
46
- t.integer :permission_type, :default => 0
56
+ unless Cbac::CbacPristine::PristineRole.table_exists?
57
+ create_table :cbac_staged_roles do |t|
58
+ t.string :role_type
59
+ t.string :name
60
+ t.integer :role_id
61
+ t.timestamps
62
+ end
63
+ end
64
+
65
+ unless Cbac::KnownPermission.table_exists?
66
+ create_table :cbac_known_permissions do |t|
67
+ t.integer :permission_number, :null => :no
68
+ t.integer :permission_type, :default => 0
69
+ end
47
70
  end
48
71
  end
49
72